diff --git a/Makefile b/Makefile index 0b29ff618..612cf8486 100644 --- a/Makefile +++ b/Makefile @@ -94,7 +94,8 @@ release: manifests kustomize controller-gen $(KUSTOMIZE) build config/release-manifest >> manifest.yaml manifests: controller-gen ## Generate WebhookConfiguration, ClusterRole and CustomResourceDefinition objects. - $(CONTROLLER_GEN) rbac:roleName=manager-role crd webhook paths="./controllers/..." output:crd:artifacts:config=config/crd/bases + $(CONTROLLER_GEN) crd webhook paths="./apis/..." output:crd:artifacts:config=config/crd/bases + $(CONTROLLER_GEN) rbac:roleName=manager-role paths="./controllers/..." generate: controller-gen ## Generate code containing DeepCopy, DeepCopyInto, and DeepCopyObject method implementations. $(CONTROLLER_GEN) object:headerFile="hack/boilerplate.go.txt" paths="./controllers/..." diff --git a/config/crd/bases/cloud.redhat.com_clowdapps.yaml b/config/crd/bases/cloud.redhat.com_clowdapps.yaml index b07afdeb5..9ead12723 100644 --- a/config/crd/bases/cloud.redhat.com_clowdapps.yaml +++ b/config/crd/bases/cloud.redhat.com_clowdapps.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.16.4 name: clowdapps.cloud.redhat.com spec: group: cloud.redhat.com @@ -36,14 +35,19 @@ spec: description: ClowdApp is the Schema for the clowdapps API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -51,14 +55,13 @@ spec: description: A ClowdApp specification. properties: cyndi: - description: Configures 'cyndi' database syndication for this app. - When the app's ClowdEnvironment has the kafka provider set to (*_operator_*) - mode, Clowder will configure a CyndiPipeline for this app in the - environment's kafka-connect namespace. When the kafka provider is - in (*_app-interface_*) mode, Clowder will check to ensure that a - CyndiPipeline resource exists for the application in the environment's - kafka-connect namespace. For all other kafka provider modes, this - configuration option has no effect. + description: |- + Configures 'cyndi' database syndication for this app. When the app's ClowdEnvironment has + the kafka provider set to (*_operator_*) mode, Clowder will configure a CyndiPipeline + for this app in the environment's kafka-connect namespace. When the kafka provider is in + (*_app-interface_*) mode, Clowder will check to ensure that a CyndiPipeline resource exists + for the application in the environment's kafka-connect namespace. For all other kafka + provider modes, this configuration option has no effect. properties: additionalFilters: description: AdditionalFilters @@ -83,9 +86,9 @@ spec: type: boolean type: object database: - description: The database specification defines a single database, - the configuration of which will be made available to all the pods - in the ClowdApp. + description: |- + The database specification defines a single database, the configuration + of which will be made available to all the pods in the ClowdApp. properties: dbResourceSize: description: T-shirt size, one of small, medium, large @@ -102,14 +105,12 @@ spec: - large type: string name: - description: 'Defines the Name of the database used by this app. - This will be used as the name of the logical database created - by Clowder when the DB provider is in (*_local_*) mode. In (*_app-interface_*) - mode, the name here is used to locate the DB secret as a fallback - mechanism in cases where there is no ''clowder/database: '' - annotation set on any secrets by looking for a secret with ''db.host'' - starting with ''-'' where env is usually ''stage'' - or ''prod''' + description: |- + Defines the Name of the database used by this app. This will be used as the + name of the logical database created by Clowder when the DB provider is in (*_local_*) mode. + In (*_app-interface_*) mode, the name here is used to locate the DB secret as a fallback mechanism + in cases where there is no 'clowder/database: ' annotation set on any secrets by looking + for a secret with 'db.host' starting with '-' where env is usually 'stage' or 'prod' type: string sharedDbAppName: description: Defines the Name of the app to share a database from @@ -127,17 +128,18 @@ spec: type: integer type: object dependencies: - description: A list of dependencies in the form of the name of the - ClowdApps that are required to be present for this ClowdApp to function. + description: |- + A list of dependencies in the form of the name of the ClowdApps that are + required to be present for this ClowdApp to function. items: type: string type: array deployments: description: A list of deployments items: - description: Deployment defines a service running inside a ClowdApp - and will output a deployment resource. Only one container per - pod is allowed and this is defined in the PodSpec attribute. + description: |- + Deployment defines a service running inside a ClowdApp and will output a deployment resource. + Only one container per pod is allowed and this is defined in the PodSpec attribute. properties: autoScaler: description: AutoScaler defines the configuration for the Keda @@ -151,36 +153,30 @@ spec: horizontal scale config properties: behavior: - description: HorizontalPodAutoscalerBehavior configures - the scaling behavior of the target in both Up - and Down directions (scaleUp and scaleDown fields - respectively). + description: |- + HorizontalPodAutoscalerBehavior configures the scaling behavior of the target + in both Up and Down directions (scaleUp and scaleDown fields respectively). properties: scaleDown: - description: scaleDown is scaling policy for - scaling Down. If not set, the default value - is to allow to scale down to minReplicas pods, - with a 300 second stabilization window (i.e., - the highest recommendation for the last 300sec - is used). + description: |- + scaleDown is scaling policy for scaling Down. + If not set, the default value is to allow to scale down to minReplicas pods, with a + 300 second stabilization window (i.e., the highest recommendation for + the last 300sec is used). properties: policies: - description: policies is a list of potential - scaling polices which can be used during - scaling. At least one policy must be specified, - otherwise the HPAScalingRules will be - discarded as invalid + description: |- + policies is a list of potential scaling polices which can be used during scaling. + At least one policy must be specified, otherwise the HPAScalingRules will be discarded as invalid items: description: HPAScalingPolicy is a single policy which must hold true for a specified past interval. properties: periodSeconds: - description: periodSeconds specifies - the window of time for which the - policy should hold true. PeriodSeconds - must be greater than zero and less - than or equal to 1800 (30 min). + description: |- + periodSeconds specifies the window of time for which the policy should hold true. + PeriodSeconds must be greater than zero and less than or equal to 1800 (30 min). format: int32 type: integer type: @@ -188,10 +184,9 @@ spec: the scaling policy. type: string value: - description: value contains the amount - of change which is permitted by - the policy. It must be greater than - zero + description: |- + value contains the amount of change which is permitted by the policy. + It must be greater than zero format: int32 type: integer required: @@ -200,51 +195,44 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic selectPolicy: - description: selectPolicy is used to specify - which policy should be used. If not set, - the default value MaxPolicySelect is used. + description: |- + selectPolicy is used to specify which policy should be used. + If not set, the default value MaxPolicySelect is used. type: string stabilizationWindowSeconds: - description: 'stabilizationWindowSeconds - is the number of seconds for which past - recommendations should be considered while - scaling up or scaling down. StabilizationWindowSeconds - must be greater than or equal to zero - and less than or equal to 3600 (one hour). - If not set, use the default values: - - For scale up: 0 (i.e. no stabilization - is done). - For scale down: 300 (i.e. - the stabilization window is 300 seconds - long).' + description: |- + stabilizationWindowSeconds is the number of seconds for which past recommendations should be + considered while scaling up or scaling down. + StabilizationWindowSeconds must be greater than or equal to zero and less than or equal to 3600 (one hour). + If not set, use the default values: + - For scale up: 0 (i.e. no stabilization is done). + - For scale down: 300 (i.e. the stabilization window is 300 seconds long). format: int32 type: integer type: object scaleUp: - description: 'scaleUp is scaling policy for - scaling Up. If not set, the default value - is the higher of: * increase no more than - 4 pods per 60 seconds * double the number - of pods per 60 seconds No stabilization is - used.' + description: |- + scaleUp is scaling policy for scaling Up. + If not set, the default value is the higher of: + * increase no more than 4 pods per 60 seconds + * double the number of pods per 60 seconds + No stabilization is used. properties: policies: - description: policies is a list of potential - scaling polices which can be used during - scaling. At least one policy must be specified, - otherwise the HPAScalingRules will be - discarded as invalid + description: |- + policies is a list of potential scaling polices which can be used during scaling. + At least one policy must be specified, otherwise the HPAScalingRules will be discarded as invalid items: description: HPAScalingPolicy is a single policy which must hold true for a specified past interval. properties: periodSeconds: - description: periodSeconds specifies - the window of time for which the - policy should hold true. PeriodSeconds - must be greater than zero and less - than or equal to 1800 (30 min). + description: |- + periodSeconds specifies the window of time for which the policy should hold true. + PeriodSeconds must be greater than zero and less than or equal to 1800 (30 min). format: int32 type: integer type: @@ -252,10 +240,9 @@ spec: the scaling policy. type: string value: - description: value contains the amount - of change which is permitted by - the policy. It must be greater than - zero + description: |- + value contains the amount of change which is permitted by the policy. + It must be greater than zero format: int32 type: integer required: @@ -264,23 +251,20 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic selectPolicy: - description: selectPolicy is used to specify - which policy should be used. If not set, - the default value MaxPolicySelect is used. + description: |- + selectPolicy is used to specify which policy should be used. + If not set, the default value MaxPolicySelect is used. type: string stabilizationWindowSeconds: - description: 'stabilizationWindowSeconds - is the number of seconds for which past - recommendations should be considered while - scaling up or scaling down. StabilizationWindowSeconds - must be greater than or equal to zero - and less than or equal to 3600 (one hour). - If not set, use the default values: - - For scale up: 0 (i.e. no stabilization - is done). - For scale down: 300 (i.e. - the stabilization window is 300 seconds - long).' + description: |- + stabilizationWindowSeconds is the number of seconds for which past recommendations should be + considered while scaling up or scaling down. + StabilizationWindowSeconds must be greater than or equal to zero and less than or equal to 3600 (one hour). + If not set, use the default values: + - For scale up: 0 (i.e. no stabilization is done). + - For scale down: 300 (i.e. the stabilization window is 300 seconds long). format: int32 type: integer type: object @@ -292,16 +276,15 @@ spec: type: boolean type: object cooldownPeriod: - description: CooldownPeriod is the interval (in seconds) - to wait after the last trigger reported active before - scaling the deployment down. Default is 5 minutes (300 - seconds). + description: |- + CooldownPeriod is the interval (in seconds) to wait after the last trigger reported active before + scaling the deployment down. Default is 5 minutes (300 seconds). format: int32 type: integer externalHPA: - description: ExternalHPA allows replicas on deployments - to be controlled by another resource, but will not be - allowed to fall under the minReplicas as set in the ClowdApp. + description: |- + ExternalHPA allows replicas on deployments to be controlled by another resource, but will + not be allowed to fall under the minReplicas as set in the ClowdApp. type: boolean fallback: description: Fallback is the spec for fallback options @@ -317,8 +300,9 @@ spec: - replicas type: object maxReplicaCount: - description: MaxReplicaCount is the maximum number of replicas - the scaler will scale the deployment to. Default is 10. + description: |- + MaxReplicaCount is the maximum number of replicas the scaler will scale the deployment to. + Default is 10. format: int32 type: integer minReplicaCount: @@ -327,8 +311,9 @@ spec: format: int32 type: integer pollingInterval: - description: PollingInterval is the interval (in seconds) - to check each trigger on. Default is 30 seconds. + description: |- + PollingInterval is the interval (in seconds) to check each trigger on. + Default is 30 seconds. format: int32 type: integer triggers: @@ -337,9 +322,9 @@ spec: be used properties: authenticationRef: - description: ScaledObjectAuthRef points to the TriggerAuthentication - or ClusterTriggerAuthentication object that is used - to authenticate the scaler with the environment + description: |- + ScaledObjectAuthRef points to the TriggerAuthentication or ClusterTriggerAuthentication object that + is used to authenticate the scaler with the environment properties: kind: description: Kind of the resource being referred @@ -355,9 +340,9 @@ spec: type: string type: object metricType: - description: MetricTargetType specifies the type of - metric being targeted, and should be either "Value", - "AverageValue", or "Utilization" + description: |- + MetricTargetType specifies the type of metric being targeted, and should be either + "Value", "AverageValue", or "Utilization" type: string name: type: string @@ -370,9 +355,9 @@ spec: type: array type: object autoScalerSimple: - description: SimpleAutoScaler defines a simple HPA with scaling - for RAM and CPU by value and utilization thresholds, along - with replica count limits + description: |- + SimpleAutoScaler defines a simple HPA with scaling for RAM and CPU by + value and utilization thresholds, along with replica count limits properties: cpu: description: SimpleAutoScalerMetric defines a metric of @@ -412,14 +397,15 @@ spec: - replicas type: object deploymentStrategy: - description: DeploymentStrategy allows the deployment strategy - to be set only if the deployment has no public service enabled + description: |- + DeploymentStrategy allows the deployment strategy to be set only if the + deployment has no public service enabled properties: privateStrategy: - description: PrivateStrategy allows a deployment that only - uses a private port to set the deployment strategy one - of Recreate or Rolling, default for a private service - is Recreate. This is to enable a quicker roll out for + description: |- + PrivateStrategy allows a deployment that only uses a private port to set + the deployment strategy one of Recreate or Rolling, default for a + private service is Recreate. This is to enable a quicker roll out for services that do not have public facing endpoints. type: string type: object @@ -440,16 +426,17 @@ spec: type: object type: object minReplicas: - description: 'Deprecated: Use Replicas instead If Replicas is - not set and MinReplicas is set, then MinReplicas will be used' + description: |- + Deprecated: Use Replicas instead + If Replicas is not set and MinReplicas is set, then MinReplicas will be used format: int32 type: integer name: - description: Name defines the identifier of a Pod inside the - ClowdApp. This name will be used along side the name of the - ClowdApp itself to form a - pattern which will be - used for all other created resources and also for some labels. - It must be unique within a ClowdApp. + description: |- + Name defines the identifier of a Pod inside the ClowdApp. This name will + be used along side the name of the ClowdApp itself to form a - + pattern which will be used for all other created resources and also for + some labels. It must be unique within a ClowdApp. type: string podSpec: description: PodSpec defines a container running inside a ClowdApp. @@ -477,17 +464,16 @@ spec: be a C_IDENTIFIER. type: string value: - description: 'Variable references $(VAR_NAME) are - expanded using the previously defined environment - variables in the container and any service environment - variables. If a variable cannot be resolved, the - reference in the input string will be unchanged. - Double $$ are reduced to a single $, which allows - for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" - will produce the string literal "$(VAR_NAME)". Escaped - references will never be expanded, regardless of - whether the variable exists or not. Defaults to - "".' + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". type: string valueFrom: description: Source for the environment variable's @@ -500,10 +486,13 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string optional: description: Specify whether the ConfigMap @@ -512,12 +501,11 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: - description: 'Selects a field of the pod: supports - metadata.name, metadata.namespace, `metadata.labels['''']`, - `metadata.annotations['''']`, spec.nodeName, - spec.serviceAccountName, status.hostIP, status.podIP, - status.podIPs.' + description: |- + Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. properties: apiVersion: description: Version of the schema the FieldPath @@ -530,12 +518,11 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: - description: 'Selects a resource of the container: - only resources limits and requests (limits.cpu, - limits.memory, limits.ephemeral-storage, requests.cpu, - requests.memory and requests.ephemeral-storage) - are currently supported.' + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. properties: containerName: description: 'Container name: required for @@ -555,6 +542,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: description: Selects a key of a secret in the pod's namespace @@ -564,10 +552,13 @@ spec: from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string optional: description: Specify whether the Secret or @@ -576,6 +567,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -589,10 +581,10 @@ spec: description: A list of init containers used to perform at-startup operations. items: - description: InitContainer is a struct defining a k8s - init container. This will be deployed along with the - parent pod and is used to carry out one time initialization - procedures. + description: |- + InitContainer is a struct defining a k8s init container. This will be + deployed along with the parent pod and is used to carry out one time + initialization procedures. properties: args: description: A list of args to be passed to the init @@ -618,18 +610,16 @@ spec: Must be a C_IDENTIFIER. type: string value: - description: 'Variable references $(VAR_NAME) - are expanded using the previously defined - environment variables in the container and - any service environment variables. If a variable - cannot be resolved, the reference in the input - string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the - $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will - produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, - regardless of whether the variable exists - or not. Defaults to "".' + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". type: string valueFrom: description: Source for the environment variable's @@ -642,10 +632,13 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string optional: description: Specify whether the ConfigMap @@ -654,12 +647,11 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: - description: 'Selects a field of the pod: - supports metadata.name, metadata.namespace, - `metadata.labels['''']`, `metadata.annotations['''']`, - spec.nodeName, spec.serviceAccountName, - status.hostIP, status.podIP, status.podIPs.' + description: |- + Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. properties: apiVersion: description: Version of the schema the @@ -673,12 +665,11 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: - description: 'Selects a resource of the - container: only resources limits and requests - (limits.cpu, limits.memory, limits.ephemeral-storage, - requests.cpu, requests.memory and requests.ephemeral-storage) - are currently supported.' + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. properties: containerName: description: 'Container name: required @@ -700,6 +691,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: description: Selects a key of a secret in the pod's namespace @@ -710,10 +702,13 @@ spec: key. type: string name: - description: 'Name of the referent. + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string optional: description: Specify whether the Secret @@ -722,19 +717,21 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name type: object type: array image: - description: Image refers to the container image used - to create the init container (if different from - the primary pod image). + description: |- + Image refers to the container image used to create the init container + (if different from the primary pod image). type: string inheritEnv: - description: If true, inheirts the environment variables - from the parent pod. specification + description: |- + If true, inheirts the environment variables from the parent pod. + specification type: boolean name: description: Name gives an identifier in the situation @@ -747,37 +744,35 @@ spec: standard k8s format properties: postStart: - description: 'PostStart is called immediately after - a container is created. If the handler fails, the - container is terminated and restarted according to - its restart policy. Other management of the container - blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + description: |- + PostStart is called immediately after a container is created. If the handler fails, + the container is terminated and restarted according to its restart policy. + Other management of the container blocks until the hook completes. + More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks properties: exec: description: Exec specifies the action to take. properties: command: - description: Command is the command line to - execute inside the container, the working - directory for the command is root ('/') in - the container's filesystem. The command is - simply exec'd, it is not run inside a shell, - so traditional shell instructions ('|', etc) - won't work. To use a shell, you need to explicitly - call out to that shell. Exit status of 0 is - treated as live/healthy and non-zero is unhealthy. + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. properties: host: - description: Host name to connect to, defaults - to the pod IP. You probably want to set "Host" - in httpHeaders instead. + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. type: string httpHeaders: description: Custom headers to set in the request. @@ -787,10 +782,9 @@ spec: header to be used in HTTP probes properties: name: - description: The header field name. This - will be canonicalized upon output, so - case-variant names will be understood - as the same header. + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. type: string value: description: The header field value @@ -800,6 +794,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -807,13 +802,15 @@ spec: anyOf: - type: integer - type: string - description: Name or number of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting to - the host. Defaults to HTTP. + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. type: string required: - port @@ -831,11 +828,10 @@ spec: - seconds type: object tcpSocket: - description: Deprecated. TCPSocket is NOT supported - as a LifecycleHandler and kept for the backward - compatibility. There are no validation of this - field and lifecycle hooks will fail in runtime - when tcp handler is specified. + description: |- + Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + for the backward compatibility. There are no validation of this field and + lifecycle hooks will fail in runtime when tcp handler is specified. properties: host: description: 'Optional: Host name to connect @@ -845,53 +841,50 @@ spec: anyOf: - type: integer - type: string - description: Number or name of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true required: - port type: object type: object preStop: - description: 'PreStop is called immediately before a - container is terminated due to an API request or management - event such as liveness/startup probe failure, preemption, - resource contention, etc. The handler is not called - if the container crashes or exits. The Pod''s termination - grace period countdown begins before the PreStop hook - is executed. Regardless of the outcome of the handler, - the container will eventually terminate within the - Pod''s termination grace period (unless delayed by - finalizers). Other management of the container blocks - until the hook completes or until the termination - grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + description: |- + PreStop is called immediately before a container is terminated due to an + API request or management event such as liveness/startup probe failure, + preemption, resource contention, etc. The handler is not called if the + container crashes or exits. The Pod's termination grace period countdown begins before the + PreStop hook is executed. Regardless of the outcome of the handler, the + container will eventually terminate within the Pod's termination grace + period (unless delayed by finalizers). Other management of the container blocks until the hook completes + or until the termination grace period is reached. + More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks properties: exec: description: Exec specifies the action to take. properties: command: - description: Command is the command line to - execute inside the container, the working - directory for the command is root ('/') in - the container's filesystem. The command is - simply exec'd, it is not run inside a shell, - so traditional shell instructions ('|', etc) - won't work. To use a shell, you need to explicitly - call out to that shell. Exit status of 0 is - treated as live/healthy and non-zero is unhealthy. + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. properties: host: - description: Host name to connect to, defaults - to the pod IP. You probably want to set "Host" - in httpHeaders instead. + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. type: string httpHeaders: description: Custom headers to set in the request. @@ -901,10 +894,9 @@ spec: header to be used in HTTP probes properties: name: - description: The header field name. This - will be canonicalized upon output, so - case-variant names will be understood - as the same header. + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. type: string value: description: The header field value @@ -914,6 +906,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -921,13 +914,15 @@ spec: anyOf: - type: integer - type: string - description: Name or number of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting to - the host. Defaults to HTTP. + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. type: string required: - port @@ -945,11 +940,10 @@ spec: - seconds type: object tcpSocket: - description: Deprecated. TCPSocket is NOT supported - as a LifecycleHandler and kept for the backward - compatibility. There are no validation of this - field and lifecycle hooks will fail in runtime - when tcp handler is specified. + description: |- + Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + for the backward compatibility. There are no validation of this field and + lifecycle hooks will fail in runtime when tcp handler is specified. properties: host: description: 'Optional: Host name to connect @@ -959,9 +953,10 @@ spec: anyOf: - type: integer - type: string - description: Number or name of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true required: - port @@ -969,32 +964,31 @@ spec: type: object type: object livenessProbe: - description: A pass-through of a Liveness Probe specification - in standard k8s format. If omitted, a standard probe will - be setup point to the webPort defined in the ClowdEnvironment - and a path of /healthz. Ignored if Web is set to false. + description: |- + A pass-through of a Liveness Probe specification in standard k8s format. + If omitted, a standard probe will be setup point to the webPort defined + in the ClowdEnvironment and a path of /healthz. Ignored if Web is set to + false. properties: exec: description: Exec specifies the action to take. properties: command: - description: Command is the command line to execute - inside the container, the working directory for - the command is root ('/') in the container's - filesystem. The command is simply exec'd, it is - not run inside a shell, so traditional shell instructions - ('|', etc) won't work. To use a shell, you need - to explicitly call out to that shell. Exit status - of 0 is treated as live/healthy and non-zero is - unhealthy. + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: - description: Minimum consecutive failures for the probe - to be considered failed after having succeeded. Defaults - to 3. Minimum value is 1. + description: |- + Minimum consecutive failures for the probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. format: int32 type: integer grpc: @@ -1007,10 +1001,12 @@ spec: format: int32 type: integer service: - description: "Service is the name of the service - to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - \n If this is not specified, the default behavior - is defined by gRPC." + default: "" + description: |- + Service is the name of the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + + If this is not specified, the default behavior is defined by gRPC. type: string required: - port @@ -1019,9 +1015,9 @@ spec: description: HTTPGet specifies the http request to perform. properties: host: - description: Host name to connect to, defaults to - the pod IP. You probably want to set "Host" in - httpHeaders instead. + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. type: string httpHeaders: description: Custom headers to set in the request. @@ -1031,9 +1027,9 @@ spec: to be used in HTTP probes properties: name: - description: The header field name. This will - be canonicalized upon output, so case-variant - names will be understood as the same header. + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. type: string value: description: The header field value @@ -1043,6 +1039,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -1050,33 +1047,35 @@ spec: anyOf: - type: integer - type: string - description: Name or number of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting to the - host. Defaults to HTTP. + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. type: string required: - port type: object initialDelaySeconds: - description: 'Number of seconds after the container - has started before liveness probes are initiated. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes format: int32 type: integer periodSeconds: - description: How often (in seconds) to perform the probe. + description: |- + How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. format: int32 type: integer successThreshold: - description: Minimum consecutive successes for the probe - to be considered successful after having failed. Defaults - to 1. Must be 1 for liveness and startup. Minimum - value is 1. + description: |- + Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. format: int32 type: integer tcpSocket: @@ -1091,35 +1090,33 @@ spec: anyOf: - type: integer - type: string - description: Number or name of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: - description: Optional duration in seconds the pod needs - to terminate gracefully upon probe failure. The grace - period is the duration in seconds after the processes - running in the pod are sent a termination signal and - the time when the processes are forcibly halted with - a kill signal. Set this value longer than the expected - cleanup time for your process. If this value is nil, - the pod's terminationGracePeriodSeconds will be used. - Otherwise, this value overrides the value provided - by the pod spec. Value must be non-negative integer. - The value zero indicates stop immediately via the - kill signal (no opportunity to shut down). This is - a beta field and requires enabling ProbeTerminationGracePeriod - feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds - is used if unset. + description: |- + Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after the processes running in the pod are sent + a termination signal and the time when the processes are forcibly halted with a kill signal. + Set this value longer than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates stop immediately via + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. format: int64 type: integer timeoutSeconds: - description: 'Number of seconds after which the probe - times out. Defaults to 1 second. Minimum value is - 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes format: int32 type: integer type: object @@ -1137,32 +1134,31 @@ spec: type: object type: object readinessProbe: - description: A pass-through of a Readiness Probe specification - in standard k8s format. If omitted, a standard probe will - be setup point to the webPort defined in the ClowdEnvironment - and a path of /healthz. Ignored if Web is set to false. + description: |- + A pass-through of a Readiness Probe specification in standard k8s format. + If omitted, a standard probe will be setup point to the webPort defined + in the ClowdEnvironment and a path of /healthz. Ignored if Web is set to + false. properties: exec: description: Exec specifies the action to take. properties: command: - description: Command is the command line to execute - inside the container, the working directory for - the command is root ('/') in the container's - filesystem. The command is simply exec'd, it is - not run inside a shell, so traditional shell instructions - ('|', etc) won't work. To use a shell, you need - to explicitly call out to that shell. Exit status - of 0 is treated as live/healthy and non-zero is - unhealthy. + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: - description: Minimum consecutive failures for the probe - to be considered failed after having succeeded. Defaults - to 3. Minimum value is 1. + description: |- + Minimum consecutive failures for the probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. format: int32 type: integer grpc: @@ -1175,10 +1171,12 @@ spec: format: int32 type: integer service: - description: "Service is the name of the service - to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - \n If this is not specified, the default behavior - is defined by gRPC." + default: "" + description: |- + Service is the name of the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + + If this is not specified, the default behavior is defined by gRPC. type: string required: - port @@ -1187,9 +1185,9 @@ spec: description: HTTPGet specifies the http request to perform. properties: host: - description: Host name to connect to, defaults to - the pod IP. You probably want to set "Host" in - httpHeaders instead. + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. type: string httpHeaders: description: Custom headers to set in the request. @@ -1199,9 +1197,9 @@ spec: to be used in HTTP probes properties: name: - description: The header field name. This will - be canonicalized upon output, so case-variant - names will be understood as the same header. + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. type: string value: description: The header field value @@ -1211,6 +1209,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -1218,33 +1217,35 @@ spec: anyOf: - type: integer - type: string - description: Name or number of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting to the - host. Defaults to HTTP. + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. type: string required: - port type: object initialDelaySeconds: - description: 'Number of seconds after the container - has started before liveness probes are initiated. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes format: int32 type: integer periodSeconds: - description: How often (in seconds) to perform the probe. + description: |- + How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. format: int32 type: integer successThreshold: - description: Minimum consecutive successes for the probe - to be considered successful after having failed. Defaults - to 1. Must be 1 for liveness and startup. Minimum - value is 1. + description: |- + Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. format: int32 type: integer tcpSocket: @@ -1259,60 +1260,67 @@ spec: anyOf: - type: integer - type: string - description: Number or name of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: - description: Optional duration in seconds the pod needs - to terminate gracefully upon probe failure. The grace - period is the duration in seconds after the processes - running in the pod are sent a termination signal and - the time when the processes are forcibly halted with - a kill signal. Set this value longer than the expected - cleanup time for your process. If this value is nil, - the pod's terminationGracePeriodSeconds will be used. - Otherwise, this value overrides the value provided - by the pod spec. Value must be non-negative integer. - The value zero indicates stop immediately via the - kill signal (no opportunity to shut down). This is - a beta field and requires enabling ProbeTerminationGracePeriod - feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds - is used if unset. + description: |- + Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after the processes running in the pod are sent + a termination signal and the time when the processes are forcibly halted with a kill signal. + Set this value longer than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates stop immediately via + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. format: int64 type: integer timeoutSeconds: - description: 'Number of seconds after which the probe - times out. Defaults to 1 second. Minimum value is - 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes format: int32 type: integer type: object resources: - description: A pass-through of a resource requirements in - k8s ResourceRequirements format. If omitted, the default - resource requirements from the ClowdEnvironment will be - used. + description: |- + A pass-through of a resource requirements in k8s ResourceRequirements + format. If omitted, the default resource requirements from the + ClowdEnvironment will be used. properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. \n This field - is immutable. It can only be set for containers." + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry - in pod.spec.resourceClaims of the Pod where - this field is used. It makes that resource available + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available inside a container. type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string required: - name type: object @@ -1327,8 +1335,9 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of - compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object requests: additionalProperties: @@ -1337,11 +1346,11 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount - of compute resources required. If Requests is omitted - for a container, it defaults to Limits if that is - explicitly specified, otherwise to an implementation-defined - value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object type: object sidecars: @@ -1363,8 +1372,9 @@ spec: type: object type: array terminationGracePeriodSeconds: - description: A pass-through of TerminationGracePeriodSeconds - specification in standard k8s format default is 30 seconds + description: |- + A pass-through of TerminationGracePeriodSeconds specification in standard k8s format + default is 30 seconds format: int64 type: integer volumeMounts: @@ -1375,34 +1385,57 @@ spec: within a container. properties: mountPath: - description: Path within the container at which the - volume should be mounted. Must not contain ':'. + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. type: string mountPropagation: - description: mountPropagation determines how mounts - are propagated from the host to container and the - other way around. When not set, MountPropagationNone - is used. This field is beta in 1.10. + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). type: string name: description: This must match the Name of a Volume. type: string readOnly: - description: Mounted read-only if true, read-write - otherwise (false or unspecified). Defaults to false. + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string subPath: - description: Path within the volume from which the - container's volume should be mounted. Defaults to - "" (volume's root). + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). type: string subPathExpr: - description: Expanded path within the volume from - which the container's volume should be mounted. - Behaves similarly to SubPath but environment variable - references $(VAR_NAME) are expanded using the container's - environment. Defaults to "" (volume's root). SubPathExpr - and SubPath are mutually exclusive. + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. type: string required: - mountPath @@ -1417,40 +1450,35 @@ spec: that may be accessed by any container in the pod. properties: awsElasticBlockStore: - description: 'awsElasticBlockStore represents an AWS - Disk resource that is attached to a kubelet''s host - machine and then exposed to the pod. More info: - https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + description: |- + awsElasticBlockStore represents an AWS Disk resource that is attached to a + kubelet's host machine and then exposed to the pod. + More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore properties: fsType: - description: 'fsType is the filesystem type of - the volume that you want to mount. Tip: Ensure - that the filesystem type is supported by the - host operating system. Examples: "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - TODO: how do we prevent errors in the filesystem - from compromising the machine' + description: |- + fsType is the filesystem type of the volume that you want to mount. + Tip: Ensure that the filesystem type is supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore type: string partition: - description: 'partition is the partition in the - volume that you want to mount. If omitted, the - default is to mount by volume name. Examples: - For volume /dev/sda1, you specify the partition - as "1". Similarly, the volume partition for - /dev/sda is "0" (or you can leave the property - empty).' + description: |- + partition is the partition in the volume that you want to mount. + If omitted, the default is to mount by volume name. + Examples: For volume /dev/sda1, you specify the partition as "1". + Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). format: int32 type: integer readOnly: - description: 'readOnly value true will force the - readOnly setting in VolumeMounts. More info: - https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + description: |- + readOnly value true will force the readOnly setting in VolumeMounts. + More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore type: boolean volumeID: - description: 'volumeID is unique ID of the persistent - disk resource in AWS (Amazon EBS volume). More - info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + description: |- + volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). + More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore type: string required: - volumeID @@ -1472,10 +1500,11 @@ spec: the blob storage type: string fsType: - description: fsType is Filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". - Implicitly inferred to be "ext4" if unspecified. + default: ext4 + description: |- + fsType is Filesystem type to mount. + Must be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. type: string kind: description: 'kind expected values are Shared: @@ -1485,9 +1514,10 @@ spec: set). defaults to shared' type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. + default: false + description: |- + readOnly Defaults to false (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. type: boolean required: - diskName @@ -1498,9 +1528,9 @@ spec: mount on the host and bind mount to the pod. properties: readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. + description: |- + readOnly defaults to false (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. type: boolean secretName: description: secretName is the name of secret @@ -1519,78 +1549,91 @@ spec: the host that shares a pod's lifetime properties: monitors: - description: 'monitors is Required: Monitors is - a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + description: |- + monitors is Required: Monitors is a collection of Ceph monitors + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it items: type: string type: array + x-kubernetes-list-type: atomic path: description: 'path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /' type: string readOnly: - description: 'readOnly is Optional: Defaults to - false (read/write). ReadOnly here will force - the ReadOnly setting in VolumeMounts. More info: - https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + description: |- + readOnly is Optional: Defaults to false (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it type: boolean secretFile: - description: 'secretFile is Optional: SecretFile - is the path to key ring for User, default is - /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + description: |- + secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it type: string secretRef: - description: 'secretRef is Optional: SecretRef - is reference to the authentication secret for - User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + description: |- + secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string type: object + x-kubernetes-map-type: atomic user: - description: 'user is optional: User is the rados - user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + description: |- + user is optional: User is the rados user name, default is admin + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it type: string required: - monitors type: object cinder: - description: 'cinder represents a cinder volume attached - and mounted on kubelets host machine. More info: - https://examples.k8s.io/mysql-cinder-pd/README.md' + description: |- + cinder represents a cinder volume attached and mounted on kubelets host machine. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md properties: fsType: - description: 'fsType is the filesystem type to - mount. Must be a filesystem type supported by - the host operating system. Examples: "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + description: |- + fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md type: string readOnly: - description: 'readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + description: |- + readOnly defaults to false (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md type: boolean secretRef: - description: 'secretRef is optional: points to - a secret object containing parameters used to - connect to OpenStack.' + description: |- + secretRef is optional: points to a secret object containing parameters used to connect + to OpenStack. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string type: object + x-kubernetes-map-type: atomic volumeID: - description: 'volumeID used to identify the volume - in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + description: |- + volumeID used to identify the volume in cinder. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md type: string required: - volumeID @@ -1600,31 +1643,25 @@ spec: should populate this volume properties: defaultMode: - description: 'defaultMode is optional: mode bits - used to set permissions on created files by - default. Must be an octal value between 0000 - and 0777 or a decimal value between 0 and 511. - YAML accepts both octal and decimal values, - JSON requires decimal values for mode bits. - Defaults to 0644. Directories within the path - are not affected by this setting. This might - be in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' + description: |- + defaultMode is optional: mode bits used to set permissions on created files by default. + Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + Defaults to 0644. + Directories within the path are not affected by this setting. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. format: int32 type: integer items: - description: items if unspecified, each key-value - pair in the Data field of the referenced ConfigMap - will be projected into the volume as a file - whose name is the key and content is the value. - If specified, the listed keys will be projected - into the specified paths, and unlisted keys - will not be present. If a key is specified which - is not present in the ConfigMap, the volume - setup will error unless it is marked optional. - Paths must be relative and may not contain the - '..' path or start with '..'. + description: |- + items if unspecified, each key-value pair in the Data field of the referenced + ConfigMap will be projected into the volume as a file whose name is the + key and content is the value. If specified, the listed keys will be + projected into the specified paths, and unlisted keys will not be + present. If a key is specified which is not present in the ConfigMap, + the volume setup will error unless it is marked optional. Paths must be + relative and may not contain the '..' path or start with '..'. items: description: Maps a string key to a path within a volume. @@ -1633,87 +1670,89 @@ spec: description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits - used to set permissions on this file. - Must be an octal value between 0000 and - 0777 or a decimal value between 0 and - 511. YAML accepts both octal and decimal - values, JSON requires decimal values for - mode bits. If not specified, the volume - defaultMode will be used. This might be - in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' + description: |- + mode is Optional: mode bits used to set permissions on this file. + Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + If not specified, the volume defaultMode will be used. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. format: int32 type: integer path: - description: path is the relative path of - the file to map the key to. May not be - an absolute path. May not contain the - path element '..'. May not start with - the string '..'. + description: |- + path is the relative path of the file to map the key to. + May not be an absolute path. + May not contain the path element '..'. + May not start with the string '..'. type: string required: - key - path type: object type: array + x-kubernetes-list-type: atomic name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string optional: description: optional specify whether the ConfigMap or its keys must be defined type: boolean type: object + x-kubernetes-map-type: atomic csi: description: csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). properties: driver: - description: driver is the name of the CSI driver - that handles this volume. Consult with your - admin for the correct name as registered in - the cluster. + description: |- + driver is the name of the CSI driver that handles this volume. + Consult with your admin for the correct name as registered in the cluster. type: string fsType: - description: fsType to mount. Ex. "ext4", "xfs", - "ntfs". If not provided, the empty value is - passed to the associated CSI driver which will - determine the default filesystem to apply. + description: |- + fsType to mount. Ex. "ext4", "xfs", "ntfs". + If not provided, the empty value is passed to the associated CSI driver + which will determine the default filesystem to apply. type: string nodePublishSecretRef: - description: nodePublishSecretRef is a reference - to the secret object containing sensitive information - to pass to the CSI driver to complete the CSI + description: |- + nodePublishSecretRef is a reference to the secret object containing + sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. - This field is optional, and may be empty if - no secret is required. If the secret object - contains more than one secret, all secret references - are passed. + This field is optional, and may be empty if no secret is required. If the + secret object contains more than one secret, all secret references are passed. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string type: object + x-kubernetes-map-type: atomic readOnly: - description: readOnly specifies a read-only configuration - for the volume. Defaults to false (read/write). + description: |- + readOnly specifies a read-only configuration for the volume. + Defaults to false (read/write). type: boolean volumeAttributes: additionalProperties: type: string - description: volumeAttributes stores driver-specific - properties that are passed to the CSI driver. - Consult your driver's documentation for supported - values. + description: |- + volumeAttributes stores driver-specific properties that are passed to the CSI + driver. Consult your driver's documentation for supported values. type: object required: - driver @@ -1723,18 +1762,15 @@ spec: the pod that should populate this volume properties: defaultMode: - description: 'Optional: mode bits to use on created - files by default. Must be a Optional: mode bits - used to set permissions on created files by - default. Must be an octal value between 0000 - and 0777 or a decimal value between 0 and 511. - YAML accepts both octal and decimal values, - JSON requires decimal values for mode bits. - Defaults to 0644. Directories within the path - are not affected by this setting. This might - be in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' + description: |- + Optional: mode bits to use on created files by default. Must be a + Optional: mode bits used to set permissions on created files by default. + Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + Defaults to 0644. + Directories within the path are not affected by this setting. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. format: int32 type: integer items: @@ -1748,7 +1784,7 @@ spec: fieldRef: description: 'Required: Selects a field of the pod: only annotations, labels, - name and namespace are supported.' + name, namespace and uid are supported.' properties: apiVersion: description: Version of the schema the @@ -1762,18 +1798,15 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic mode: - description: 'Optional: mode bits used to - set permissions on this file, must be - an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML - accepts both octal and decimal values, - JSON requires decimal values for mode - bits. If not specified, the volume defaultMode - will be used. This might be in conflict - with other options that affect the file - mode, like fsGroup, and the result can - be other mode bits set.' + description: |- + Optional: mode bits used to set permissions on this file, must be an octal value + between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + If not specified, the volume defaultMode will be used. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. format: int32 type: integer path: @@ -1785,10 +1818,9 @@ spec: with ''..''' type: string resourceFieldRef: - description: 'Selects a resource of the - container: only resources limits and requests - (limits.cpu, limits.memory, requests.cpu - and requests.memory) are currently supported.' + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. properties: containerName: description: 'Container name: required @@ -1810,130 +1842,127 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic required: - path type: object type: array + x-kubernetes-list-type: atomic type: object emptyDir: - description: 'emptyDir represents a temporary directory - that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + description: |- + emptyDir represents a temporary directory that shares a pod's lifetime. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir properties: medium: - description: 'medium represents what type of storage - medium should back this directory. The default - is "" which means to use the node''s default - medium. Must be an empty string (default) or - Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + description: |- + medium represents what type of storage medium should back this directory. + The default is "" which means to use the node's default medium. + Must be an empty string (default) or Memory. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir type: string sizeLimit: anyOf: - type: integer - type: string - description: 'sizeLimit is the total amount of - local storage required for this EmptyDir volume. - The size limit is also applicable for memory - medium. The maximum usage on memory medium EmptyDir - would be the minimum value between the SizeLimit - specified here and the sum of memory limits - of all containers in a pod. The default is nil - which means that the limit is undefined. More - info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + description: |- + sizeLimit is the total amount of local storage required for this EmptyDir volume. + The size limit is also applicable for memory medium. + The maximum usage on memory medium EmptyDir would be the minimum value between + the SizeLimit specified here and the sum of memory limits of all containers in a pod. + The default is nil which means that the limit is undefined. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object ephemeral: - description: "ephemeral represents a volume that is - handled by a cluster storage driver. The volume's - lifecycle is tied to the pod that defines it - it - will be created before the pod starts, and deleted - when the pod is removed. \n Use this if: a) the - volume is only needed while the pod runs, b) features - of normal volumes like restoring from snapshot or - capacity tracking are needed, c) the storage driver - is specified through a storage class, and d) the - storage driver supports dynamic volume provisioning - through a PersistentVolumeClaim (see EphemeralVolumeSource - for more information on the connection between this - volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim - or one of the vendor-specific APIs for volumes that - persist for longer than the lifecycle of an individual - pod. \n Use CSI for light-weight local ephemeral - volumes if the CSI driver is meant to be used that - way - see the documentation of the driver for more - information. \n A pod can use both types of ephemeral - volumes and persistent volumes at the same time." + description: |- + ephemeral represents a volume that is handled by a cluster storage driver. + The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, + and deleted when the pod is removed. + + Use this if: + a) the volume is only needed while the pod runs, + b) features of normal volumes like restoring from snapshot or capacity + tracking are needed, + c) the storage driver is specified through a storage class, and + d) the storage driver supports dynamic volume provisioning through + a PersistentVolumeClaim (see EphemeralVolumeSource for more + information on the connection between this volume type + and PersistentVolumeClaim). + + Use PersistentVolumeClaim or one of the vendor-specific + APIs for volumes that persist for longer than the lifecycle + of an individual pod. + + Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to + be used that way - see the documentation of the driver for + more information. + + A pod can use both types of ephemeral volumes and + persistent volumes at the same time. properties: volumeClaimTemplate: - description: "Will be used to create a stand-alone - PVC to provision the volume. The pod in which - this EphemeralVolumeSource is embedded will - be the owner of the PVC, i.e. the PVC will be - deleted together with the pod. The name of - the PVC will be `-` where - `` is the name from the `PodSpec.Volumes` - array entry. Pod validation will reject the - pod if the concatenated name is not valid for - a PVC (for example, too long). \n An existing - PVC with that name that is not owned by the - pod will *not* be used for the pod to avoid - using an unrelated volume by mistake. Starting - the pod is then blocked until the unrelated - PVC is removed. If such a pre-created PVC is - meant to be used by the pod, the PVC has to - updated with an owner reference to the pod once - the pod exists. Normally this should not be - necessary, but it may be useful when manually - reconstructing a broken cluster. \n This field - is read-only and no changes will be made by - Kubernetes to the PVC after it has been created. - \n Required, must not be nil." + description: |- + Will be used to create a stand-alone PVC to provision the volume. + The pod in which this EphemeralVolumeSource is embedded will be the + owner of the PVC, i.e. the PVC will be deleted together with the + pod. The name of the PVC will be `-` where + `` is the name from the `PodSpec.Volumes` array + entry. Pod validation will reject the pod if the concatenated name + is not valid for a PVC (for example, too long). + + An existing PVC with that name that is not owned by the pod + will *not* be used for the pod to avoid using an unrelated + volume by mistake. Starting the pod is then blocked until + the unrelated PVC is removed. If such a pre-created PVC is + meant to be used by the pod, the PVC has to updated with an + owner reference to the pod once the pod exists. Normally + this should not be necessary, but it may be useful when + manually reconstructing a broken cluster. + + This field is read-only and no changes will be made by Kubernetes + to the PVC after it has been created. + + Required, must not be nil. properties: metadata: - description: May contain labels and annotations - that will be copied into the PVC when creating - it. No other fields are allowed and will - be rejected during validation. + description: |- + May contain labels and annotations that will be copied into the PVC + when creating it. No other fields are allowed and will be rejected during + validation. type: object spec: - description: The specification for the PersistentVolumeClaim. - The entire content is copied unchanged into - the PVC that gets created from this template. - The same fields as in a PersistentVolumeClaim + description: |- + The specification for the PersistentVolumeClaim. The entire content is + copied unchanged into the PVC that gets created from this + template. The same fields as in a PersistentVolumeClaim are also valid here. properties: accessModes: - description: 'accessModes contains the - desired access modes the volume should - have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + description: |- + accessModes contains the desired access modes the volume should have. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 items: type: string type: array + x-kubernetes-list-type: atomic dataSource: - description: 'dataSource field can be - used to specify either: * An existing - VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + description: |- + dataSource field can be used to specify either: + * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) - If the provisioner or an external controller - can support the specified data source, - it will create a new volume based on - the contents of the specified data source. - When the AnyVolumeDataSource feature - gate is enabled, dataSource contents - will be copied to dataSourceRef, and - dataSourceRef contents will be copied - to dataSource when dataSourceRef.namespace - is not specified. If the namespace is - specified, then dataSourceRef will not - be copied to dataSource.' + If the provisioner or an external controller can support the specified data source, + it will create a new volume based on the contents of the specified data source. + When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + If the namespace is specified, then dataSourceRef will not be copied to dataSource. properties: apiGroup: - description: APIGroup is the group - for the resource being referenced. - If APIGroup is not specified, the - specified Kind must be in the core - API group. For any other third-party - types, APIGroup is required. + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. type: string kind: description: Kind is the type of resource @@ -1947,53 +1976,38 @@ spec: - kind - name type: object + x-kubernetes-map-type: atomic dataSourceRef: - description: 'dataSourceRef specifies - the object from which to populate the - volume with data, if a non-empty volume - is desired. This may be any object from - a non-empty API group (non core object) - or a PersistentVolumeClaim object. When - this field is specified, volume binding - will only succeed if the type of the - specified object matches some installed - volume populator or dynamic provisioner. - This field will replace the functionality - of the dataSource field and as such - if both fields are non-empty, they must - have the same value. For backwards compatibility, - when namespace isn''t specified in dataSourceRef, - both fields (dataSource and dataSourceRef) - will be set to the same value automatically - if one of them is empty and the other - is non-empty. When namespace is specified - in dataSourceRef, dataSource isn''t - set to the same value and must be empty. - There are three important differences - between dataSource and dataSourceRef: - * While dataSource only allows two specific - types of objects, dataSourceRef allows - any non-core object, as well as PersistentVolumeClaim - objects. * While dataSource ignores - disallowed values (dropping them), dataSourceRef - preserves all values, and generates - an error if a disallowed value is specified. - * While dataSource only allows local - objects, dataSourceRef allows objects - in any namespaces. (Beta) Using this - field requires the AnyVolumeDataSource - feature gate to be enabled. (Alpha) - Using the namespace field of dataSourceRef - requires the CrossNamespaceVolumeDataSource - feature gate to be enabled.' + description: |- + dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + volume is desired. This may be any object from a non-empty API group (non + core object) or a PersistentVolumeClaim object. + When this field is specified, volume binding will only succeed if the type of + the specified object matches some installed volume populator or dynamic + provisioner. + This field will replace the functionality of the dataSource field and as such + if both fields are non-empty, they must have the same value. For backwards + compatibility, when namespace isn't specified in dataSourceRef, + both fields (dataSource and dataSourceRef) will be set to the same + value automatically if one of them is empty and the other is non-empty. + When namespace is specified in dataSourceRef, + dataSource isn't set to the same value and must be empty. + There are three important differences between dataSource and dataSourceRef: + * While dataSource only allows two specific types of objects, dataSourceRef + allows any non-core object, as well as PersistentVolumeClaim objects. + * While dataSource ignores disallowed values (dropping them), dataSourceRef + preserves all values, and generates an error if a disallowed value is + specified. + * While dataSource only allows local objects, dataSourceRef allows objects + in any namespaces. + (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. properties: apiGroup: - description: APIGroup is the group - for the resource being referenced. - If APIGroup is not specified, the - specified Kind must be in the core - API group. For any other third-party - types, APIGroup is required. + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. type: string kind: description: Kind is the type of resource @@ -2004,32 +2018,22 @@ spec: being referenced type: string namespace: - description: Namespace is the namespace - of resource being referenced Note - that when a namespace is specified, - a gateway.networking.k8s.io/ReferenceGrant - object is required in the referent - namespace to allow that namespace's - owner to accept the reference. See - the ReferenceGrant documentation - for details. (Alpha) This field - requires the CrossNamespaceVolumeDataSource - feature gate to be enabled. + description: |- + Namespace is the namespace of resource being referenced + Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. type: string required: - kind - name type: object resources: - description: 'resources represents the - minimum resources the volume should - have. If RecoverVolumeExpansionFailure - feature is enabled users are allowed - to specify resource requirements that - are lower than previous value but must - still be higher than capacity recorded - in the status field of the claim. More - info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' + description: |- + resources represents the minimum resources the volume should have. + If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources properties: limits: additionalProperties: @@ -2038,9 +2042,9 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the - maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object requests: additionalProperties: @@ -2049,14 +2053,11 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the - minimum amount of compute resources - required. If Requests is omitted - for a container, it defaults to - Limits if that is explicitly specified, - otherwise to an implementation-defined - value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object type: object selector: @@ -2068,10 +2069,9 @@ spec: list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label @@ -2079,81 +2079,60 @@ spec: to. type: string operator: - description: operator represents - a key's relationship to a - set of values. Valid operators - are In, NotIn, Exists and - DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array - of string values. If the operator - is In or NotIn, the values - array must be non-empty. If - the operator is Exists or - DoesNotExist, the values array - must be empty. This array - is replaced during a strategic + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic merge patch. items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string - description: matchLabels is a map - of {key,value} pairs. A single {key,value} - in the matchLabels map is equivalent - to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are - ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object + x-kubernetes-map-type: atomic storageClassName: - description: 'storageClassName is the - name of the StorageClass required by - the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + description: |- + storageClassName is the name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 type: string volumeAttributesClassName: - description: 'volumeAttributesClassName - may be used to set the VolumeAttributesClass - used by this claim. If specified, the - CSI driver will create or update the - volume with the attributes defined in - the corresponding VolumeAttributesClass. - This has a different purpose than storageClassName, - it can be changed after the claim is - created. An empty string value means - that no VolumeAttributesClass will be - applied to the claim but it''s not allowed - to reset this field to empty string - once it is set. If unspecified and the - PersistentVolumeClaim is unbound, the - default VolumeAttributesClass will be - set by the persistentvolume controller - if it exists. If the resource referred - to by volumeAttributesClass does not - exist, this PersistentVolumeClaim will - be set to a Pending state, as reflected - by the modifyVolumeStatus field, until - such as a resource exists. More info: - https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass - (Alpha) Using this field requires the - VolumeAttributesClass feature gate to - be enabled.' + description: |- + volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + If specified, the CSI driver will create or update the volume with the attributes defined + in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + will be set by the persistentvolume controller if it exists. + If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + exists. + More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). type: string volumeMode: - description: volumeMode defines what type - of volume is required by the claim. - Value of Filesystem is implied when - not included in claim spec. + description: |- + volumeMode defines what type of volume is required by the claim. + Value of Filesystem is implied when not included in claim spec. type: string volumeName: description: volumeName is the binding @@ -2171,21 +2150,19 @@ spec: then exposed to the pod. properties: fsType: - description: 'fsType is the filesystem type to - mount. Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. TODO: how do we prevent errors - in the filesystem from compromising the machine' + description: |- + fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. type: string lun: description: 'lun is Optional: FC target lun number' format: int32 type: integer readOnly: - description: 'readOnly is Optional: Defaults to - false (read/write). ReadOnly here will force - the ReadOnly setting in VolumeMounts.' + description: |- + readOnly is Optional: Defaults to false (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. type: boolean targetWWNs: description: 'targetWWNs is Optional: FC target @@ -2193,30 +2170,30 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic wwids: - description: 'wwids Optional: FC volume world - wide identifiers (wwids) Either wwids or combination - of targetWWNs and lun must be set, but not both - simultaneously.' + description: |- + wwids Optional: FC volume world wide identifiers (wwids) + Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously. items: type: string type: array + x-kubernetes-list-type: atomic type: object flexVolume: - description: flexVolume represents a generic volume - resource that is provisioned/attached using an exec - based plugin. + description: |- + flexVolume represents a generic volume resource that is + provisioned/attached using an exec based plugin. properties: driver: description: driver is the name of the driver to use for this volume. type: string fsType: - description: fsType is the filesystem type to - mount. Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs", - "ntfs". The default filesystem depends on FlexVolume - script. + description: |- + fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script. type: string options: additionalProperties: @@ -2225,26 +2202,29 @@ spec: holds extra command options if any.' type: object readOnly: - description: 'readOnly is Optional: defaults to - false (read/write). ReadOnly here will force - the ReadOnly setting in VolumeMounts.' + description: |- + readOnly is Optional: defaults to false (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. type: boolean secretRef: - description: 'secretRef is Optional: secretRef - is reference to the secret object containing - sensitive information to pass to the plugin - scripts. This may be empty if no secret object - is specified. If the secret object contains - more than one secret, all secrets are passed - to the plugin scripts.' + description: |- + secretRef is Optional: secretRef is reference to the secret object containing + sensitive information to pass to the plugin scripts. This may be + empty if no secret object is specified. If the secret object + contains more than one secret, all secrets are passed to the plugin + scripts. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string type: object + x-kubernetes-map-type: atomic required: - driver type: object @@ -2254,9 +2234,9 @@ spec: Flocker control service being running properties: datasetName: - description: datasetName is Name of the dataset - stored as metadata -> name on the dataset for - Flocker should be considered as deprecated + description: |- + datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker + should be considered as deprecated type: string datasetUUID: description: datasetUUID is the UUID of the dataset. @@ -2264,57 +2244,53 @@ spec: type: string type: object gcePersistentDisk: - description: 'gcePersistentDisk represents a GCE Disk - resource that is attached to a kubelet''s host machine - and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + description: |- + gcePersistentDisk represents a GCE Disk resource that is attached to a + kubelet's host machine and then exposed to the pod. + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk properties: fsType: - description: 'fsType is filesystem type of the - volume that you want to mount. Tip: Ensure that - the filesystem type is supported by the host - operating system. Examples: "ext4", "xfs", "ntfs". - Implicitly inferred to be "ext4" if unspecified. + description: |- + fsType is filesystem type of the volume that you want to mount. + Tip: Ensure that the filesystem type is supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string partition: - description: 'partition is the partition in the - volume that you want to mount. If omitted, the - default is to mount by volume name. Examples: - For volume /dev/sda1, you specify the partition - as "1". Similarly, the volume partition for - /dev/sda is "0" (or you can leave the property - empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + description: |- + partition is the partition in the volume that you want to mount. + If omitted, the default is to mount by volume name. + Examples: For volume /dev/sda1, you specify the partition as "1". + Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk format: int32 type: integer pdName: - description: 'pdName is unique name of the PD - resource in GCE. Used to identify the disk in - GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + description: |- + pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk type: string readOnly: - description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. - More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + description: |- + readOnly here will force the ReadOnly setting in VolumeMounts. + Defaults to false. + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk type: boolean required: - pdName type: object gitRepo: - description: 'gitRepo represents a git repository - at a particular revision. DEPRECATED: GitRepo is - deprecated. To provision a container with a git - repo, mount an EmptyDir into an InitContainer that - clones the repo using git, then mount the EmptyDir - into the Pod''s container.' + description: |- + gitRepo represents a git repository at a particular revision. + DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an + EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir + into the Pod's container. properties: directory: - description: directory is the target directory - name. Must not contain or start with '..'. If - '.' is supplied, the volume directory will be - the git repository. Otherwise, if specified, - the volume will contain the git repository in + description: |- + directory is the target directory name. + Must not contain or start with '..'. If '.' is supplied, the volume directory will be the + git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name. type: string repository: @@ -2328,54 +2304,93 @@ spec: - repository type: object glusterfs: - description: 'glusterfs represents a Glusterfs mount - on the host that shares a pod''s lifetime. More - info: https://examples.k8s.io/volumes/glusterfs/README.md' + description: |- + glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. + More info: https://examples.k8s.io/volumes/glusterfs/README.md properties: endpoints: - description: 'endpoints is the endpoint name that - details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + description: |- + endpoints is the endpoint name that details Glusterfs topology. + More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod type: string path: - description: 'path is the Glusterfs volume path. - More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + description: |- + path is the Glusterfs volume path. + More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod type: string readOnly: - description: 'readOnly here will force the Glusterfs - volume to be mounted with read-only permissions. - Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + description: |- + readOnly here will force the Glusterfs volume to be mounted with read-only permissions. + Defaults to false. + More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod type: boolean required: - endpoints - path type: object hostPath: - description: 'hostPath represents a pre-existing file - or directory on the host machine that is directly - exposed to the container. This is generally used - for system agents or other privileged things that - are allowed to see the host machine. Most containers - will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - --- TODO(jonesdl) We need to restrict who can use - host directory mounts and who can/can not mount - host directories as read/write.' + description: |- + hostPath represents a pre-existing file or directory on the host + machine that is directly exposed to the container. This is generally + used for system agents or other privileged things that are allowed + to see the host machine. Most containers will NOT need this. + More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath properties: path: - description: 'path of the directory on the host. - If the path is a symlink, it will follow the - link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + description: |- + path of the directory on the host. + If the path is a symlink, it will follow the link to the real path. + More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath type: string type: - description: 'type for HostPath Volume Defaults - to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + description: |- + type for HostPath Volume + Defaults to "" + More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath type: string required: - path type: object + image: + description: |- + image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. + The volume is resolved at pod startup depending on which PullPolicy value is provided: + + - Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. + - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. + - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. + + The volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. + A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. + The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. + The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. + The volume will be mounted read-only (ro) and non-executable files (noexec). + Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath). + The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type. + properties: + pullPolicy: + description: |- + Policy for pulling OCI objects. Possible values are: + Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. + Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. + IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. + Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. + type: string + reference: + description: |- + Required: Image or artifact reference to be used. + Behaves in the same way as pod.spec.containers[*].image. + Pull secrets will be assembled in the same way as for the container image by looking up node credentials, SA image pull secrets, and pod spec image pull secrets. + More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management to default or override + container images in workload controllers like Deployments and StatefulSets. + type: string + type: object iscsi: - description: 'iscsi represents an ISCSI Disk resource - that is attached to a kubelet''s host machine and - then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' + description: |- + iscsi represents an ISCSI Disk resource that is attached to a + kubelet's host machine and then exposed to the pod. + More info: https://examples.k8s.io/volumes/iscsi/README.md properties: chapAuthDiscovery: description: chapAuthDiscovery defines whether @@ -2386,63 +2401,64 @@ spec: iSCSI Session CHAP authentication type: boolean fsType: - description: 'fsType is the filesystem type of - the volume that you want to mount. Tip: Ensure - that the filesystem type is supported by the - host operating system. Examples: "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi - TODO: how do we prevent errors in the filesystem - from compromising the machine' + description: |- + fsType is the filesystem type of the volume that you want to mount. + Tip: Ensure that the filesystem type is supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi type: string initiatorName: - description: initiatorName is the custom iSCSI - Initiator Name. If initiatorName is specified - with iscsiInterface simultaneously, new iSCSI - interface : will - be created for the connection. + description: |- + initiatorName is the custom iSCSI Initiator Name. + If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface + : will be created for the connection. type: string iqn: description: iqn is the target iSCSI Qualified Name. type: string iscsiInterface: - description: iscsiInterface is the interface Name - that uses an iSCSI transport. Defaults to 'default' - (tcp). + default: default + description: |- + iscsiInterface is the interface Name that uses an iSCSI transport. + Defaults to 'default' (tcp). type: string lun: description: lun represents iSCSI Target Lun number. format: int32 type: integer portals: - description: portals is the iSCSI Target Portal - List. The portal is either an IP or ip_addr:port - if the port is other than default (typically - TCP ports 860 and 3260). + description: |- + portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port + is other than default (typically TCP ports 860 and 3260). items: type: string type: array + x-kubernetes-list-type: atomic readOnly: - description: readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. + description: |- + readOnly here will force the ReadOnly setting in VolumeMounts. + Defaults to false. type: boolean secretRef: description: secretRef is the CHAP Secret for iSCSI target and initiator authentication properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string type: object + x-kubernetes-map-type: atomic targetPortal: - description: targetPortal is iSCSI Target Portal. - The Portal is either an IP or ip_addr:port if - the port is other than default (typically TCP - ports 860 and 3260). + description: |- + targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port + is other than default (typically TCP ports 860 and 3260). type: string required: - iqn @@ -2450,43 +2466,51 @@ spec: - targetPortal type: object name: - description: 'name of the volume. Must be a DNS_LABEL - and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: |- + name of the volume. + Must be a DNS_LABEL and unique within the pod. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string nfs: - description: 'nfs represents an NFS mount on the host - that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + description: |- + nfs represents an NFS mount on the host that shares a pod's lifetime + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs properties: path: - description: 'path that is exported by the NFS - server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + description: |- + path that is exported by the NFS server. + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs type: string readOnly: - description: 'readOnly here will force the NFS - export to be mounted with read-only permissions. - Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + description: |- + readOnly here will force the NFS export to be mounted with read-only permissions. + Defaults to false. + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs type: boolean server: - description: 'server is the hostname or IP address - of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + description: |- + server is the hostname or IP address of the NFS server. + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs type: string required: - path - server type: object persistentVolumeClaim: - description: 'persistentVolumeClaimVolumeSource represents - a reference to a PersistentVolumeClaim in the same - namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + description: |- + persistentVolumeClaimVolumeSource represents a reference to a + PersistentVolumeClaim in the same namespace. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this - volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + description: |- + claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims type: string readOnly: - description: readOnly Will force the ReadOnly - setting in VolumeMounts. Default false. + description: |- + readOnly Will force the ReadOnly setting in VolumeMounts. + Default false. type: boolean required: - claimName @@ -2497,11 +2521,10 @@ spec: host machine properties: fsType: - description: fsType is the filesystem type to - mount. Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. + description: |- + fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. type: string pdID: description: pdID is the ID that identifies Photon @@ -2515,15 +2538,15 @@ spec: volume attached and mounted on kubelets host machine properties: fsType: - description: fSType represents the filesystem - type to mount Must be a filesystem type supported - by the host operating system. Ex. "ext4", "xfs". - Implicitly inferred to be "ext4" if unspecified. + description: |- + fSType represents the filesystem type to mount + Must be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified. type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. + description: |- + readOnly defaults to false (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. type: boolean volumeID: description: volumeID uniquely identifies a Portworx @@ -2537,60 +2560,55 @@ spec: secrets, configmaps, and downward API properties: defaultMode: - description: defaultMode are the mode bits used - to set permissions on created files by default. - Must be an octal value between 0000 and 0777 - or a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires - decimal values for mode bits. Directories within - the path are not affected by this setting. This - might be in conflict with other options that - affect the file mode, like fsGroup, and the - result can be other mode bits set. + description: |- + defaultMode are the mode bits used to set permissions on created files by default. + Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + Directories within the path are not affected by this setting. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. format: int32 type: integer sources: - description: sources is the list of volume projections + description: |- + sources is the list of volume projections. Each entry in this list + handles one source. items: - description: Projection that may be projected - along with other supported volume types + description: |- + Projection that may be projected along with other supported volume types. + Exactly one of these fields must be set. properties: clusterTrustBundle: - description: "ClusterTrustBundle allows - a pod to access the `.spec.trustBundle` - field of ClusterTrustBundle objects in - an auto-updating file. \n Alpha, gated - by the ClusterTrustBundleProjection feature - gate. \n ClusterTrustBundle objects can - either be selected by name, or by the - combination of signer name and a label - selector. \n Kubelet performs aggressive - normalization of the PEM contents written - into the pod filesystem. Esoteric PEM - features such as inter-block comments - and block headers are stripped. Certificates - are deduplicated. The ordering of certificates - within the file is arbitrary, and Kubelet - may change the order over time." + description: |- + ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field + of ClusterTrustBundle objects in an auto-updating file. + + Alpha, gated by the ClusterTrustBundleProjection feature gate. + + ClusterTrustBundle objects can either be selected by name, or by the + combination of signer name and a label selector. + + Kubelet performs aggressive normalization of the PEM contents written + into the pod filesystem. Esoteric PEM features such as inter-block + comments and block headers are stripped. Certificates are deduplicated. + The ordering of certificates within the file is arbitrary, and Kubelet + may change the order over time. properties: labelSelector: - description: Select all ClusterTrustBundles - that match this label selector. Only - has effect if signerName is set. Mutually-exclusive - with name. If unset, interpreted - as "match nothing". If set but empty, - interpreted as "match everything". + description: |- + Select all ClusterTrustBundles that match this label selector. Only has + effect if signerName is set. Mutually-exclusive with name. If unset, + interpreted as "match nothing". If set but empty, interpreted as "match + everything". properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector - requirement is a selector that - contains values, a key, and - an operator that relates the - key and values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label @@ -2598,70 +2616,58 @@ spec: to. type: string operator: - description: operator represents - a key's relationship to - a set of values. Valid operators - are In, NotIn, Exists and - DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an - array of string values. - If the operator is In or - NotIn, the values array - must be non-empty. If the - operator is Exists or DoesNotExist, - the values array must be - empty. This array is replaced - during a strategic merge - patch. + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string - description: matchLabels is a map - of {key,value} pairs. A single - {key,value} in the matchLabels - map is equivalent to an element - of matchExpressions, whose key - field is "key", the operator is - "In", and the values array contains - only "value". The requirements - are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object + x-kubernetes-map-type: atomic name: - description: Select a single ClusterTrustBundle - by object name. Mutually-exclusive + description: |- + Select a single ClusterTrustBundle by object name. Mutually-exclusive with signerName and labelSelector. type: string optional: - description: If true, don't block pod - startup if the referenced ClusterTrustBundle(s) - aren't available. If using name, - then the named ClusterTrustBundle - is allowed not to exist. If using - signerName, then the combination of - signerName and labelSelector is allowed - to match zero ClusterTrustBundles. + description: |- + If true, don't block pod startup if the referenced ClusterTrustBundle(s) + aren't available. If using name, then the named ClusterTrustBundle is + allowed not to exist. If using signerName, then the combination of + signerName and labelSelector is allowed to match zero + ClusterTrustBundles. type: boolean path: description: Relative path from the volume root to write the bundle. type: string signerName: - description: Select all ClusterTrustBundles - that match this signer name. Mutually-exclusive - with name. The contents of all selected - ClusterTrustBundles will be unified - and deduplicated. + description: |- + Select all ClusterTrustBundles that match this signer name. + Mutually-exclusive with name. The contents of all selected + ClusterTrustBundles will be unified and deduplicated. type: string required: - path @@ -2671,20 +2677,14 @@ spec: the configMap data to project properties: items: - description: items if unspecified, each - key-value pair in the Data field of - the referenced ConfigMap will be projected - into the volume as a file whose name - is the key and content is the value. - If specified, the listed keys will - be projected into the specified paths, - and unlisted keys will not be present. - If a key is specified which is not - present in the ConfigMap, the volume - setup will error unless it is marked - optional. Paths must be relative and - may not contain the '..' path or start - with '..'. + description: |- + items if unspecified, each key-value pair in the Data field of the referenced + ConfigMap will be projected into the volume as a file whose name is the + key and content is the value. If specified, the listed keys will be + projected into the specified paths, and unlisted keys will not be + present. If a key is specified which is not present in the ConfigMap, + the volume setup will error unless it is marked optional. Paths must be + relative and may not contain the '..' path or start with '..'. items: description: Maps a string key to a path within a volume. @@ -2694,41 +2694,36 @@ spec: project. type: string mode: - description: 'mode is Optional: - mode bits used to set permissions - on this file. Must be an octal - value between 0000 and 0777 - or a decimal value between 0 - and 511. YAML accepts both octal - and decimal values, JSON requires - decimal values for mode bits. - If not specified, the volume - defaultMode will be used. This - might be in conflict with other - options that affect the file - mode, like fsGroup, and the - result can be other mode bits - set.' + description: |- + mode is Optional: mode bits used to set permissions on this file. + Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + If not specified, the volume defaultMode will be used. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. format: int32 type: integer path: - description: path is the relative - path of the file to map the - key to. May not be an absolute - path. May not contain the path - element '..'. May not start - with the string '..'. + description: |- + path is the relative path of the file to map the key to. + May not be an absolute path. + May not contain the path element '..'. + May not start with the string '..'. type: string required: - key - path type: object type: array + x-kubernetes-list-type: atomic name: - description: 'Name of the referent. + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string optional: description: optional specify whether @@ -2736,6 +2731,7 @@ spec: defined type: boolean type: object + x-kubernetes-map-type: atomic downwardAPI: description: downwardAPI information about the downwardAPI data to project @@ -2751,8 +2747,8 @@ spec: fieldRef: description: 'Required: Selects a field of the pod: only annotations, - labels, name and namespace are - supported.' + labels, name, namespace and + uid are supported.' properties: apiVersion: description: Version of the @@ -2768,21 +2764,15 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic mode: - description: 'Optional: mode bits - used to set permissions on this - file, must be an octal value - between 0000 and 0777 or a decimal - value between 0 and 511. YAML - accepts both octal and decimal - values, JSON requires decimal - values for mode bits. If not - specified, the volume defaultMode - will be used. This might be - in conflict with other options - that affect the file mode, like - fsGroup, and the result can - be other mode bits set.' + description: |- + Optional: mode bits used to set permissions on this file, must be an octal value + between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + If not specified, the volume defaultMode will be used. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. format: int32 type: integer path: @@ -2795,12 +2785,9 @@ spec: not start with ''..''' type: string resourceFieldRef: - description: 'Selects a resource - of the container: only resources - limits and requests (limits.cpu, - limits.memory, requests.cpu - and requests.memory) are currently - supported.' + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. properties: containerName: description: 'Container name: @@ -2823,30 +2810,26 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic required: - path type: object type: array + x-kubernetes-list-type: atomic type: object secret: description: secret information about the secret data to project properties: items: - description: items if unspecified, each - key-value pair in the Data field of - the referenced Secret will be projected - into the volume as a file whose name - is the key and content is the value. - If specified, the listed keys will - be projected into the specified paths, - and unlisted keys will not be present. - If a key is specified which is not - present in the Secret, the volume - setup will error unless it is marked - optional. Paths must be relative and - may not contain the '..' path or start - with '..'. + description: |- + items if unspecified, each key-value pair in the Data field of the referenced + Secret will be projected into the volume as a file whose name is the + key and content is the value. If specified, the listed keys will be + projected into the specified paths, and unlisted keys will not be + present. If a key is specified which is not present in the Secret, + the volume setup will error unless it is marked optional. Paths must be + relative and may not contain the '..' path or start with '..'. items: description: Maps a string key to a path within a volume. @@ -2856,41 +2839,36 @@ spec: project. type: string mode: - description: 'mode is Optional: - mode bits used to set permissions - on this file. Must be an octal - value between 0000 and 0777 - or a decimal value between 0 - and 511. YAML accepts both octal - and decimal values, JSON requires - decimal values for mode bits. - If not specified, the volume - defaultMode will be used. This - might be in conflict with other - options that affect the file - mode, like fsGroup, and the - result can be other mode bits - set.' + description: |- + mode is Optional: mode bits used to set permissions on this file. + Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + If not specified, the volume defaultMode will be used. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. format: int32 type: integer path: - description: path is the relative - path of the file to map the - key to. May not be an absolute - path. May not contain the path - element '..'. May not start - with the string '..'. + description: |- + path is the relative path of the file to map the key to. + May not be an absolute path. + May not contain the path element '..'. + May not start with the string '..'. type: string required: - key - path type: object type: array + x-kubernetes-list-type: atomic name: - description: 'Name of the referent. + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string optional: description: optional field specify @@ -2898,73 +2876,70 @@ spec: be defined type: boolean type: object + x-kubernetes-map-type: atomic serviceAccountToken: description: serviceAccountToken is information about the serviceAccountToken data to project properties: audience: - description: audience is the intended - audience of the token. A recipient - of a token must identify itself with - an identifier specified in the audience - of the token, and otherwise should - reject the token. The audience defaults - to the identifier of the apiserver. + description: |- + audience is the intended audience of the token. A recipient of a token + must identify itself with an identifier specified in the audience of the + token, and otherwise should reject the token. The audience defaults to the + identifier of the apiserver. type: string expirationSeconds: - description: expirationSeconds is the - requested duration of validity of - the service account token. As the - token approaches expiration, the kubelet - volume plugin will proactively rotate - the service account token. The kubelet - will start trying to rotate the token - if the token is older than 80 percent - of its time to live or if the token - is older than 24 hours.Defaults to - 1 hour and must be at least 10 minutes. + description: |- + expirationSeconds is the requested duration of validity of the service + account token. As the token approaches expiration, the kubelet volume + plugin will proactively rotate the service account token. The kubelet will + start trying to rotate the token if the token is older than 80 percent of + its time to live or if the token is older than 24 hours.Defaults to 1 hour + and must be at least 10 minutes. format: int64 type: integer path: - description: path is the path relative - to the mount point of the file to - project the token into. + description: |- + path is the path relative to the mount point of the file to project the + token into. type: string required: - path type: object type: object type: array + x-kubernetes-list-type: atomic type: object quobyte: description: quobyte represents a Quobyte mount on the host that shares a pod's lifetime properties: group: - description: group to map volume access to Default - is no group + description: |- + group to map volume access to + Default is no group type: string readOnly: - description: readOnly here will force the Quobyte - volume to be mounted with read-only permissions. + description: |- + readOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false. type: boolean registry: - description: registry represents a single or multiple - Quobyte Registry services specified as a string - as host:port pair (multiple entries are separated - with commas) which acts as the central registry - for volumes + description: |- + registry represents a single or multiple Quobyte Registry services + specified as a string as host:port pair (multiple entries are separated with commas) + which acts as the central registry for volumes type: string tenant: - description: tenant owning the given Quobyte volume - in the Backend Used with dynamically provisioned - Quobyte volumes, value is set by the plugin + description: |- + tenant owning the given Quobyte volume in the Backend + Used with dynamically provisioned Quobyte volumes, value is set by the plugin type: string user: - description: user to map volume access to Defaults - to serivceaccount user + description: |- + user to map volume access to + Defaults to serivceaccount user type: string volume: description: volume is a string that references @@ -2975,59 +2950,74 @@ spec: - volume type: object rbd: - description: 'rbd represents a Rados Block Device - mount on the host that shares a pod''s lifetime. - More info: https://examples.k8s.io/volumes/rbd/README.md' + description: |- + rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. + More info: https://examples.k8s.io/volumes/rbd/README.md properties: fsType: - description: 'fsType is the filesystem type of - the volume that you want to mount. Tip: Ensure - that the filesystem type is supported by the - host operating system. Examples: "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd - TODO: how do we prevent errors in the filesystem - from compromising the machine' + description: |- + fsType is the filesystem type of the volume that you want to mount. + Tip: Ensure that the filesystem type is supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd type: string image: - description: 'image is the rados image name. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + description: |- + image is the rados image name. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it type: string keyring: - description: 'keyring is the path to key ring - for RBDUser. Default is /etc/ceph/keyring. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + default: /etc/ceph/keyring + description: |- + keyring is the path to key ring for RBDUser. + Default is /etc/ceph/keyring. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it type: string monitors: - description: 'monitors is a collection of Ceph - monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + description: |- + monitors is a collection of Ceph monitors. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it items: type: string type: array + x-kubernetes-list-type: atomic pool: - description: 'pool is the rados pool name. Default - is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + default: rbd + description: |- + pool is the rados pool name. + Default is rbd. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it type: string readOnly: - description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + description: |- + readOnly here will force the ReadOnly setting in VolumeMounts. + Defaults to false. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it type: boolean secretRef: - description: 'secretRef is name of the authentication - secret for RBDUser. If provided overrides keyring. - Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + description: |- + secretRef is name of the authentication secret for RBDUser. If provided + overrides keyring. + Default is nil. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string type: object + x-kubernetes-map-type: atomic user: - description: 'user is the rados user name. Default - is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + default: admin + description: |- + user is the rados user name. + Default is admin. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it type: string required: - image @@ -3038,10 +3028,12 @@ spec: volume attached and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to - mount. Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs", - "ntfs". Default is "xfs". + default: xfs + description: |- + fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". + Default is "xfs". type: string gateway: description: gateway is the host address of the @@ -3053,31 +3045,35 @@ spec: storage. type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. + description: |- + readOnly Defaults to false (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. type: boolean secretRef: - description: secretRef references to the secret - for ScaleIO user and other sensitive information. - If this is not provided, Login operation will - fail. + description: |- + secretRef references to the secret for ScaleIO user and other + sensitive information. If this is not provided, Login operation will fail. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string type: object + x-kubernetes-map-type: atomic sslEnabled: description: sslEnabled Flag enable/disable SSL communication with Gateway, default false type: boolean storageMode: - description: storageMode indicates whether the - storage for a volume should be ThickProvisioned - or ThinProvisioned. Default is ThinProvisioned. + default: ThinProvisioned + description: |- + storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. + Default is ThinProvisioned. type: string storagePool: description: storagePool is the ScaleIO Storage @@ -3088,9 +3084,9 @@ spec: system as configured in ScaleIO. type: string volumeName: - description: volumeName is the name of a volume - already created in the ScaleIO system that is - associated with this volume source. + description: |- + volumeName is the name of a volume already created in the ScaleIO system + that is associated with this volume source. type: string required: - gateway @@ -3098,35 +3094,30 @@ spec: - system type: object secret: - description: 'secret represents a secret that should - populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + description: |- + secret represents a secret that should populate this volume. + More info: https://kubernetes.io/docs/concepts/storage/volumes#secret properties: defaultMode: - description: 'defaultMode is Optional: mode bits - used to set permissions on created files by - default. Must be an octal value between 0000 - and 0777 or a decimal value between 0 and 511. - YAML accepts both octal and decimal values, - JSON requires decimal values for mode bits. - Defaults to 0644. Directories within the path - are not affected by this setting. This might - be in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' + description: |- + defaultMode is Optional: mode bits used to set permissions on created files by default. + Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values + for mode bits. Defaults to 0644. + Directories within the path are not affected by this setting. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. format: int32 type: integer items: - description: items If unspecified, each key-value - pair in the Data field of the referenced Secret - will be projected into the volume as a file - whose name is the key and content is the value. - If specified, the listed keys will be projected - into the specified paths, and unlisted keys - will not be present. If a key is specified which - is not present in the Secret, the volume setup - will error unless it is marked optional. Paths - must be relative and may not contain the '..' - path or start with '..'. + description: |- + items If unspecified, each key-value pair in the Data field of the referenced + Secret will be projected into the volume as a file whose name is the + key and content is the value. If specified, the listed keys will be + projected into the specified paths, and unlisted keys will not be + present. If a key is specified which is not present in the Secret, + the volume setup will error unless it is marked optional. Paths must be + relative and may not contain the '..' path or start with '..'. items: description: Maps a string key to a path within a volume. @@ -3135,38 +3126,36 @@ spec: description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits - used to set permissions on this file. - Must be an octal value between 0000 and - 0777 or a decimal value between 0 and - 511. YAML accepts both octal and decimal - values, JSON requires decimal values for - mode bits. If not specified, the volume - defaultMode will be used. This might be - in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' + description: |- + mode is Optional: mode bits used to set permissions on this file. + Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + If not specified, the volume defaultMode will be used. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. format: int32 type: integer path: - description: path is the relative path of - the file to map the key to. May not be - an absolute path. May not contain the - path element '..'. May not start with - the string '..'. + description: |- + path is the relative path of the file to map the key to. + May not be an absolute path. + May not contain the path element '..'. + May not start with the string '..'. type: string required: - key - path type: object type: array + x-kubernetes-list-type: atomic optional: description: optional field specify whether the Secret or its keys must be defined type: boolean secretName: - description: 'secretName is the name of the secret - in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + description: |- + secretName is the name of the secret in the pod's namespace to use. + More info: https://kubernetes.io/docs/concepts/storage/volumes#secret type: string type: object storageos: @@ -3174,45 +3163,45 @@ spec: attached and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to - mount. Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. + description: |- + fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. + description: |- + readOnly defaults to false (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. type: boolean secretRef: - description: secretRef specifies the secret to - use for obtaining the StorageOS API credentials. If - not specified, default values will be attempted. + description: |- + secretRef specifies the secret to use for obtaining the StorageOS API + credentials. If not specified, default values will be attempted. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string type: object + x-kubernetes-map-type: atomic volumeName: - description: volumeName is the human-readable - name of the StorageOS volume. Volume names - are only unique within a namespace. + description: |- + volumeName is the human-readable name of the StorageOS volume. Volume + names are only unique within a namespace. type: string volumeNamespace: - description: volumeNamespace specifies the scope - of the volume within StorageOS. If no namespace - is specified then the Pod's namespace will be - used. This allows the Kubernetes name scoping - to be mirrored within StorageOS for tighter - integration. Set VolumeName to any name to override - the default behaviour. Set to "default" if you - are not using namespaces within StorageOS. Namespaces - that do not pre-exist within StorageOS will - be created. + description: |- + volumeNamespace specifies the scope of the volume within StorageOS. If no + namespace is specified then the Pod's namespace will be used. This allows the + Kubernetes name scoping to be mirrored within StorageOS for tighter integration. + Set VolumeName to any name to override the default behaviour. + Set to "default" if you are not using namespaces within StorageOS. + Namespaces that do not pre-exist within StorageOS will be created. type: string type: object vsphereVolume: @@ -3220,10 +3209,10 @@ spec: attached and mounted on kubelets host machine properties: fsType: - description: fsType is filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". - Implicitly inferred to be "ext4" if unspecified. + description: |- + fsType is filesystem type to mount. + Must be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. type: string storagePolicyID: description: storagePolicyID is the storage Policy @@ -3251,24 +3240,26 @@ spec: format: int32 type: integer web: - description: If set to true, creates a service on the webPort - defined in the ClowdEnvironment resource, along with the relevant - liveness and readiness probes. + description: |- + If set to true, creates a service on the webPort defined in + the ClowdEnvironment resource, along with the relevant liveness and + readiness probes. type: boolean webServices: - description: 'WebServices defines the structs for the three - exposed web services: public, private and metrics.' + description: |- + WebServices defines the structs for the three exposed web services: public, + private and metrics. properties: metrics: - description: MetricsWebService is the definition of the - metrics web service. This is automatically enabled and - the configuration here at the moment is included for completeness, - as there are no configurable options. + description: |- + MetricsWebService is the definition of the metrics web service. This is automatically + enabled and the configuration here at the moment is included for completeness, as there + are no configurable options. type: object private: - description: PrivateWebService is the definition of the - private web service. There can be only one private service - managed by Clowder. + description: |- + PrivateWebService is the definition of the private web service. There can be only + one private service managed by Clowder. properties: appProtocol: description: AppProtocol determines the protocol to @@ -3286,15 +3277,15 @@ spec: - redis type: string enabled: - description: Enabled describes if Clowder should enable - the private service and provide the configuration - in the cdappconfig. + description: |- + Enabled describes if Clowder should enable the private service and provide the + configuration in the cdappconfig. type: boolean type: object public: - description: PublicWebService is the definition of the public - web service. There can be only one public service managed - by Clowder. + description: |- + PublicWebService is the definition of the public web service. There can be only + one public service managed by Clowder. properties: apiPath: description: (DEPRECATED, use apiPaths instead) Configures @@ -3313,9 +3304,9 @@ spec: type: string type: array enabled: - description: Enabled describes if Clowder should enable - the public service and provide the configuration in - the cdappconfig. + description: |- + Enabled describes if Clowder should enable the public service and provide the + configuration in the cdappconfig. type: boolean sessionAffinity: description: Set SessionAffinity to true to enable sticky @@ -3338,31 +3329,36 @@ spec: description: Disabled turns off reconciliation for this ClowdApp type: boolean envName: - description: The name of the ClowdEnvironment resource that this ClowdApp - will use as its base. This does not mean that the ClowdApp needs - to be placed in the same directory as the targetNamespace of the - ClowdEnvironment. + description: |- + The name of the ClowdEnvironment resource that this ClowdApp will use as + its base. This does not mean that the ClowdApp needs to be placed in the + same directory as the targetNamespace of the ClowdEnvironment. type: string featureFlags: - description: If featureFlags is set to true, Clowder will pass configuration - of a FeatureFlags instance to the pods in the ClowdApp. This single + description: |- + If featureFlags is set to true, Clowder will pass configuration of a + FeatureFlags instance to the pods in the ClowdApp. This single instance will be shared between all apps. type: boolean inMemoryDb: - description: If inMemoryDb is set to true, Clowder will pass configuration + description: |- + If inMemoryDb is set to true, Clowder will pass configuration of an In Memory Database to the pods in the ClowdApp. This single instance will be shared between all apps. type: boolean jobs: description: A list of jobs items: - description: Job defines a ClowdJob A Job struct will deploy as - a CronJob if `schedule` is set and will deploy as a Job if it - is not set. Unsupported fields will be dropped from Jobs + description: |- + Job defines a ClowdJob + A Job struct will deploy as a CronJob if `schedule` is set + and will deploy as a Job if it is not set. Unsupported fields + will be dropped from Jobs properties: activeDeadlineSeconds: - description: 'The activeDeadlineSeconds for the Job or CronJob. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/job/' + description: |- + The activeDeadlineSeconds for the Job or CronJob. + More info: https://kubernetes.io/docs/concepts/workloads/controllers/job/ format: int64 type: integer completions: @@ -3370,24 +3366,26 @@ spec: format: int32 type: integer concurrencyPolicy: - description: Defines the concurrency policy for the CronJob, - defaults to Allow Only applies to Cronjobs + description: |- + Defines the concurrency policy for the CronJob, defaults to Allow + Only applies to Cronjobs type: string disabled: - description: Disabled allows a job to be disabled, as such, - the resource is not created on the system and cannot be invoked - with a CJI + description: |- + Disabled allows a job to be disabled, as such, the resource is not + created on the system and cannot be invoked with a CJI type: boolean failedJobsHistoryLimit: - description: The number of failed finished jobs to retain. Value - must be non-negative integer. Defaults to 1. Only applies - to Cronjobs + description: |- + The number of failed finished jobs to retain. Value must be non-negative integer. + Defaults to 1. + Only applies to Cronjobs format: int32 type: integer name: - description: Name defines identifier of the Job. This name will - be used to name the CronJob resource, the container will be - name identically. + description: |- + Name defines identifier of the Job. This name will be used to name the + CronJob resource, the container will be name identically. type: string parallelism: description: Defines the parallelism of the job @@ -3420,17 +3418,16 @@ spec: be a C_IDENTIFIER. type: string value: - description: 'Variable references $(VAR_NAME) are - expanded using the previously defined environment - variables in the container and any service environment - variables. If a variable cannot be resolved, the - reference in the input string will be unchanged. - Double $$ are reduced to a single $, which allows - for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" - will produce the string literal "$(VAR_NAME)". Escaped - references will never be expanded, regardless of - whether the variable exists or not. Defaults to - "".' + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". type: string valueFrom: description: Source for the environment variable's @@ -3443,10 +3440,13 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string optional: description: Specify whether the ConfigMap @@ -3455,12 +3455,11 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: - description: 'Selects a field of the pod: supports - metadata.name, metadata.namespace, `metadata.labels['''']`, - `metadata.annotations['''']`, spec.nodeName, - spec.serviceAccountName, status.hostIP, status.podIP, - status.podIPs.' + description: |- + Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. properties: apiVersion: description: Version of the schema the FieldPath @@ -3473,12 +3472,11 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: - description: 'Selects a resource of the container: - only resources limits and requests (limits.cpu, - limits.memory, limits.ephemeral-storage, requests.cpu, - requests.memory and requests.ephemeral-storage) - are currently supported.' + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. properties: containerName: description: 'Container name: required for @@ -3498,6 +3496,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: description: Selects a key of a secret in the pod's namespace @@ -3507,10 +3506,13 @@ spec: from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string optional: description: Specify whether the Secret or @@ -3519,6 +3521,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -3532,10 +3535,10 @@ spec: description: A list of init containers used to perform at-startup operations. items: - description: InitContainer is a struct defining a k8s - init container. This will be deployed along with the - parent pod and is used to carry out one time initialization - procedures. + description: |- + InitContainer is a struct defining a k8s init container. This will be + deployed along with the parent pod and is used to carry out one time + initialization procedures. properties: args: description: A list of args to be passed to the init @@ -3561,18 +3564,16 @@ spec: Must be a C_IDENTIFIER. type: string value: - description: 'Variable references $(VAR_NAME) - are expanded using the previously defined - environment variables in the container and - any service environment variables. If a variable - cannot be resolved, the reference in the input - string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the - $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will - produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, - regardless of whether the variable exists - or not. Defaults to "".' + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". type: string valueFrom: description: Source for the environment variable's @@ -3585,10 +3586,13 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string optional: description: Specify whether the ConfigMap @@ -3597,12 +3601,11 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: - description: 'Selects a field of the pod: - supports metadata.name, metadata.namespace, - `metadata.labels['''']`, `metadata.annotations['''']`, - spec.nodeName, spec.serviceAccountName, - status.hostIP, status.podIP, status.podIPs.' + description: |- + Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. properties: apiVersion: description: Version of the schema the @@ -3616,12 +3619,11 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: - description: 'Selects a resource of the - container: only resources limits and requests - (limits.cpu, limits.memory, limits.ephemeral-storage, - requests.cpu, requests.memory and requests.ephemeral-storage) - are currently supported.' + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. properties: containerName: description: 'Container name: required @@ -3643,6 +3645,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: description: Selects a key of a secret in the pod's namespace @@ -3653,10 +3656,13 @@ spec: key. type: string name: - description: 'Name of the referent. + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string optional: description: Specify whether the Secret @@ -3665,19 +3671,21 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name type: object type: array image: - description: Image refers to the container image used - to create the init container (if different from - the primary pod image). + description: |- + Image refers to the container image used to create the init container + (if different from the primary pod image). type: string inheritEnv: - description: If true, inheirts the environment variables - from the parent pod. specification + description: |- + If true, inheirts the environment variables from the parent pod. + specification type: boolean name: description: Name gives an identifier in the situation @@ -3690,37 +3698,35 @@ spec: standard k8s format properties: postStart: - description: 'PostStart is called immediately after - a container is created. If the handler fails, the - container is terminated and restarted according to - its restart policy. Other management of the container - blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + description: |- + PostStart is called immediately after a container is created. If the handler fails, + the container is terminated and restarted according to its restart policy. + Other management of the container blocks until the hook completes. + More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks properties: exec: description: Exec specifies the action to take. properties: command: - description: Command is the command line to - execute inside the container, the working - directory for the command is root ('/') in - the container's filesystem. The command is - simply exec'd, it is not run inside a shell, - so traditional shell instructions ('|', etc) - won't work. To use a shell, you need to explicitly - call out to that shell. Exit status of 0 is - treated as live/healthy and non-zero is unhealthy. + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. properties: host: - description: Host name to connect to, defaults - to the pod IP. You probably want to set "Host" - in httpHeaders instead. + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. type: string httpHeaders: description: Custom headers to set in the request. @@ -3730,10 +3736,9 @@ spec: header to be used in HTTP probes properties: name: - description: The header field name. This - will be canonicalized upon output, so - case-variant names will be understood - as the same header. + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. type: string value: description: The header field value @@ -3743,6 +3748,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -3750,13 +3756,15 @@ spec: anyOf: - type: integer - type: string - description: Name or number of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting to - the host. Defaults to HTTP. + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. type: string required: - port @@ -3774,11 +3782,10 @@ spec: - seconds type: object tcpSocket: - description: Deprecated. TCPSocket is NOT supported - as a LifecycleHandler and kept for the backward - compatibility. There are no validation of this - field and lifecycle hooks will fail in runtime - when tcp handler is specified. + description: |- + Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + for the backward compatibility. There are no validation of this field and + lifecycle hooks will fail in runtime when tcp handler is specified. properties: host: description: 'Optional: Host name to connect @@ -3788,53 +3795,50 @@ spec: anyOf: - type: integer - type: string - description: Number or name of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true required: - port type: object type: object preStop: - description: 'PreStop is called immediately before a - container is terminated due to an API request or management - event such as liveness/startup probe failure, preemption, - resource contention, etc. The handler is not called - if the container crashes or exits. The Pod''s termination - grace period countdown begins before the PreStop hook - is executed. Regardless of the outcome of the handler, - the container will eventually terminate within the - Pod''s termination grace period (unless delayed by - finalizers). Other management of the container blocks - until the hook completes or until the termination - grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + description: |- + PreStop is called immediately before a container is terminated due to an + API request or management event such as liveness/startup probe failure, + preemption, resource contention, etc. The handler is not called if the + container crashes or exits. The Pod's termination grace period countdown begins before the + PreStop hook is executed. Regardless of the outcome of the handler, the + container will eventually terminate within the Pod's termination grace + period (unless delayed by finalizers). Other management of the container blocks until the hook completes + or until the termination grace period is reached. + More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks properties: exec: description: Exec specifies the action to take. properties: command: - description: Command is the command line to - execute inside the container, the working - directory for the command is root ('/') in - the container's filesystem. The command is - simply exec'd, it is not run inside a shell, - so traditional shell instructions ('|', etc) - won't work. To use a shell, you need to explicitly - call out to that shell. Exit status of 0 is - treated as live/healthy and non-zero is unhealthy. + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. properties: host: - description: Host name to connect to, defaults - to the pod IP. You probably want to set "Host" - in httpHeaders instead. + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. type: string httpHeaders: description: Custom headers to set in the request. @@ -3844,10 +3848,9 @@ spec: header to be used in HTTP probes properties: name: - description: The header field name. This - will be canonicalized upon output, so - case-variant names will be understood - as the same header. + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. type: string value: description: The header field value @@ -3857,6 +3860,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -3864,13 +3868,15 @@ spec: anyOf: - type: integer - type: string - description: Name or number of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting to - the host. Defaults to HTTP. + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. type: string required: - port @@ -3888,11 +3894,10 @@ spec: - seconds type: object tcpSocket: - description: Deprecated. TCPSocket is NOT supported - as a LifecycleHandler and kept for the backward - compatibility. There are no validation of this - field and lifecycle hooks will fail in runtime - when tcp handler is specified. + description: |- + Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + for the backward compatibility. There are no validation of this field and + lifecycle hooks will fail in runtime when tcp handler is specified. properties: host: description: 'Optional: Host name to connect @@ -3902,9 +3907,10 @@ spec: anyOf: - type: integer - type: string - description: Number or name of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true required: - port @@ -3912,32 +3918,31 @@ spec: type: object type: object livenessProbe: - description: A pass-through of a Liveness Probe specification - in standard k8s format. If omitted, a standard probe will - be setup point to the webPort defined in the ClowdEnvironment - and a path of /healthz. Ignored if Web is set to false. + description: |- + A pass-through of a Liveness Probe specification in standard k8s format. + If omitted, a standard probe will be setup point to the webPort defined + in the ClowdEnvironment and a path of /healthz. Ignored if Web is set to + false. properties: exec: description: Exec specifies the action to take. properties: command: - description: Command is the command line to execute - inside the container, the working directory for - the command is root ('/') in the container's - filesystem. The command is simply exec'd, it is - not run inside a shell, so traditional shell instructions - ('|', etc) won't work. To use a shell, you need - to explicitly call out to that shell. Exit status - of 0 is treated as live/healthy and non-zero is - unhealthy. + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: - description: Minimum consecutive failures for the probe - to be considered failed after having succeeded. Defaults - to 3. Minimum value is 1. + description: |- + Minimum consecutive failures for the probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. format: int32 type: integer grpc: @@ -3950,10 +3955,12 @@ spec: format: int32 type: integer service: - description: "Service is the name of the service - to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - \n If this is not specified, the default behavior - is defined by gRPC." + default: "" + description: |- + Service is the name of the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + + If this is not specified, the default behavior is defined by gRPC. type: string required: - port @@ -3962,9 +3969,9 @@ spec: description: HTTPGet specifies the http request to perform. properties: host: - description: Host name to connect to, defaults to - the pod IP. You probably want to set "Host" in - httpHeaders instead. + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. type: string httpHeaders: description: Custom headers to set in the request. @@ -3974,9 +3981,9 @@ spec: to be used in HTTP probes properties: name: - description: The header field name. This will - be canonicalized upon output, so case-variant - names will be understood as the same header. + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. type: string value: description: The header field value @@ -3986,6 +3993,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -3993,33 +4001,35 @@ spec: anyOf: - type: integer - type: string - description: Name or number of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting to the - host. Defaults to HTTP. + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. type: string required: - port type: object initialDelaySeconds: - description: 'Number of seconds after the container - has started before liveness probes are initiated. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes format: int32 type: integer periodSeconds: - description: How often (in seconds) to perform the probe. + description: |- + How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. format: int32 type: integer successThreshold: - description: Minimum consecutive successes for the probe - to be considered successful after having failed. Defaults - to 1. Must be 1 for liveness and startup. Minimum - value is 1. + description: |- + Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. format: int32 type: integer tcpSocket: @@ -4034,35 +4044,33 @@ spec: anyOf: - type: integer - type: string - description: Number or name of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: - description: Optional duration in seconds the pod needs - to terminate gracefully upon probe failure. The grace - period is the duration in seconds after the processes - running in the pod are sent a termination signal and - the time when the processes are forcibly halted with - a kill signal. Set this value longer than the expected - cleanup time for your process. If this value is nil, - the pod's terminationGracePeriodSeconds will be used. - Otherwise, this value overrides the value provided - by the pod spec. Value must be non-negative integer. - The value zero indicates stop immediately via the - kill signal (no opportunity to shut down). This is - a beta field and requires enabling ProbeTerminationGracePeriod - feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds - is used if unset. + description: |- + Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after the processes running in the pod are sent + a termination signal and the time when the processes are forcibly halted with a kill signal. + Set this value longer than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates stop immediately via + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. format: int64 type: integer timeoutSeconds: - description: 'Number of seconds after which the probe - times out. Defaults to 1 second. Minimum value is - 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes format: int32 type: integer type: object @@ -4080,32 +4088,31 @@ spec: type: object type: object readinessProbe: - description: A pass-through of a Readiness Probe specification - in standard k8s format. If omitted, a standard probe will - be setup point to the webPort defined in the ClowdEnvironment - and a path of /healthz. Ignored if Web is set to false. + description: |- + A pass-through of a Readiness Probe specification in standard k8s format. + If omitted, a standard probe will be setup point to the webPort defined + in the ClowdEnvironment and a path of /healthz. Ignored if Web is set to + false. properties: exec: description: Exec specifies the action to take. properties: command: - description: Command is the command line to execute - inside the container, the working directory for - the command is root ('/') in the container's - filesystem. The command is simply exec'd, it is - not run inside a shell, so traditional shell instructions - ('|', etc) won't work. To use a shell, you need - to explicitly call out to that shell. Exit status - of 0 is treated as live/healthy and non-zero is - unhealthy. + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: - description: Minimum consecutive failures for the probe - to be considered failed after having succeeded. Defaults - to 3. Minimum value is 1. + description: |- + Minimum consecutive failures for the probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. format: int32 type: integer grpc: @@ -4118,10 +4125,12 @@ spec: format: int32 type: integer service: - description: "Service is the name of the service - to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - \n If this is not specified, the default behavior - is defined by gRPC." + default: "" + description: |- + Service is the name of the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + + If this is not specified, the default behavior is defined by gRPC. type: string required: - port @@ -4130,9 +4139,9 @@ spec: description: HTTPGet specifies the http request to perform. properties: host: - description: Host name to connect to, defaults to - the pod IP. You probably want to set "Host" in - httpHeaders instead. + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. type: string httpHeaders: description: Custom headers to set in the request. @@ -4142,9 +4151,9 @@ spec: to be used in HTTP probes properties: name: - description: The header field name. This will - be canonicalized upon output, so case-variant - names will be understood as the same header. + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. type: string value: description: The header field value @@ -4154,6 +4163,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -4161,33 +4171,35 @@ spec: anyOf: - type: integer - type: string - description: Name or number of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting to the - host. Defaults to HTTP. + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. type: string required: - port type: object initialDelaySeconds: - description: 'Number of seconds after the container - has started before liveness probes are initiated. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes format: int32 type: integer periodSeconds: - description: How often (in seconds) to perform the probe. + description: |- + How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. format: int32 type: integer successThreshold: - description: Minimum consecutive successes for the probe - to be considered successful after having failed. Defaults - to 1. Must be 1 for liveness and startup. Minimum - value is 1. + description: |- + Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. format: int32 type: integer tcpSocket: @@ -4202,60 +4214,67 @@ spec: anyOf: - type: integer - type: string - description: Number or name of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: - description: Optional duration in seconds the pod needs - to terminate gracefully upon probe failure. The grace - period is the duration in seconds after the processes - running in the pod are sent a termination signal and - the time when the processes are forcibly halted with - a kill signal. Set this value longer than the expected - cleanup time for your process. If this value is nil, - the pod's terminationGracePeriodSeconds will be used. - Otherwise, this value overrides the value provided - by the pod spec. Value must be non-negative integer. - The value zero indicates stop immediately via the - kill signal (no opportunity to shut down). This is - a beta field and requires enabling ProbeTerminationGracePeriod - feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds - is used if unset. + description: |- + Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after the processes running in the pod are sent + a termination signal and the time when the processes are forcibly halted with a kill signal. + Set this value longer than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates stop immediately via + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. format: int64 type: integer timeoutSeconds: - description: 'Number of seconds after which the probe - times out. Defaults to 1 second. Minimum value is - 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes format: int32 type: integer type: object resources: - description: A pass-through of a resource requirements in - k8s ResourceRequirements format. If omitted, the default - resource requirements from the ClowdEnvironment will be - used. + description: |- + A pass-through of a resource requirements in k8s ResourceRequirements + format. If omitted, the default resource requirements from the + ClowdEnvironment will be used. properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. \n This field - is immutable. It can only be set for containers." + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry - in pod.spec.resourceClaims of the Pod where - this field is used. It makes that resource available + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available inside a container. type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string required: - name type: object @@ -4270,8 +4289,9 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of - compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object requests: additionalProperties: @@ -4280,11 +4300,11 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount - of compute resources required. If Requests is omitted - for a container, it defaults to Limits if that is - explicitly specified, otherwise to an implementation-defined - value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object type: object sidecars: @@ -4306,8 +4326,9 @@ spec: type: object type: array terminationGracePeriodSeconds: - description: A pass-through of TerminationGracePeriodSeconds - specification in standard k8s format default is 30 seconds + description: |- + A pass-through of TerminationGracePeriodSeconds specification in standard k8s format + default is 30 seconds format: int64 type: integer volumeMounts: @@ -4318,34 +4339,57 @@ spec: within a container. properties: mountPath: - description: Path within the container at which the - volume should be mounted. Must not contain ':'. + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. type: string mountPropagation: - description: mountPropagation determines how mounts - are propagated from the host to container and the - other way around. When not set, MountPropagationNone - is used. This field is beta in 1.10. + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). type: string name: description: This must match the Name of a Volume. type: string readOnly: - description: Mounted read-only if true, read-write - otherwise (false or unspecified). Defaults to false. + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string subPath: - description: Path within the volume from which the - container's volume should be mounted. Defaults to - "" (volume's root). + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). type: string subPathExpr: - description: Expanded path within the volume from - which the container's volume should be mounted. - Behaves similarly to SubPath but environment variable - references $(VAR_NAME) are expanded using the container's - environment. Defaults to "" (volume's root). SubPathExpr - and SubPath are mutually exclusive. + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. type: string required: - mountPath @@ -4360,40 +4404,35 @@ spec: that may be accessed by any container in the pod. properties: awsElasticBlockStore: - description: 'awsElasticBlockStore represents an AWS - Disk resource that is attached to a kubelet''s host - machine and then exposed to the pod. More info: - https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + description: |- + awsElasticBlockStore represents an AWS Disk resource that is attached to a + kubelet's host machine and then exposed to the pod. + More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore properties: fsType: - description: 'fsType is the filesystem type of - the volume that you want to mount. Tip: Ensure - that the filesystem type is supported by the - host operating system. Examples: "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - TODO: how do we prevent errors in the filesystem - from compromising the machine' + description: |- + fsType is the filesystem type of the volume that you want to mount. + Tip: Ensure that the filesystem type is supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore type: string partition: - description: 'partition is the partition in the - volume that you want to mount. If omitted, the - default is to mount by volume name. Examples: - For volume /dev/sda1, you specify the partition - as "1". Similarly, the volume partition for - /dev/sda is "0" (or you can leave the property - empty).' + description: |- + partition is the partition in the volume that you want to mount. + If omitted, the default is to mount by volume name. + Examples: For volume /dev/sda1, you specify the partition as "1". + Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). format: int32 type: integer readOnly: - description: 'readOnly value true will force the - readOnly setting in VolumeMounts. More info: - https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + description: |- + readOnly value true will force the readOnly setting in VolumeMounts. + More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore type: boolean volumeID: - description: 'volumeID is unique ID of the persistent - disk resource in AWS (Amazon EBS volume). More - info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + description: |- + volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). + More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore type: string required: - volumeID @@ -4415,10 +4454,11 @@ spec: the blob storage type: string fsType: - description: fsType is Filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". - Implicitly inferred to be "ext4" if unspecified. + default: ext4 + description: |- + fsType is Filesystem type to mount. + Must be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. type: string kind: description: 'kind expected values are Shared: @@ -4428,9 +4468,10 @@ spec: set). defaults to shared' type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. + default: false + description: |- + readOnly Defaults to false (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. type: boolean required: - diskName @@ -4441,9 +4482,9 @@ spec: mount on the host and bind mount to the pod. properties: readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. + description: |- + readOnly defaults to false (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. type: boolean secretName: description: secretName is the name of secret @@ -4462,78 +4503,91 @@ spec: the host that shares a pod's lifetime properties: monitors: - description: 'monitors is Required: Monitors is - a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + description: |- + monitors is Required: Monitors is a collection of Ceph monitors + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it items: type: string type: array + x-kubernetes-list-type: atomic path: description: 'path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /' type: string readOnly: - description: 'readOnly is Optional: Defaults to - false (read/write). ReadOnly here will force - the ReadOnly setting in VolumeMounts. More info: - https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + description: |- + readOnly is Optional: Defaults to false (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it type: boolean secretFile: - description: 'secretFile is Optional: SecretFile - is the path to key ring for User, default is - /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + description: |- + secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it type: string secretRef: - description: 'secretRef is Optional: SecretRef - is reference to the authentication secret for - User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + description: |- + secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string type: object + x-kubernetes-map-type: atomic user: - description: 'user is optional: User is the rados - user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + description: |- + user is optional: User is the rados user name, default is admin + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it type: string required: - monitors type: object cinder: - description: 'cinder represents a cinder volume attached - and mounted on kubelets host machine. More info: - https://examples.k8s.io/mysql-cinder-pd/README.md' + description: |- + cinder represents a cinder volume attached and mounted on kubelets host machine. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md properties: fsType: - description: 'fsType is the filesystem type to - mount. Must be a filesystem type supported by - the host operating system. Examples: "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + description: |- + fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md type: string readOnly: - description: 'readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + description: |- + readOnly defaults to false (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md type: boolean secretRef: - description: 'secretRef is optional: points to - a secret object containing parameters used to - connect to OpenStack.' + description: |- + secretRef is optional: points to a secret object containing parameters used to connect + to OpenStack. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string type: object + x-kubernetes-map-type: atomic volumeID: - description: 'volumeID used to identify the volume - in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + description: |- + volumeID used to identify the volume in cinder. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md type: string required: - volumeID @@ -4543,31 +4597,25 @@ spec: should populate this volume properties: defaultMode: - description: 'defaultMode is optional: mode bits - used to set permissions on created files by - default. Must be an octal value between 0000 - and 0777 or a decimal value between 0 and 511. - YAML accepts both octal and decimal values, - JSON requires decimal values for mode bits. - Defaults to 0644. Directories within the path - are not affected by this setting. This might - be in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' + description: |- + defaultMode is optional: mode bits used to set permissions on created files by default. + Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + Defaults to 0644. + Directories within the path are not affected by this setting. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. format: int32 type: integer items: - description: items if unspecified, each key-value - pair in the Data field of the referenced ConfigMap - will be projected into the volume as a file - whose name is the key and content is the value. - If specified, the listed keys will be projected - into the specified paths, and unlisted keys - will not be present. If a key is specified which - is not present in the ConfigMap, the volume - setup will error unless it is marked optional. - Paths must be relative and may not contain the - '..' path or start with '..'. + description: |- + items if unspecified, each key-value pair in the Data field of the referenced + ConfigMap will be projected into the volume as a file whose name is the + key and content is the value. If specified, the listed keys will be + projected into the specified paths, and unlisted keys will not be + present. If a key is specified which is not present in the ConfigMap, + the volume setup will error unless it is marked optional. Paths must be + relative and may not contain the '..' path or start with '..'. items: description: Maps a string key to a path within a volume. @@ -4576,87 +4624,89 @@ spec: description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits - used to set permissions on this file. - Must be an octal value between 0000 and - 0777 or a decimal value between 0 and - 511. YAML accepts both octal and decimal - values, JSON requires decimal values for - mode bits. If not specified, the volume - defaultMode will be used. This might be - in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' + description: |- + mode is Optional: mode bits used to set permissions on this file. + Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + If not specified, the volume defaultMode will be used. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. format: int32 type: integer path: - description: path is the relative path of - the file to map the key to. May not be - an absolute path. May not contain the - path element '..'. May not start with - the string '..'. + description: |- + path is the relative path of the file to map the key to. + May not be an absolute path. + May not contain the path element '..'. + May not start with the string '..'. type: string required: - key - path type: object type: array + x-kubernetes-list-type: atomic name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string optional: description: optional specify whether the ConfigMap or its keys must be defined type: boolean type: object + x-kubernetes-map-type: atomic csi: description: csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). properties: driver: - description: driver is the name of the CSI driver - that handles this volume. Consult with your - admin for the correct name as registered in - the cluster. + description: |- + driver is the name of the CSI driver that handles this volume. + Consult with your admin for the correct name as registered in the cluster. type: string fsType: - description: fsType to mount. Ex. "ext4", "xfs", - "ntfs". If not provided, the empty value is - passed to the associated CSI driver which will - determine the default filesystem to apply. + description: |- + fsType to mount. Ex. "ext4", "xfs", "ntfs". + If not provided, the empty value is passed to the associated CSI driver + which will determine the default filesystem to apply. type: string nodePublishSecretRef: - description: nodePublishSecretRef is a reference - to the secret object containing sensitive information - to pass to the CSI driver to complete the CSI + description: |- + nodePublishSecretRef is a reference to the secret object containing + sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. - This field is optional, and may be empty if - no secret is required. If the secret object - contains more than one secret, all secret references - are passed. + This field is optional, and may be empty if no secret is required. If the + secret object contains more than one secret, all secret references are passed. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string type: object + x-kubernetes-map-type: atomic readOnly: - description: readOnly specifies a read-only configuration - for the volume. Defaults to false (read/write). + description: |- + readOnly specifies a read-only configuration for the volume. + Defaults to false (read/write). type: boolean volumeAttributes: additionalProperties: type: string - description: volumeAttributes stores driver-specific - properties that are passed to the CSI driver. - Consult your driver's documentation for supported - values. + description: |- + volumeAttributes stores driver-specific properties that are passed to the CSI + driver. Consult your driver's documentation for supported values. type: object required: - driver @@ -4666,18 +4716,15 @@ spec: the pod that should populate this volume properties: defaultMode: - description: 'Optional: mode bits to use on created - files by default. Must be a Optional: mode bits - used to set permissions on created files by - default. Must be an octal value between 0000 - and 0777 or a decimal value between 0 and 511. - YAML accepts both octal and decimal values, - JSON requires decimal values for mode bits. - Defaults to 0644. Directories within the path - are not affected by this setting. This might - be in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' + description: |- + Optional: mode bits to use on created files by default. Must be a + Optional: mode bits used to set permissions on created files by default. + Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + Defaults to 0644. + Directories within the path are not affected by this setting. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. format: int32 type: integer items: @@ -4691,7 +4738,7 @@ spec: fieldRef: description: 'Required: Selects a field of the pod: only annotations, labels, - name and namespace are supported.' + name, namespace and uid are supported.' properties: apiVersion: description: Version of the schema the @@ -4705,18 +4752,15 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic mode: - description: 'Optional: mode bits used to - set permissions on this file, must be - an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML - accepts both octal and decimal values, - JSON requires decimal values for mode - bits. If not specified, the volume defaultMode - will be used. This might be in conflict - with other options that affect the file - mode, like fsGroup, and the result can - be other mode bits set.' + description: |- + Optional: mode bits used to set permissions on this file, must be an octal value + between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + If not specified, the volume defaultMode will be used. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. format: int32 type: integer path: @@ -4728,10 +4772,9 @@ spec: with ''..''' type: string resourceFieldRef: - description: 'Selects a resource of the - container: only resources limits and requests - (limits.cpu, limits.memory, requests.cpu - and requests.memory) are currently supported.' + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. properties: containerName: description: 'Container name: required @@ -4753,130 +4796,127 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic required: - path type: object type: array + x-kubernetes-list-type: atomic type: object emptyDir: - description: 'emptyDir represents a temporary directory - that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + description: |- + emptyDir represents a temporary directory that shares a pod's lifetime. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir properties: medium: - description: 'medium represents what type of storage - medium should back this directory. The default - is "" which means to use the node''s default - medium. Must be an empty string (default) or - Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + description: |- + medium represents what type of storage medium should back this directory. + The default is "" which means to use the node's default medium. + Must be an empty string (default) or Memory. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir type: string sizeLimit: anyOf: - type: integer - type: string - description: 'sizeLimit is the total amount of - local storage required for this EmptyDir volume. - The size limit is also applicable for memory - medium. The maximum usage on memory medium EmptyDir - would be the minimum value between the SizeLimit - specified here and the sum of memory limits - of all containers in a pod. The default is nil - which means that the limit is undefined. More - info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + description: |- + sizeLimit is the total amount of local storage required for this EmptyDir volume. + The size limit is also applicable for memory medium. + The maximum usage on memory medium EmptyDir would be the minimum value between + the SizeLimit specified here and the sum of memory limits of all containers in a pod. + The default is nil which means that the limit is undefined. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object ephemeral: - description: "ephemeral represents a volume that is - handled by a cluster storage driver. The volume's - lifecycle is tied to the pod that defines it - it - will be created before the pod starts, and deleted - when the pod is removed. \n Use this if: a) the - volume is only needed while the pod runs, b) features - of normal volumes like restoring from snapshot or - capacity tracking are needed, c) the storage driver - is specified through a storage class, and d) the - storage driver supports dynamic volume provisioning - through a PersistentVolumeClaim (see EphemeralVolumeSource - for more information on the connection between this - volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim - or one of the vendor-specific APIs for volumes that - persist for longer than the lifecycle of an individual - pod. \n Use CSI for light-weight local ephemeral - volumes if the CSI driver is meant to be used that - way - see the documentation of the driver for more - information. \n A pod can use both types of ephemeral - volumes and persistent volumes at the same time." + description: |- + ephemeral represents a volume that is handled by a cluster storage driver. + The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, + and deleted when the pod is removed. + + Use this if: + a) the volume is only needed while the pod runs, + b) features of normal volumes like restoring from snapshot or capacity + tracking are needed, + c) the storage driver is specified through a storage class, and + d) the storage driver supports dynamic volume provisioning through + a PersistentVolumeClaim (see EphemeralVolumeSource for more + information on the connection between this volume type + and PersistentVolumeClaim). + + Use PersistentVolumeClaim or one of the vendor-specific + APIs for volumes that persist for longer than the lifecycle + of an individual pod. + + Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to + be used that way - see the documentation of the driver for + more information. + + A pod can use both types of ephemeral volumes and + persistent volumes at the same time. properties: volumeClaimTemplate: - description: "Will be used to create a stand-alone - PVC to provision the volume. The pod in which - this EphemeralVolumeSource is embedded will - be the owner of the PVC, i.e. the PVC will be - deleted together with the pod. The name of - the PVC will be `-` where - `` is the name from the `PodSpec.Volumes` - array entry. Pod validation will reject the - pod if the concatenated name is not valid for - a PVC (for example, too long). \n An existing - PVC with that name that is not owned by the - pod will *not* be used for the pod to avoid - using an unrelated volume by mistake. Starting - the pod is then blocked until the unrelated - PVC is removed. If such a pre-created PVC is - meant to be used by the pod, the PVC has to - updated with an owner reference to the pod once - the pod exists. Normally this should not be - necessary, but it may be useful when manually - reconstructing a broken cluster. \n This field - is read-only and no changes will be made by - Kubernetes to the PVC after it has been created. - \n Required, must not be nil." + description: |- + Will be used to create a stand-alone PVC to provision the volume. + The pod in which this EphemeralVolumeSource is embedded will be the + owner of the PVC, i.e. the PVC will be deleted together with the + pod. The name of the PVC will be `-` where + `` is the name from the `PodSpec.Volumes` array + entry. Pod validation will reject the pod if the concatenated name + is not valid for a PVC (for example, too long). + + An existing PVC with that name that is not owned by the pod + will *not* be used for the pod to avoid using an unrelated + volume by mistake. Starting the pod is then blocked until + the unrelated PVC is removed. If such a pre-created PVC is + meant to be used by the pod, the PVC has to updated with an + owner reference to the pod once the pod exists. Normally + this should not be necessary, but it may be useful when + manually reconstructing a broken cluster. + + This field is read-only and no changes will be made by Kubernetes + to the PVC after it has been created. + + Required, must not be nil. properties: metadata: - description: May contain labels and annotations - that will be copied into the PVC when creating - it. No other fields are allowed and will - be rejected during validation. + description: |- + May contain labels and annotations that will be copied into the PVC + when creating it. No other fields are allowed and will be rejected during + validation. type: object spec: - description: The specification for the PersistentVolumeClaim. - The entire content is copied unchanged into - the PVC that gets created from this template. - The same fields as in a PersistentVolumeClaim + description: |- + The specification for the PersistentVolumeClaim. The entire content is + copied unchanged into the PVC that gets created from this + template. The same fields as in a PersistentVolumeClaim are also valid here. properties: accessModes: - description: 'accessModes contains the - desired access modes the volume should - have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + description: |- + accessModes contains the desired access modes the volume should have. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 items: type: string type: array + x-kubernetes-list-type: atomic dataSource: - description: 'dataSource field can be - used to specify either: * An existing - VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + description: |- + dataSource field can be used to specify either: + * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) - If the provisioner or an external controller - can support the specified data source, - it will create a new volume based on - the contents of the specified data source. - When the AnyVolumeDataSource feature - gate is enabled, dataSource contents - will be copied to dataSourceRef, and - dataSourceRef contents will be copied - to dataSource when dataSourceRef.namespace - is not specified. If the namespace is - specified, then dataSourceRef will not - be copied to dataSource.' + If the provisioner or an external controller can support the specified data source, + it will create a new volume based on the contents of the specified data source. + When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + If the namespace is specified, then dataSourceRef will not be copied to dataSource. properties: apiGroup: - description: APIGroup is the group - for the resource being referenced. - If APIGroup is not specified, the - specified Kind must be in the core - API group. For any other third-party - types, APIGroup is required. + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. type: string kind: description: Kind is the type of resource @@ -4890,53 +4930,38 @@ spec: - kind - name type: object + x-kubernetes-map-type: atomic dataSourceRef: - description: 'dataSourceRef specifies - the object from which to populate the - volume with data, if a non-empty volume - is desired. This may be any object from - a non-empty API group (non core object) - or a PersistentVolumeClaim object. When - this field is specified, volume binding - will only succeed if the type of the - specified object matches some installed - volume populator or dynamic provisioner. - This field will replace the functionality - of the dataSource field and as such - if both fields are non-empty, they must - have the same value. For backwards compatibility, - when namespace isn''t specified in dataSourceRef, - both fields (dataSource and dataSourceRef) - will be set to the same value automatically - if one of them is empty and the other - is non-empty. When namespace is specified - in dataSourceRef, dataSource isn''t - set to the same value and must be empty. - There are three important differences - between dataSource and dataSourceRef: - * While dataSource only allows two specific - types of objects, dataSourceRef allows - any non-core object, as well as PersistentVolumeClaim - objects. * While dataSource ignores - disallowed values (dropping them), dataSourceRef - preserves all values, and generates - an error if a disallowed value is specified. - * While dataSource only allows local - objects, dataSourceRef allows objects - in any namespaces. (Beta) Using this - field requires the AnyVolumeDataSource - feature gate to be enabled. (Alpha) - Using the namespace field of dataSourceRef - requires the CrossNamespaceVolumeDataSource - feature gate to be enabled.' + description: |- + dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + volume is desired. This may be any object from a non-empty API group (non + core object) or a PersistentVolumeClaim object. + When this field is specified, volume binding will only succeed if the type of + the specified object matches some installed volume populator or dynamic + provisioner. + This field will replace the functionality of the dataSource field and as such + if both fields are non-empty, they must have the same value. For backwards + compatibility, when namespace isn't specified in dataSourceRef, + both fields (dataSource and dataSourceRef) will be set to the same + value automatically if one of them is empty and the other is non-empty. + When namespace is specified in dataSourceRef, + dataSource isn't set to the same value and must be empty. + There are three important differences between dataSource and dataSourceRef: + * While dataSource only allows two specific types of objects, dataSourceRef + allows any non-core object, as well as PersistentVolumeClaim objects. + * While dataSource ignores disallowed values (dropping them), dataSourceRef + preserves all values, and generates an error if a disallowed value is + specified. + * While dataSource only allows local objects, dataSourceRef allows objects + in any namespaces. + (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. properties: apiGroup: - description: APIGroup is the group - for the resource being referenced. - If APIGroup is not specified, the - specified Kind must be in the core - API group. For any other third-party - types, APIGroup is required. + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. type: string kind: description: Kind is the type of resource @@ -4947,32 +4972,22 @@ spec: being referenced type: string namespace: - description: Namespace is the namespace - of resource being referenced Note - that when a namespace is specified, - a gateway.networking.k8s.io/ReferenceGrant - object is required in the referent - namespace to allow that namespace's - owner to accept the reference. See - the ReferenceGrant documentation - for details. (Alpha) This field - requires the CrossNamespaceVolumeDataSource - feature gate to be enabled. + description: |- + Namespace is the namespace of resource being referenced + Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. type: string required: - kind - name type: object resources: - description: 'resources represents the - minimum resources the volume should - have. If RecoverVolumeExpansionFailure - feature is enabled users are allowed - to specify resource requirements that - are lower than previous value but must - still be higher than capacity recorded - in the status field of the claim. More - info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' + description: |- + resources represents the minimum resources the volume should have. + If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources properties: limits: additionalProperties: @@ -4981,9 +4996,9 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the - maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object requests: additionalProperties: @@ -4992,14 +5007,11 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the - minimum amount of compute resources - required. If Requests is omitted - for a container, it defaults to - Limits if that is explicitly specified, - otherwise to an implementation-defined - value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object type: object selector: @@ -5011,10 +5023,9 @@ spec: list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label @@ -5022,81 +5033,60 @@ spec: to. type: string operator: - description: operator represents - a key's relationship to a - set of values. Valid operators - are In, NotIn, Exists and - DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array - of string values. If the operator - is In or NotIn, the values - array must be non-empty. If - the operator is Exists or - DoesNotExist, the values array - must be empty. This array - is replaced during a strategic + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic merge patch. items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string - description: matchLabels is a map - of {key,value} pairs. A single {key,value} - in the matchLabels map is equivalent - to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are - ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object + x-kubernetes-map-type: atomic storageClassName: - description: 'storageClassName is the - name of the StorageClass required by - the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + description: |- + storageClassName is the name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 type: string volumeAttributesClassName: - description: 'volumeAttributesClassName - may be used to set the VolumeAttributesClass - used by this claim. If specified, the - CSI driver will create or update the - volume with the attributes defined in - the corresponding VolumeAttributesClass. - This has a different purpose than storageClassName, - it can be changed after the claim is - created. An empty string value means - that no VolumeAttributesClass will be - applied to the claim but it''s not allowed - to reset this field to empty string - once it is set. If unspecified and the - PersistentVolumeClaim is unbound, the - default VolumeAttributesClass will be - set by the persistentvolume controller - if it exists. If the resource referred - to by volumeAttributesClass does not - exist, this PersistentVolumeClaim will - be set to a Pending state, as reflected - by the modifyVolumeStatus field, until - such as a resource exists. More info: - https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass - (Alpha) Using this field requires the - VolumeAttributesClass feature gate to - be enabled.' + description: |- + volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + If specified, the CSI driver will create or update the volume with the attributes defined + in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + will be set by the persistentvolume controller if it exists. + If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + exists. + More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). type: string volumeMode: - description: volumeMode defines what type - of volume is required by the claim. - Value of Filesystem is implied when - not included in claim spec. + description: |- + volumeMode defines what type of volume is required by the claim. + Value of Filesystem is implied when not included in claim spec. type: string volumeName: description: volumeName is the binding @@ -5114,21 +5104,19 @@ spec: then exposed to the pod. properties: fsType: - description: 'fsType is the filesystem type to - mount. Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. TODO: how do we prevent errors - in the filesystem from compromising the machine' + description: |- + fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. type: string lun: description: 'lun is Optional: FC target lun number' format: int32 type: integer readOnly: - description: 'readOnly is Optional: Defaults to - false (read/write). ReadOnly here will force - the ReadOnly setting in VolumeMounts.' + description: |- + readOnly is Optional: Defaults to false (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. type: boolean targetWWNs: description: 'targetWWNs is Optional: FC target @@ -5136,30 +5124,30 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic wwids: - description: 'wwids Optional: FC volume world - wide identifiers (wwids) Either wwids or combination - of targetWWNs and lun must be set, but not both - simultaneously.' + description: |- + wwids Optional: FC volume world wide identifiers (wwids) + Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously. items: type: string type: array + x-kubernetes-list-type: atomic type: object flexVolume: - description: flexVolume represents a generic volume - resource that is provisioned/attached using an exec - based plugin. + description: |- + flexVolume represents a generic volume resource that is + provisioned/attached using an exec based plugin. properties: driver: description: driver is the name of the driver to use for this volume. type: string fsType: - description: fsType is the filesystem type to - mount. Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs", - "ntfs". The default filesystem depends on FlexVolume - script. + description: |- + fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script. type: string options: additionalProperties: @@ -5168,26 +5156,29 @@ spec: holds extra command options if any.' type: object readOnly: - description: 'readOnly is Optional: defaults to - false (read/write). ReadOnly here will force - the ReadOnly setting in VolumeMounts.' + description: |- + readOnly is Optional: defaults to false (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. type: boolean secretRef: - description: 'secretRef is Optional: secretRef - is reference to the secret object containing - sensitive information to pass to the plugin - scripts. This may be empty if no secret object - is specified. If the secret object contains - more than one secret, all secrets are passed - to the plugin scripts.' + description: |- + secretRef is Optional: secretRef is reference to the secret object containing + sensitive information to pass to the plugin scripts. This may be + empty if no secret object is specified. If the secret object + contains more than one secret, all secrets are passed to the plugin + scripts. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string type: object + x-kubernetes-map-type: atomic required: - driver type: object @@ -5197,9 +5188,9 @@ spec: Flocker control service being running properties: datasetName: - description: datasetName is Name of the dataset - stored as metadata -> name on the dataset for - Flocker should be considered as deprecated + description: |- + datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker + should be considered as deprecated type: string datasetUUID: description: datasetUUID is the UUID of the dataset. @@ -5207,57 +5198,53 @@ spec: type: string type: object gcePersistentDisk: - description: 'gcePersistentDisk represents a GCE Disk - resource that is attached to a kubelet''s host machine - and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + description: |- + gcePersistentDisk represents a GCE Disk resource that is attached to a + kubelet's host machine and then exposed to the pod. + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk properties: fsType: - description: 'fsType is filesystem type of the - volume that you want to mount. Tip: Ensure that - the filesystem type is supported by the host - operating system. Examples: "ext4", "xfs", "ntfs". - Implicitly inferred to be "ext4" if unspecified. + description: |- + fsType is filesystem type of the volume that you want to mount. + Tip: Ensure that the filesystem type is supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string partition: - description: 'partition is the partition in the - volume that you want to mount. If omitted, the - default is to mount by volume name. Examples: - For volume /dev/sda1, you specify the partition - as "1". Similarly, the volume partition for - /dev/sda is "0" (or you can leave the property - empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + description: |- + partition is the partition in the volume that you want to mount. + If omitted, the default is to mount by volume name. + Examples: For volume /dev/sda1, you specify the partition as "1". + Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk format: int32 type: integer pdName: - description: 'pdName is unique name of the PD - resource in GCE. Used to identify the disk in - GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + description: |- + pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk type: string readOnly: - description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. - More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + description: |- + readOnly here will force the ReadOnly setting in VolumeMounts. + Defaults to false. + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk type: boolean required: - pdName type: object gitRepo: - description: 'gitRepo represents a git repository - at a particular revision. DEPRECATED: GitRepo is - deprecated. To provision a container with a git - repo, mount an EmptyDir into an InitContainer that - clones the repo using git, then mount the EmptyDir - into the Pod''s container.' + description: |- + gitRepo represents a git repository at a particular revision. + DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an + EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir + into the Pod's container. properties: directory: - description: directory is the target directory - name. Must not contain or start with '..'. If - '.' is supplied, the volume directory will be - the git repository. Otherwise, if specified, - the volume will contain the git repository in + description: |- + directory is the target directory name. + Must not contain or start with '..'. If '.' is supplied, the volume directory will be the + git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name. type: string repository: @@ -5271,54 +5258,93 @@ spec: - repository type: object glusterfs: - description: 'glusterfs represents a Glusterfs mount - on the host that shares a pod''s lifetime. More - info: https://examples.k8s.io/volumes/glusterfs/README.md' + description: |- + glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. + More info: https://examples.k8s.io/volumes/glusterfs/README.md properties: endpoints: - description: 'endpoints is the endpoint name that - details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + description: |- + endpoints is the endpoint name that details Glusterfs topology. + More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod type: string path: - description: 'path is the Glusterfs volume path. - More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + description: |- + path is the Glusterfs volume path. + More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod type: string readOnly: - description: 'readOnly here will force the Glusterfs - volume to be mounted with read-only permissions. - Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + description: |- + readOnly here will force the Glusterfs volume to be mounted with read-only permissions. + Defaults to false. + More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod type: boolean required: - endpoints - path type: object hostPath: - description: 'hostPath represents a pre-existing file - or directory on the host machine that is directly - exposed to the container. This is generally used - for system agents or other privileged things that - are allowed to see the host machine. Most containers - will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - --- TODO(jonesdl) We need to restrict who can use - host directory mounts and who can/can not mount - host directories as read/write.' + description: |- + hostPath represents a pre-existing file or directory on the host + machine that is directly exposed to the container. This is generally + used for system agents or other privileged things that are allowed + to see the host machine. Most containers will NOT need this. + More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath properties: path: - description: 'path of the directory on the host. - If the path is a symlink, it will follow the - link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + description: |- + path of the directory on the host. + If the path is a symlink, it will follow the link to the real path. + More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath type: string type: - description: 'type for HostPath Volume Defaults - to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + description: |- + type for HostPath Volume + Defaults to "" + More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath type: string required: - path type: object + image: + description: |- + image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. + The volume is resolved at pod startup depending on which PullPolicy value is provided: + + - Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. + - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. + - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. + + The volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. + A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. + The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. + The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. + The volume will be mounted read-only (ro) and non-executable files (noexec). + Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath). + The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type. + properties: + pullPolicy: + description: |- + Policy for pulling OCI objects. Possible values are: + Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. + Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. + IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. + Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. + type: string + reference: + description: |- + Required: Image or artifact reference to be used. + Behaves in the same way as pod.spec.containers[*].image. + Pull secrets will be assembled in the same way as for the container image by looking up node credentials, SA image pull secrets, and pod spec image pull secrets. + More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management to default or override + container images in workload controllers like Deployments and StatefulSets. + type: string + type: object iscsi: - description: 'iscsi represents an ISCSI Disk resource - that is attached to a kubelet''s host machine and - then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' + description: |- + iscsi represents an ISCSI Disk resource that is attached to a + kubelet's host machine and then exposed to the pod. + More info: https://examples.k8s.io/volumes/iscsi/README.md properties: chapAuthDiscovery: description: chapAuthDiscovery defines whether @@ -5329,63 +5355,64 @@ spec: iSCSI Session CHAP authentication type: boolean fsType: - description: 'fsType is the filesystem type of - the volume that you want to mount. Tip: Ensure - that the filesystem type is supported by the - host operating system. Examples: "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi - TODO: how do we prevent errors in the filesystem - from compromising the machine' + description: |- + fsType is the filesystem type of the volume that you want to mount. + Tip: Ensure that the filesystem type is supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi type: string initiatorName: - description: initiatorName is the custom iSCSI - Initiator Name. If initiatorName is specified - with iscsiInterface simultaneously, new iSCSI - interface : will - be created for the connection. + description: |- + initiatorName is the custom iSCSI Initiator Name. + If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface + : will be created for the connection. type: string iqn: description: iqn is the target iSCSI Qualified Name. type: string iscsiInterface: - description: iscsiInterface is the interface Name - that uses an iSCSI transport. Defaults to 'default' - (tcp). + default: default + description: |- + iscsiInterface is the interface Name that uses an iSCSI transport. + Defaults to 'default' (tcp). type: string lun: description: lun represents iSCSI Target Lun number. format: int32 type: integer portals: - description: portals is the iSCSI Target Portal - List. The portal is either an IP or ip_addr:port - if the port is other than default (typically - TCP ports 860 and 3260). + description: |- + portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port + is other than default (typically TCP ports 860 and 3260). items: type: string type: array + x-kubernetes-list-type: atomic readOnly: - description: readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. + description: |- + readOnly here will force the ReadOnly setting in VolumeMounts. + Defaults to false. type: boolean secretRef: description: secretRef is the CHAP Secret for iSCSI target and initiator authentication properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string type: object + x-kubernetes-map-type: atomic targetPortal: - description: targetPortal is iSCSI Target Portal. - The Portal is either an IP or ip_addr:port if - the port is other than default (typically TCP - ports 860 and 3260). + description: |- + targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port + is other than default (typically TCP ports 860 and 3260). type: string required: - iqn @@ -5393,43 +5420,51 @@ spec: - targetPortal type: object name: - description: 'name of the volume. Must be a DNS_LABEL - and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: |- + name of the volume. + Must be a DNS_LABEL and unique within the pod. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string nfs: - description: 'nfs represents an NFS mount on the host - that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + description: |- + nfs represents an NFS mount on the host that shares a pod's lifetime + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs properties: path: - description: 'path that is exported by the NFS - server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + description: |- + path that is exported by the NFS server. + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs type: string readOnly: - description: 'readOnly here will force the NFS - export to be mounted with read-only permissions. - Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + description: |- + readOnly here will force the NFS export to be mounted with read-only permissions. + Defaults to false. + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs type: boolean server: - description: 'server is the hostname or IP address - of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + description: |- + server is the hostname or IP address of the NFS server. + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs type: string required: - path - server type: object persistentVolumeClaim: - description: 'persistentVolumeClaimVolumeSource represents - a reference to a PersistentVolumeClaim in the same - namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + description: |- + persistentVolumeClaimVolumeSource represents a reference to a + PersistentVolumeClaim in the same namespace. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this - volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + description: |- + claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims type: string readOnly: - description: readOnly Will force the ReadOnly - setting in VolumeMounts. Default false. + description: |- + readOnly Will force the ReadOnly setting in VolumeMounts. + Default false. type: boolean required: - claimName @@ -5440,11 +5475,10 @@ spec: host machine properties: fsType: - description: fsType is the filesystem type to - mount. Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. + description: |- + fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. type: string pdID: description: pdID is the ID that identifies Photon @@ -5458,15 +5492,15 @@ spec: volume attached and mounted on kubelets host machine properties: fsType: - description: fSType represents the filesystem - type to mount Must be a filesystem type supported - by the host operating system. Ex. "ext4", "xfs". - Implicitly inferred to be "ext4" if unspecified. + description: |- + fSType represents the filesystem type to mount + Must be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified. type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. + description: |- + readOnly defaults to false (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. type: boolean volumeID: description: volumeID uniquely identifies a Portworx @@ -5480,60 +5514,55 @@ spec: secrets, configmaps, and downward API properties: defaultMode: - description: defaultMode are the mode bits used - to set permissions on created files by default. - Must be an octal value between 0000 and 0777 - or a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires - decimal values for mode bits. Directories within - the path are not affected by this setting. This - might be in conflict with other options that - affect the file mode, like fsGroup, and the - result can be other mode bits set. + description: |- + defaultMode are the mode bits used to set permissions on created files by default. + Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + Directories within the path are not affected by this setting. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. format: int32 type: integer sources: - description: sources is the list of volume projections + description: |- + sources is the list of volume projections. Each entry in this list + handles one source. items: - description: Projection that may be projected - along with other supported volume types + description: |- + Projection that may be projected along with other supported volume types. + Exactly one of these fields must be set. properties: clusterTrustBundle: - description: "ClusterTrustBundle allows - a pod to access the `.spec.trustBundle` - field of ClusterTrustBundle objects in - an auto-updating file. \n Alpha, gated - by the ClusterTrustBundleProjection feature - gate. \n ClusterTrustBundle objects can - either be selected by name, or by the - combination of signer name and a label - selector. \n Kubelet performs aggressive - normalization of the PEM contents written - into the pod filesystem. Esoteric PEM - features such as inter-block comments - and block headers are stripped. Certificates - are deduplicated. The ordering of certificates - within the file is arbitrary, and Kubelet - may change the order over time." + description: |- + ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field + of ClusterTrustBundle objects in an auto-updating file. + + Alpha, gated by the ClusterTrustBundleProjection feature gate. + + ClusterTrustBundle objects can either be selected by name, or by the + combination of signer name and a label selector. + + Kubelet performs aggressive normalization of the PEM contents written + into the pod filesystem. Esoteric PEM features such as inter-block + comments and block headers are stripped. Certificates are deduplicated. + The ordering of certificates within the file is arbitrary, and Kubelet + may change the order over time. properties: labelSelector: - description: Select all ClusterTrustBundles - that match this label selector. Only - has effect if signerName is set. Mutually-exclusive - with name. If unset, interpreted - as "match nothing". If set but empty, - interpreted as "match everything". + description: |- + Select all ClusterTrustBundles that match this label selector. Only has + effect if signerName is set. Mutually-exclusive with name. If unset, + interpreted as "match nothing". If set but empty, interpreted as "match + everything". properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector - requirement is a selector that - contains values, a key, and - an operator that relates the - key and values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label @@ -5541,70 +5570,58 @@ spec: to. type: string operator: - description: operator represents - a key's relationship to - a set of values. Valid operators - are In, NotIn, Exists and - DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an - array of string values. - If the operator is In or - NotIn, the values array - must be non-empty. If the - operator is Exists or DoesNotExist, - the values array must be - empty. This array is replaced - during a strategic merge - patch. + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string - description: matchLabels is a map - of {key,value} pairs. A single - {key,value} in the matchLabels - map is equivalent to an element - of matchExpressions, whose key - field is "key", the operator is - "In", and the values array contains - only "value". The requirements - are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object + x-kubernetes-map-type: atomic name: - description: Select a single ClusterTrustBundle - by object name. Mutually-exclusive + description: |- + Select a single ClusterTrustBundle by object name. Mutually-exclusive with signerName and labelSelector. type: string optional: - description: If true, don't block pod - startup if the referenced ClusterTrustBundle(s) - aren't available. If using name, - then the named ClusterTrustBundle - is allowed not to exist. If using - signerName, then the combination of - signerName and labelSelector is allowed - to match zero ClusterTrustBundles. + description: |- + If true, don't block pod startup if the referenced ClusterTrustBundle(s) + aren't available. If using name, then the named ClusterTrustBundle is + allowed not to exist. If using signerName, then the combination of + signerName and labelSelector is allowed to match zero + ClusterTrustBundles. type: boolean path: description: Relative path from the volume root to write the bundle. type: string signerName: - description: Select all ClusterTrustBundles - that match this signer name. Mutually-exclusive - with name. The contents of all selected - ClusterTrustBundles will be unified - and deduplicated. + description: |- + Select all ClusterTrustBundles that match this signer name. + Mutually-exclusive with name. The contents of all selected + ClusterTrustBundles will be unified and deduplicated. type: string required: - path @@ -5614,20 +5631,14 @@ spec: the configMap data to project properties: items: - description: items if unspecified, each - key-value pair in the Data field of - the referenced ConfigMap will be projected - into the volume as a file whose name - is the key and content is the value. - If specified, the listed keys will - be projected into the specified paths, - and unlisted keys will not be present. - If a key is specified which is not - present in the ConfigMap, the volume - setup will error unless it is marked - optional. Paths must be relative and - may not contain the '..' path or start - with '..'. + description: |- + items if unspecified, each key-value pair in the Data field of the referenced + ConfigMap will be projected into the volume as a file whose name is the + key and content is the value. If specified, the listed keys will be + projected into the specified paths, and unlisted keys will not be + present. If a key is specified which is not present in the ConfigMap, + the volume setup will error unless it is marked optional. Paths must be + relative and may not contain the '..' path or start with '..'. items: description: Maps a string key to a path within a volume. @@ -5637,41 +5648,36 @@ spec: project. type: string mode: - description: 'mode is Optional: - mode bits used to set permissions - on this file. Must be an octal - value between 0000 and 0777 - or a decimal value between 0 - and 511. YAML accepts both octal - and decimal values, JSON requires - decimal values for mode bits. - If not specified, the volume - defaultMode will be used. This - might be in conflict with other - options that affect the file - mode, like fsGroup, and the - result can be other mode bits - set.' + description: |- + mode is Optional: mode bits used to set permissions on this file. + Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + If not specified, the volume defaultMode will be used. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. format: int32 type: integer path: - description: path is the relative - path of the file to map the - key to. May not be an absolute - path. May not contain the path - element '..'. May not start - with the string '..'. + description: |- + path is the relative path of the file to map the key to. + May not be an absolute path. + May not contain the path element '..'. + May not start with the string '..'. type: string required: - key - path type: object type: array + x-kubernetes-list-type: atomic name: - description: 'Name of the referent. + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string optional: description: optional specify whether @@ -5679,6 +5685,7 @@ spec: defined type: boolean type: object + x-kubernetes-map-type: atomic downwardAPI: description: downwardAPI information about the downwardAPI data to project @@ -5694,8 +5701,8 @@ spec: fieldRef: description: 'Required: Selects a field of the pod: only annotations, - labels, name and namespace are - supported.' + labels, name, namespace and + uid are supported.' properties: apiVersion: description: Version of the @@ -5711,21 +5718,15 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic mode: - description: 'Optional: mode bits - used to set permissions on this - file, must be an octal value - between 0000 and 0777 or a decimal - value between 0 and 511. YAML - accepts both octal and decimal - values, JSON requires decimal - values for mode bits. If not - specified, the volume defaultMode - will be used. This might be - in conflict with other options - that affect the file mode, like - fsGroup, and the result can - be other mode bits set.' + description: |- + Optional: mode bits used to set permissions on this file, must be an octal value + between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + If not specified, the volume defaultMode will be used. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. format: int32 type: integer path: @@ -5738,12 +5739,9 @@ spec: not start with ''..''' type: string resourceFieldRef: - description: 'Selects a resource - of the container: only resources - limits and requests (limits.cpu, - limits.memory, requests.cpu - and requests.memory) are currently - supported.' + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. properties: containerName: description: 'Container name: @@ -5766,30 +5764,26 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic required: - path type: object type: array + x-kubernetes-list-type: atomic type: object secret: description: secret information about the secret data to project properties: items: - description: items if unspecified, each - key-value pair in the Data field of - the referenced Secret will be projected - into the volume as a file whose name - is the key and content is the value. - If specified, the listed keys will - be projected into the specified paths, - and unlisted keys will not be present. - If a key is specified which is not - present in the Secret, the volume - setup will error unless it is marked - optional. Paths must be relative and - may not contain the '..' path or start - with '..'. + description: |- + items if unspecified, each key-value pair in the Data field of the referenced + Secret will be projected into the volume as a file whose name is the + key and content is the value. If specified, the listed keys will be + projected into the specified paths, and unlisted keys will not be + present. If a key is specified which is not present in the Secret, + the volume setup will error unless it is marked optional. Paths must be + relative and may not contain the '..' path or start with '..'. items: description: Maps a string key to a path within a volume. @@ -5799,41 +5793,36 @@ spec: project. type: string mode: - description: 'mode is Optional: - mode bits used to set permissions - on this file. Must be an octal - value between 0000 and 0777 - or a decimal value between 0 - and 511. YAML accepts both octal - and decimal values, JSON requires - decimal values for mode bits. - If not specified, the volume - defaultMode will be used. This - might be in conflict with other - options that affect the file - mode, like fsGroup, and the - result can be other mode bits - set.' + description: |- + mode is Optional: mode bits used to set permissions on this file. + Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + If not specified, the volume defaultMode will be used. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. format: int32 type: integer path: - description: path is the relative - path of the file to map the - key to. May not be an absolute - path. May not contain the path - element '..'. May not start - with the string '..'. + description: |- + path is the relative path of the file to map the key to. + May not be an absolute path. + May not contain the path element '..'. + May not start with the string '..'. type: string required: - key - path type: object type: array + x-kubernetes-list-type: atomic name: - description: 'Name of the referent. + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string optional: description: optional field specify @@ -5841,73 +5830,70 @@ spec: be defined type: boolean type: object + x-kubernetes-map-type: atomic serviceAccountToken: description: serviceAccountToken is information about the serviceAccountToken data to project properties: audience: - description: audience is the intended - audience of the token. A recipient - of a token must identify itself with - an identifier specified in the audience - of the token, and otherwise should - reject the token. The audience defaults - to the identifier of the apiserver. + description: |- + audience is the intended audience of the token. A recipient of a token + must identify itself with an identifier specified in the audience of the + token, and otherwise should reject the token. The audience defaults to the + identifier of the apiserver. type: string expirationSeconds: - description: expirationSeconds is the - requested duration of validity of - the service account token. As the - token approaches expiration, the kubelet - volume plugin will proactively rotate - the service account token. The kubelet - will start trying to rotate the token - if the token is older than 80 percent - of its time to live or if the token - is older than 24 hours.Defaults to - 1 hour and must be at least 10 minutes. + description: |- + expirationSeconds is the requested duration of validity of the service + account token. As the token approaches expiration, the kubelet volume + plugin will proactively rotate the service account token. The kubelet will + start trying to rotate the token if the token is older than 80 percent of + its time to live or if the token is older than 24 hours.Defaults to 1 hour + and must be at least 10 minutes. format: int64 type: integer path: - description: path is the path relative - to the mount point of the file to - project the token into. + description: |- + path is the path relative to the mount point of the file to project the + token into. type: string required: - path type: object type: object type: array + x-kubernetes-list-type: atomic type: object quobyte: description: quobyte represents a Quobyte mount on the host that shares a pod's lifetime properties: group: - description: group to map volume access to Default - is no group + description: |- + group to map volume access to + Default is no group type: string readOnly: - description: readOnly here will force the Quobyte - volume to be mounted with read-only permissions. + description: |- + readOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false. type: boolean registry: - description: registry represents a single or multiple - Quobyte Registry services specified as a string - as host:port pair (multiple entries are separated - with commas) which acts as the central registry - for volumes + description: |- + registry represents a single or multiple Quobyte Registry services + specified as a string as host:port pair (multiple entries are separated with commas) + which acts as the central registry for volumes type: string tenant: - description: tenant owning the given Quobyte volume - in the Backend Used with dynamically provisioned - Quobyte volumes, value is set by the plugin + description: |- + tenant owning the given Quobyte volume in the Backend + Used with dynamically provisioned Quobyte volumes, value is set by the plugin type: string user: - description: user to map volume access to Defaults - to serivceaccount user + description: |- + user to map volume access to + Defaults to serivceaccount user type: string volume: description: volume is a string that references @@ -5918,59 +5904,74 @@ spec: - volume type: object rbd: - description: 'rbd represents a Rados Block Device - mount on the host that shares a pod''s lifetime. - More info: https://examples.k8s.io/volumes/rbd/README.md' + description: |- + rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. + More info: https://examples.k8s.io/volumes/rbd/README.md properties: fsType: - description: 'fsType is the filesystem type of - the volume that you want to mount. Tip: Ensure - that the filesystem type is supported by the - host operating system. Examples: "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd - TODO: how do we prevent errors in the filesystem - from compromising the machine' + description: |- + fsType is the filesystem type of the volume that you want to mount. + Tip: Ensure that the filesystem type is supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd type: string image: - description: 'image is the rados image name. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + description: |- + image is the rados image name. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it type: string keyring: - description: 'keyring is the path to key ring - for RBDUser. Default is /etc/ceph/keyring. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + default: /etc/ceph/keyring + description: |- + keyring is the path to key ring for RBDUser. + Default is /etc/ceph/keyring. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it type: string monitors: - description: 'monitors is a collection of Ceph - monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + description: |- + monitors is a collection of Ceph monitors. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it items: type: string type: array + x-kubernetes-list-type: atomic pool: - description: 'pool is the rados pool name. Default - is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + default: rbd + description: |- + pool is the rados pool name. + Default is rbd. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it type: string readOnly: - description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + description: |- + readOnly here will force the ReadOnly setting in VolumeMounts. + Defaults to false. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it type: boolean secretRef: - description: 'secretRef is name of the authentication - secret for RBDUser. If provided overrides keyring. - Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + description: |- + secretRef is name of the authentication secret for RBDUser. If provided + overrides keyring. + Default is nil. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string type: object + x-kubernetes-map-type: atomic user: - description: 'user is the rados user name. Default - is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + default: admin + description: |- + user is the rados user name. + Default is admin. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it type: string required: - image @@ -5981,10 +5982,12 @@ spec: volume attached and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to - mount. Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs", - "ntfs". Default is "xfs". + default: xfs + description: |- + fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". + Default is "xfs". type: string gateway: description: gateway is the host address of the @@ -5996,31 +5999,35 @@ spec: storage. type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. + description: |- + readOnly Defaults to false (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. type: boolean secretRef: - description: secretRef references to the secret - for ScaleIO user and other sensitive information. - If this is not provided, Login operation will - fail. + description: |- + secretRef references to the secret for ScaleIO user and other + sensitive information. If this is not provided, Login operation will fail. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string type: object + x-kubernetes-map-type: atomic sslEnabled: description: sslEnabled Flag enable/disable SSL communication with Gateway, default false type: boolean storageMode: - description: storageMode indicates whether the - storage for a volume should be ThickProvisioned - or ThinProvisioned. Default is ThinProvisioned. + default: ThinProvisioned + description: |- + storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. + Default is ThinProvisioned. type: string storagePool: description: storagePool is the ScaleIO Storage @@ -6031,9 +6038,9 @@ spec: system as configured in ScaleIO. type: string volumeName: - description: volumeName is the name of a volume - already created in the ScaleIO system that is - associated with this volume source. + description: |- + volumeName is the name of a volume already created in the ScaleIO system + that is associated with this volume source. type: string required: - gateway @@ -6041,35 +6048,30 @@ spec: - system type: object secret: - description: 'secret represents a secret that should - populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + description: |- + secret represents a secret that should populate this volume. + More info: https://kubernetes.io/docs/concepts/storage/volumes#secret properties: defaultMode: - description: 'defaultMode is Optional: mode bits - used to set permissions on created files by - default. Must be an octal value between 0000 - and 0777 or a decimal value between 0 and 511. - YAML accepts both octal and decimal values, - JSON requires decimal values for mode bits. - Defaults to 0644. Directories within the path - are not affected by this setting. This might - be in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' + description: |- + defaultMode is Optional: mode bits used to set permissions on created files by default. + Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values + for mode bits. Defaults to 0644. + Directories within the path are not affected by this setting. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. format: int32 type: integer items: - description: items If unspecified, each key-value - pair in the Data field of the referenced Secret - will be projected into the volume as a file - whose name is the key and content is the value. - If specified, the listed keys will be projected - into the specified paths, and unlisted keys - will not be present. If a key is specified which - is not present in the Secret, the volume setup - will error unless it is marked optional. Paths - must be relative and may not contain the '..' - path or start with '..'. + description: |- + items If unspecified, each key-value pair in the Data field of the referenced + Secret will be projected into the volume as a file whose name is the + key and content is the value. If specified, the listed keys will be + projected into the specified paths, and unlisted keys will not be + present. If a key is specified which is not present in the Secret, + the volume setup will error unless it is marked optional. Paths must be + relative and may not contain the '..' path or start with '..'. items: description: Maps a string key to a path within a volume. @@ -6078,38 +6080,36 @@ spec: description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits - used to set permissions on this file. - Must be an octal value between 0000 and - 0777 or a decimal value between 0 and - 511. YAML accepts both octal and decimal - values, JSON requires decimal values for - mode bits. If not specified, the volume - defaultMode will be used. This might be - in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' + description: |- + mode is Optional: mode bits used to set permissions on this file. + Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + If not specified, the volume defaultMode will be used. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. format: int32 type: integer path: - description: path is the relative path of - the file to map the key to. May not be - an absolute path. May not contain the - path element '..'. May not start with - the string '..'. + description: |- + path is the relative path of the file to map the key to. + May not be an absolute path. + May not contain the path element '..'. + May not start with the string '..'. type: string required: - key - path type: object type: array + x-kubernetes-list-type: atomic optional: description: optional field specify whether the Secret or its keys must be defined type: boolean secretName: - description: 'secretName is the name of the secret - in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + description: |- + secretName is the name of the secret in the pod's namespace to use. + More info: https://kubernetes.io/docs/concepts/storage/volumes#secret type: string type: object storageos: @@ -6117,45 +6117,45 @@ spec: attached and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to - mount. Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. + description: |- + fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. + description: |- + readOnly defaults to false (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. type: boolean secretRef: - description: secretRef specifies the secret to - use for obtaining the StorageOS API credentials. If - not specified, default values will be attempted. + description: |- + secretRef specifies the secret to use for obtaining the StorageOS API + credentials. If not specified, default values will be attempted. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string type: object + x-kubernetes-map-type: atomic volumeName: - description: volumeName is the human-readable - name of the StorageOS volume. Volume names - are only unique within a namespace. + description: |- + volumeName is the human-readable name of the StorageOS volume. Volume + names are only unique within a namespace. type: string volumeNamespace: - description: volumeNamespace specifies the scope - of the volume within StorageOS. If no namespace - is specified then the Pod's namespace will be - used. This allows the Kubernetes name scoping - to be mirrored within StorageOS for tighter - integration. Set VolumeName to any name to override - the default behaviour. Set to "default" if you - are not using namespaces within StorageOS. Namespaces - that do not pre-exist within StorageOS will - be created. + description: |- + volumeNamespace specifies the scope of the volume within StorageOS. If no + namespace is specified then the Pod's namespace will be used. This allows the + Kubernetes name scoping to be mirrored within StorageOS for tighter integration. + Set VolumeName to any name to override the default behaviour. + Set to "default" if you are not using namespaces within StorageOS. + Namespaces that do not pre-exist within StorageOS will be created. type: string type: object vsphereVolume: @@ -6163,10 +6163,10 @@ spec: attached and mounted on kubelets host machine properties: fsType: - description: fsType is filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". - Implicitly inferred to be "ext4" if unspecified. + description: |- + fsType is filesystem type to mount. + Must be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. type: string storagePolicyID: description: storagePolicyID is the storage Policy @@ -6201,15 +6201,17 @@ spec: format: int64 type: integer successfulJobsHistoryLimit: - description: The number of successful finished jobs to retain. - Value must be non-negative integer. Defaults to 3. Only applies - to Cronjobs + description: |- + The number of successful finished jobs to retain. Value must be non-negative integer. + Defaults to 3. + Only applies to Cronjobs format: int32 type: integer suspend: - description: This flag tells the controller to suspend subsequent - executions, it does not apply to already started executions. Defaults - to false. Only applies to Cronjobs + description: |- + This flag tells the controller to suspend subsequent executions, it does + not apply to already started executions. Defaults to false. + Only applies to Cronjobs type: boolean required: - name @@ -6217,8 +6219,9 @@ spec: type: object type: array kafkaTopics: - description: A list of Kafka topics that will be created and made - available to all the pods listed in the ClowdApp. + description: |- + A list of Kafka topics that will be created and made available to all + the pods listed in the ClowdApp. items: description: KafkaTopicSpec defines the desired state of KafkaTopic properties: @@ -6253,15 +6256,16 @@ spec: type: object type: array objectStore: - description: A list of string names defining storage buckets. In certain - modes, defined by the ClowdEnvironment, Clowder will create those - buckets. + description: |- + A list of string names defining storage buckets. In certain modes, + defined by the ClowdEnvironment, Clowder will create those buckets. items: type: string type: array optionalDependencies: - description: A list of optional dependencies in the form of the name - of the ClowdApps that will be added to the configuration when present. + description: |- + A list of optional dependencies in the form of the name of the ClowdApps that + will be added to the configuration when present. items: type: string type: array @@ -6285,37 +6289,37 @@ spec: operational state. properties: lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. format: date-time type: string message: - description: A human readable message indicating details about - the transition. This field may be empty. + description: |- + A human readable message indicating details about the transition. + This field may be empty. type: string reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. + description: |- + The reason for the condition's last transition in CamelCase. + The specific API may choose whether or not this field is considered a guaranteed API. + This field may not be empty. type: string severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. + description: |- + Severity provides an explicit classification of Reason code, so the users or machines can immediately + understand the current situation and act accordingly. + The Severity field MUST be set only when Status=False. type: string status: description: Status of the condition, one of True, False, Unknown. type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + can be useful (see .node.status.conditions), the ability to deconflict is important. type: string required: - lastTransitionTime @@ -6324,9 +6328,10 @@ spec: type: object type: array deployments: - description: 'INSERT ADDITIONAL STATUS FIELD - define observed state - of cluster Important: Run "make" to regenerate code after modifying - this file ClowdEnvironmentStatus defines the observed state of ClowdEnvironment' + description: |- + INSERT ADDITIONAL STATUS FIELD - define observed state of cluster + Important: Run "make" to regenerate code after modifying this file + ClowdEnvironmentStatus defines the observed state of ClowdEnvironment properties: managedDeployments: format: int32 @@ -6348,9 +6353,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/config/crd/bases/cloud.redhat.com_clowdenvironments.yaml b/config/crd/bases/cloud.redhat.com_clowdenvironments.yaml index 1f38f3bdd..ebb72b440 100644 --- a/config/crd/bases/cloud.redhat.com_clowdenvironments.yaml +++ b/config/crd/bases/cloud.redhat.com_clowdenvironments.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.16.4 name: clowdenvironments.cloud.redhat.com spec: group: cloud.redhat.com @@ -36,14 +35,19 @@ spec: description: ClowdEnvironment is the Schema for the clowdenvironments API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,8 +58,9 @@ spec: description: Disabled turns off reconciliation for this ClowdEnv type: boolean providers: - description: A ProvidersConfig object, detailing the setup and configuration - of all the providers used in this ClowdEnvironment. + description: |- + A ProvidersConfig object, detailing the setup and configuration of all the + providers used in this ClowdEnvironment. properties: autoScaler: description: Defines the autoscaler configuration @@ -73,19 +78,17 @@ spec: Provider. properties: caBundleURL: - description: Indicates where Clowder will fetch the database - CA certificate bundle from. Currently only used in (*_app-interface_*) - mode. If none is specified, the AWS RDS combined CA bundle - is used. + description: |- + Indicates where Clowder will fetch the database CA certificate bundle from. Currently only used in + (*_app-interface_*) mode. If none is specified, the AWS RDS combined CA bundle is used. pattern: ^https?:\/\/.+$ type: string mode: - description: 'The mode of operation of the Clowder Database - Provider. Valid options are: (*_app-interface_*) where the - provider will pass through database credentials found in - the secret defined by the database name in the ClowdApp, - and (*_local_*) where the provider will spin up a local - instance of the database.' + description: |- + The mode of operation of the Clowder Database Provider. Valid options are: + (*_app-interface_*) where the provider will pass through database credentials + found in the secret defined by the database name in the ClowdApp, and (*_local_*) + where the provider will spin up a local instance of the database. enum: - shared - app-interface @@ -93,9 +96,9 @@ spec: - none type: string pvc: - description: If using the (*_local_*) mode and PVC is set - to true, this instructs the local Database instance to use - a PVC instead of emptyDir for its volumes. + description: |- + If using the (*_local_*) mode and PVC is set to true, this instructs the local + Database instance to use a PVC instead of emptyDir for its volumes. type: boolean required: - mode @@ -111,8 +114,9 @@ spec: Provider. properties: credentialRef: - description: Defines the secret containing the client access - token, only used for (*_app-interface_*) mode. + description: |- + Defines the secret containing the client access token, only used for (*_app-interface_*) + mode. properties: name: description: Name defines the Name of a resource. @@ -133,12 +137,15 @@ spec: properties: unleash: type: string + unleashEdge: + type: string type: object mode: - description: 'The mode of operation of the Clowder FeatureFlag - Provider. Valid options are: (*_app-interface_*) where the - provider will pass through credentials to the app configuration, - and (*_local_*) where a local Unleash instance will be created.' + description: |- + The mode of operation of the Clowder FeatureFlag Provider. Valid options are: + (*_app-interface_*) where the provider will pass through credentials + to the app configuration, and (*_local_*) where a local Unleash instance will + be created. enum: - local - app-interface @@ -149,21 +156,25 @@ spec: format: int32 type: integer pvc: - description: If using the (*_local_*) mode and PVC is set - to true, this instructs the local Database instance to use - a PVC instead of emptyDir for its volumes. + description: |- + If using the (*_local_*) mode and PVC is set to true, this instructs the local + Database instance to use a PVC instead of emptyDir for its volumes. type: boolean type: object inMemoryDb: description: Defines the Configuration for the Clowder InMemoryDB Provider. properties: + image: + description: |- + This image is only used in the (*_redis_*) mode, as elsewhere it will try to + inspect for a secret for a hostname and credentials. + type: string mode: - description: 'The mode of operation of the Clowder InMemory - Provider. Valid options are: (*_redis_*) where a local Minio - instance will be created, and (*_elasticache_*) which will - search the namespace of the ClowdApp for a secret called - ''elasticache''' + description: |- + The mode of operation of the Clowder InMemory Provider. Valid options are: + (*_redis_*) where a local Minio instance will be created, and (*_elasticache_*) + which will search the namespace of the ClowdApp for a secret called 'elasticache' enum: - redis - app-interface @@ -171,9 +182,9 @@ spec: - none type: string pvc: - description: If using the (*_local_*) mode and PVC is set - to true, this instructs the local Database instance to use - a PVC instead of emptyDir for its volumes. + description: |- + If using the (*_local_*) mode and PVC is set to true, this instructs the local + Database instance to use a PVC instead of emptyDir for its volumes. type: boolean required: - mode @@ -191,9 +202,9 @@ spec: description: Config full options type: object deleteClaim: - description: Delete persistent volume claim if the Kafka - cluster is deleted Only applies when KafkaConfig.PVC - is set to 'true' + description: |- + Delete persistent volume claim if the Kafka cluster is deleted + Only applies when KafkaConfig.PVC is set to 'true' type: boolean forceTLS: description: Force TLS @@ -211,13 +222,14 @@ spec: description: -Xmx option to to the JVM. type: string gcLoggingEnabled: - description: Specifies whether the Garbage Collection - logging is enabled. The default is false. + description: |- + Specifies whether the Garbage Collection logging is enabled. The default is + false. type: boolean javaSystemProperties: - description: A map of additional system properties - which will be passed using the `-D` option to the - JVM. + description: |- + A map of additional system properties which will be passed using the `-D` + option to the JVM. items: properties: name: @@ -246,6 +258,17 @@ spec: resources: description: Resource Limits properties: + claims: + description: Claims corresponds to the JSON schema + field "claims". + items: + properties: + name: + description: Name corresponds to the JSON schema + field "name". + type: string + type: object + type: array limits: description: Limits corresponds to the JSON schema field "limits". @@ -256,9 +279,9 @@ spec: x-kubernetes-preserve-unknown-fields: true type: object storageSize: - description: Persistent volume storage size. If unset, - default is '1Gi' Only applies when KafkaConfig.PVC is - set to 'true' + description: |- + Persistent volume storage size. If unset, default is '1Gi' + Only applies when KafkaConfig.PVC is set to 'true' type: string version: description: Version. If unset, default is '2.5.0' @@ -268,9 +291,9 @@ spec: description: Cluster annotation identifier for (*_msk_*) mode. type: string clusterName: - description: (Deprecated) Defines the cluster name to be used - by the Kafka Provider this will be used in some modes to - locate the Kafka instance. + description: |- + (Deprecated) Defines the cluster name to be used by the Kafka Provider this will + be used in some modes to locate the Kafka instance. type: string connect: description: Defines options related to the Kafka Connect @@ -297,6 +320,17 @@ spec: resources: description: Resource Limits properties: + claims: + description: Claims corresponds to the JSON schema + field "claims". + items: + properties: + name: + description: Name corresponds to the JSON schema + field "name". + type: string + type: object + type: array limits: description: Limits corresponds to the JSON schema field "limits". @@ -315,9 +349,9 @@ spec: name that is used in this environment. type: string connectNamespace: - description: (Deprecated) The namespace that the Kafka Connect - cluster is expected to reside in. This is only used in (*_app-interface_*) - and (*_operator_*) modes. + description: |- + (Deprecated) The namespace that the Kafka Connect cluster is expected to reside in. This is only used + in (*_app-interface_*) and (*_operator_*) modes. type: string enableLegacyStrimzi: description: EnableLegacyStrimzi disables TLS + user auth @@ -345,15 +379,14 @@ spec: - namespace type: object mode: - description: 'The mode of operation of the Clowder Kafka Provider. - Valid options are: (*_operator_*) which provisions Strimzi - resources and will configure KafkaTopic CRs and place them - in the Kafka cluster''s namespace described in the configuration, - (*_app-interface_*) which simply passes the topic names - through to the App''s cdappconfig.json and expects app-interface - to have created the relevant topics, and (*_local_*) where - a small instance of Kafka is created in the desired cluster - namespace and configured to auto-create topics.' + description: |- + The mode of operation of the Clowder Kafka Provider. Valid options are: + (*_operator_*) which provisions Strimzi resources and will configure + KafkaTopic CRs and place them in the Kafka cluster's namespace described in the configuration, + (*_app-interface_*) which simply passes the topic names through to the App's + cdappconfig.json and expects app-interface to have created the relevant + topics, and (*_local_*) where a small instance of Kafka is created in the desired cluster namespace + and configured to auto-create topics. enum: - ephem-msk - managed @@ -363,14 +396,14 @@ spec: - none type: string namespace: - description: (Deprecated) The Namespace the cluster is expected - to reside in. This is only used in (*_app-interface_*) and - (*_operator_*) modes. + description: |- + (Deprecated) The Namespace the cluster is expected to reside in. This is only used + in (*_app-interface_*) and (*_operator_*) modes. type: string pvc: - description: If using the (*_local_*) or (*_operator_*) mode - and PVC is set to true, this sets the provisioned Kafka - instance to use a PVC instead of emptyDir for its volumes. + description: |- + If using the (*_local_*) or (*_operator_*) mode and PVC is set to true, this sets the provisioned + Kafka instance to use a PVC instead of emptyDir for its volumes. type: boolean suffix: description: (Deprecated) (Unused) @@ -387,11 +420,10 @@ spec: Provider. properties: mode: - description: 'The mode of operation of the Clowder Logging - Provider. Valid options are: (*_app-interface_*) where the - provider will pass through cloudwatch credentials to the - app configuration, and (*_none_*) where no logging will - be configured.' + description: |- + The mode of operation of the Clowder Logging Provider. Valid options are: + (*_app-interface_*) where the provider will pass through cloudwatch credentials + to the app configuration, and (*_none_*) where no logging will be configured. enum: - app-interface - "null" @@ -405,19 +437,20 @@ spec: Provider. properties: mode: - description: The mode of operation of the Metrics provider. - The allowed modes are (*_none_*), which disables metrics - service generation, or (*_operator_*) where services and - probes are generated. (*_app-interface_*) where services - and probes are generated for app-interface. + description: |- + The mode of operation of the Metrics provider. The allowed modes are + (*_none_*), which disables metrics service generation, or + (*_operator_*) where services and probes are generated. + (*_app-interface_*) where services and probes are generated for app-interface. enum: - none - operator - app-interface type: string path: - description: A prefix path that pods will be instructed to - use when setting up their metrics server. + description: |- + A prefix path that pods will be instructed to use when setting up their + metrics server. type: string port: description: The port that metrics services inside ClowdApp @@ -451,20 +484,20 @@ spec: type: string type: object mode: - description: 'The mode of operation of the Clowder ObjectStore - Provider. Valid options are: (*_app-interface_*) where the - provider will pass through Amazon S3 credentials to the - app configuration, and (*_minio_*) where a local Minio instance - will be created.' + description: |- + The mode of operation of the Clowder ObjectStore Provider. Valid options are: + (*_app-interface_*) where the provider will pass through Amazon S3 credentials + to the app configuration, and (*_minio_*) where a local Minio instance will + be created. enum: - minio - app-interface - none type: string pvc: - description: If using the (*_local_*) mode and PVC is set - to true, this instructs the local Database instance to use - a PVC instead of emptyDir for its volumes. + description: |- + If using the (*_local_*) mode and PVC is set to true, this instructs the local + Database instance to use a PVC instead of emptyDir for its volumes. type: boolean suffix: description: Currently unused. @@ -533,11 +566,12 @@ spec: description: Defines the environment for iqe/smoke testing properties: configAccess: - description: 'The mode of operation for access to outside - app configs. Valid options are: (*_none_*) -- no app config - is mounted to the pod (*_app_*) -- only the ClowdApp''s - config is mounted to the pod (*_environment_*) -- the config - for all apps in the env are mounted' + description: |- + The mode of operation for access to outside app configs. Valid + options are: + (*_none_*) -- no app config is mounted to the pod + (*_app_*) -- only the ClowdApp's config is mounted to the pod + (*_environment_*) -- the config for all apps in the env are mounted enum: - none - app @@ -550,27 +584,35 @@ spec: imageBase: type: string resources: - description: A pass-through of a resource requirements - in k8s ResourceRequirements format. If omitted, the - default resource requirements from the ClowdEnvironment - will be used. + description: |- + A pass-through of a resource requirements in k8s ResourceRequirements + format. If omitted, the default resource requirements from the + ClowdEnvironment will be used. properties: claims: - description: "Claims lists the names of resources, - defined in spec.resourceClaims, that are used by - this container. \n This is an alpha field and requires - enabling the DynamicResourceAllocation feature gate. - \n This field is immutable. It can only be set for - containers." + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one - entry in pod.spec.resourceClaims of the Pod - where this field is used. It makes that resource - available inside a container. + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. type: string required: - name @@ -586,8 +628,9 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount - of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object requests: additionalProperties: @@ -596,12 +639,11 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount - of compute resources required. If Requests is omitted - for a container, it defaults to Limits if that is - explicitly specified, otherwise to an implementation-defined - value. Requests cannot exceed Limits. More info: - https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object type: object ui: @@ -625,22 +667,29 @@ spec: set on selenium containers properties: claims: - description: "Claims lists the names of resources, - defined in spec.resourceClaims, that are - used by this container. \n This is an alpha - field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable. - It can only be set for containers." + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name - of one entry in pod.spec.resourceClaims - of the Pod where this field is used. - It makes that resource available inside - a container. + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. type: string required: - name @@ -656,9 +705,9 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum - amount of compute resources allowed. More - info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object requests: additionalProperties: @@ -667,13 +716,11 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum - amount of compute resources required. If - Requests is omitted for a container, it - defaults to Limits if that is explicitly - specified, otherwise to an implementation-defined - value. Requests cannot exceed Limits. More - info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object type: object type: object @@ -697,8 +744,9 @@ spec: - imageBase type: object k8sAccessLevel: - description: 'The mode of operation of the testing Pod. Valid - options are: ''default'', ''view'' or ''edit''' + description: |- + The mode of operation of the testing Pod. Valid options are: + 'default', 'view' or 'edit' enum: - default - view @@ -718,8 +766,9 @@ spec: format: int32 type: integer apiPrefix: - description: An api prefix path that pods will be instructed - to use when setting up their web server. + description: |- + An api prefix path that pods will be instructed to use when setting up + their web server. type: string bopURL: description: The URL of BOP - only used in (*_none_*/*_operator_*) @@ -791,9 +840,9 @@ spec: is used. type: string mode: - description: The mode of operation of the Web provider. The - allowed modes are (*_none_*/*_operator_*), and (*_local_*) - which deploys keycloak and BOP. + description: |- + The mode of operation of the Web provider. The allowed modes are + (*_none_*/*_operator_*), and (*_local_*) which deploys keycloak and BOP. enum: - none - operator @@ -832,23 +881,33 @@ spec: - objectStore type: object resourceDefaults: - description: Defines the default resource requirements in standard - k8s format in the event that they omitted from a PodSpec inside - a ClowdApp. + description: |- + Defines the default resource requirements in standard k8s format in the + event that they omitted from a PodSpec inside a ClowdApp. properties: claims: - description: "Claims lists the names of resources, defined in - spec.resourceClaims, that are used by this container. \n This - is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable. It can only be set - for containers." + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in pod.spec.resourceClaims - of the Pod where this field is used. It makes that resource - available inside a container. + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. type: string required: - name @@ -864,8 +923,9 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object requests: additionalProperties: @@ -874,11 +934,11 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object type: object serviceConfig: @@ -894,9 +954,9 @@ spec: - type type: object targetNamespace: - description: TargetNamespace describes the namespace where any generated - environmental resources should end up, this is particularly important - in (*_local_*) mode. + description: |- + TargetNamespace describes the namespace where any generated environmental + resources should end up, this is particularly important in (*_local_*) mode. type: string required: - providers @@ -933,45 +993,45 @@ spec: type: object type: array conditions: - description: 'INSERT ADDITIONAL STATUS FIELD - define observed state - of cluster Important: Run "make" to regenerate code after modifying - this file' + description: |- + INSERT ADDITIONAL STATUS FIELD - define observed state of cluster + Important: Run "make" to regenerate code after modifying this file items: description: Condition defines an observation of a Cluster API resource operational state. properties: lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. format: date-time type: string message: - description: A human readable message indicating details about - the transition. This field may be empty. + description: |- + A human readable message indicating details about the transition. + This field may be empty. type: string reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. + description: |- + The reason for the condition's last transition in CamelCase. + The specific API may choose whether or not this field is considered a guaranteed API. + This field may not be empty. type: string severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. + description: |- + Severity provides an explicit classification of Reason code, so the users or machines can immediately + understand the current situation and act accordingly. + The Severity field MUST be set only when Status=False. type: string status: description: Status of the condition, one of True, False, Unknown. type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + can be useful (see .node.status.conditions), the ability to deconflict is important. type: string required: - lastTransitionTime @@ -1022,9 +1082,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/config/crd/bases/cloud.redhat.com_clowdjobinvocations.yaml b/config/crd/bases/cloud.redhat.com_clowdjobinvocations.yaml index 9f0d69525..135958391 100644 --- a/config/crd/bases/cloud.redhat.com_clowdjobinvocations.yaml +++ b/config/crd/bases/cloud.redhat.com_clowdjobinvocations.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.16.4 name: clowdjobinvocations.cloud.redhat.com spec: group: cloud.redhat.com @@ -27,14 +26,19 @@ spec: description: ClowdJobInvocation is the Schema for the jobinvocations API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -61,8 +65,9 @@ spec: etc) in a CJI properties: iqe: - description: Iqe is the job spec to override defaults from the - ClowdApp's definition of the job + description: |- + Iqe is the job spec to override defaults from the ClowdApp's + definition of the job properties: debug: description: Changes entrypoint to invoke 'iqe container-debug' @@ -85,16 +90,16 @@ spec: be a C_IDENTIFIER. type: string value: - description: 'Variable references $(VAR_NAME) are expanded - using the previously defined environment variables - in the container and any service environment variables. - If a variable cannot be resolved, the reference in - the input string will be unchanged. Double $$ are - reduced to a single $, which allows for escaping the - $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce - the string literal "$(VAR_NAME)". Escaped references - will never be expanded, regardless of whether the - variable exists or not. Defaults to "".' + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". type: string valueFrom: description: Source for the environment variable's value. @@ -107,10 +112,13 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string optional: description: Specify whether the ConfigMap or @@ -119,12 +127,11 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: - description: 'Selects a field of the pod: supports - metadata.name, metadata.namespace, `metadata.labels['''']`, - `metadata.annotations['''']`, spec.nodeName, - spec.serviceAccountName, status.hostIP, status.podIP, - status.podIPs.' + description: |- + Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. properties: apiVersion: description: Version of the schema the FieldPath @@ -137,12 +144,11 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: - description: 'Selects a resource of the container: - only resources limits and requests (limits.cpu, - limits.memory, limits.ephemeral-storage, requests.cpu, - requests.memory and requests.ephemeral-storage) - are currently supported.' + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. properties: containerName: description: 'Container name: required for volumes, @@ -162,6 +168,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: description: Selects a key of a secret in the pod's namespace @@ -171,10 +178,13 @@ spec: from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string optional: description: Specify whether the Secret or its @@ -183,6 +193,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -197,10 +208,9 @@ spec: IQE_IBUTSU_SOURCE env var on the IQE container type: string imageTag: - description: Image tag to use for IQE container. By default, - Clowder will set the image tag to be baseImage:name-of-iqe-plugin, - where baseImage is defined in the ClowdEnvironment. Only - the tag can be overridden here. + description: |- + Image tag to use for IQE container. By default, Clowder will set the image tag to be + baseImage:name-of-iqe-plugin, where baseImage is defined in the ClowdEnvironment. Only the tag can be overridden here. type: string logLevel: description: (DEPRECATED, using 'env' now preferred) sets @@ -227,10 +237,9 @@ spec: IQE_PARALLEL_WORKER_COUNT env var on the IQE container type: string plugins: - description: A comma,separated,list indicating IQE plugin(s) - to run tests for. By default, Clowder will use the plugin - name given on the ClowdApp's spec.testing.iqePlugin field. - Use this field if you wish you override the plugin list. + description: |- + A comma,separated,list indicating IQE plugin(s) to run tests for. By default, Clowder will use the plugin name given on the ClowdApp's + spec.testing.iqePlugin field. Use this field if you wish you override the plugin list. type: string requirements: description: (DEPRECATED, using 'env' now preferred) sets @@ -284,8 +293,9 @@ spec: description: ClowdJobInvocationStatus defines the observed state of ClowdJobInvocation properties: completed: - description: Completed is false and updated when all jobs have either - finished successfully or failed past their backoff and retry values + description: |- + Completed is false and updated when all jobs have either finished + successfully or failed past their backoff and retry values type: boolean conditions: items: @@ -293,37 +303,37 @@ spec: operational state. properties: lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. + description: |- + Last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when + the API field changed is acceptable. format: date-time type: string message: - description: A human readable message indicating details about - the transition. This field may be empty. + description: |- + A human readable message indicating details about the transition. + This field may be empty. type: string reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. + description: |- + The reason for the condition's last transition in CamelCase. + The specific API may choose whether or not this field is considered a guaranteed API. + This field may not be empty. type: string severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. + description: |- + Severity provides an explicit classification of Reason code, so the users or machines can immediately + understand the current situation and act accordingly. + The Severity field MUST be set only when Status=False. type: string status: description: Status of the condition, one of True, False, Unknown. type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions + can be useful (see .node.status.conditions), the ability to deconflict is important. type: string required: - lastTransitionTime @@ -352,9 +362,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/config/webhook/manifests.yaml b/config/webhook/manifests.yaml index 72c97678f..153c95152 100644 --- a/config/webhook/manifests.yaml +++ b/config/webhook/manifests.yaml @@ -2,7 +2,6 @@ apiVersion: admissionregistration.k8s.io/v1 kind: MutatingWebhookConfiguration metadata: - creationTimestamp: null name: mutating-webhook-configuration webhooks: - admissionReviewVersions: @@ -29,7 +28,6 @@ webhooks: apiVersion: admissionregistration.k8s.io/v1 kind: ValidatingWebhookConfiguration metadata: - creationTimestamp: null name: validating-webhook-configuration webhooks: - admissionReviewVersions: diff --git a/deploy-mutate.yml b/deploy-mutate.yml index bbcc6c7ab..922f3064d 100644 --- a/deploy-mutate.yml +++ b/deploy-mutate.yml @@ -13,8 +13,7 @@ objects: kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.16.4 name: clowdapps.cloud.redhat.com spec: group: cloud.redhat.com @@ -47,14 +46,27 @@ objects: properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + of an object. + + Servers should convert recognized schemas to the latest internal value, + and + + may reject unrecognized values. + + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: description: 'Kind is a string value representing the REST resource - this object represents. Servers may infer this from the endpoint the - client submits requests to. Cannot be updated. In CamelCase. More - info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + this object represents. + + Servers may infer this from the endpoint the client submits requests + to. + + Cannot be updated. + + In CamelCase. + + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object @@ -62,14 +74,22 @@ objects: description: A ClowdApp specification. properties: cyndi: - description: Configures 'cyndi' database syndication for this app. - When the app's ClowdEnvironment has the kafka provider set to - (*_operator_*) mode, Clowder will configure a CyndiPipeline for - this app in the environment's kafka-connect namespace. When the - kafka provider is in (*_app-interface_*) mode, Clowder will check - to ensure that a CyndiPipeline resource exists for the application - in the environment's kafka-connect namespace. For all other kafka - provider modes, this configuration option has no effect. + description: 'Configures ''cyndi'' database syndication for this + app. When the app''s ClowdEnvironment has + + the kafka provider set to (*_operator_*) mode, Clowder will configure + a CyndiPipeline + + for this app in the environment''s kafka-connect namespace. When + the kafka provider is in + + (*_app-interface_*) mode, Clowder will check to ensure that a + CyndiPipeline resource exists + + for the application in the environment''s kafka-connect namespace. + For all other kafka + + provider modes, this configuration option has no effect.' properties: additionalFilters: description: AdditionalFilters @@ -95,9 +115,10 @@ objects: type: boolean type: object database: - description: The database specification defines a single database, - the configuration of which will be made available to all the pods - in the ClowdApp. + description: 'The database specification defines a single database, + the configuration + + of which will be made available to all the pods in the ClowdApp.' properties: dbResourceSize: description: T-shirt size, one of small, medium, large @@ -115,13 +136,19 @@ objects: type: string name: description: 'Defines the Name of the database used by this - app. This will be used as the name of the logical database - created by Clowder when the DB provider is in (*_local_*) - mode. In (*_app-interface_*) mode, the name here is used to - locate the DB secret as a fallback mechanism in cases where - there is no ''clowder/database: '' annotation set - on any secrets by looking for a secret with ''db.host'' starting - with ''-'' where env is usually ''stage'' or ''prod''' + app. This will be used as the + + name of the logical database created by Clowder when the DB + provider is in (*_local_*) mode. + + In (*_app-interface_*) mode, the name here is used to locate + the DB secret as a fallback mechanism + + in cases where there is no ''clowder/database: '' + annotation set on any secrets by looking + + for a secret with ''db.host'' starting with ''-'' + where env is usually ''stage'' or ''prod''' type: string sharedDbAppName: description: Defines the Name of the app to share a database @@ -140,18 +167,21 @@ objects: type: integer type: object dependencies: - description: A list of dependencies in the form of the name of the - ClowdApps that are required to be present for this ClowdApp to - function. + description: 'A list of dependencies in the form of the name of + the ClowdApps that are + + required to be present for this ClowdApp to function.' items: type: string type: array deployments: description: A list of deployments items: - description: Deployment defines a service running inside a ClowdApp - and will output a deployment resource. Only one container per - pod is allowed and this is defined in the PodSpec attribute. + description: 'Deployment defines a service running inside a ClowdApp + and will output a deployment resource. + + Only one container per pod is allowed and this is defined in + the PodSpec attribute.' properties: autoScaler: description: AutoScaler defines the configuration for the @@ -166,37 +196,46 @@ objects: horizontal scale config properties: behavior: - description: HorizontalPodAutoscalerBehavior configures - the scaling behavior of the target in both Up - and Down directions (scaleUp and scaleDown fields - respectively). + description: 'HorizontalPodAutoscalerBehavior + configures the scaling behavior of the target + + in both Up and Down directions (scaleUp and + scaleDown fields respectively).' properties: scaleDown: - description: scaleDown is scaling policy for - scaling Down. If not set, the default value - is to allow to scale down to minReplicas - pods, with a 300 second stabilization window - (i.e., the highest recommendation for the - last 300sec is used). + description: 'scaleDown is scaling policy + for scaling Down. + + If not set, the default value is to allow + to scale down to minReplicas pods, with + a + + 300 second stabilization window (i.e., the + highest recommendation for + + the last 300sec is used).' properties: policies: - description: policies is a list of potential + description: 'policies is a list of potential scaling polices which can be used during - scaling. At least one policy must be - specified, otherwise the HPAScalingRules - will be discarded as invalid + scaling. + + At least one policy must be specified, + otherwise the HPAScalingRules will be + discarded as invalid' items: description: HPAScalingPolicy is a single policy which must hold true for a specified past interval. properties: periodSeconds: - description: periodSeconds specifies + description: 'periodSeconds specifies the window of time for which the - policy should hold true. PeriodSeconds - must be greater than zero and - less than or equal to 1800 (30 - min). + policy should hold true. + + PeriodSeconds must be greater + than zero and less than or equal + to 1800 (30 min).' format: int32 type: integer type: @@ -204,10 +243,11 @@ objects: the scaling policy. type: string value: - description: value contains the + description: 'value contains the amount of change which is permitted - by the policy. It must be greater - than zero + by the policy. + + It must be greater than zero' format: int32 type: integer required: @@ -216,53 +256,65 @@ objects: - value type: object type: array + x-kubernetes-list-type: atomic selectPolicy: - description: selectPolicy is used to specify - which policy should be used. If not - set, the default value MaxPolicySelect - is used. + description: 'selectPolicy is used to + specify which policy should be used. + + If not set, the default value MaxPolicySelect + is used.' type: string stabilizationWindowSeconds: description: 'stabilizationWindowSeconds is the number of seconds for which past - recommendations should be considered - while scaling up or scaling down. StabilizationWindowSeconds - must be greater than or equal to zero - and less than or equal to 3600 (one - hour). If not set, use the default values: + recommendations should be + + considered while scaling up or scaling + down. + + StabilizationWindowSeconds must be greater + than or equal to zero and less than + or equal to 3600 (one hour). + + If not set, use the default values: + - For scale up: 0 (i.e. no stabilization - is done). - For scale down: 300 (i.e. - the stabilization window is 300 seconds - long).' + is done). + + - For scale down: 300 (i.e. the stabilization + window is 300 seconds long).' format: int32 type: integer type: object scaleUp: - description: 'scaleUp is scaling policy for - scaling Up. If not set, the default value - is the higher of: * increase no more than - 4 pods per 60 seconds * double the number - of pods per 60 seconds No stabilization - is used.' + description: "scaleUp is scaling policy for\ + \ scaling Up.\nIf not set, the default value\ + \ is the higher of:\n * increase no more\ + \ than 4 pods per 60 seconds\n * double\ + \ the number of pods per 60 seconds\nNo\ + \ stabilization is used." properties: policies: - description: policies is a list of potential + description: 'policies is a list of potential scaling polices which can be used during - scaling. At least one policy must be - specified, otherwise the HPAScalingRules - will be discarded as invalid + scaling. + + At least one policy must be specified, + otherwise the HPAScalingRules will be + discarded as invalid' items: description: HPAScalingPolicy is a single policy which must hold true for a specified past interval. properties: periodSeconds: - description: periodSeconds specifies + description: 'periodSeconds specifies the window of time for which the - policy should hold true. PeriodSeconds - must be greater than zero and - less than or equal to 1800 (30 - min). + policy should hold true. + + PeriodSeconds must be greater + than zero and less than or equal + to 1800 (30 min).' format: int32 type: integer type: @@ -270,10 +322,11 @@ objects: the scaling policy. type: string value: - description: value contains the + description: 'value contains the amount of change which is permitted - by the policy. It must be greater - than zero + by the policy. + + It must be greater than zero' format: int32 type: integer required: @@ -282,24 +335,33 @@ objects: - value type: object type: array + x-kubernetes-list-type: atomic selectPolicy: - description: selectPolicy is used to specify - which policy should be used. If not - set, the default value MaxPolicySelect - is used. + description: 'selectPolicy is used to + specify which policy should be used. + + If not set, the default value MaxPolicySelect + is used.' type: string stabilizationWindowSeconds: description: 'stabilizationWindowSeconds is the number of seconds for which past - recommendations should be considered - while scaling up or scaling down. StabilizationWindowSeconds - must be greater than or equal to zero - and less than or equal to 3600 (one - hour). If not set, use the default values: + recommendations should be + + considered while scaling up or scaling + down. + + StabilizationWindowSeconds must be greater + than or equal to zero and less than + or equal to 3600 (one hour). + + If not set, use the default values: + - For scale up: 0 (i.e. no stabilization - is done). - For scale down: 300 (i.e. - the stabilization window is 300 seconds - long).' + is done). + + - For scale down: 300 (i.e. the stabilization + window is 300 seconds long).' format: int32 type: integer type: object @@ -311,17 +373,19 @@ objects: type: boolean type: object cooldownPeriod: - description: CooldownPeriod is the interval (in seconds) + description: 'CooldownPeriod is the interval (in seconds) to wait after the last trigger reported active before + scaling the deployment down. Default is 5 minutes (300 - seconds). + seconds).' format: int32 type: integer externalHPA: - description: ExternalHPA allows replicas on deployments - to be controlled by another resource, but will not be - allowed to fall under the minReplicas as set in the - ClowdApp. + description: 'ExternalHPA allows replicas on deployments + to be controlled by another resource, but will + + not be allowed to fall under the minReplicas as set + in the ClowdApp.' type: boolean fallback: description: Fallback is the spec for fallback options @@ -337,9 +401,10 @@ objects: - replicas type: object maxReplicaCount: - description: MaxReplicaCount is the maximum number of - replicas the scaler will scale the deployment to. Default - is 10. + description: 'MaxReplicaCount is the maximum number of + replicas the scaler will scale the deployment to. + + Default is 10.' format: int32 type: integer minReplicaCount: @@ -348,8 +413,10 @@ objects: format: int32 type: integer pollingInterval: - description: PollingInterval is the interval (in seconds) - to check each trigger on. Default is 30 seconds. + description: 'PollingInterval is the interval (in seconds) + to check each trigger on. + + Default is 30 seconds.' format: int32 type: integer triggers: @@ -358,9 +425,11 @@ objects: will be used properties: authenticationRef: - description: ScaledObjectAuthRef points to the TriggerAuthentication - or ClusterTriggerAuthentication object that is - used to authenticate the scaler with the environment + description: 'ScaledObjectAuthRef points to the + TriggerAuthentication or ClusterTriggerAuthentication + object that + + is used to authenticate the scaler with the environment' properties: kind: description: Kind of the resource being referred @@ -376,9 +445,10 @@ objects: type: string type: object metricType: - description: MetricTargetType specifies the type + description: 'MetricTargetType specifies the type of metric being targeted, and should be either - "Value", "AverageValue", or "Utilization" + + "Value", "AverageValue", or "Utilization"' type: string name: type: string @@ -391,9 +461,11 @@ objects: type: array type: object autoScalerSimple: - description: SimpleAutoScaler defines a simple HPA with scaling - for RAM and CPU by value and utilization thresholds, along - with replica count limits + description: 'SimpleAutoScaler defines a simple HPA with scaling + for RAM and CPU by + + value and utilization thresholds, along with replica count + limits' properties: cpu: description: SimpleAutoScalerMetric defines a metric of @@ -433,15 +505,22 @@ objects: - replicas type: object deploymentStrategy: - description: DeploymentStrategy allows the deployment strategy - to be set only if the deployment has no public service enabled + description: 'DeploymentStrategy allows the deployment strategy + to be set only if the + + deployment has no public service enabled' properties: privateStrategy: - description: PrivateStrategy allows a deployment that - only uses a private port to set the deployment strategy - one of Recreate or Rolling, default for a private service - is Recreate. This is to enable a quicker roll out for - services that do not have public facing endpoints. + description: 'PrivateStrategy allows a deployment that + only uses a private port to set + + the deployment strategy one of Recreate or Rolling, + default for a + + private service is Recreate. This is to enable a quicker + roll out for + + services that do not have public facing endpoints.' type: string type: object k8sAccessLevel: @@ -461,17 +540,23 @@ objects: type: object type: object minReplicas: - description: 'Deprecated: Use Replicas instead If Replicas - is not set and MinReplicas is set, then MinReplicas will - be used' + description: 'Deprecated: Use Replicas instead + + If Replicas is not set and MinReplicas is set, then MinReplicas + will be used' format: int32 type: integer name: - description: Name defines the identifier of a Pod inside the - ClowdApp. This name will be used along side the name of - the ClowdApp itself to form a - pattern which - will be used for all other created resources and also for - some labels. It must be unique within a ClowdApp. + description: 'Name defines the identifier of a Pod inside + the ClowdApp. This name will + + be used along side the name of the ClowdApp itself to form + a - + + pattern which will be used for all other created resources + and also for + + some labels. It must be unique within a ClowdApp.' type: string podSpec: description: PodSpec defines a container running inside a @@ -501,16 +586,29 @@ objects: type: string value: description: 'Variable references $(VAR_NAME) are - expanded using the previously defined environment - variables in the container and any service environment - variables. If a variable cannot be resolved, the - reference in the input string will be unchanged. - Double $$ are reduced to a single $, which allows - for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" - will produce the string literal "$(VAR_NAME)". + expanded + + using the previously defined environment variables + in the container and + + any service environment variables. If a variable + cannot be resolved, + + the reference in the input string will be unchanged. + Double $$ are reduced + + to a single $, which allows for escaping the $(VAR_NAME) + syntax: i.e. + + "$$(VAR_NAME)" will produce the string literal + "$(VAR_NAME)". + Escaped references will never be expanded, regardless - of whether the variable exists or not. Defaults - to "".' + of whether the variable + + exists or not. + + Defaults to "".' type: string valueFrom: description: Source for the environment variable's @@ -523,10 +621,18 @@ objects: description: The key to select. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: '' + description: 'Name of the referent. + + This field is effectively required, but + due to backwards compatibility is + + allowed to be empty. Instances of this + type with an empty value here are + + almost certainly wrong. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string optional: description: Specify whether the ConfigMap @@ -535,12 +641,14 @@ objects: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['''']`, - `metadata.annotations['''']`, spec.nodeName, - spec.serviceAccountName, status.hostIP, status.podIP, - status.podIPs.' + `metadata.annotations['''']`, + + spec.nodeName, spec.serviceAccountName, status.hostIP, + status.podIP, status.podIPs.' properties: apiVersion: description: Version of the schema the FieldPath @@ -553,11 +661,13 @@ objects: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: description: 'Selects a resource of the container: - only resources limits and requests (limits.cpu, - limits.memory, limits.ephemeral-storage, requests.cpu, - requests.memory and requests.ephemeral-storage) + only resources limits and requests + + (limits.cpu, limits.memory, limits.ephemeral-storage, + requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.' properties: containerName: @@ -579,6 +689,7 @@ objects: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: description: Selects a key of a secret in the pod's namespace @@ -588,10 +699,18 @@ objects: from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: '' + description: 'Name of the referent. + + This field is effectively required, but + due to backwards compatibility is + + allowed to be empty. Instances of this + type with an empty value here are + + almost certainly wrong. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string optional: description: Specify whether the Secret @@ -600,6 +719,7 @@ objects: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -613,10 +733,13 @@ objects: description: A list of init containers used to perform at-startup operations. items: - description: InitContainer is a struct defining a k8s - init container. This will be deployed along with the - parent pod and is used to carry out one time initialization - procedures. + description: 'InitContainer is a struct defining a k8s + init container. This will be + + deployed along with the parent pod and is used to + carry out one time + + initialization procedures.' properties: args: description: A list of args to be passed to the @@ -643,17 +766,29 @@ objects: type: string value: description: 'Variable references $(VAR_NAME) - are expanded using the previously defined - environment variables in the container and + are expanded + + using the previously defined environment + variables in the container and + any service environment variables. If a - variable cannot be resolved, the reference - in the input string will be unchanged. Double - $$ are reduced to a single $, which allows - for escaping the $(VAR_NAME) syntax: i.e. + variable cannot be resolved, + + the reference in the input string will be + unchanged. Double $$ are reduced + + to a single $, which allows for escaping + the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal - "$(VAR_NAME)". Escaped references will never - be expanded, regardless of whether the variable - exists or not. Defaults to "".' + "$(VAR_NAME)". + + Escaped references will never be expanded, + regardless of whether the variable + + exists or not. + + Defaults to "".' type: string valueFrom: description: Source for the environment variable's @@ -666,10 +801,20 @@ objects: description: The key to select. type: string name: + default: '' description: 'Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + + This field is effectively required, + but due to backwards compatibility + is + + allowed to be empty. Instances of + this type with an empty value here + are + + almost certainly wrong. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string optional: description: Specify whether the ConfigMap @@ -678,10 +823,12 @@ objects: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['''']`, `metadata.annotations['''']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.' properties: @@ -697,12 +844,14 @@ objects: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: description: 'Selects a resource of the container: only resources limits and - requests (limits.cpu, limits.memory, - limits.ephemeral-storage, requests.cpu, - requests.memory and requests.ephemeral-storage) + requests + + (limits.cpu, limits.memory, limits.ephemeral-storage, + requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.' properties: containerName: @@ -725,6 +874,7 @@ objects: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: description: Selects a key of a secret in the pod's namespace @@ -735,10 +885,20 @@ objects: secret key. type: string name: + default: '' description: 'Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + + This field is effectively required, + but due to backwards compatibility + is + + allowed to be empty. Instances of + this type with an empty value here + are + + almost certainly wrong. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string optional: description: Specify whether the Secret @@ -747,19 +907,23 @@ objects: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name type: object type: array image: - description: Image refers to the container image - used to create the init container (if different - from the primary pod image). + description: 'Image refers to the container image + used to create the init container + + (if different from the primary pod image).' type: string inheritEnv: - description: If true, inheirts the environment variables - from the parent pod. specification + description: 'If true, inheirts the environment + variables from the parent pod. + + specification' type: boolean name: description: Name gives an identifier in the situation @@ -773,37 +937,51 @@ objects: properties: postStart: description: 'PostStart is called immediately after - a container is created. If the handler fails, the - container is terminated and restarted according - to its restart policy. Other management of the container - blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + a container is created. If the handler fails, + + the container is terminated and restarted according + to its restart policy. + + Other management of the container blocks until the + hook completes. + + More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' properties: exec: description: Exec specifies the action to take. properties: command: - description: Command is the command line to - execute inside the container, the working - directory for the command is root ('/') - in the container's filesystem. The command - is simply exec'd, it is not run inside a - shell, so traditional shell instructions - ('|', etc) won't work. To use a shell, you - need to explicitly call out to that shell. + description: 'Command is the command line + to execute inside the container, the working + directory for the + + command is root (''/'') in the container''s + filesystem. The command is simply exec''d, + it is + + not run inside a shell, so traditional shell + instructions (''|'', etc) won''t work. To + use + + a shell, you need to explicitly call out + to that shell. + Exit status of 0 is treated as live/healthy - and non-zero is unhealthy. + and non-zero is unhealthy.' items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. properties: host: - description: Host name to connect to, defaults + description: 'Host name to connect to, defaults to the pod IP. You probably want to set - "Host" in httpHeaders instead. + + "Host" in httpHeaders instead.' type: string httpHeaders: description: Custom headers to set in the @@ -813,10 +991,11 @@ objects: header to be used in HTTP probes properties: name: - description: The header field name. + description: 'The header field name. + This will be canonicalized upon output, so case-variant names will be understood - as the same header. + as the same header.' type: string value: description: The header field value @@ -826,6 +1005,7 @@ objects: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -833,14 +1013,18 @@ objects: anyOf: - type: integer - type: string - description: Name or number of the port to - access on the container. Number must be - in the range 1 to 65535. Name must be an - IANA_SVC_NAME. + description: 'Name or number of the port to + access on the container. + + Number must be in the range 1 to 65535. + + Name must be an IANA_SVC_NAME.' x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. + description: 'Scheme to use for connecting + to the host. + + Defaults to HTTP.' type: string required: - port @@ -858,11 +1042,14 @@ objects: - seconds type: object tcpSocket: - description: Deprecated. TCPSocket is NOT supported - as a LifecycleHandler and kept for the backward - compatibility. There are no validation of this - field and lifecycle hooks will fail in runtime - when tcp handler is specified. + description: 'Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept + + for the backward compatibility. There are no + validation of this field and + + lifecycle hooks will fail in runtime when tcp + handler is specified.' properties: host: description: 'Optional: Host name to connect @@ -872,10 +1059,12 @@ objects: anyOf: - type: integer - type: string - description: Number or name of the port to - access on the container. Number must be - in the range 1 to 65535. Name must be an - IANA_SVC_NAME. + description: 'Number or name of the port to + access on the container. + + Number must be in the range 1 to 65535. + + Name must be an IANA_SVC_NAME.' x-kubernetes-int-or-string: true required: - port @@ -883,45 +1072,65 @@ objects: type: object preStop: description: 'PreStop is called immediately before - a container is terminated due to an API request - or management event such as liveness/startup probe - failure, preemption, resource contention, etc. The - handler is not called if the container crashes or - exits. The Pod''s termination grace period countdown - begins before the PreStop hook is executed. Regardless - of the outcome of the handler, the container will - eventually terminate within the Pod''s termination - grace period (unless delayed by finalizers). Other - management of the container blocks until the hook - completes or until the termination grace period - is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + a container is terminated due to an + + API request or management event such as liveness/startup + probe failure, + + preemption, resource contention, etc. The handler + is not called if the + + container crashes or exits. The Pod''s termination + grace period countdown begins before the + + PreStop hook is executed. Regardless of the outcome + of the handler, the + + container will eventually terminate within the Pod''s + termination grace + + period (unless delayed by finalizers). Other management + of the container blocks until the hook completes + + or until the termination grace period is reached. + + More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' properties: exec: description: Exec specifies the action to take. properties: command: - description: Command is the command line to - execute inside the container, the working - directory for the command is root ('/') - in the container's filesystem. The command - is simply exec'd, it is not run inside a - shell, so traditional shell instructions - ('|', etc) won't work. To use a shell, you - need to explicitly call out to that shell. + description: 'Command is the command line + to execute inside the container, the working + directory for the + + command is root (''/'') in the container''s + filesystem. The command is simply exec''d, + it is + + not run inside a shell, so traditional shell + instructions (''|'', etc) won''t work. To + use + + a shell, you need to explicitly call out + to that shell. + Exit status of 0 is treated as live/healthy - and non-zero is unhealthy. + and non-zero is unhealthy.' items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. properties: host: - description: Host name to connect to, defaults + description: 'Host name to connect to, defaults to the pod IP. You probably want to set - "Host" in httpHeaders instead. + + "Host" in httpHeaders instead.' type: string httpHeaders: description: Custom headers to set in the @@ -931,10 +1140,11 @@ objects: header to be used in HTTP probes properties: name: - description: The header field name. + description: 'The header field name. + This will be canonicalized upon output, so case-variant names will be understood - as the same header. + as the same header.' type: string value: description: The header field value @@ -944,6 +1154,7 @@ objects: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -951,14 +1162,18 @@ objects: anyOf: - type: integer - type: string - description: Name or number of the port to - access on the container. Number must be - in the range 1 to 65535. Name must be an - IANA_SVC_NAME. + description: 'Name or number of the port to + access on the container. + + Number must be in the range 1 to 65535. + + Name must be an IANA_SVC_NAME.' x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. + description: 'Scheme to use for connecting + to the host. + + Defaults to HTTP.' type: string required: - port @@ -976,11 +1191,14 @@ objects: - seconds type: object tcpSocket: - description: Deprecated. TCPSocket is NOT supported - as a LifecycleHandler and kept for the backward - compatibility. There are no validation of this - field and lifecycle hooks will fail in runtime - when tcp handler is specified. + description: 'Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept + + for the backward compatibility. There are no + validation of this field and + + lifecycle hooks will fail in runtime when tcp + handler is specified.' properties: host: description: 'Optional: Host name to connect @@ -990,10 +1208,12 @@ objects: anyOf: - type: integer - type: string - description: Number or name of the port to - access on the container. Number must be - in the range 1 to 65535. Name must be an - IANA_SVC_NAME. + description: 'Number or name of the port to + access on the container. + + Number must be in the range 1 to 65535. + + Name must be an IANA_SVC_NAME.' x-kubernetes-int-or-string: true required: - port @@ -1001,32 +1221,47 @@ objects: type: object type: object livenessProbe: - description: A pass-through of a Liveness Probe specification - in standard k8s format. If omitted, a standard probe - will be setup point to the webPort defined in the ClowdEnvironment - and a path of /healthz. Ignored if Web is set to false. + description: 'A pass-through of a Liveness Probe specification + in standard k8s format. + + If omitted, a standard probe will be setup point to + the webPort defined + + in the ClowdEnvironment and a path of /healthz. Ignored + if Web is set to + + false.' properties: exec: description: Exec specifies the action to take. properties: command: - description: Command is the command line to execute + description: 'Command is the command line to execute inside the container, the working directory - for the command is root ('/') in the container's - filesystem. The command is simply exec'd, it - is not run inside a shell, so traditional shell - instructions ('|', etc) won't work. To use a - shell, you need to explicitly call out to that - shell. Exit status of 0 is treated as live/healthy - and non-zero is unhealthy. + for the + + command is root (''/'') in the container''s + filesystem. The command is simply exec''d, it + is + + not run inside a shell, so traditional shell + instructions (''|'', etc) won''t work. To use + + a shell, you need to explicitly call out to + that shell. + + Exit status of 0 is treated as live/healthy + and non-zero is unhealthy.' items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: - description: Minimum consecutive failures for the + description: 'Minimum consecutive failures for the probe to be considered failed after having succeeded. - Defaults to 3. Minimum value is 1. + + Defaults to 3. Minimum value is 1.' format: int32 type: integer grpc: @@ -1039,11 +1274,15 @@ objects: format: int32 type: integer service: - description: "Service is the name of the service\ - \ to place in the gRPC HealthCheckRequest (see\ - \ https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\ - \ \n If this is not specified, the default behavior\ - \ is defined by gRPC." + default: '' + description: 'Service is the name of the service + to place in the gRPC HealthCheckRequest + + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + + + If this is not specified, the default behavior + is defined by gRPC.' type: string required: - port @@ -1053,9 +1292,10 @@ objects: perform. properties: host: - description: Host name to connect to, defaults - to the pod IP. You probably want to set "Host" - in httpHeaders instead. + description: 'Host name to connect to, defaults + to the pod IP. You probably want to set + + "Host" in httpHeaders instead.' type: string httpHeaders: description: Custom headers to set in the request. @@ -1065,10 +1305,11 @@ objects: to be used in HTTP probes properties: name: - description: The header field name. This - will be canonicalized upon output, so - case-variant names will be understood - as the same header. + description: 'The header field name. + + This will be canonicalized upon output, + so case-variant names will be understood + as the same header.' type: string value: description: The header field value @@ -1078,6 +1319,7 @@ objects: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -1085,13 +1327,18 @@ objects: anyOf: - type: integer - type: string - description: Name or number of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + description: 'Name or number of the port to access + on the container. + + Number must be in the range 1 to 65535. + + Name must be an IANA_SVC_NAME.' x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting to the - host. Defaults to HTTP. + description: 'Scheme to use for connecting to + the host. + + Defaults to HTTP.' type: string required: - port @@ -1099,19 +1346,23 @@ objects: initialDelaySeconds: description: 'Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' format: int32 type: integer periodSeconds: - description: How often (in seconds) to perform the - probe. Default to 10 seconds. Minimum value is 1. + description: 'How often (in seconds) to perform the + probe. + + Default to 10 seconds. Minimum value is 1.' format: int32 type: integer successThreshold: - description: Minimum consecutive successes for the + description: 'Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. - Minimum value is 1. + Minimum value is 1.' format: int32 type: integer tcpSocket: @@ -1126,35 +1377,53 @@ objects: anyOf: - type: integer - type: string - description: Number or name of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + description: 'Number or name of the port to access + on the container. + + Number must be in the range 1 to 65535. + + Name must be an IANA_SVC_NAME.' x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: - description: Optional duration in seconds the pod + description: 'Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after - the processes running in the pod are sent a termination - signal and the time when the processes are forcibly - halted with a kill signal. Set this value longer - than the expected cleanup time for your process. - If this value is nil, the pod's terminationGracePeriodSeconds - will be used. Otherwise, this value overrides the - value provided by the pod spec. Value must be non-negative - integer. The value zero indicates stop immediately - via the kill signal (no opportunity to shut down). + the processes running in the pod are sent + + a termination signal and the time when the processes + are forcibly halted with a kill signal. + + Set this value longer than the expected cleanup + time for your process. + + If this value is nil, the pod''s terminationGracePeriodSeconds + will be used. Otherwise, this + + value overrides the value provided by the pod spec. + + Value must be non-negative integer. The value zero + indicates stop immediately via + + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod - feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds - is used if unset. + feature gate. + + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset.' format: int64 type: integer timeoutSeconds: description: 'Number of seconds after which the probe - times out. Defaults to 1 second. Minimum value is - 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + times out. + + Defaults to 1 second. Minimum value is 1. + + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' format: int32 type: integer type: object @@ -1172,32 +1441,47 @@ objects: type: object type: object readinessProbe: - description: A pass-through of a Readiness Probe specification - in standard k8s format. If omitted, a standard probe - will be setup point to the webPort defined in the ClowdEnvironment - and a path of /healthz. Ignored if Web is set to false. + description: 'A pass-through of a Readiness Probe specification + in standard k8s format. + + If omitted, a standard probe will be setup point to + the webPort defined + + in the ClowdEnvironment and a path of /healthz. Ignored + if Web is set to + + false.' properties: exec: description: Exec specifies the action to take. properties: command: - description: Command is the command line to execute + description: 'Command is the command line to execute inside the container, the working directory - for the command is root ('/') in the container's - filesystem. The command is simply exec'd, it - is not run inside a shell, so traditional shell - instructions ('|', etc) won't work. To use a - shell, you need to explicitly call out to that - shell. Exit status of 0 is treated as live/healthy - and non-zero is unhealthy. + for the + + command is root (''/'') in the container''s + filesystem. The command is simply exec''d, it + is + + not run inside a shell, so traditional shell + instructions (''|'', etc) won''t work. To use + + a shell, you need to explicitly call out to + that shell. + + Exit status of 0 is treated as live/healthy + and non-zero is unhealthy.' items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: - description: Minimum consecutive failures for the + description: 'Minimum consecutive failures for the probe to be considered failed after having succeeded. - Defaults to 3. Minimum value is 1. + + Defaults to 3. Minimum value is 1.' format: int32 type: integer grpc: @@ -1210,11 +1494,15 @@ objects: format: int32 type: integer service: - description: "Service is the name of the service\ - \ to place in the gRPC HealthCheckRequest (see\ - \ https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\ - \ \n If this is not specified, the default behavior\ - \ is defined by gRPC." + default: '' + description: 'Service is the name of the service + to place in the gRPC HealthCheckRequest + + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + + + If this is not specified, the default behavior + is defined by gRPC.' type: string required: - port @@ -1224,9 +1512,10 @@ objects: perform. properties: host: - description: Host name to connect to, defaults - to the pod IP. You probably want to set "Host" - in httpHeaders instead. + description: 'Host name to connect to, defaults + to the pod IP. You probably want to set + + "Host" in httpHeaders instead.' type: string httpHeaders: description: Custom headers to set in the request. @@ -1236,10 +1525,11 @@ objects: to be used in HTTP probes properties: name: - description: The header field name. This - will be canonicalized upon output, so - case-variant names will be understood - as the same header. + description: 'The header field name. + + This will be canonicalized upon output, + so case-variant names will be understood + as the same header.' type: string value: description: The header field value @@ -1249,6 +1539,7 @@ objects: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -1256,13 +1547,18 @@ objects: anyOf: - type: integer - type: string - description: Name or number of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + description: 'Name or number of the port to access + on the container. + + Number must be in the range 1 to 65535. + + Name must be an IANA_SVC_NAME.' x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting to the - host. Defaults to HTTP. + description: 'Scheme to use for connecting to + the host. + + Defaults to HTTP.' type: string required: - port @@ -1270,19 +1566,23 @@ objects: initialDelaySeconds: description: 'Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' format: int32 type: integer periodSeconds: - description: How often (in seconds) to perform the - probe. Default to 10 seconds. Minimum value is 1. + description: 'How often (in seconds) to perform the + probe. + + Default to 10 seconds. Minimum value is 1.' format: int32 type: integer successThreshold: - description: Minimum consecutive successes for the + description: 'Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. - Minimum value is 1. + Minimum value is 1.' format: int32 type: integer tcpSocket: @@ -1297,60 +1597,100 @@ objects: anyOf: - type: integer - type: string - description: Number or name of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + description: 'Number or name of the port to access + on the container. + + Number must be in the range 1 to 65535. + + Name must be an IANA_SVC_NAME.' x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: - description: Optional duration in seconds the pod + description: 'Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after - the processes running in the pod are sent a termination - signal and the time when the processes are forcibly - halted with a kill signal. Set this value longer - than the expected cleanup time for your process. - If this value is nil, the pod's terminationGracePeriodSeconds - will be used. Otherwise, this value overrides the - value provided by the pod spec. Value must be non-negative - integer. The value zero indicates stop immediately - via the kill signal (no opportunity to shut down). + the processes running in the pod are sent + + a termination signal and the time when the processes + are forcibly halted with a kill signal. + + Set this value longer than the expected cleanup + time for your process. + + If this value is nil, the pod''s terminationGracePeriodSeconds + will be used. Otherwise, this + + value overrides the value provided by the pod spec. + + Value must be non-negative integer. The value zero + indicates stop immediately via + + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod - feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds - is used if unset. + feature gate. + + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset.' format: int64 type: integer timeoutSeconds: description: 'Number of seconds after which the probe - times out. Defaults to 1 second. Minimum value is - 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + times out. + + Defaults to 1 second. Minimum value is 1. + + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' format: int32 type: integer type: object resources: - description: A pass-through of a resource requirements - in k8s ResourceRequirements format. If omitted, the - default resource requirements from the ClowdEnvironment - will be used. + description: 'A pass-through of a resource requirements + in k8s ResourceRequirements + + format. If omitted, the default resource requirements + from the + + ClowdEnvironment will be used.' properties: claims: - description: "Claims lists the names of resources,\ - \ defined in spec.resourceClaims, that are used\ - \ by this container. \n This is an alpha field and\ - \ requires enabling the DynamicResourceAllocation\ - \ feature gate. \n This field is immutable. It can\ - \ only be set for containers." + description: 'Claims lists the names of resources, + defined in spec.resourceClaims, + + that are used by this container. + + + This is an alpha field and requires enabling the + + DynamicResourceAllocation feature gate. + + + This field is immutable. It can only be set for + containers.' items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one - entry in pod.spec.resourceClaims of the Pod - where this field is used. It makes that resource - available inside a container. + description: 'Name must match the name of one + entry in pod.spec.resourceClaims of + + the Pod where this field is used. It makes + that resource available + + inside a container.' + type: string + request: + description: 'Request is the name chosen for + a request in the referenced claim. + + If empty, everything from the claim is made + available, otherwise + + only the result of this request.' type: string required: - name @@ -1367,7 +1707,9 @@ objects: pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: 'Limits describes the maximum amount - of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + of compute resources allowed. + + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -1377,11 +1719,15 @@ objects: pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: 'Requests describes the minimum amount - of compute resources required. If Requests is omitted - for a container, it defaults to Limits if that is - explicitly specified, otherwise to an implementation-defined - value. Requests cannot exceed Limits. More info: - https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + of compute resources required. + + If Requests is omitted for a container, it defaults + to Limits if that is explicitly specified, + + otherwise to an implementation-defined value. Requests + cannot exceed Limits. + + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object sidecars: @@ -1403,8 +1749,10 @@ objects: type: object type: array terminationGracePeriodSeconds: - description: A pass-through of TerminationGracePeriodSeconds - specification in standard k8s format default is 30 seconds + description: 'A pass-through of TerminationGracePeriodSeconds + specification in standard k8s format + + default is 30 seconds' format: int64 type: integer volumeMounts: @@ -1415,36 +1763,90 @@ objects: within a container. properties: mountPath: - description: Path within the container at which - the volume should be mounted. Must not contain - ':'. + description: 'Path within the container at which + the volume should be mounted. Must + + not contain '':''.' type: string mountPropagation: - description: mountPropagation determines how mounts - are propagated from the host to container and - the other way around. When not set, MountPropagationNone - is used. This field is beta in 1.10. + description: 'mountPropagation determines how mounts + are propagated from the host + + to container and the other way around. + + When not set, MountPropagationNone is used. + + This field is beta in 1.10. + + When RecursiveReadOnly is set to IfPossible or + to Enabled, MountPropagation must be None or unspecified + + (which defaults to None).' type: string name: description: This must match the Name of a Volume. type: string readOnly: - description: Mounted read-only if true, read-write - otherwise (false or unspecified). Defaults to - false. + description: 'Mounted read-only if true, read-write + otherwise (false or unspecified). + + Defaults to false.' type: boolean + recursiveReadOnly: + description: 'RecursiveReadOnly specifies whether + read-only mounts should be handled + + recursively. + + + If ReadOnly is false, this field has no meaning + and must be unspecified. + + + If ReadOnly is true, and this field is set to + Disabled, the mount is not made + + recursively read-only. If this field is set to + IfPossible, the mount is made + + recursively read-only, if it is supported by the + container runtime. If this + + field is set to Enabled, the mount is made recursively + read-only if it is + + supported by the container runtime, otherwise + the pod will not be started and + + an error will be generated to indicate the reason. + + + If this field is set to IfPossible or Enabled, + MountPropagation must be set to + + None (or be unspecified, which defaults to None). + + + If this field is not specified, it is treated + as an equivalent of Disabled.' + type: string subPath: - description: Path within the volume from which the - container's volume should be mounted. Defaults - to "" (volume's root). + description: 'Path within the volume from which + the container''s volume should be mounted. + + Defaults to "" (volume''s root).' type: string subPathExpr: - description: Expanded path within the volume from - which the container's volume should be mounted. + description: 'Expanded path within the volume from + which the container''s volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the - container's environment. Defaults to "" (volume's - root). SubPathExpr and SubPath are mutually exclusive. + container''s environment. + + Defaults to "" (volume''s root). + + SubPathExpr and SubPath are mutually exclusive.' type: string required: - mountPath @@ -1460,38 +1862,49 @@ objects: properties: awsElasticBlockStore: description: 'awsElasticBlockStore represents an - AWS Disk resource that is attached to a kubelet''s - host machine and then exposed to the pod. More - info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + AWS Disk resource that is attached to a + + kubelet''s host machine and then exposed to the + pod. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' properties: fsType: description: 'fsType is the filesystem type - of the volume that you want to mount. Tip: - Ensure that the filesystem type is supported - by the host operating system. Examples: "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - TODO: how do we prevent errors in the filesystem - from compromising the machine' + of the volume that you want to mount. + + Tip: Ensure that the filesystem type is supported + by the host operating system. + + Examples: "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: string partition: description: 'partition is the partition in - the volume that you want to mount. If omitted, - the default is to mount by volume name. Examples: - For volume /dev/sda1, you specify the partition - as "1". Similarly, the volume partition for - /dev/sda is "0" (or you can leave the property - empty).' + the volume that you want to mount. + + If omitted, the default is to mount by volume + name. + + Examples: For volume /dev/sda1, you specify + the partition as "1". + + Similarly, the volume partition for /dev/sda + is "0" (or you can leave the property empty).' format: int32 type: integer readOnly: description: 'readOnly value true will force - the readOnly setting in VolumeMounts. More - info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + the readOnly setting in VolumeMounts. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: boolean volumeID: description: 'volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). + More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: string required: @@ -1514,11 +1927,14 @@ objects: in the blob storage type: string fsType: - description: fsType is Filesystem type to mount. + default: ext4 + description: 'fsType is Filesystem type to mount. + Must be a filesystem type supported by the - host operating system. Ex. "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. + host operating system. + + Ex. "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified.' type: string kind: description: 'kind expected values are Shared: @@ -1528,9 +1944,11 @@ objects: set). defaults to shared' type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. + default: false + description: 'readOnly Defaults to false (read/write). + ReadOnly here will force + + the ReadOnly setting in VolumeMounts.' type: boolean required: - diskName @@ -1542,9 +1960,10 @@ objects: pod. properties: readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. + description: 'readOnly defaults to false (read/write). + ReadOnly here will force + + the ReadOnly setting in VolumeMounts.' type: boolean secretName: description: secretName is the name of secret @@ -1564,11 +1983,13 @@ objects: properties: monitors: description: 'monitors is Required: Monitors - is a collection of Ceph monitors More info: - https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + is a collection of Ceph monitors + + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' items: type: string type: array + x-kubernetes-list-type: atomic path: description: 'path is Optional: Used as the mounted root, rather than the full Ceph tree, @@ -1577,30 +1998,47 @@ objects: readOnly: description: 'readOnly is Optional: Defaults to false (read/write). ReadOnly here will - force the ReadOnly setting in VolumeMounts. + force + + the ReadOnly setting in VolumeMounts. + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: boolean secretFile: description: 'secretFile is Optional: SecretFile is the path to key ring for User, default - is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + is /etc/ceph/user.secret + + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string secretRef: description: 'secretRef is Optional: SecretRef is reference to the authentication secret - for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + for User, default is empty. + + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' properties: name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: '' + description: 'Name of the referent. + + This field is effectively required, but + due to backwards compatibility is + + allowed to be empty. Instances of this + type with an empty value here are + + almost certainly wrong. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string type: object + x-kubernetes-map-type: atomic user: description: 'user is optional: User is the - rados user name, default is admin More info: - https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + rados user name, default is admin + + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string required: - monitors @@ -1608,35 +2046,57 @@ objects: cinder: description: 'cinder represents a cinder volume attached and mounted on kubelets host machine. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md' properties: fsType: description: 'fsType is the filesystem type - to mount. Must be a filesystem type supported - by the host operating system. Examples: "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + to mount. + + Must be a filesystem type supported by the + host operating system. + + Examples: "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + + More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string readOnly: description: 'readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + ReadOnly here will force + + the ReadOnly setting in VolumeMounts. + + More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: boolean secretRef: description: 'secretRef is optional: points to a secret object containing parameters used - to connect to OpenStack.' + to connect + + to OpenStack.' properties: name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: '' + description: 'Name of the referent. + + This field is effectively required, but + due to backwards compatibility is + + allowed to be empty. Instances of this + type with an empty value here are + + almost certainly wrong. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string type: object + x-kubernetes-map-type: atomic volumeID: description: 'volumeID used to identify the - volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + volume in cinder. + + More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string required: - volumeID @@ -1648,29 +2108,47 @@ objects: defaultMode: description: 'defaultMode is optional: mode bits used to set permissions on created files - by default. Must be an octal value between - 0000 and 0777 or a decimal value between 0 - and 511. YAML accepts both octal and decimal - values, JSON requires decimal values for mode - bits. Defaults to 0644. Directories within - the path are not affected by this setting. + by default. + + Must be an octal value between 0000 and 0777 + or a decimal value between 0 and 511. + + YAML accepts both octal and decimal values, + JSON requires decimal values for mode bits. + + Defaults to 0644. + + Directories within the path are not affected + by this setting. + This might be in conflict with other options - that affect the file mode, like fsGroup, and - the result can be other mode bits set.' + that affect the file + + mode, like fsGroup, and the result can be + other mode bits set.' format: int32 type: integer items: - description: items if unspecified, each key-value - pair in the Data field of the referenced ConfigMap - will be projected into the volume as a file - whose name is the key and content is the value. - If specified, the listed keys will be projected - into the specified paths, and unlisted keys - will not be present. If a key is specified - which is not present in the ConfigMap, the - volume setup will error unless it is marked - optional. Paths must be relative and may not - contain the '..' path or start with '..'. + description: 'items if unspecified, each key-value + pair in the Data field of the referenced + + ConfigMap will be projected into the volume + as a file whose name is the + + key and content is the value. If specified, + the listed keys will be + + projected into the specified paths, and unlisted + keys will not be + + present. If a key is specified which is not + present in the ConfigMap, + + the volume setup will error unless it is marked + optional. Paths must be + + relative and may not contain the ''..'' path + or start with ''..''.' items: description: Maps a string key to a path within a volume. @@ -1681,87 +2159,129 @@ objects: mode: description: 'mode is Optional: mode bits used to set permissions on this file. + Must be an octal value between 0000 and 0777 or a decimal value between - 0 and 511. YAML accepts both octal and - decimal values, JSON requires decimal - values for mode bits. If not specified, - the volume defaultMode will be used. + 0 and 511. + + YAML accepts both octal and decimal + values, JSON requires decimal values + for mode bits. + + If not specified, the volume defaultMode + will be used. + This might be in conflict with other - options that affect the file mode, like - fsGroup, and the result can be other - mode bits set.' + options that affect the file + + mode, like fsGroup, and the result can + be other mode bits set.' format: int32 type: integer path: - description: path is the relative path - of the file to map the key to. May not - be an absolute path. May not contain - the path element '..'. May not start - with the string '..'. + description: 'path is the relative path + of the file to map the key to. + + May not be an absolute path. + + May not contain the path element ''..''. + + May not start with the string ''..''.' type: string required: - key - path type: object type: array + x-kubernetes-list-type: atomic name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: '' + description: 'Name of the referent. + + This field is effectively required, but due + to backwards compatibility is + + allowed to be empty. Instances of this type + with an empty value here are + + almost certainly wrong. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string optional: description: optional specify whether the ConfigMap or its keys must be defined type: boolean type: object + x-kubernetes-map-type: atomic csi: description: csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). properties: driver: - description: driver is the name of the CSI driver - that handles this volume. Consult with your - admin for the correct name as registered in - the cluster. + description: 'driver is the name of the CSI + driver that handles this volume. + + Consult with your admin for the correct name + as registered in the cluster.' type: string fsType: - description: fsType to mount. Ex. "ext4", "xfs", - "ntfs". If not provided, the empty value is - passed to the associated CSI driver which - will determine the default filesystem to apply. + description: 'fsType to mount. Ex. "ext4", "xfs", + "ntfs". + + If not provided, the empty value is passed + to the associated CSI driver + + which will determine the default filesystem + to apply.' type: string nodePublishSecretRef: - description: nodePublishSecretRef is a reference - to the secret object containing sensitive - information to pass to the CSI driver to complete - the CSI NodePublishVolume and NodeUnpublishVolume - calls. This field is optional, and may be - empty if no secret is required. If the secret - object contains more than one secret, all - secret references are passed. + description: 'nodePublishSecretRef is a reference + to the secret object containing + + sensitive information to pass to the CSI driver + to complete the CSI + + NodePublishVolume and NodeUnpublishVolume + calls. + + This field is optional, and may be empty + if no secret is required. If the + + secret object contains more than one secret, + all secret references are passed.' properties: name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: '' + description: 'Name of the referent. + + This field is effectively required, but + due to backwards compatibility is + + allowed to be empty. Instances of this + type with an empty value here are + + almost certainly wrong. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string type: object + x-kubernetes-map-type: atomic readOnly: - description: readOnly specifies a read-only - configuration for the volume. Defaults to - false (read/write). + description: 'readOnly specifies a read-only + configuration for the volume. + + Defaults to false (read/write).' type: boolean volumeAttributes: additionalProperties: type: string - description: volumeAttributes stores driver-specific - properties that are passed to the CSI driver. - Consult your driver's documentation for supported - values. + description: 'volumeAttributes stores driver-specific + properties that are passed to the CSI + + driver. Consult your driver''s documentation + for supported values.' type: object required: - driver @@ -1772,17 +2292,27 @@ objects: properties: defaultMode: description: 'Optional: mode bits to use on - created files by default. Must be a Optional: - mode bits used to set permissions on created - files by default. Must be an octal value between - 0000 and 0777 or a decimal value between 0 - and 511. YAML accepts both octal and decimal - values, JSON requires decimal values for mode - bits. Defaults to 0644. Directories within - the path are not affected by this setting. + created files by default. Must be a + + Optional: mode bits used to set permissions + on created files by default. + + Must be an octal value between 0000 and 0777 + or a decimal value between 0 and 511. + + YAML accepts both octal and decimal values, + JSON requires decimal values for mode bits. + + Defaults to 0644. + + Directories within the path are not affected + by this setting. + This might be in conflict with other options - that affect the file mode, like fsGroup, and - the result can be other mode bits set.' + that affect the file + + mode, like fsGroup, and the result can be + other mode bits set.' format: int32 type: integer items: @@ -1796,7 +2326,7 @@ objects: fieldRef: description: 'Required: Selects a field of the pod: only annotations, labels, - name and namespace are supported.' + name, namespace and uid are supported.' properties: apiVersion: description: Version of the schema @@ -1810,19 +2340,27 @@ objects: required: - fieldPath type: object + x-kubernetes-map-type: atomic mode: description: 'Optional: mode bits used to set permissions on this file, must - be an octal value between 0000 and 0777 - or a decimal value between 0 and 511. + be an octal value + + between 0000 and 0777 or a decimal value + between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values - for mode bits. If not specified, the - volume defaultMode will be used. This - might be in conflict with other options - that affect the file mode, like fsGroup, - and the result can be other mode bits - set.' + for mode bits. + + If not specified, the volume defaultMode + will be used. + + This might be in conflict with other + options that affect the file + + mode, like fsGroup, and the result can + be other mode bits set.' format: int32 type: integer path: @@ -1836,9 +2374,10 @@ objects: resourceFieldRef: description: 'Selects a resource of the container: only resources limits and - requests (limits.cpu, limits.memory, - requests.cpu and requests.memory) are - currently supported.' + requests + + (limits.cpu, limits.memory, requests.cpu + and requests.memory) are currently supported.' properties: containerName: description: 'Container name: required @@ -1860,21 +2399,29 @@ objects: required: - resource type: object + x-kubernetes-map-type: atomic required: - path type: object type: array + x-kubernetes-list-type: atomic type: object emptyDir: description: 'emptyDir represents a temporary directory - that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + that shares a pod''s lifetime. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' properties: medium: description: 'medium represents what type of storage medium should back this directory. + The default is "" which means to use the node''s - default medium. Must be an empty string (default) - or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + default medium. + + Must be an empty string (default) or Memory. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' type: string sizeLimit: anyOf: @@ -1882,114 +2429,173 @@ objects: - type: string description: 'sizeLimit is the total amount of local storage required for this EmptyDir - volume. The size limit is also applicable - for memory medium. The maximum usage on memory - medium EmptyDir would be the minimum value - between the SizeLimit specified here and the - sum of memory limits of all containers in - a pod. The default is nil which means that - the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + volume. + + The size limit is also applicable for memory + medium. + + The maximum usage on memory medium EmptyDir + would be the minimum value between + + the SizeLimit specified here and the sum of + memory limits of all containers in a pod. + + The default is nil which means that the limit + is undefined. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object ephemeral: description: "ephemeral represents a volume that\ - \ is handled by a cluster storage driver. The\ + \ is handled by a cluster storage driver.\nThe\ \ volume's lifecycle is tied to the pod that defines\ - \ it - it will be created before the pod starts,\ - \ and deleted when the pod is removed. \n Use\ - \ this if: a) the volume is only needed while\ - \ the pod runs, b) features of normal volumes\ - \ like restoring from snapshot or capacity tracking\ - \ are needed, c) the storage driver is specified\ - \ through a storage class, and d) the storage\ + \ it - it will be created before the pod starts,\n\ + and deleted when the pod is removed.\n\nUse this\ + \ if:\na) the volume is only needed while the\ + \ pod runs,\nb) features of normal volumes like\ + \ restoring from snapshot or capacity\n tracking\ + \ are needed,\nc) the storage driver is specified\ + \ through a storage class, and\nd) the storage\ \ driver supports dynamic volume provisioning\ - \ through a PersistentVolumeClaim (see EphemeralVolumeSource\ - \ for more information on the connection between\ - \ this volume type and PersistentVolumeClaim).\ - \ \n Use PersistentVolumeClaim or one of the vendor-specific\ - \ APIs for volumes that persist for longer than\ - \ the lifecycle of an individual pod. \n Use CSI\ - \ for light-weight local ephemeral volumes if\ - \ the CSI driver is meant to be used that way\ - \ - see the documentation of the driver for more\ - \ information. \n A pod can use both types of\ - \ ephemeral volumes and persistent volumes at\ - \ the same time." + \ through\n a PersistentVolumeClaim (see EphemeralVolumeSource\ + \ for more\n information on the connection between\ + \ this volume type\n and PersistentVolumeClaim).\n\ + \nUse PersistentVolumeClaim or one of the vendor-specific\n\ + APIs for volumes that persist for longer than\ + \ the lifecycle\nof an individual pod.\n\nUse\ + \ CSI for light-weight local ephemeral volumes\ + \ if the CSI driver is meant to\nbe used that\ + \ way - see the documentation of the driver for\n\ + more information.\n\nA pod can use both types\ + \ of ephemeral volumes and\npersistent volumes\ + \ at the same time." properties: volumeClaimTemplate: - description: "Will be used to create a stand-alone\ - \ PVC to provision the volume. The pod in\ - \ which this EphemeralVolumeSource is embedded\ - \ will be the owner of the PVC, i.e. the PVC\ - \ will be deleted together with the pod. \ - \ The name of the PVC will be `-` where `` is the name\ - \ from the `PodSpec.Volumes` array entry.\ - \ Pod validation will reject the pod if the\ - \ concatenated name is not valid for a PVC\ - \ (for example, too long). \n An existing\ - \ PVC with that name that is not owned by\ - \ the pod will *not* be used for the pod to\ - \ avoid using an unrelated volume by mistake.\ - \ Starting the pod is then blocked until the\ - \ unrelated PVC is removed. If such a pre-created\ - \ PVC is meant to be used by the pod, the\ - \ PVC has to updated with an owner reference\ - \ to the pod once the pod exists. Normally\ - \ this should not be necessary, but it may\ - \ be useful when manually reconstructing a\ - \ broken cluster. \n This field is read-only\ - \ and no changes will be made by Kubernetes\ - \ to the PVC after it has been created. \n\ - \ Required, must not be nil." + description: 'Will be used to create a stand-alone + PVC to provision the volume. + + The pod in which this EphemeralVolumeSource + is embedded will be the + + owner of the PVC, i.e. the PVC will be deleted + together with the + + pod. The name of the PVC will be `-` where + + `` is the name from the `PodSpec.Volumes` + array + + entry. Pod validation will reject the pod + if the concatenated name + + is not valid for a PVC (for example, too long). + + + An existing PVC with that name that is not + owned by the pod + + will *not* be used for the pod to avoid using + an unrelated + + volume by mistake. Starting the pod is then + blocked until + + the unrelated PVC is removed. If such a pre-created + PVC is + + meant to be used by the pod, the PVC has to + updated with an + + owner reference to the pod once the pod exists. + Normally + + this should not be necessary, but it may be + useful when + + manually reconstructing a broken cluster. + + + This field is read-only and no changes will + be made by Kubernetes + + to the PVC after it has been created. + + + Required, must not be nil.' properties: metadata: - description: May contain labels and annotations - that will be copied into the PVC when - creating it. No other fields are allowed - and will be rejected during validation. + description: 'May contain labels and annotations + that will be copied into the PVC + + when creating it. No other fields are + allowed and will be rejected during + + validation.' type: object spec: - description: The specification for the PersistentVolumeClaim. - The entire content is copied unchanged - into the PVC that gets created from this + description: 'The specification for the + PersistentVolumeClaim. The entire content + is + + copied unchanged into the PVC that gets + created from this + template. The same fields as in a PersistentVolumeClaim - are also valid here. + + are also valid here.' properties: accessModes: description: 'accessModes contains the desired access modes the volume should - have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + have. + + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' items: type: string type: array + x-kubernetes-list-type: atomic dataSource: description: 'dataSource field can be - used to specify either: * An existing - VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + used to specify either: + + * An existing VolumeSnapshot object + (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external controller can support the specified - data source, it will create a new - volume based on the contents of the - specified data source. When the AnyVolumeDataSource - feature gate is enabled, dataSource - contents will be copied to dataSourceRef, + data source, + + it will create a new volume based + on the contents of the specified data + source. + + When the AnyVolumeDataSource feature + gate is enabled, dataSource contents + will be copied to dataSourceRef, + and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace - is not specified. If the namespace - is specified, then dataSourceRef will - not be copied to dataSource.' + is not specified. + + If the namespace is specified, then + dataSourceRef will not be copied to + dataSource.' properties: apiGroup: - description: APIGroup is the group + description: 'APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in - the core API group. For any other - third-party types, APIGroup is - required. + the core API group. + + For any other third-party types, + APIGroup is required.' type: string kind: description: Kind is the type of @@ -2003,58 +2609,62 @@ objects: - kind - name type: object + x-kubernetes-map-type: atomic dataSourceRef: - description: 'dataSourceRef specifies - the object from which to populate - the volume with data, if a non-empty - volume is desired. This may be any - object from a non-empty API group - (non core object) or a PersistentVolumeClaim - object. When this field is specified, - volume binding will only succeed if - the type of the specified object matches - some installed volume populator or - dynamic provisioner. This field will - replace the functionality of the dataSource - field and as such if both fields are - non-empty, they must have the same - value. For backwards compatibility, - when namespace isn''t specified in - dataSourceRef, both fields (dataSource - and dataSourceRef) will be set to - the same value automatically if one - of them is empty and the other is - non-empty. When namespace is specified - in dataSourceRef, dataSource isn''t - set to the same value and must be - empty. There are three important differences - between dataSource and dataSourceRef: - * While dataSource only allows two - specific types of objects, dataSourceRef - allows any non-core object, as well - as PersistentVolumeClaim objects. - * While dataSource ignores disallowed - values (dropping them), dataSourceRef - preserves all values, and generates - an error if a disallowed value is - specified. * While dataSource only - allows local objects, dataSourceRef - allows objects in any namespaces. - (Beta) Using this field requires the - AnyVolumeDataSource feature gate to - be enabled. (Alpha) Using the namespace - field of dataSourceRef requires the - CrossNamespaceVolumeDataSource feature - gate to be enabled.' + description: "dataSourceRef specifies\ + \ the object from which to populate\ + \ the volume with data, if a non-empty\n\ + volume is desired. This may be any\ + \ object from a non-empty API group\ + \ (non\ncore object) or a PersistentVolumeClaim\ + \ object.\nWhen this field is specified,\ + \ volume binding will only succeed\ + \ if the type of\nthe specified object\ + \ matches some installed volume populator\ + \ or dynamic\nprovisioner.\nThis field\ + \ will replace the functionality of\ + \ the dataSource field and as such\n\ + if both fields are non-empty, they\ + \ must have the same value. For backwards\n\ + compatibility, when namespace isn't\ + \ specified in dataSourceRef,\nboth\ + \ fields (dataSource and dataSourceRef)\ + \ will be set to the same\nvalue automatically\ + \ if one of them is empty and the\ + \ other is non-empty.\nWhen namespace\ + \ is specified in dataSourceRef,\n\ + dataSource isn't set to the same value\ + \ and must be empty.\nThere are three\ + \ important differences between dataSource\ + \ and dataSourceRef:\n* While dataSource\ + \ only allows two specific types of\ + \ objects, dataSourceRef\n allows\ + \ any non-core object, as well as\ + \ PersistentVolumeClaim objects.\n\ + * While dataSource ignores disallowed\ + \ values (dropping them), dataSourceRef\n\ + \ preserves all values, and generates\ + \ an error if a disallowed value is\n\ + \ specified.\n* While dataSource\ + \ only allows local objects, dataSourceRef\ + \ allows objects\n in any namespaces.\n\ + (Beta) Using this field requires the\ + \ AnyVolumeDataSource feature gate\ + \ to be enabled.\n(Alpha) Using the\ + \ namespace field of dataSourceRef\ + \ requires the CrossNamespaceVolumeDataSource\ + \ feature gate to be enabled." properties: apiGroup: - description: APIGroup is the group + description: 'APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in - the core API group. For any other - third-party types, APIGroup is - required. + the core API group. + + For any other third-party types, + APIGroup is required.' type: string kind: description: Kind is the type of @@ -2065,17 +2675,20 @@ objects: resource being referenced type: string namespace: - description: Namespace is the namespace - of resource being referenced Note - that when a namespace is specified, - a gateway.networking.k8s.io/ReferenceGrant + description: 'Namespace is the namespace + of resource being referenced + + Note that when a namespace is + specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent - namespace to allow that namespace's + namespace to allow that namespace''s owner to accept the reference. See the ReferenceGrant documentation - for details. (Alpha) This field - requires the CrossNamespaceVolumeDataSource - feature gate to be enabled. + for details. + + (Alpha) This field requires the + CrossNamespaceVolumeDataSource + feature gate to be enabled.' type: string required: - kind @@ -2084,13 +2697,19 @@ objects: resources: description: 'resources represents the minimum resources the volume should - have. If RecoverVolumeExpansionFailure - feature is enabled users are allowed - to specify resource requirements that - are lower than previous value but - must still be higher than capacity - recorded in the status field of the - claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' + have. + + If RecoverVolumeExpansionFailure feature + is enabled users are allowed to specify + resource requirements + + that are lower than previous value + but must still be higher than capacity + recorded in the + + status field of the claim. + + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' properties: limits: additionalProperties: @@ -2101,7 +2720,9 @@ objects: x-kubernetes-int-or-string: true description: 'Limits describes the maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + allowed. + + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -2112,12 +2733,16 @@ objects: x-kubernetes-int-or-string: true description: 'Requests describes the minimum amount of compute - resources required. If Requests - is omitted for a container, it - defaults to Limits if that is - explicitly specified, otherwise - to an implementation-defined value. - Requests cannot exceed Limits. + resources required. + + If Requests is omitted for a container, + it defaults to Limits if that + is explicitly specified, + + otherwise to an implementation-defined + value. Requests cannot exceed + Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object @@ -2130,11 +2755,12 @@ objects: a list of label selector requirements. The requirements are ANDed. items: - description: A label selector + description: 'A label selector requirement is a selector that contains values, a key, and - an operator that relates the - key and values. + an operator that + + relates the key and values.' properties: key: description: key is the label @@ -2142,83 +2768,112 @@ objects: to. type: string operator: - description: operator represents - a key's relationship to - a set of values. Valid operators - are In, NotIn, Exists and - DoesNotExist. + description: 'operator represents + a key''s relationship to + a set of values. + + Valid operators are In, + NotIn, Exists and DoesNotExist.' type: string values: - description: values is an + description: 'values is an array of string values. If the operator is In or - NotIn, the values array - must be non-empty. If the - operator is Exists or DoesNotExist, + NotIn, + + the values array must be + non-empty. If the operator + is Exists or DoesNotExist, + the values array must be empty. This array is replaced - during a strategic merge - patch. + during a strategic + + merge patch.' items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string - description: matchLabels is a map + description: 'matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key - field is "key", the operator is - "In", and the values array contains - only "value". The requirements - are ANDed. + field is "key", the + + operator is "In", and the values + array contains only "value". The + requirements are ANDed.' type: object type: object + x-kubernetes-map-type: atomic storageClassName: description: 'storageClassName is the name of the StorageClass required - by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + by the claim. + + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' type: string volumeAttributesClassName: description: 'volumeAttributesClassName may be used to set the VolumeAttributesClass - used by this claim. If specified, - the CSI driver will create or update - the volume with the attributes defined + used by this claim. + + If specified, the CSI driver will + create or update the volume with the + attributes defined + in the corresponding VolumeAttributesClass. This has a different purpose than - storageClassName, it can be changed - after the claim is created. An empty - string value means that no VolumeAttributesClass + storageClassName, + + it can be changed after the claim + is created. An empty string value + means that no VolumeAttributesClass + will be applied to the claim but it''s not allowed to reset this field to - empty string once it is set. If unspecified - and the PersistentVolumeClaim is unbound, - the default VolumeAttributesClass + empty string once it is set. + + If unspecified and the PersistentVolumeClaim + is unbound, the default VolumeAttributesClass + will be set by the persistentvolume - controller if it exists. If the resource - referred to by volumeAttributesClass + controller if it exists. + + If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim - will be set to a Pending state, as - reflected by the modifyVolumeStatus - field, until such as a resource exists. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass - (Alpha) Using this field requires - the VolumeAttributesClass feature - gate to be enabled.' + will be + + set to a Pending state, as reflected + by the modifyVolumeStatus field, until + such as a resource + + exists. + + More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + + (Beta) Using this field requires the + VolumeAttributesClass feature gate + to be enabled (off by default).' type: string volumeMode: - description: volumeMode defines what + description: 'volumeMode defines what type of volume is required by the - claim. Value of Filesystem is implied - when not included in claim spec. + claim. + + Value of Filesystem is implied when + not included in claim spec.' type: string volumeName: description: volumeName is the binding @@ -2237,11 +2892,13 @@ objects: properties: fsType: description: 'fsType is the filesystem type - to mount. Must be a filesystem type supported - by the host operating system. Ex. "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. TODO: how do we prevent errors - in the filesystem from compromising the machine' + to mount. + + Must be a filesystem type supported by the + host operating system. + + Ex. "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified.' type: string lun: description: 'lun is Optional: FC target lun @@ -2251,7 +2908,9 @@ objects: readOnly: description: 'readOnly is Optional: Defaults to false (read/write). ReadOnly here will - force the ReadOnly setting in VolumeMounts.' + force + + the ReadOnly setting in VolumeMounts.' type: boolean targetWWNs: description: 'targetWWNs is Optional: FC target @@ -2259,30 +2918,37 @@ objects: items: type: string type: array + x-kubernetes-list-type: atomic wwids: description: 'wwids Optional: FC volume world - wide identifiers (wwids) Either wwids or combination - of targetWWNs and lun must be set, but not - both simultaneously.' + wide identifiers (wwids) + + Either wwids or combination of targetWWNs + and lun must be set, but not both simultaneously.' items: type: string type: array + x-kubernetes-list-type: atomic type: object flexVolume: - description: flexVolume represents a generic volume - resource that is provisioned/attached using an - exec based plugin. + description: 'flexVolume represents a generic volume + resource that is + + provisioned/attached using an exec based plugin.' properties: driver: description: driver is the name of the driver to use for this volume. type: string fsType: - description: fsType is the filesystem type to - mount. Must be a filesystem type supported - by the host operating system. Ex. "ext4", - "xfs", "ntfs". The default filesystem depends - on FlexVolume script. + description: 'fsType is the filesystem type + to mount. + + Must be a filesystem type supported by the + host operating system. + + Ex. "ext4", "xfs", "ntfs". The default filesystem + depends on FlexVolume script.' type: string options: additionalProperties: @@ -2293,24 +2959,41 @@ objects: readOnly: description: 'readOnly is Optional: defaults to false (read/write). ReadOnly here will - force the ReadOnly setting in VolumeMounts.' + force + + the ReadOnly setting in VolumeMounts.' type: boolean secretRef: description: 'secretRef is Optional: secretRef is reference to the secret object containing + sensitive information to pass to the plugin - scripts. This may be empty if no secret object - is specified. If the secret object contains - more than one secret, all secrets are passed - to the plugin scripts.' + scripts. This may be + + empty if no secret object is specified. If + the secret object + + contains more than one secret, all secrets + are passed to the plugin + + scripts.' properties: name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: '' + description: 'Name of the referent. + + This field is effectively required, but + due to backwards compatibility is + + allowed to be empty. Instances of this + type with an empty value here are + + almost certainly wrong. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string type: object + x-kubernetes-map-type: atomic required: - driver type: object @@ -2320,9 +3003,11 @@ objects: on the Flocker control service being running properties: datasetName: - description: datasetName is Name of the dataset + description: 'datasetName is Name of the dataset stored as metadata -> name on the dataset - for Flocker should be considered as deprecated + for Flocker + + should be considered as deprecated' type: string datasetUUID: description: datasetUUID is the UUID of the @@ -2332,38 +3017,54 @@ objects: type: object gcePersistentDisk: description: 'gcePersistentDisk represents a GCE - Disk resource that is attached to a kubelet''s - host machine and then exposed to the pod. More - info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + Disk resource that is attached to a + + kubelet''s host machine and then exposed to the + pod. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' properties: fsType: description: 'fsType is filesystem type of the - volume that you want to mount. Tip: Ensure - that the filesystem type is supported by the - host operating system. Examples: "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - TODO: how do we prevent errors in the filesystem - from compromising the machine' + volume that you want to mount. + + Tip: Ensure that the filesystem type is supported + by the host operating system. + + Examples: "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: string partition: description: 'partition is the partition in - the volume that you want to mount. If omitted, - the default is to mount by volume name. Examples: - For volume /dev/sda1, you specify the partition - as "1". Similarly, the volume partition for - /dev/sda is "0" (or you can leave the property - empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + the volume that you want to mount. + + If omitted, the default is to mount by volume + name. + + Examples: For volume /dev/sda1, you specify + the partition as "1". + + Similarly, the volume partition for /dev/sda + is "0" (or you can leave the property empty). + + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' format: int32 type: integer pdName: description: 'pdName is unique name of the PD resource in GCE. Used to identify the disk - in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + in GCE. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: string readOnly: description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. + setting in VolumeMounts. + + Defaults to false. + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: boolean required: @@ -2371,19 +3072,29 @@ objects: type: object gitRepo: description: 'gitRepo represents a git repository - at a particular revision. DEPRECATED: GitRepo - is deprecated. To provision a container with a - git repo, mount an EmptyDir into an InitContainer - that clones the repo using git, then mount the - EmptyDir into the Pod''s container.' + at a particular revision. + + DEPRECATED: GitRepo is deprecated. To provision + a container with a git repo, mount an + + EmptyDir into an InitContainer that clones the + repo using git, then mount the EmptyDir + + into the Pod''s container.' properties: directory: - description: directory is the target directory - name. Must not contain or start with '..'. If - '.' is supplied, the volume directory will - be the git repository. Otherwise, if specified, + description: 'directory is the target directory + name. + + Must not contain or start with ''..''. If + ''.'' is supplied, the volume directory will + be the + + git repository. Otherwise, if specified, the volume will contain the git repository - in the subdirectory with the given name. + in + + the subdirectory with the given name.' type: string repository: description: repository is the URL @@ -2397,22 +3108,28 @@ objects: type: object glusterfs: description: 'glusterfs represents a Glusterfs mount - on the host that shares a pod''s lifetime. More - info: https://examples.k8s.io/volumes/glusterfs/README.md' + on the host that shares a pod''s lifetime. + + More info: https://examples.k8s.io/volumes/glusterfs/README.md' properties: endpoints: description: 'endpoints is the endpoint name - that details Glusterfs topology. More info: - https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + that details Glusterfs topology. + + More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: string path: description: 'path is the Glusterfs volume path. + More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: string readOnly: description: 'readOnly here will force the Glusterfs volume to be mounted with read-only permissions. - Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + + Defaults to false. + + More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: boolean required: - endpoints @@ -2420,31 +3137,139 @@ objects: type: object hostPath: description: 'hostPath represents a pre-existing - file or directory on the host machine that is - directly exposed to the container. This is generally + file or directory on the host + + machine that is directly exposed to the container. + This is generally + used for system agents or other privileged things - that are allowed to see the host machine. Most - containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - --- TODO(jonesdl) We need to restrict who can - use host directory mounts and who can/can not - mount host directories as read/write.' + that are allowed + + to see the host machine. Most containers will + NOT need this. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' properties: path: description: 'path of the directory on the host. + If the path is a symlink, it will follow the - link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + link to the real path. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' type: string type: - description: 'type for HostPath Volume Defaults - to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + description: 'type for HostPath Volume + + Defaults to "" + + More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' type: string required: - path type: object + image: + description: 'image represents an OCI object (a + container image or artifact) pulled and mounted + on the kubelet''s host machine. + + The volume is resolved at pod startup depending + on which PullPolicy value is provided: + + + - Always: the kubelet always attempts to pull + the reference. Container creation will fail If + the pull fails. + + - Never: the kubelet never pulls the reference + and only uses a local image or artifact. Container + creation will fail if the reference isn''t present. + + - IfNotPresent: the kubelet pulls if the reference + isn''t already present on disk. Container creation + will fail if the reference isn''t present and + the pull fails. + + + The volume gets re-resolved if the pod gets deleted + and recreated, which means that new remote content + will become available on pod recreation. + + A failure to resolve or pull the image during + pod startup will block containers from starting + and may add significant latency. Failures will + be retried using normal volume backoff and will + be reported on the pod reason and message. + + The types of objects that may be mounted by this + volume are defined by the container runtime implementation + on a host machine and at minimum must include + all valid types supported by the container image + field. + + The OCI object gets mounted in a single directory + (spec.containers[*].volumeMounts.mountPath) by + merging the manifest layers in the same way as + for container images. + + The volume will be mounted read-only (ro) and + non-executable files (noexec). + + Sub path mounts for containers are not supported + (spec.containers[*].volumeMounts.subpath). + + The field spec.securityContext.fsGroupChangePolicy + has no effect on this volume type.' + properties: + pullPolicy: + description: 'Policy for pulling OCI objects. + Possible values are: + + Always: the kubelet always attempts to pull + the reference. Container creation will fail + If the pull fails. + + Never: the kubelet never pulls the reference + and only uses a local image or artifact. Container + creation will fail if the reference isn''t + present. + + IfNotPresent: the kubelet pulls if the reference + isn''t already present on disk. Container + creation will fail if the reference isn''t + present and the pull fails. + + Defaults to Always if :latest tag is specified, + or IfNotPresent otherwise.' + type: string + reference: + description: 'Required: Image or artifact reference + to be used. + + Behaves in the same way as pod.spec.containers[*].image. + + Pull secrets will be assembled in the same + way as for the container image by looking + up node credentials, SA image pull secrets, + and pod spec image pull secrets. + + More info: https://kubernetes.io/docs/concepts/containers/images + + This field is optional to allow higher level + config management to default or override + + container images in workload controllers like + Deployments and StatefulSets.' + type: string + type: object iscsi: description: 'iscsi represents an ISCSI Disk resource - that is attached to a kubelet''s host machine - and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' + that is attached to a + + kubelet''s host machine and then exposed to the + pod. + + More info: https://examples.k8s.io/volumes/iscsi/README.md' properties: chapAuthDiscovery: description: chapAuthDiscovery defines whether @@ -2456,29 +3281,36 @@ objects: type: boolean fsType: description: 'fsType is the filesystem type - of the volume that you want to mount. Tip: - Ensure that the filesystem type is supported - by the host operating system. Examples: "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi - TODO: how do we prevent errors in the filesystem - from compromising the machine' + of the volume that you want to mount. + + Tip: Ensure that the filesystem type is supported + by the host operating system. + + Examples: "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi' type: string initiatorName: - description: initiatorName is the custom iSCSI - Initiator Name. If initiatorName is specified - with iscsiInterface simultaneously, new iSCSI - interface : will - be created for the connection. + description: 'initiatorName is the custom iSCSI + Initiator Name. + + If initiatorName is specified with iscsiInterface + simultaneously, new iSCSI interface + + : will be created + for the connection.' type: string iqn: description: iqn is the target iSCSI Qualified Name. type: string iscsiInterface: - description: iscsiInterface is the interface - Name that uses an iSCSI transport. Defaults - to 'default' (tcp). + default: default + description: 'iscsiInterface is the interface + Name that uses an iSCSI transport. + + Defaults to ''default'' (tcp).' type: string lun: description: lun represents iSCSI Target Lun @@ -2486,33 +3318,49 @@ objects: format: int32 type: integer portals: - description: portals is the iSCSI Target Portal + description: 'portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port - if the port is other than default (typically - TCP ports 860 and 3260). + if the port + + is other than default (typically TCP ports + 860 and 3260).' items: type: string type: array + x-kubernetes-list-type: atomic readOnly: - description: readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. + description: 'readOnly here will force the ReadOnly + setting in VolumeMounts. + + Defaults to false.' type: boolean secretRef: description: secretRef is the CHAP Secret for iSCSI target and initiator authentication properties: name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: '' + description: 'Name of the referent. + + This field is effectively required, but + due to backwards compatibility is + + allowed to be empty. Instances of this + type with an empty value here are + + almost certainly wrong. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string type: object + x-kubernetes-map-type: atomic targetPortal: - description: targetPortal is iSCSI Target Portal. + description: 'targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port - if the port is other than default (typically - TCP ports 860 and 3260). + if the port + + is other than default (typically TCP ports + 860 and 3260).' type: string required: - iqn @@ -2520,26 +3368,37 @@ objects: - targetPortal type: object name: - description: 'name of the volume. Must be a DNS_LABEL - and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: 'name of the volume. + + Must be a DNS_LABEL and unique within the pod. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string nfs: description: 'nfs represents an NFS mount on the - host that shares a pod''s lifetime More info: - https://kubernetes.io/docs/concepts/storage/volumes#nfs' + host that shares a pod''s lifetime + + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' properties: path: description: 'path that is exported by the NFS - server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + server. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: string readOnly: description: 'readOnly here will force the NFS export to be mounted with read-only permissions. - Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + + Defaults to false. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: boolean server: description: 'server is the hostname or IP address - of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + of the NFS server. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: string required: - path @@ -2547,17 +3406,24 @@ objects: type: object persistentVolumeClaim: description: 'persistentVolumeClaimVolumeSource - represents a reference to a PersistentVolumeClaim - in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + represents a reference to a + + PersistentVolumeClaim in the same namespace. + + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' properties: claimName: description: 'claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this - volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + volume. + + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string readOnly: - description: readOnly Will force the ReadOnly - setting in VolumeMounts. Default false. + description: 'readOnly Will force the ReadOnly + setting in VolumeMounts. + + Default false.' type: boolean required: - claimName @@ -2568,11 +3434,14 @@ objects: host machine properties: fsType: - description: fsType is the filesystem type to - mount. Must be a filesystem type supported - by the host operating system. Ex. "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. + description: 'fsType is the filesystem type + to mount. + + Must be a filesystem type supported by the + host operating system. + + Ex. "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified.' type: string pdID: description: pdID is the ID that identifies @@ -2586,16 +3455,20 @@ objects: volume attached and mounted on kubelets host machine properties: fsType: - description: fSType represents the filesystem - type to mount Must be a filesystem type supported - by the host operating system. Ex. "ext4", - "xfs". Implicitly inferred to be "ext4" if - unspecified. + description: 'fSType represents the filesystem + type to mount + + Must be a filesystem type supported by the + host operating system. + + Ex. "ext4", "xfs". Implicitly inferred to + be "ext4" if unspecified.' type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. + description: 'readOnly defaults to false (read/write). + ReadOnly here will force + + the ReadOnly setting in VolumeMounts.' type: boolean volumeID: description: volumeID uniquely identifies a @@ -2609,51 +3482,83 @@ objects: secrets, configmaps, and downward API properties: defaultMode: - description: defaultMode are the mode bits used - to set permissions on created files by default. + description: 'defaultMode are the mode bits + used to set permissions on created files by + default. + Must be an octal value between 0000 and 0777 - or a decimal value between 0 and 511. YAML - accepts both octal and decimal values, JSON - requires decimal values for mode bits. Directories - within the path are not affected by this setting. + or a decimal value between 0 and 511. + + YAML accepts both octal and decimal values, + JSON requires decimal values for mode bits. + + Directories within the path are not affected + by this setting. + This might be in conflict with other options - that affect the file mode, like fsGroup, and - the result can be other mode bits set. + that affect the file + + mode, like fsGroup, and the result can be + other mode bits set.' format: int32 type: integer sources: - description: sources is the list of volume projections + description: 'sources is the list of volume + projections. Each entry in this list + + handles one source.' items: - description: Projection that may be projected - along with other supported volume types + description: 'Projection that may be projected + along with other supported volume types. + + Exactly one of these fields must be set.' properties: clusterTrustBundle: - description: "ClusterTrustBundle allows\ - \ a pod to access the `.spec.trustBundle`\ - \ field of ClusterTrustBundle objects\ - \ in an auto-updating file. \n Alpha,\ - \ gated by the ClusterTrustBundleProjection\ - \ feature gate. \n ClusterTrustBundle\ - \ objects can either be selected by\ - \ name, or by the combination of signer\ - \ name and a label selector. \n Kubelet\ - \ performs aggressive normalization\ - \ of the PEM contents written into the\ - \ pod filesystem. Esoteric PEM features\ - \ such as inter-block comments and block\ - \ headers are stripped. Certificates\ - \ are deduplicated. The ordering of\ - \ certificates within the file is arbitrary,\ - \ and Kubelet may change the order over\ - \ time." + description: 'ClusterTrustBundle allows + a pod to access the `.spec.trustBundle` + field + + of ClusterTrustBundle objects in an + auto-updating file. + + + Alpha, gated by the ClusterTrustBundleProjection + feature gate. + + + ClusterTrustBundle objects can either + be selected by name, or by the + + combination of signer name and a label + selector. + + + Kubelet performs aggressive normalization + of the PEM contents written + + into the pod filesystem. Esoteric PEM + features such as inter-block + + comments and block headers are stripped. Certificates + are deduplicated. + + The ordering of certificates within + the file is arbitrary, and Kubelet + + may change the order over time.' properties: labelSelector: - description: Select all ClusterTrustBundles + description: 'Select all ClusterTrustBundles that match this label selector. Only - has effect if signerName is set. Mutually-exclusive - with name. If unset, interpreted - as "match nothing". If set but - empty, interpreted as "match everything". + has + + effect if signerName is set. Mutually-exclusive + with name. If unset, + + interpreted as "match nothing". If + set but empty, interpreted as "match + + everything".' properties: matchExpressions: description: matchExpressions @@ -2661,11 +3566,12 @@ objects: requirements. The requirements are ANDed. items: - description: A label selector + description: 'A label selector requirement is a selector that contains values, a key, - and an operator that relates - the key and values. + and an operator that + + relates the key and values.' properties: key: description: key is the @@ -2673,70 +3579,91 @@ objects: applies to. type: string operator: - description: operator represents - a key's relationship to - a set of values. Valid - operators are In, NotIn, - Exists and DoesNotExist. + description: 'operator represents + a key''s relationship + to a set of values. + + Valid operators are In, + NotIn, Exists and DoesNotExist.' type: string values: - description: values is an - array of string values. + description: 'values is + an array of string values. If the operator is In - or NotIn, the values array - must be non-empty. If - the operator is Exists - or DoesNotExist, the values - array must be empty. This - array is replaced during - a strategic merge patch. + or NotIn, + + the values array must + be non-empty. If the operator + is Exists or DoesNotExist, + + the values array must + be empty. This array is + replaced during a strategic + + merge patch.' items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string - description: matchLabels is a + description: 'matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key - field is "key", the operator - is "In", and the values array - contains only "value". The requirements - are ANDed. + field is "key", the + + operator is "In", and the values + array contains only "value". + The requirements are ANDed.' type: object type: object + x-kubernetes-map-type: atomic name: - description: Select a single ClusterTrustBundle + description: 'Select a single ClusterTrustBundle by object name. Mutually-exclusive - with signerName and labelSelector. + + with signerName and labelSelector.' type: string optional: - description: If true, don't block + description: 'If true, don''t block pod startup if the referenced ClusterTrustBundle(s) - aren't available. If using name, + + aren''t available. If using name, then the named ClusterTrustBundle - is allowed not to exist. If using + is + + allowed not to exist. If using signerName, then the combination - of signerName and labelSelector - is allowed to match zero ClusterTrustBundles. + of + + signerName and labelSelector is + allowed to match zero + + ClusterTrustBundles.' type: boolean path: description: Relative path from the volume root to write the bundle. type: string signerName: - description: Select all ClusterTrustBundles - that match this signer name. Mutually-exclusive - with name. The contents of all - selected ClusterTrustBundles will - be unified and deduplicated. + description: 'Select all ClusterTrustBundles + that match this signer name. + + Mutually-exclusive with name. The + contents of all selected + + ClusterTrustBundles will be unified + and deduplicated.' type: string required: - path @@ -2746,21 +3673,30 @@ objects: the configMap data to project properties: items: - description: items if unspecified, + description: 'items if unspecified, each key-value pair in the Data - field of the referenced ConfigMap - will be projected into the volume - as a file whose name is the key - and content is the value. If specified, - the listed keys will be projected - into the specified paths, and unlisted - keys will not be present. If a key - is specified which is not present - in the ConfigMap, the volume setup - will error unless it is marked optional. - Paths must be relative and may not - contain the '..' path or start with - '..'. + field of the referenced + + ConfigMap will be projected into + the volume as a file whose name + is the + + key and content is the value. If + specified, the listed keys will + be + + projected into the specified paths, + and unlisted keys will not be + + present. If a key is specified which + is not present in the ConfigMap, + + the volume setup will error unless + it is marked optional. Paths must + be + + relative and may not contain the + ''..'' path or start with ''..''.' items: description: Maps a string key to a path within a volume. @@ -2772,39 +3708,62 @@ objects: mode: description: 'mode is Optional: mode bits used to set permissions - on this file. Must be an octal - value between 0000 and 0777 - or a decimal value between - 0 and 511. YAML accepts both - octal and decimal values, - JSON requires decimal values - for mode bits. If not specified, - the volume defaultMode will - be used. This might be in - conflict with other options - that affect the file mode, - like fsGroup, and the result - can be other mode bits set.' + on this file. + + Must be an octal value between + 0000 and 0777 or a decimal + value between 0 and 511. + + YAML accepts both octal and + decimal values, JSON requires + decimal values for mode bits. + + If not specified, the volume + defaultMode will be used. + + This might be in conflict + with other options that affect + the file + + mode, like fsGroup, and the + result can be other mode bits + set.' format: int32 type: integer path: - description: path is the relative + description: 'path is the relative path of the file to map the - key to. May not be an absolute - path. May not contain the - path element '..'. May not - start with the string '..'. + key to. + + May not be an absolute path. + + May not contain the path element + ''..''. + + May not start with the string + ''..''.' type: string required: - key - path type: object type: array + x-kubernetes-list-type: atomic name: + default: '' description: 'Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + + This field is effectively required, + but due to backwards compatibility + is + + allowed to be empty. Instances of + this type with an empty value here + are + + almost certainly wrong. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string optional: description: optional specify whether @@ -2812,6 +3771,7 @@ objects: defined type: boolean type: object + x-kubernetes-map-type: atomic downwardAPI: description: downwardAPI information about the downwardAPI data to project @@ -2827,8 +3787,8 @@ objects: fieldRef: description: 'Required: Selects a field of the pod: only annotations, - labels, name and namespace - are supported.' + labels, name, namespace and + uid are supported.' properties: apiVersion: description: Version of @@ -2844,22 +3804,31 @@ objects: required: - fieldPath type: object + x-kubernetes-map-type: atomic mode: description: 'Optional: mode bits used to set permissions on this file, must be an octal - value between 0000 and 0777 - or a decimal value between - 0 and 511. YAML accepts both - octal and decimal values, - JSON requires decimal values - for mode bits. If not specified, - the volume defaultMode will - be used. This might be in - conflict with other options - that affect the file mode, - like fsGroup, and the result - can be other mode bits set.' + value + + between 0000 and 0777 or a + decimal value between 0 and + 511. + + YAML accepts both octal and + decimal values, JSON requires + decimal values for mode bits. + + If not specified, the volume + defaultMode will be used. + + This might be in conflict + with other options that affect + the file + + mode, like fsGroup, and the + result can be other mode bits + set.' format: int32 type: integer path: @@ -2875,10 +3844,11 @@ objects: resourceFieldRef: description: 'Selects a resource of the container: only resources - limits and requests (limits.cpu, - limits.memory, requests.cpu - and requests.memory) are currently - supported.' + limits and requests + + (limits.cpu, limits.memory, + requests.cpu and requests.memory) + are currently supported.' properties: containerName: description: 'Container @@ -2902,31 +3872,41 @@ objects: required: - resource type: object + x-kubernetes-map-type: atomic required: - path type: object type: array + x-kubernetes-list-type: atomic type: object secret: description: secret information about the secret data to project properties: items: - description: items if unspecified, + description: 'items if unspecified, each key-value pair in the Data - field of the referenced Secret will - be projected into the volume as - a file whose name is the key and - content is the value. If specified, - the listed keys will be projected - into the specified paths, and unlisted - keys will not be present. If a key - is specified which is not present - in the Secret, the volume setup - will error unless it is marked optional. - Paths must be relative and may not - contain the '..' path or start with - '..'. + field of the referenced + + Secret will be projected into the + volume as a file whose name is the + + key and content is the value. If + specified, the listed keys will + be + + projected into the specified paths, + and unlisted keys will not be + + present. If a key is specified which + is not present in the Secret, + + the volume setup will error unless + it is marked optional. Paths must + be + + relative and may not contain the + ''..'' path or start with ''..''.' items: description: Maps a string key to a path within a volume. @@ -2938,39 +3918,62 @@ objects: mode: description: 'mode is Optional: mode bits used to set permissions - on this file. Must be an octal - value between 0000 and 0777 - or a decimal value between - 0 and 511. YAML accepts both - octal and decimal values, - JSON requires decimal values - for mode bits. If not specified, - the volume defaultMode will - be used. This might be in - conflict with other options - that affect the file mode, - like fsGroup, and the result - can be other mode bits set.' + on this file. + + Must be an octal value between + 0000 and 0777 or a decimal + value between 0 and 511. + + YAML accepts both octal and + decimal values, JSON requires + decimal values for mode bits. + + If not specified, the volume + defaultMode will be used. + + This might be in conflict + with other options that affect + the file + + mode, like fsGroup, and the + result can be other mode bits + set.' format: int32 type: integer path: - description: path is the relative + description: 'path is the relative path of the file to map the - key to. May not be an absolute - path. May not contain the - path element '..'. May not - start with the string '..'. + key to. + + May not be an absolute path. + + May not contain the path element + ''..''. + + May not start with the string + ''..''.' type: string required: - key - path type: object type: array + x-kubernetes-list-type: atomic name: + default: '' description: 'Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + + This field is effectively required, + but due to backwards compatibility + is + + allowed to be empty. Instances of + this type with an empty value here + are + + almost certainly wrong. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string optional: description: optional field specify @@ -2978,76 +3981,98 @@ objects: be defined type: boolean type: object + x-kubernetes-map-type: atomic serviceAccountToken: description: serviceAccountToken is information about the serviceAccountToken data to project properties: audience: - description: audience is the intended + description: 'audience is the intended audience of the token. A recipient - of a token must identify itself - with an identifier specified in - the audience of the token, and otherwise - should reject the token. The audience - defaults to the identifier of the - apiserver. + of a token + + must identify itself with an identifier + specified in the audience of the + + token, and otherwise should reject + the token. The audience defaults + to the + + identifier of the apiserver.' type: string expirationSeconds: - description: expirationSeconds is + description: 'expirationSeconds is the requested duration of validity - of the service account token. As - the token approaches expiration, - the kubelet volume plugin will proactively - rotate the service account token. - The kubelet will start trying to - rotate the token if the token is - older than 80 percent of its time - to live or if the token is older - than 24 hours.Defaults to 1 hour - and must be at least 10 minutes. + of the service + + account token. As the token approaches + expiration, the kubelet volume + + plugin will proactively rotate the + service account token. The kubelet + will + + start trying to rotate the token + if the token is older than 80 percent + of + + its time to live or if the token + is older than 24 hours.Defaults + to 1 hour + + and must be at least 10 minutes.' format: int64 type: integer path: - description: path is the path relative + description: 'path is the path relative to the mount point of the file to - project the token into. + project the + + token into.' type: string required: - path type: object type: object type: array + x-kubernetes-list-type: atomic type: object quobyte: description: quobyte represents a Quobyte mount on the host that shares a pod's lifetime properties: group: - description: group to map volume access to Default - is no group + description: 'group to map volume access to + + Default is no group' type: string readOnly: - description: readOnly here will force the Quobyte + description: 'readOnly here will force the Quobyte volume to be mounted with read-only permissions. - Defaults to false. + + Defaults to false.' type: boolean registry: - description: registry represents a single or - multiple Quobyte Registry services specified - as a string as host:port pair (multiple entries - are separated with commas) which acts as the - central registry for volumes + description: 'registry represents a single or + multiple Quobyte Registry services + + specified as a string as host:port pair (multiple + entries are separated with commas) + + which acts as the central registry for volumes' type: string tenant: - description: tenant owning the given Quobyte - volume in the Backend Used with dynamically - provisioned Quobyte volumes, value is set - by the plugin + description: 'tenant owning the given Quobyte + volume in the Backend + + Used with dynamically provisioned Quobyte + volumes, value is set by the plugin' type: string user: - description: user to map volume access to Defaults - to serivceaccount user + description: 'user to map volume access to + + Defaults to serivceaccount user' type: string volume: description: volume is a string that references @@ -3060,57 +4085,93 @@ objects: rbd: description: 'rbd represents a Rados Block Device mount on the host that shares a pod''s lifetime. + More info: https://examples.k8s.io/volumes/rbd/README.md' properties: fsType: description: 'fsType is the filesystem type - of the volume that you want to mount. Tip: - Ensure that the filesystem type is supported - by the host operating system. Examples: "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd - TODO: how do we prevent errors in the filesystem - from compromising the machine' + of the volume that you want to mount. + + Tip: Ensure that the filesystem type is supported + by the host operating system. + + Examples: "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd' type: string image: description: 'image is the rados image name. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string keyring: + default: /etc/ceph/keyring description: 'keyring is the path to key ring - for RBDUser. Default is /etc/ceph/keyring. + for RBDUser. + + Default is /etc/ceph/keyring. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string monitors: description: 'monitors is a collection of Ceph - monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + monitors. + + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' items: type: string type: array + x-kubernetes-list-type: atomic pool: - description: 'pool is the rados pool name. Default - is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + default: rbd + description: 'pool is the rados pool name. + + Default is rbd. + + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string readOnly: description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. + setting in VolumeMounts. + + Defaults to false. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: boolean secretRef: description: 'secretRef is name of the authentication - secret for RBDUser. If provided overrides - keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + secret for RBDUser. If provided + + overrides keyring. + + Default is nil. + + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' properties: name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: '' + description: 'Name of the referent. + + This field is effectively required, but + due to backwards compatibility is + + allowed to be empty. Instances of this + type with an empty value here are + + almost certainly wrong. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string type: object + x-kubernetes-map-type: atomic user: - description: 'user is the rados user name. Default - is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + default: admin + description: 'user is the rados user name. + + Default is admin. + + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string required: - image @@ -3121,10 +4182,16 @@ objects: volume attached and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to - mount. Must be a filesystem type supported - by the host operating system. Ex. "ext4", - "xfs", "ntfs". Default is "xfs". + default: xfs + description: 'fsType is the filesystem type + to mount. + + Must be a filesystem type supported by the + host operating system. + + Ex. "ext4", "xfs", "ntfs". + + Default is "xfs".' type: string gateway: description: gateway is the host address of @@ -3136,31 +4203,45 @@ objects: storage. type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. + description: 'readOnly Defaults to false (read/write). + ReadOnly here will force + + the ReadOnly setting in VolumeMounts.' type: boolean secretRef: - description: secretRef references to the secret - for ScaleIO user and other sensitive information. - If this is not provided, Login operation will - fail. + description: 'secretRef references to the secret + for ScaleIO user and other + + sensitive information. If this is not provided, + Login operation will fail.' properties: name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: '' + description: 'Name of the referent. + + This field is effectively required, but + due to backwards compatibility is + + allowed to be empty. Instances of this + type with an empty value here are + + almost certainly wrong. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string type: object + x-kubernetes-map-type: atomic sslEnabled: description: sslEnabled Flag enable/disable SSL communication with Gateway, default false type: boolean storageMode: - description: storageMode indicates whether the - storage for a volume should be ThickProvisioned - or ThinProvisioned. Default is ThinProvisioned. + default: ThinProvisioned + description: 'storageMode indicates whether + the storage for a volume should be ThickProvisioned + or ThinProvisioned. + + Default is ThinProvisioned.' type: string storagePool: description: storagePool is the ScaleIO Storage @@ -3171,9 +4252,10 @@ objects: system as configured in ScaleIO. type: string volumeName: - description: volumeName is the name of a volume - already created in the ScaleIO system that - is associated with this volume source. + description: 'volumeName is the name of a volume + already created in the ScaleIO system + + that is associated with this volume source.' type: string required: - gateway @@ -3182,34 +4264,54 @@ objects: type: object secret: description: 'secret represents a secret that should - populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + populate this volume. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' properties: defaultMode: description: 'defaultMode is Optional: mode bits used to set permissions on created files - by default. Must be an octal value between - 0000 and 0777 or a decimal value between 0 - and 511. YAML accepts both octal and decimal - values, JSON requires decimal values for mode - bits. Defaults to 0644. Directories within - the path are not affected by this setting. + by default. + + Must be an octal value between 0000 and 0777 + or a decimal value between 0 and 511. + + YAML accepts both octal and decimal values, + JSON requires decimal values + + for mode bits. Defaults to 0644. + + Directories within the path are not affected + by this setting. + This might be in conflict with other options - that affect the file mode, like fsGroup, and - the result can be other mode bits set.' + that affect the file + + mode, like fsGroup, and the result can be + other mode bits set.' format: int32 type: integer items: - description: items If unspecified, each key-value - pair in the Data field of the referenced Secret - will be projected into the volume as a file - whose name is the key and content is the value. - If specified, the listed keys will be projected - into the specified paths, and unlisted keys - will not be present. If a key is specified - which is not present in the Secret, the volume - setup will error unless it is marked optional. - Paths must be relative and may not contain - the '..' path or start with '..'. + description: 'items If unspecified, each key-value + pair in the Data field of the referenced + + Secret will be projected into the volume as + a file whose name is the + + key and content is the value. If specified, + the listed keys will be + + projected into the specified paths, and unlisted + keys will not be + + present. If a key is specified which is not + present in the Secret, + + the volume setup will error unless it is marked + optional. Paths must be + + relative and may not contain the ''..'' path + or start with ''..''.' items: description: Maps a string key to a path within a volume. @@ -3220,38 +4322,50 @@ objects: mode: description: 'mode is Optional: mode bits used to set permissions on this file. + Must be an octal value between 0000 and 0777 or a decimal value between - 0 and 511. YAML accepts both octal and - decimal values, JSON requires decimal - values for mode bits. If not specified, - the volume defaultMode will be used. + 0 and 511. + + YAML accepts both octal and decimal + values, JSON requires decimal values + for mode bits. + + If not specified, the volume defaultMode + will be used. + This might be in conflict with other - options that affect the file mode, like - fsGroup, and the result can be other - mode bits set.' + options that affect the file + + mode, like fsGroup, and the result can + be other mode bits set.' format: int32 type: integer path: - description: path is the relative path - of the file to map the key to. May not - be an absolute path. May not contain - the path element '..'. May not start - with the string '..'. + description: 'path is the relative path + of the file to map the key to. + + May not be an absolute path. + + May not contain the path element ''..''. + + May not start with the string ''..''.' type: string required: - key - path type: object type: array + x-kubernetes-list-type: atomic optional: description: optional field specify whether the Secret or its keys must be defined type: boolean secretName: description: 'secretName is the name of the - secret in the pod''s namespace to use. More - info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + secret in the pod''s namespace to use. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' type: string type: object storageos: @@ -3259,45 +4373,69 @@ objects: attached and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to - mount. Must be a filesystem type supported - by the host operating system. Ex. "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. + description: 'fsType is the filesystem type + to mount. + + Must be a filesystem type supported by the + host operating system. + + Ex. "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified.' type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. + description: 'readOnly defaults to false (read/write). + ReadOnly here will force + + the ReadOnly setting in VolumeMounts.' type: boolean secretRef: - description: secretRef specifies the secret - to use for obtaining the StorageOS API credentials. If - not specified, default values will be attempted. + description: 'secretRef specifies the secret + to use for obtaining the StorageOS API + + credentials. If not specified, default values + will be attempted.' properties: name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: '' + description: 'Name of the referent. + + This field is effectively required, but + due to backwards compatibility is + + allowed to be empty. Instances of this + type with an empty value here are + + almost certainly wrong. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string type: object + x-kubernetes-map-type: atomic volumeName: - description: volumeName is the human-readable - name of the StorageOS volume. Volume names - are only unique within a namespace. + description: 'volumeName is the human-readable + name of the StorageOS volume. Volume + + names are only unique within a namespace.' type: string volumeNamespace: - description: volumeNamespace specifies the scope - of the volume within StorageOS. If no namespace - is specified then the Pod's namespace will - be used. This allows the Kubernetes name - scoping to be mirrored within StorageOS for - tighter integration. Set VolumeName to any - name to override the default behaviour. Set - to "default" if you are not using namespaces - within StorageOS. Namespaces that do not pre-exist - within StorageOS will be created. + description: 'volumeNamespace specifies the + scope of the volume within StorageOS. If + no + + namespace is specified then the Pod''s namespace + will be used. This allows the + + Kubernetes name scoping to be mirrored within + StorageOS for tighter integration. + + Set VolumeName to any name to override the + default behaviour. + + Set to "default" if you are not using namespaces + within StorageOS. + + Namespaces that do not pre-exist within StorageOS + will be created.' type: string type: object vsphereVolume: @@ -3305,11 +4443,13 @@ objects: volume attached and mounted on kubelets host machine properties: fsType: - description: fsType is filesystem type to mount. + description: 'fsType is filesystem type to mount. + Must be a filesystem type supported by the - host operating system. Ex. "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. + host operating system. + + Ex. "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified.' type: string storagePolicyID: description: storagePolicyID is the storage @@ -3337,24 +4477,34 @@ objects: format: int32 type: integer web: - description: If set to true, creates a service on the webPort - defined in the ClowdEnvironment resource, along with the - relevant liveness and readiness probes. + description: 'If set to true, creates a service on the webPort + defined in + + the ClowdEnvironment resource, along with the relevant liveness + and + + readiness probes.' type: boolean webServices: description: 'WebServices defines the structs for the three - exposed web services: public, private and metrics.' + exposed web services: public, + + private and metrics.' properties: metrics: - description: MetricsWebService is the definition of the - metrics web service. This is automatically enabled and - the configuration here at the moment is included for - completeness, as there are no configurable options. + description: 'MetricsWebService is the definition of the + metrics web service. This is automatically + + enabled and the configuration here at the moment is + included for completeness, as there + + are no configurable options.' type: object private: - description: PrivateWebService is the definition of the - private web service. There can be only one private service - managed by Clowder. + description: 'PrivateWebService is the definition of the + private web service. There can be only + + one private service managed by Clowder.' properties: appProtocol: description: AppProtocol determines the protocol to @@ -3372,15 +4522,17 @@ objects: - redis type: string enabled: - description: Enabled describes if Clowder should enable - the private service and provide the configuration - in the cdappconfig. + description: 'Enabled describes if Clowder should + enable the private service and provide the + + configuration in the cdappconfig.' type: boolean type: object public: - description: PublicWebService is the definition of the - public web service. There can be only one public service - managed by Clowder. + description: 'PublicWebService is the definition of the + public web service. There can be only + + one public service managed by Clowder.' properties: apiPath: description: (DEPRECATED, use apiPaths instead) Configures @@ -3399,9 +4551,10 @@ objects: type: string type: array enabled: - description: Enabled describes if Clowder should enable - the public service and provide the configuration - in the cdappconfig. + description: 'Enabled describes if Clowder should + enable the public service and provide the + + configuration in the cdappconfig.' type: boolean sessionAffinity: description: Set SessionAffinity to true to enable @@ -3424,30 +4577,43 @@ objects: description: Disabled turns off reconciliation for this ClowdApp type: boolean envName: - description: The name of the ClowdEnvironment resource that this - ClowdApp will use as its base. This does not mean that the ClowdApp - needs to be placed in the same directory as the targetNamespace - of the ClowdEnvironment. + description: 'The name of the ClowdEnvironment resource that this + ClowdApp will use as + + its base. This does not mean that the ClowdApp needs to be placed + in the + + same directory as the targetNamespace of the ClowdEnvironment.' type: string featureFlags: - description: If featureFlags is set to true, Clowder will pass configuration - of a FeatureFlags instance to the pods in the ClowdApp. This single - instance will be shared between all apps. + description: 'If featureFlags is set to true, Clowder will pass + configuration of a + + FeatureFlags instance to the pods in the ClowdApp. This single + + instance will be shared between all apps.' type: boolean inMemoryDb: - description: If inMemoryDb is set to true, Clowder will pass configuration + description: 'If inMemoryDb is set to true, Clowder will pass configuration + of an In Memory Database to the pods in the ClowdApp. This single - instance will be shared between all apps. + + instance will be shared between all apps.' type: boolean jobs: description: A list of jobs items: - description: Job defines a ClowdJob A Job struct will deploy as - a CronJob if `schedule` is set and will deploy as a Job if it - is not set. Unsupported fields will be dropped from Jobs + description: 'Job defines a ClowdJob + + A Job struct will deploy as a CronJob if `schedule` is set + + and will deploy as a Job if it is not set. Unsupported fields + + will be dropped from Jobs' properties: activeDeadlineSeconds: description: 'The activeDeadlineSeconds for the Job or CronJob. + More info: https://kubernetes.io/docs/concepts/workloads/controllers/job/' format: int64 type: integer @@ -3456,24 +4622,31 @@ objects: format: int32 type: integer concurrencyPolicy: - description: Defines the concurrency policy for the CronJob, - defaults to Allow Only applies to Cronjobs + description: 'Defines the concurrency policy for the CronJob, + defaults to Allow + + Only applies to Cronjobs' type: string disabled: - description: Disabled allows a job to be disabled, as such, - the resource is not created on the system and cannot be - invoked with a CJI + description: 'Disabled allows a job to be disabled, as such, + the resource is not + + created on the system and cannot be invoked with a CJI' type: boolean failedJobsHistoryLimit: - description: The number of failed finished jobs to retain. - Value must be non-negative integer. Defaults to 1. Only - applies to Cronjobs + description: 'The number of failed finished jobs to retain. + Value must be non-negative integer. + + Defaults to 1. + + Only applies to Cronjobs' format: int32 type: integer name: - description: Name defines identifier of the Job. This name - will be used to name the CronJob resource, the container - will be name identically. + description: 'Name defines identifier of the Job. This name + will be used to name the + + CronJob resource, the container will be name identically.' type: string parallelism: description: Defines the parallelism of the job @@ -3507,16 +4680,29 @@ objects: type: string value: description: 'Variable references $(VAR_NAME) are - expanded using the previously defined environment - variables in the container and any service environment - variables. If a variable cannot be resolved, the - reference in the input string will be unchanged. - Double $$ are reduced to a single $, which allows - for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" - will produce the string literal "$(VAR_NAME)". + expanded + + using the previously defined environment variables + in the container and + + any service environment variables. If a variable + cannot be resolved, + + the reference in the input string will be unchanged. + Double $$ are reduced + + to a single $, which allows for escaping the $(VAR_NAME) + syntax: i.e. + + "$$(VAR_NAME)" will produce the string literal + "$(VAR_NAME)". + Escaped references will never be expanded, regardless - of whether the variable exists or not. Defaults - to "".' + of whether the variable + + exists or not. + + Defaults to "".' type: string valueFrom: description: Source for the environment variable's @@ -3529,10 +4715,18 @@ objects: description: The key to select. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: '' + description: 'Name of the referent. + + This field is effectively required, but + due to backwards compatibility is + + allowed to be empty. Instances of this + type with an empty value here are + + almost certainly wrong. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string optional: description: Specify whether the ConfigMap @@ -3541,12 +4735,14 @@ objects: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['''']`, - `metadata.annotations['''']`, spec.nodeName, - spec.serviceAccountName, status.hostIP, status.podIP, - status.podIPs.' + `metadata.annotations['''']`, + + spec.nodeName, spec.serviceAccountName, status.hostIP, + status.podIP, status.podIPs.' properties: apiVersion: description: Version of the schema the FieldPath @@ -3559,11 +4755,13 @@ objects: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: description: 'Selects a resource of the container: - only resources limits and requests (limits.cpu, - limits.memory, limits.ephemeral-storage, requests.cpu, - requests.memory and requests.ephemeral-storage) + only resources limits and requests + + (limits.cpu, limits.memory, limits.ephemeral-storage, + requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.' properties: containerName: @@ -3585,6 +4783,7 @@ objects: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: description: Selects a key of a secret in the pod's namespace @@ -3594,10 +4793,18 @@ objects: from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: '' + description: 'Name of the referent. + + This field is effectively required, but + due to backwards compatibility is + + allowed to be empty. Instances of this + type with an empty value here are + + almost certainly wrong. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string optional: description: Specify whether the Secret @@ -3606,6 +4813,7 @@ objects: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -3619,10 +4827,13 @@ objects: description: A list of init containers used to perform at-startup operations. items: - description: InitContainer is a struct defining a k8s - init container. This will be deployed along with the - parent pod and is used to carry out one time initialization - procedures. + description: 'InitContainer is a struct defining a k8s + init container. This will be + + deployed along with the parent pod and is used to + carry out one time + + initialization procedures.' properties: args: description: A list of args to be passed to the @@ -3649,17 +4860,29 @@ objects: type: string value: description: 'Variable references $(VAR_NAME) - are expanded using the previously defined - environment variables in the container and + are expanded + + using the previously defined environment + variables in the container and + any service environment variables. If a - variable cannot be resolved, the reference - in the input string will be unchanged. Double - $$ are reduced to a single $, which allows - for escaping the $(VAR_NAME) syntax: i.e. + variable cannot be resolved, + + the reference in the input string will be + unchanged. Double $$ are reduced + + to a single $, which allows for escaping + the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal - "$(VAR_NAME)". Escaped references will never - be expanded, regardless of whether the variable - exists or not. Defaults to "".' + "$(VAR_NAME)". + + Escaped references will never be expanded, + regardless of whether the variable + + exists or not. + + Defaults to "".' type: string valueFrom: description: Source for the environment variable's @@ -3672,10 +4895,20 @@ objects: description: The key to select. type: string name: + default: '' description: 'Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + + This field is effectively required, + but due to backwards compatibility + is + + allowed to be empty. Instances of + this type with an empty value here + are + + almost certainly wrong. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string optional: description: Specify whether the ConfigMap @@ -3684,10 +4917,12 @@ objects: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['''']`, `metadata.annotations['''']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.' properties: @@ -3703,12 +4938,14 @@ objects: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: description: 'Selects a resource of the container: only resources limits and - requests (limits.cpu, limits.memory, - limits.ephemeral-storage, requests.cpu, - requests.memory and requests.ephemeral-storage) + requests + + (limits.cpu, limits.memory, limits.ephemeral-storage, + requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.' properties: containerName: @@ -3731,6 +4968,7 @@ objects: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: description: Selects a key of a secret in the pod's namespace @@ -3741,10 +4979,20 @@ objects: secret key. type: string name: + default: '' description: 'Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + + This field is effectively required, + but due to backwards compatibility + is + + allowed to be empty. Instances of + this type with an empty value here + are + + almost certainly wrong. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string optional: description: Specify whether the Secret @@ -3753,19 +5001,23 @@ objects: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name type: object type: array image: - description: Image refers to the container image - used to create the init container (if different - from the primary pod image). + description: 'Image refers to the container image + used to create the init container + + (if different from the primary pod image).' type: string inheritEnv: - description: If true, inheirts the environment variables - from the parent pod. specification + description: 'If true, inheirts the environment + variables from the parent pod. + + specification' type: boolean name: description: Name gives an identifier in the situation @@ -3779,37 +5031,51 @@ objects: properties: postStart: description: 'PostStart is called immediately after - a container is created. If the handler fails, the - container is terminated and restarted according - to its restart policy. Other management of the container - blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + a container is created. If the handler fails, + + the container is terminated and restarted according + to its restart policy. + + Other management of the container blocks until the + hook completes. + + More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' properties: exec: description: Exec specifies the action to take. properties: command: - description: Command is the command line to - execute inside the container, the working - directory for the command is root ('/') - in the container's filesystem. The command - is simply exec'd, it is not run inside a - shell, so traditional shell instructions - ('|', etc) won't work. To use a shell, you - need to explicitly call out to that shell. + description: 'Command is the command line + to execute inside the container, the working + directory for the + + command is root (''/'') in the container''s + filesystem. The command is simply exec''d, + it is + + not run inside a shell, so traditional shell + instructions (''|'', etc) won''t work. To + use + + a shell, you need to explicitly call out + to that shell. + Exit status of 0 is treated as live/healthy - and non-zero is unhealthy. + and non-zero is unhealthy.' items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. properties: host: - description: Host name to connect to, defaults + description: 'Host name to connect to, defaults to the pod IP. You probably want to set - "Host" in httpHeaders instead. + + "Host" in httpHeaders instead.' type: string httpHeaders: description: Custom headers to set in the @@ -3819,10 +5085,11 @@ objects: header to be used in HTTP probes properties: name: - description: The header field name. + description: 'The header field name. + This will be canonicalized upon output, so case-variant names will be understood - as the same header. + as the same header.' type: string value: description: The header field value @@ -3832,6 +5099,7 @@ objects: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -3839,14 +5107,18 @@ objects: anyOf: - type: integer - type: string - description: Name or number of the port to - access on the container. Number must be - in the range 1 to 65535. Name must be an - IANA_SVC_NAME. + description: 'Name or number of the port to + access on the container. + + Number must be in the range 1 to 65535. + + Name must be an IANA_SVC_NAME.' x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. + description: 'Scheme to use for connecting + to the host. + + Defaults to HTTP.' type: string required: - port @@ -3864,11 +5136,14 @@ objects: - seconds type: object tcpSocket: - description: Deprecated. TCPSocket is NOT supported - as a LifecycleHandler and kept for the backward - compatibility. There are no validation of this - field and lifecycle hooks will fail in runtime - when tcp handler is specified. + description: 'Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept + + for the backward compatibility. There are no + validation of this field and + + lifecycle hooks will fail in runtime when tcp + handler is specified.' properties: host: description: 'Optional: Host name to connect @@ -3878,10 +5153,12 @@ objects: anyOf: - type: integer - type: string - description: Number or name of the port to - access on the container. Number must be - in the range 1 to 65535. Name must be an - IANA_SVC_NAME. + description: 'Number or name of the port to + access on the container. + + Number must be in the range 1 to 65535. + + Name must be an IANA_SVC_NAME.' x-kubernetes-int-or-string: true required: - port @@ -3889,45 +5166,65 @@ objects: type: object preStop: description: 'PreStop is called immediately before - a container is terminated due to an API request - or management event such as liveness/startup probe - failure, preemption, resource contention, etc. The - handler is not called if the container crashes or - exits. The Pod''s termination grace period countdown - begins before the PreStop hook is executed. Regardless - of the outcome of the handler, the container will - eventually terminate within the Pod''s termination - grace period (unless delayed by finalizers). Other - management of the container blocks until the hook - completes or until the termination grace period - is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + a container is terminated due to an + + API request or management event such as liveness/startup + probe failure, + + preemption, resource contention, etc. The handler + is not called if the + + container crashes or exits. The Pod''s termination + grace period countdown begins before the + + PreStop hook is executed. Regardless of the outcome + of the handler, the + + container will eventually terminate within the Pod''s + termination grace + + period (unless delayed by finalizers). Other management + of the container blocks until the hook completes + + or until the termination grace period is reached. + + More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' properties: exec: description: Exec specifies the action to take. properties: command: - description: Command is the command line to - execute inside the container, the working - directory for the command is root ('/') - in the container's filesystem. The command - is simply exec'd, it is not run inside a - shell, so traditional shell instructions - ('|', etc) won't work. To use a shell, you - need to explicitly call out to that shell. + description: 'Command is the command line + to execute inside the container, the working + directory for the + + command is root (''/'') in the container''s + filesystem. The command is simply exec''d, + it is + + not run inside a shell, so traditional shell + instructions (''|'', etc) won''t work. To + use + + a shell, you need to explicitly call out + to that shell. + Exit status of 0 is treated as live/healthy - and non-zero is unhealthy. + and non-zero is unhealthy.' items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. properties: host: - description: Host name to connect to, defaults + description: 'Host name to connect to, defaults to the pod IP. You probably want to set - "Host" in httpHeaders instead. + + "Host" in httpHeaders instead.' type: string httpHeaders: description: Custom headers to set in the @@ -3937,10 +5234,11 @@ objects: header to be used in HTTP probes properties: name: - description: The header field name. + description: 'The header field name. + This will be canonicalized upon output, so case-variant names will be understood - as the same header. + as the same header.' type: string value: description: The header field value @@ -3950,6 +5248,7 @@ objects: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -3957,14 +5256,18 @@ objects: anyOf: - type: integer - type: string - description: Name or number of the port to - access on the container. Number must be - in the range 1 to 65535. Name must be an - IANA_SVC_NAME. + description: 'Name or number of the port to + access on the container. + + Number must be in the range 1 to 65535. + + Name must be an IANA_SVC_NAME.' x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. + description: 'Scheme to use for connecting + to the host. + + Defaults to HTTP.' type: string required: - port @@ -3982,11 +5285,14 @@ objects: - seconds type: object tcpSocket: - description: Deprecated. TCPSocket is NOT supported - as a LifecycleHandler and kept for the backward - compatibility. There are no validation of this - field and lifecycle hooks will fail in runtime - when tcp handler is specified. + description: 'Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept + + for the backward compatibility. There are no + validation of this field and + + lifecycle hooks will fail in runtime when tcp + handler is specified.' properties: host: description: 'Optional: Host name to connect @@ -3996,10 +5302,12 @@ objects: anyOf: - type: integer - type: string - description: Number or name of the port to - access on the container. Number must be - in the range 1 to 65535. Name must be an - IANA_SVC_NAME. + description: 'Number or name of the port to + access on the container. + + Number must be in the range 1 to 65535. + + Name must be an IANA_SVC_NAME.' x-kubernetes-int-or-string: true required: - port @@ -4007,32 +5315,47 @@ objects: type: object type: object livenessProbe: - description: A pass-through of a Liveness Probe specification - in standard k8s format. If omitted, a standard probe - will be setup point to the webPort defined in the ClowdEnvironment - and a path of /healthz. Ignored if Web is set to false. + description: 'A pass-through of a Liveness Probe specification + in standard k8s format. + + If omitted, a standard probe will be setup point to + the webPort defined + + in the ClowdEnvironment and a path of /healthz. Ignored + if Web is set to + + false.' properties: exec: description: Exec specifies the action to take. properties: command: - description: Command is the command line to execute + description: 'Command is the command line to execute inside the container, the working directory - for the command is root ('/') in the container's - filesystem. The command is simply exec'd, it - is not run inside a shell, so traditional shell - instructions ('|', etc) won't work. To use a - shell, you need to explicitly call out to that - shell. Exit status of 0 is treated as live/healthy - and non-zero is unhealthy. + for the + + command is root (''/'') in the container''s + filesystem. The command is simply exec''d, it + is + + not run inside a shell, so traditional shell + instructions (''|'', etc) won''t work. To use + + a shell, you need to explicitly call out to + that shell. + + Exit status of 0 is treated as live/healthy + and non-zero is unhealthy.' items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: - description: Minimum consecutive failures for the + description: 'Minimum consecutive failures for the probe to be considered failed after having succeeded. - Defaults to 3. Minimum value is 1. + + Defaults to 3. Minimum value is 1.' format: int32 type: integer grpc: @@ -4045,11 +5368,15 @@ objects: format: int32 type: integer service: - description: "Service is the name of the service\ - \ to place in the gRPC HealthCheckRequest (see\ - \ https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\ - \ \n If this is not specified, the default behavior\ - \ is defined by gRPC." + default: '' + description: 'Service is the name of the service + to place in the gRPC HealthCheckRequest + + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + + + If this is not specified, the default behavior + is defined by gRPC.' type: string required: - port @@ -4059,9 +5386,10 @@ objects: perform. properties: host: - description: Host name to connect to, defaults - to the pod IP. You probably want to set "Host" - in httpHeaders instead. + description: 'Host name to connect to, defaults + to the pod IP. You probably want to set + + "Host" in httpHeaders instead.' type: string httpHeaders: description: Custom headers to set in the request. @@ -4071,10 +5399,11 @@ objects: to be used in HTTP probes properties: name: - description: The header field name. This - will be canonicalized upon output, so - case-variant names will be understood - as the same header. + description: 'The header field name. + + This will be canonicalized upon output, + so case-variant names will be understood + as the same header.' type: string value: description: The header field value @@ -4084,6 +5413,7 @@ objects: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -4091,13 +5421,18 @@ objects: anyOf: - type: integer - type: string - description: Name or number of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + description: 'Name or number of the port to access + on the container. + + Number must be in the range 1 to 65535. + + Name must be an IANA_SVC_NAME.' x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting to the - host. Defaults to HTTP. + description: 'Scheme to use for connecting to + the host. + + Defaults to HTTP.' type: string required: - port @@ -4105,19 +5440,23 @@ objects: initialDelaySeconds: description: 'Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' format: int32 type: integer periodSeconds: - description: How often (in seconds) to perform the - probe. Default to 10 seconds. Minimum value is 1. + description: 'How often (in seconds) to perform the + probe. + + Default to 10 seconds. Minimum value is 1.' format: int32 type: integer successThreshold: - description: Minimum consecutive successes for the + description: 'Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. - Minimum value is 1. + Minimum value is 1.' format: int32 type: integer tcpSocket: @@ -4132,35 +5471,53 @@ objects: anyOf: - type: integer - type: string - description: Number or name of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + description: 'Number or name of the port to access + on the container. + + Number must be in the range 1 to 65535. + + Name must be an IANA_SVC_NAME.' x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: - description: Optional duration in seconds the pod + description: 'Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after - the processes running in the pod are sent a termination - signal and the time when the processes are forcibly - halted with a kill signal. Set this value longer - than the expected cleanup time for your process. - If this value is nil, the pod's terminationGracePeriodSeconds - will be used. Otherwise, this value overrides the - value provided by the pod spec. Value must be non-negative - integer. The value zero indicates stop immediately - via the kill signal (no opportunity to shut down). + the processes running in the pod are sent + + a termination signal and the time when the processes + are forcibly halted with a kill signal. + + Set this value longer than the expected cleanup + time for your process. + + If this value is nil, the pod''s terminationGracePeriodSeconds + will be used. Otherwise, this + + value overrides the value provided by the pod spec. + + Value must be non-negative integer. The value zero + indicates stop immediately via + + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod - feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds - is used if unset. + feature gate. + + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset.' format: int64 type: integer timeoutSeconds: description: 'Number of seconds after which the probe - times out. Defaults to 1 second. Minimum value is - 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + times out. + + Defaults to 1 second. Minimum value is 1. + + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' format: int32 type: integer type: object @@ -4178,32 +5535,47 @@ objects: type: object type: object readinessProbe: - description: A pass-through of a Readiness Probe specification - in standard k8s format. If omitted, a standard probe - will be setup point to the webPort defined in the ClowdEnvironment - and a path of /healthz. Ignored if Web is set to false. + description: 'A pass-through of a Readiness Probe specification + in standard k8s format. + + If omitted, a standard probe will be setup point to + the webPort defined + + in the ClowdEnvironment and a path of /healthz. Ignored + if Web is set to + + false.' properties: exec: description: Exec specifies the action to take. properties: command: - description: Command is the command line to execute + description: 'Command is the command line to execute inside the container, the working directory - for the command is root ('/') in the container's - filesystem. The command is simply exec'd, it - is not run inside a shell, so traditional shell - instructions ('|', etc) won't work. To use a - shell, you need to explicitly call out to that - shell. Exit status of 0 is treated as live/healthy - and non-zero is unhealthy. + for the + + command is root (''/'') in the container''s + filesystem. The command is simply exec''d, it + is + + not run inside a shell, so traditional shell + instructions (''|'', etc) won''t work. To use + + a shell, you need to explicitly call out to + that shell. + + Exit status of 0 is treated as live/healthy + and non-zero is unhealthy.' items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: - description: Minimum consecutive failures for the + description: 'Minimum consecutive failures for the probe to be considered failed after having succeeded. - Defaults to 3. Minimum value is 1. + + Defaults to 3. Minimum value is 1.' format: int32 type: integer grpc: @@ -4216,11 +5588,15 @@ objects: format: int32 type: integer service: - description: "Service is the name of the service\ - \ to place in the gRPC HealthCheckRequest (see\ - \ https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\ - \ \n If this is not specified, the default behavior\ - \ is defined by gRPC." + default: '' + description: 'Service is the name of the service + to place in the gRPC HealthCheckRequest + + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + + + If this is not specified, the default behavior + is defined by gRPC.' type: string required: - port @@ -4230,9 +5606,10 @@ objects: perform. properties: host: - description: Host name to connect to, defaults - to the pod IP. You probably want to set "Host" - in httpHeaders instead. + description: 'Host name to connect to, defaults + to the pod IP. You probably want to set + + "Host" in httpHeaders instead.' type: string httpHeaders: description: Custom headers to set in the request. @@ -4242,10 +5619,11 @@ objects: to be used in HTTP probes properties: name: - description: The header field name. This - will be canonicalized upon output, so - case-variant names will be understood - as the same header. + description: 'The header field name. + + This will be canonicalized upon output, + so case-variant names will be understood + as the same header.' type: string value: description: The header field value @@ -4255,6 +5633,7 @@ objects: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -4262,13 +5641,18 @@ objects: anyOf: - type: integer - type: string - description: Name or number of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + description: 'Name or number of the port to access + on the container. + + Number must be in the range 1 to 65535. + + Name must be an IANA_SVC_NAME.' x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting to the - host. Defaults to HTTP. + description: 'Scheme to use for connecting to + the host. + + Defaults to HTTP.' type: string required: - port @@ -4276,19 +5660,23 @@ objects: initialDelaySeconds: description: 'Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' format: int32 type: integer periodSeconds: - description: How often (in seconds) to perform the - probe. Default to 10 seconds. Minimum value is 1. + description: 'How often (in seconds) to perform the + probe. + + Default to 10 seconds. Minimum value is 1.' format: int32 type: integer successThreshold: - description: Minimum consecutive successes for the + description: 'Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. - Minimum value is 1. + Minimum value is 1.' format: int32 type: integer tcpSocket: @@ -4303,60 +5691,100 @@ objects: anyOf: - type: integer - type: string - description: Number or name of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + description: 'Number or name of the port to access + on the container. + + Number must be in the range 1 to 65535. + + Name must be an IANA_SVC_NAME.' x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: - description: Optional duration in seconds the pod + description: 'Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after - the processes running in the pod are sent a termination - signal and the time when the processes are forcibly - halted with a kill signal. Set this value longer - than the expected cleanup time for your process. - If this value is nil, the pod's terminationGracePeriodSeconds - will be used. Otherwise, this value overrides the - value provided by the pod spec. Value must be non-negative - integer. The value zero indicates stop immediately - via the kill signal (no opportunity to shut down). + the processes running in the pod are sent + + a termination signal and the time when the processes + are forcibly halted with a kill signal. + + Set this value longer than the expected cleanup + time for your process. + + If this value is nil, the pod''s terminationGracePeriodSeconds + will be used. Otherwise, this + + value overrides the value provided by the pod spec. + + Value must be non-negative integer. The value zero + indicates stop immediately via + + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod - feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds - is used if unset. + feature gate. + + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset.' format: int64 type: integer timeoutSeconds: description: 'Number of seconds after which the probe - times out. Defaults to 1 second. Minimum value is - 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + times out. + + Defaults to 1 second. Minimum value is 1. + + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' format: int32 type: integer type: object resources: - description: A pass-through of a resource requirements - in k8s ResourceRequirements format. If omitted, the - default resource requirements from the ClowdEnvironment - will be used. + description: 'A pass-through of a resource requirements + in k8s ResourceRequirements + + format. If omitted, the default resource requirements + from the + + ClowdEnvironment will be used.' properties: claims: - description: "Claims lists the names of resources,\ - \ defined in spec.resourceClaims, that are used\ - \ by this container. \n This is an alpha field and\ - \ requires enabling the DynamicResourceAllocation\ - \ feature gate. \n This field is immutable. It can\ - \ only be set for containers." + description: 'Claims lists the names of resources, + defined in spec.resourceClaims, + + that are used by this container. + + + This is an alpha field and requires enabling the + + DynamicResourceAllocation feature gate. + + + This field is immutable. It can only be set for + containers.' items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one - entry in pod.spec.resourceClaims of the Pod - where this field is used. It makes that resource - available inside a container. + description: 'Name must match the name of one + entry in pod.spec.resourceClaims of + + the Pod where this field is used. It makes + that resource available + + inside a container.' + type: string + request: + description: 'Request is the name chosen for + a request in the referenced claim. + + If empty, everything from the claim is made + available, otherwise + + only the result of this request.' type: string required: - name @@ -4373,7 +5801,9 @@ objects: pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: 'Limits describes the maximum amount - of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + of compute resources allowed. + + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -4383,11 +5813,15 @@ objects: pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: 'Requests describes the minimum amount - of compute resources required. If Requests is omitted - for a container, it defaults to Limits if that is - explicitly specified, otherwise to an implementation-defined - value. Requests cannot exceed Limits. More info: - https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + of compute resources required. + + If Requests is omitted for a container, it defaults + to Limits if that is explicitly specified, + + otherwise to an implementation-defined value. Requests + cannot exceed Limits. + + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object sidecars: @@ -4409,8 +5843,10 @@ objects: type: object type: array terminationGracePeriodSeconds: - description: A pass-through of TerminationGracePeriodSeconds - specification in standard k8s format default is 30 seconds + description: 'A pass-through of TerminationGracePeriodSeconds + specification in standard k8s format + + default is 30 seconds' format: int64 type: integer volumeMounts: @@ -4421,36 +5857,90 @@ objects: within a container. properties: mountPath: - description: Path within the container at which - the volume should be mounted. Must not contain - ':'. + description: 'Path within the container at which + the volume should be mounted. Must + + not contain '':''.' type: string mountPropagation: - description: mountPropagation determines how mounts - are propagated from the host to container and - the other way around. When not set, MountPropagationNone - is used. This field is beta in 1.10. + description: 'mountPropagation determines how mounts + are propagated from the host + + to container and the other way around. + + When not set, MountPropagationNone is used. + + This field is beta in 1.10. + + When RecursiveReadOnly is set to IfPossible or + to Enabled, MountPropagation must be None or unspecified + + (which defaults to None).' type: string name: description: This must match the Name of a Volume. type: string readOnly: - description: Mounted read-only if true, read-write - otherwise (false or unspecified). Defaults to - false. + description: 'Mounted read-only if true, read-write + otherwise (false or unspecified). + + Defaults to false.' type: boolean + recursiveReadOnly: + description: 'RecursiveReadOnly specifies whether + read-only mounts should be handled + + recursively. + + + If ReadOnly is false, this field has no meaning + and must be unspecified. + + + If ReadOnly is true, and this field is set to + Disabled, the mount is not made + + recursively read-only. If this field is set to + IfPossible, the mount is made + + recursively read-only, if it is supported by the + container runtime. If this + + field is set to Enabled, the mount is made recursively + read-only if it is + + supported by the container runtime, otherwise + the pod will not be started and + + an error will be generated to indicate the reason. + + + If this field is set to IfPossible or Enabled, + MountPropagation must be set to + + None (or be unspecified, which defaults to None). + + + If this field is not specified, it is treated + as an equivalent of Disabled.' + type: string subPath: - description: Path within the volume from which the - container's volume should be mounted. Defaults - to "" (volume's root). + description: 'Path within the volume from which + the container''s volume should be mounted. + + Defaults to "" (volume''s root).' type: string subPathExpr: - description: Expanded path within the volume from - which the container's volume should be mounted. + description: 'Expanded path within the volume from + which the container''s volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the - container's environment. Defaults to "" (volume's - root). SubPathExpr and SubPath are mutually exclusive. + container''s environment. + + Defaults to "" (volume''s root). + + SubPathExpr and SubPath are mutually exclusive.' type: string required: - mountPath @@ -4466,38 +5956,49 @@ objects: properties: awsElasticBlockStore: description: 'awsElasticBlockStore represents an - AWS Disk resource that is attached to a kubelet''s - host machine and then exposed to the pod. More - info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + AWS Disk resource that is attached to a + + kubelet''s host machine and then exposed to the + pod. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' properties: fsType: description: 'fsType is the filesystem type - of the volume that you want to mount. Tip: - Ensure that the filesystem type is supported - by the host operating system. Examples: "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - TODO: how do we prevent errors in the filesystem - from compromising the machine' + of the volume that you want to mount. + + Tip: Ensure that the filesystem type is supported + by the host operating system. + + Examples: "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: string partition: description: 'partition is the partition in - the volume that you want to mount. If omitted, - the default is to mount by volume name. Examples: - For volume /dev/sda1, you specify the partition - as "1". Similarly, the volume partition for - /dev/sda is "0" (or you can leave the property - empty).' + the volume that you want to mount. + + If omitted, the default is to mount by volume + name. + + Examples: For volume /dev/sda1, you specify + the partition as "1". + + Similarly, the volume partition for /dev/sda + is "0" (or you can leave the property empty).' format: int32 type: integer readOnly: description: 'readOnly value true will force - the readOnly setting in VolumeMounts. More - info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + the readOnly setting in VolumeMounts. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: boolean volumeID: description: 'volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). + More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: string required: @@ -4520,11 +6021,14 @@ objects: in the blob storage type: string fsType: - description: fsType is Filesystem type to mount. + default: ext4 + description: 'fsType is Filesystem type to mount. + Must be a filesystem type supported by the - host operating system. Ex. "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. + host operating system. + + Ex. "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified.' type: string kind: description: 'kind expected values are Shared: @@ -4534,9 +6038,11 @@ objects: set). defaults to shared' type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. + default: false + description: 'readOnly Defaults to false (read/write). + ReadOnly here will force + + the ReadOnly setting in VolumeMounts.' type: boolean required: - diskName @@ -4548,9 +6054,10 @@ objects: pod. properties: readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. + description: 'readOnly defaults to false (read/write). + ReadOnly here will force + + the ReadOnly setting in VolumeMounts.' type: boolean secretName: description: secretName is the name of secret @@ -4570,11 +6077,13 @@ objects: properties: monitors: description: 'monitors is Required: Monitors - is a collection of Ceph monitors More info: - https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + is a collection of Ceph monitors + + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' items: type: string type: array + x-kubernetes-list-type: atomic path: description: 'path is Optional: Used as the mounted root, rather than the full Ceph tree, @@ -4583,30 +6092,47 @@ objects: readOnly: description: 'readOnly is Optional: Defaults to false (read/write). ReadOnly here will - force the ReadOnly setting in VolumeMounts. + force + + the ReadOnly setting in VolumeMounts. + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: boolean secretFile: description: 'secretFile is Optional: SecretFile is the path to key ring for User, default - is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + is /etc/ceph/user.secret + + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string secretRef: description: 'secretRef is Optional: SecretRef is reference to the authentication secret - for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + for User, default is empty. + + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' properties: name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: '' + description: 'Name of the referent. + + This field is effectively required, but + due to backwards compatibility is + + allowed to be empty. Instances of this + type with an empty value here are + + almost certainly wrong. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string type: object + x-kubernetes-map-type: atomic user: description: 'user is optional: User is the - rados user name, default is admin More info: - https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + rados user name, default is admin + + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string required: - monitors @@ -4614,35 +6140,57 @@ objects: cinder: description: 'cinder represents a cinder volume attached and mounted on kubelets host machine. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md' properties: fsType: description: 'fsType is the filesystem type - to mount. Must be a filesystem type supported - by the host operating system. Examples: "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + to mount. + + Must be a filesystem type supported by the + host operating system. + + Examples: "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + + More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string readOnly: description: 'readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + ReadOnly here will force + + the ReadOnly setting in VolumeMounts. + + More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: boolean secretRef: description: 'secretRef is optional: points to a secret object containing parameters used - to connect to OpenStack.' + to connect + + to OpenStack.' properties: name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: '' + description: 'Name of the referent. + + This field is effectively required, but + due to backwards compatibility is + + allowed to be empty. Instances of this + type with an empty value here are + + almost certainly wrong. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string type: object + x-kubernetes-map-type: atomic volumeID: description: 'volumeID used to identify the - volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + volume in cinder. + + More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string required: - volumeID @@ -4654,29 +6202,47 @@ objects: defaultMode: description: 'defaultMode is optional: mode bits used to set permissions on created files - by default. Must be an octal value between - 0000 and 0777 or a decimal value between 0 - and 511. YAML accepts both octal and decimal - values, JSON requires decimal values for mode - bits. Defaults to 0644. Directories within - the path are not affected by this setting. + by default. + + Must be an octal value between 0000 and 0777 + or a decimal value between 0 and 511. + + YAML accepts both octal and decimal values, + JSON requires decimal values for mode bits. + + Defaults to 0644. + + Directories within the path are not affected + by this setting. + This might be in conflict with other options - that affect the file mode, like fsGroup, and - the result can be other mode bits set.' + that affect the file + + mode, like fsGroup, and the result can be + other mode bits set.' format: int32 type: integer items: - description: items if unspecified, each key-value - pair in the Data field of the referenced ConfigMap - will be projected into the volume as a file - whose name is the key and content is the value. - If specified, the listed keys will be projected - into the specified paths, and unlisted keys - will not be present. If a key is specified - which is not present in the ConfigMap, the - volume setup will error unless it is marked - optional. Paths must be relative and may not - contain the '..' path or start with '..'. + description: 'items if unspecified, each key-value + pair in the Data field of the referenced + + ConfigMap will be projected into the volume + as a file whose name is the + + key and content is the value. If specified, + the listed keys will be + + projected into the specified paths, and unlisted + keys will not be + + present. If a key is specified which is not + present in the ConfigMap, + + the volume setup will error unless it is marked + optional. Paths must be + + relative and may not contain the ''..'' path + or start with ''..''.' items: description: Maps a string key to a path within a volume. @@ -4687,87 +6253,129 @@ objects: mode: description: 'mode is Optional: mode bits used to set permissions on this file. + Must be an octal value between 0000 and 0777 or a decimal value between - 0 and 511. YAML accepts both octal and - decimal values, JSON requires decimal - values for mode bits. If not specified, - the volume defaultMode will be used. + 0 and 511. + + YAML accepts both octal and decimal + values, JSON requires decimal values + for mode bits. + + If not specified, the volume defaultMode + will be used. + This might be in conflict with other - options that affect the file mode, like - fsGroup, and the result can be other - mode bits set.' + options that affect the file + + mode, like fsGroup, and the result can + be other mode bits set.' format: int32 type: integer path: - description: path is the relative path - of the file to map the key to. May not - be an absolute path. May not contain - the path element '..'. May not start - with the string '..'. + description: 'path is the relative path + of the file to map the key to. + + May not be an absolute path. + + May not contain the path element ''..''. + + May not start with the string ''..''.' type: string required: - key - path type: object type: array + x-kubernetes-list-type: atomic name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: '' + description: 'Name of the referent. + + This field is effectively required, but due + to backwards compatibility is + + allowed to be empty. Instances of this type + with an empty value here are + + almost certainly wrong. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string optional: description: optional specify whether the ConfigMap or its keys must be defined type: boolean type: object + x-kubernetes-map-type: atomic csi: description: csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). properties: driver: - description: driver is the name of the CSI driver - that handles this volume. Consult with your - admin for the correct name as registered in - the cluster. + description: 'driver is the name of the CSI + driver that handles this volume. + + Consult with your admin for the correct name + as registered in the cluster.' type: string fsType: - description: fsType to mount. Ex. "ext4", "xfs", - "ntfs". If not provided, the empty value is - passed to the associated CSI driver which - will determine the default filesystem to apply. + description: 'fsType to mount. Ex. "ext4", "xfs", + "ntfs". + + If not provided, the empty value is passed + to the associated CSI driver + + which will determine the default filesystem + to apply.' type: string nodePublishSecretRef: - description: nodePublishSecretRef is a reference - to the secret object containing sensitive - information to pass to the CSI driver to complete - the CSI NodePublishVolume and NodeUnpublishVolume - calls. This field is optional, and may be - empty if no secret is required. If the secret - object contains more than one secret, all - secret references are passed. + description: 'nodePublishSecretRef is a reference + to the secret object containing + + sensitive information to pass to the CSI driver + to complete the CSI + + NodePublishVolume and NodeUnpublishVolume + calls. + + This field is optional, and may be empty + if no secret is required. If the + + secret object contains more than one secret, + all secret references are passed.' properties: name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: '' + description: 'Name of the referent. + + This field is effectively required, but + due to backwards compatibility is + + allowed to be empty. Instances of this + type with an empty value here are + + almost certainly wrong. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string type: object + x-kubernetes-map-type: atomic readOnly: - description: readOnly specifies a read-only - configuration for the volume. Defaults to - false (read/write). + description: 'readOnly specifies a read-only + configuration for the volume. + + Defaults to false (read/write).' type: boolean volumeAttributes: additionalProperties: type: string - description: volumeAttributes stores driver-specific - properties that are passed to the CSI driver. - Consult your driver's documentation for supported - values. + description: 'volumeAttributes stores driver-specific + properties that are passed to the CSI + + driver. Consult your driver''s documentation + for supported values.' type: object required: - driver @@ -4778,17 +6386,27 @@ objects: properties: defaultMode: description: 'Optional: mode bits to use on - created files by default. Must be a Optional: - mode bits used to set permissions on created - files by default. Must be an octal value between - 0000 and 0777 or a decimal value between 0 - and 511. YAML accepts both octal and decimal - values, JSON requires decimal values for mode - bits. Defaults to 0644. Directories within - the path are not affected by this setting. + created files by default. Must be a + + Optional: mode bits used to set permissions + on created files by default. + + Must be an octal value between 0000 and 0777 + or a decimal value between 0 and 511. + + YAML accepts both octal and decimal values, + JSON requires decimal values for mode bits. + + Defaults to 0644. + + Directories within the path are not affected + by this setting. + This might be in conflict with other options - that affect the file mode, like fsGroup, and - the result can be other mode bits set.' + that affect the file + + mode, like fsGroup, and the result can be + other mode bits set.' format: int32 type: integer items: @@ -4802,7 +6420,7 @@ objects: fieldRef: description: 'Required: Selects a field of the pod: only annotations, labels, - name and namespace are supported.' + name, namespace and uid are supported.' properties: apiVersion: description: Version of the schema @@ -4816,19 +6434,27 @@ objects: required: - fieldPath type: object + x-kubernetes-map-type: atomic mode: description: 'Optional: mode bits used to set permissions on this file, must - be an octal value between 0000 and 0777 - or a decimal value between 0 and 511. + be an octal value + + between 0000 and 0777 or a decimal value + between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values - for mode bits. If not specified, the - volume defaultMode will be used. This - might be in conflict with other options - that affect the file mode, like fsGroup, - and the result can be other mode bits - set.' + for mode bits. + + If not specified, the volume defaultMode + will be used. + + This might be in conflict with other + options that affect the file + + mode, like fsGroup, and the result can + be other mode bits set.' format: int32 type: integer path: @@ -4842,9 +6468,10 @@ objects: resourceFieldRef: description: 'Selects a resource of the container: only resources limits and - requests (limits.cpu, limits.memory, - requests.cpu and requests.memory) are - currently supported.' + requests + + (limits.cpu, limits.memory, requests.cpu + and requests.memory) are currently supported.' properties: containerName: description: 'Container name: required @@ -4866,21 +6493,29 @@ objects: required: - resource type: object + x-kubernetes-map-type: atomic required: - path type: object type: array + x-kubernetes-list-type: atomic type: object emptyDir: description: 'emptyDir represents a temporary directory - that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + that shares a pod''s lifetime. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' properties: medium: description: 'medium represents what type of storage medium should back this directory. + The default is "" which means to use the node''s - default medium. Must be an empty string (default) - or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + default medium. + + Must be an empty string (default) or Memory. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' type: string sizeLimit: anyOf: @@ -4888,114 +6523,173 @@ objects: - type: string description: 'sizeLimit is the total amount of local storage required for this EmptyDir - volume. The size limit is also applicable - for memory medium. The maximum usage on memory - medium EmptyDir would be the minimum value - between the SizeLimit specified here and the - sum of memory limits of all containers in - a pod. The default is nil which means that - the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + volume. + + The size limit is also applicable for memory + medium. + + The maximum usage on memory medium EmptyDir + would be the minimum value between + + the SizeLimit specified here and the sum of + memory limits of all containers in a pod. + + The default is nil which means that the limit + is undefined. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object ephemeral: description: "ephemeral represents a volume that\ - \ is handled by a cluster storage driver. The\ + \ is handled by a cluster storage driver.\nThe\ \ volume's lifecycle is tied to the pod that defines\ - \ it - it will be created before the pod starts,\ - \ and deleted when the pod is removed. \n Use\ - \ this if: a) the volume is only needed while\ - \ the pod runs, b) features of normal volumes\ - \ like restoring from snapshot or capacity tracking\ - \ are needed, c) the storage driver is specified\ - \ through a storage class, and d) the storage\ + \ it - it will be created before the pod starts,\n\ + and deleted when the pod is removed.\n\nUse this\ + \ if:\na) the volume is only needed while the\ + \ pod runs,\nb) features of normal volumes like\ + \ restoring from snapshot or capacity\n tracking\ + \ are needed,\nc) the storage driver is specified\ + \ through a storage class, and\nd) the storage\ \ driver supports dynamic volume provisioning\ - \ through a PersistentVolumeClaim (see EphemeralVolumeSource\ - \ for more information on the connection between\ - \ this volume type and PersistentVolumeClaim).\ - \ \n Use PersistentVolumeClaim or one of the vendor-specific\ - \ APIs for volumes that persist for longer than\ - \ the lifecycle of an individual pod. \n Use CSI\ - \ for light-weight local ephemeral volumes if\ - \ the CSI driver is meant to be used that way\ - \ - see the documentation of the driver for more\ - \ information. \n A pod can use both types of\ - \ ephemeral volumes and persistent volumes at\ - \ the same time." + \ through\n a PersistentVolumeClaim (see EphemeralVolumeSource\ + \ for more\n information on the connection between\ + \ this volume type\n and PersistentVolumeClaim).\n\ + \nUse PersistentVolumeClaim or one of the vendor-specific\n\ + APIs for volumes that persist for longer than\ + \ the lifecycle\nof an individual pod.\n\nUse\ + \ CSI for light-weight local ephemeral volumes\ + \ if the CSI driver is meant to\nbe used that\ + \ way - see the documentation of the driver for\n\ + more information.\n\nA pod can use both types\ + \ of ephemeral volumes and\npersistent volumes\ + \ at the same time." properties: volumeClaimTemplate: - description: "Will be used to create a stand-alone\ - \ PVC to provision the volume. The pod in\ - \ which this EphemeralVolumeSource is embedded\ - \ will be the owner of the PVC, i.e. the PVC\ - \ will be deleted together with the pod. \ - \ The name of the PVC will be `-` where `` is the name\ - \ from the `PodSpec.Volumes` array entry.\ - \ Pod validation will reject the pod if the\ - \ concatenated name is not valid for a PVC\ - \ (for example, too long). \n An existing\ - \ PVC with that name that is not owned by\ - \ the pod will *not* be used for the pod to\ - \ avoid using an unrelated volume by mistake.\ - \ Starting the pod is then blocked until the\ - \ unrelated PVC is removed. If such a pre-created\ - \ PVC is meant to be used by the pod, the\ - \ PVC has to updated with an owner reference\ - \ to the pod once the pod exists. Normally\ - \ this should not be necessary, but it may\ - \ be useful when manually reconstructing a\ - \ broken cluster. \n This field is read-only\ - \ and no changes will be made by Kubernetes\ - \ to the PVC after it has been created. \n\ - \ Required, must not be nil." + description: 'Will be used to create a stand-alone + PVC to provision the volume. + + The pod in which this EphemeralVolumeSource + is embedded will be the + + owner of the PVC, i.e. the PVC will be deleted + together with the + + pod. The name of the PVC will be `-` where + + `` is the name from the `PodSpec.Volumes` + array + + entry. Pod validation will reject the pod + if the concatenated name + + is not valid for a PVC (for example, too long). + + + An existing PVC with that name that is not + owned by the pod + + will *not* be used for the pod to avoid using + an unrelated + + volume by mistake. Starting the pod is then + blocked until + + the unrelated PVC is removed. If such a pre-created + PVC is + + meant to be used by the pod, the PVC has to + updated with an + + owner reference to the pod once the pod exists. + Normally + + this should not be necessary, but it may be + useful when + + manually reconstructing a broken cluster. + + + This field is read-only and no changes will + be made by Kubernetes + + to the PVC after it has been created. + + + Required, must not be nil.' properties: metadata: - description: May contain labels and annotations - that will be copied into the PVC when - creating it. No other fields are allowed - and will be rejected during validation. + description: 'May contain labels and annotations + that will be copied into the PVC + + when creating it. No other fields are + allowed and will be rejected during + + validation.' type: object spec: - description: The specification for the PersistentVolumeClaim. - The entire content is copied unchanged - into the PVC that gets created from this + description: 'The specification for the + PersistentVolumeClaim. The entire content + is + + copied unchanged into the PVC that gets + created from this + template. The same fields as in a PersistentVolumeClaim - are also valid here. + + are also valid here.' properties: accessModes: description: 'accessModes contains the desired access modes the volume should - have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + have. + + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' items: type: string type: array + x-kubernetes-list-type: atomic dataSource: description: 'dataSource field can be - used to specify either: * An existing - VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + used to specify either: + + * An existing VolumeSnapshot object + (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external controller can support the specified - data source, it will create a new - volume based on the contents of the - specified data source. When the AnyVolumeDataSource - feature gate is enabled, dataSource - contents will be copied to dataSourceRef, + data source, + + it will create a new volume based + on the contents of the specified data + source. + + When the AnyVolumeDataSource feature + gate is enabled, dataSource contents + will be copied to dataSourceRef, + and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace - is not specified. If the namespace - is specified, then dataSourceRef will - not be copied to dataSource.' + is not specified. + + If the namespace is specified, then + dataSourceRef will not be copied to + dataSource.' properties: apiGroup: - description: APIGroup is the group + description: 'APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in - the core API group. For any other - third-party types, APIGroup is - required. + the core API group. + + For any other third-party types, + APIGroup is required.' type: string kind: description: Kind is the type of @@ -5009,58 +6703,62 @@ objects: - kind - name type: object + x-kubernetes-map-type: atomic dataSourceRef: - description: 'dataSourceRef specifies - the object from which to populate - the volume with data, if a non-empty - volume is desired. This may be any - object from a non-empty API group - (non core object) or a PersistentVolumeClaim - object. When this field is specified, - volume binding will only succeed if - the type of the specified object matches - some installed volume populator or - dynamic provisioner. This field will - replace the functionality of the dataSource - field and as such if both fields are - non-empty, they must have the same - value. For backwards compatibility, - when namespace isn''t specified in - dataSourceRef, both fields (dataSource - and dataSourceRef) will be set to - the same value automatically if one - of them is empty and the other is - non-empty. When namespace is specified - in dataSourceRef, dataSource isn''t - set to the same value and must be - empty. There are three important differences - between dataSource and dataSourceRef: - * While dataSource only allows two - specific types of objects, dataSourceRef - allows any non-core object, as well - as PersistentVolumeClaim objects. - * While dataSource ignores disallowed - values (dropping them), dataSourceRef - preserves all values, and generates - an error if a disallowed value is - specified. * While dataSource only - allows local objects, dataSourceRef - allows objects in any namespaces. - (Beta) Using this field requires the - AnyVolumeDataSource feature gate to - be enabled. (Alpha) Using the namespace - field of dataSourceRef requires the - CrossNamespaceVolumeDataSource feature - gate to be enabled.' + description: "dataSourceRef specifies\ + \ the object from which to populate\ + \ the volume with data, if a non-empty\n\ + volume is desired. This may be any\ + \ object from a non-empty API group\ + \ (non\ncore object) or a PersistentVolumeClaim\ + \ object.\nWhen this field is specified,\ + \ volume binding will only succeed\ + \ if the type of\nthe specified object\ + \ matches some installed volume populator\ + \ or dynamic\nprovisioner.\nThis field\ + \ will replace the functionality of\ + \ the dataSource field and as such\n\ + if both fields are non-empty, they\ + \ must have the same value. For backwards\n\ + compatibility, when namespace isn't\ + \ specified in dataSourceRef,\nboth\ + \ fields (dataSource and dataSourceRef)\ + \ will be set to the same\nvalue automatically\ + \ if one of them is empty and the\ + \ other is non-empty.\nWhen namespace\ + \ is specified in dataSourceRef,\n\ + dataSource isn't set to the same value\ + \ and must be empty.\nThere are three\ + \ important differences between dataSource\ + \ and dataSourceRef:\n* While dataSource\ + \ only allows two specific types of\ + \ objects, dataSourceRef\n allows\ + \ any non-core object, as well as\ + \ PersistentVolumeClaim objects.\n\ + * While dataSource ignores disallowed\ + \ values (dropping them), dataSourceRef\n\ + \ preserves all values, and generates\ + \ an error if a disallowed value is\n\ + \ specified.\n* While dataSource\ + \ only allows local objects, dataSourceRef\ + \ allows objects\n in any namespaces.\n\ + (Beta) Using this field requires the\ + \ AnyVolumeDataSource feature gate\ + \ to be enabled.\n(Alpha) Using the\ + \ namespace field of dataSourceRef\ + \ requires the CrossNamespaceVolumeDataSource\ + \ feature gate to be enabled." properties: apiGroup: - description: APIGroup is the group + description: 'APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in - the core API group. For any other - third-party types, APIGroup is - required. + the core API group. + + For any other third-party types, + APIGroup is required.' type: string kind: description: Kind is the type of @@ -5071,17 +6769,20 @@ objects: resource being referenced type: string namespace: - description: Namespace is the namespace - of resource being referenced Note - that when a namespace is specified, - a gateway.networking.k8s.io/ReferenceGrant + description: 'Namespace is the namespace + of resource being referenced + + Note that when a namespace is + specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent - namespace to allow that namespace's + namespace to allow that namespace''s owner to accept the reference. See the ReferenceGrant documentation - for details. (Alpha) This field - requires the CrossNamespaceVolumeDataSource - feature gate to be enabled. + for details. + + (Alpha) This field requires the + CrossNamespaceVolumeDataSource + feature gate to be enabled.' type: string required: - kind @@ -5090,13 +6791,19 @@ objects: resources: description: 'resources represents the minimum resources the volume should - have. If RecoverVolumeExpansionFailure - feature is enabled users are allowed - to specify resource requirements that - are lower than previous value but - must still be higher than capacity - recorded in the status field of the - claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' + have. + + If RecoverVolumeExpansionFailure feature + is enabled users are allowed to specify + resource requirements + + that are lower than previous value + but must still be higher than capacity + recorded in the + + status field of the claim. + + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' properties: limits: additionalProperties: @@ -5107,7 +6814,9 @@ objects: x-kubernetes-int-or-string: true description: 'Limits describes the maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + allowed. + + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -5118,12 +6827,16 @@ objects: x-kubernetes-int-or-string: true description: 'Requests describes the minimum amount of compute - resources required. If Requests - is omitted for a container, it - defaults to Limits if that is - explicitly specified, otherwise - to an implementation-defined value. - Requests cannot exceed Limits. + resources required. + + If Requests is omitted for a container, + it defaults to Limits if that + is explicitly specified, + + otherwise to an implementation-defined + value. Requests cannot exceed + Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object @@ -5136,11 +6849,12 @@ objects: a list of label selector requirements. The requirements are ANDed. items: - description: A label selector + description: 'A label selector requirement is a selector that contains values, a key, and - an operator that relates the - key and values. + an operator that + + relates the key and values.' properties: key: description: key is the label @@ -5148,83 +6862,112 @@ objects: to. type: string operator: - description: operator represents - a key's relationship to - a set of values. Valid operators - are In, NotIn, Exists and - DoesNotExist. + description: 'operator represents + a key''s relationship to + a set of values. + + Valid operators are In, + NotIn, Exists and DoesNotExist.' type: string values: - description: values is an + description: 'values is an array of string values. If the operator is In or - NotIn, the values array - must be non-empty. If the - operator is Exists or DoesNotExist, + NotIn, + + the values array must be + non-empty. If the operator + is Exists or DoesNotExist, + the values array must be empty. This array is replaced - during a strategic merge - patch. + during a strategic + + merge patch.' items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string - description: matchLabels is a map + description: 'matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key - field is "key", the operator is - "In", and the values array contains - only "value". The requirements - are ANDed. + field is "key", the + + operator is "In", and the values + array contains only "value". The + requirements are ANDed.' type: object type: object + x-kubernetes-map-type: atomic storageClassName: description: 'storageClassName is the name of the StorageClass required - by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + by the claim. + + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' type: string volumeAttributesClassName: description: 'volumeAttributesClassName may be used to set the VolumeAttributesClass - used by this claim. If specified, - the CSI driver will create or update - the volume with the attributes defined + used by this claim. + + If specified, the CSI driver will + create or update the volume with the + attributes defined + in the corresponding VolumeAttributesClass. This has a different purpose than - storageClassName, it can be changed - after the claim is created. An empty - string value means that no VolumeAttributesClass + storageClassName, + + it can be changed after the claim + is created. An empty string value + means that no VolumeAttributesClass + will be applied to the claim but it''s not allowed to reset this field to - empty string once it is set. If unspecified - and the PersistentVolumeClaim is unbound, - the default VolumeAttributesClass + empty string once it is set. + + If unspecified and the PersistentVolumeClaim + is unbound, the default VolumeAttributesClass + will be set by the persistentvolume - controller if it exists. If the resource - referred to by volumeAttributesClass + controller if it exists. + + If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim - will be set to a Pending state, as - reflected by the modifyVolumeStatus - field, until such as a resource exists. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass - (Alpha) Using this field requires - the VolumeAttributesClass feature - gate to be enabled.' + will be + + set to a Pending state, as reflected + by the modifyVolumeStatus field, until + such as a resource + + exists. + + More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + + (Beta) Using this field requires the + VolumeAttributesClass feature gate + to be enabled (off by default).' type: string volumeMode: - description: volumeMode defines what + description: 'volumeMode defines what type of volume is required by the - claim. Value of Filesystem is implied - when not included in claim spec. + claim. + + Value of Filesystem is implied when + not included in claim spec.' type: string volumeName: description: volumeName is the binding @@ -5243,11 +6986,13 @@ objects: properties: fsType: description: 'fsType is the filesystem type - to mount. Must be a filesystem type supported - by the host operating system. Ex. "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. TODO: how do we prevent errors - in the filesystem from compromising the machine' + to mount. + + Must be a filesystem type supported by the + host operating system. + + Ex. "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified.' type: string lun: description: 'lun is Optional: FC target lun @@ -5257,7 +7002,9 @@ objects: readOnly: description: 'readOnly is Optional: Defaults to false (read/write). ReadOnly here will - force the ReadOnly setting in VolumeMounts.' + force + + the ReadOnly setting in VolumeMounts.' type: boolean targetWWNs: description: 'targetWWNs is Optional: FC target @@ -5265,30 +7012,37 @@ objects: items: type: string type: array + x-kubernetes-list-type: atomic wwids: description: 'wwids Optional: FC volume world - wide identifiers (wwids) Either wwids or combination - of targetWWNs and lun must be set, but not - both simultaneously.' + wide identifiers (wwids) + + Either wwids or combination of targetWWNs + and lun must be set, but not both simultaneously.' items: type: string type: array + x-kubernetes-list-type: atomic type: object flexVolume: - description: flexVolume represents a generic volume - resource that is provisioned/attached using an - exec based plugin. + description: 'flexVolume represents a generic volume + resource that is + + provisioned/attached using an exec based plugin.' properties: driver: description: driver is the name of the driver to use for this volume. type: string fsType: - description: fsType is the filesystem type to - mount. Must be a filesystem type supported - by the host operating system. Ex. "ext4", - "xfs", "ntfs". The default filesystem depends - on FlexVolume script. + description: 'fsType is the filesystem type + to mount. + + Must be a filesystem type supported by the + host operating system. + + Ex. "ext4", "xfs", "ntfs". The default filesystem + depends on FlexVolume script.' type: string options: additionalProperties: @@ -5299,24 +7053,41 @@ objects: readOnly: description: 'readOnly is Optional: defaults to false (read/write). ReadOnly here will - force the ReadOnly setting in VolumeMounts.' + force + + the ReadOnly setting in VolumeMounts.' type: boolean secretRef: description: 'secretRef is Optional: secretRef is reference to the secret object containing + sensitive information to pass to the plugin - scripts. This may be empty if no secret object - is specified. If the secret object contains - more than one secret, all secrets are passed - to the plugin scripts.' + scripts. This may be + + empty if no secret object is specified. If + the secret object + + contains more than one secret, all secrets + are passed to the plugin + + scripts.' properties: name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: '' + description: 'Name of the referent. + + This field is effectively required, but + due to backwards compatibility is + + allowed to be empty. Instances of this + type with an empty value here are + + almost certainly wrong. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string type: object + x-kubernetes-map-type: atomic required: - driver type: object @@ -5326,9 +7097,11 @@ objects: on the Flocker control service being running properties: datasetName: - description: datasetName is Name of the dataset + description: 'datasetName is Name of the dataset stored as metadata -> name on the dataset - for Flocker should be considered as deprecated + for Flocker + + should be considered as deprecated' type: string datasetUUID: description: datasetUUID is the UUID of the @@ -5338,38 +7111,54 @@ objects: type: object gcePersistentDisk: description: 'gcePersistentDisk represents a GCE - Disk resource that is attached to a kubelet''s - host machine and then exposed to the pod. More - info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + Disk resource that is attached to a + + kubelet''s host machine and then exposed to the + pod. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' properties: fsType: description: 'fsType is filesystem type of the - volume that you want to mount. Tip: Ensure - that the filesystem type is supported by the - host operating system. Examples: "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - TODO: how do we prevent errors in the filesystem - from compromising the machine' + volume that you want to mount. + + Tip: Ensure that the filesystem type is supported + by the host operating system. + + Examples: "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: string partition: description: 'partition is the partition in - the volume that you want to mount. If omitted, - the default is to mount by volume name. Examples: - For volume /dev/sda1, you specify the partition - as "1". Similarly, the volume partition for - /dev/sda is "0" (or you can leave the property - empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + the volume that you want to mount. + + If omitted, the default is to mount by volume + name. + + Examples: For volume /dev/sda1, you specify + the partition as "1". + + Similarly, the volume partition for /dev/sda + is "0" (or you can leave the property empty). + + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' format: int32 type: integer pdName: description: 'pdName is unique name of the PD resource in GCE. Used to identify the disk - in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + in GCE. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: string readOnly: description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. + setting in VolumeMounts. + + Defaults to false. + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: boolean required: @@ -5377,19 +7166,29 @@ objects: type: object gitRepo: description: 'gitRepo represents a git repository - at a particular revision. DEPRECATED: GitRepo - is deprecated. To provision a container with a - git repo, mount an EmptyDir into an InitContainer - that clones the repo using git, then mount the - EmptyDir into the Pod''s container.' + at a particular revision. + + DEPRECATED: GitRepo is deprecated. To provision + a container with a git repo, mount an + + EmptyDir into an InitContainer that clones the + repo using git, then mount the EmptyDir + + into the Pod''s container.' properties: directory: - description: directory is the target directory - name. Must not contain or start with '..'. If - '.' is supplied, the volume directory will - be the git repository. Otherwise, if specified, + description: 'directory is the target directory + name. + + Must not contain or start with ''..''. If + ''.'' is supplied, the volume directory will + be the + + git repository. Otherwise, if specified, the volume will contain the git repository - in the subdirectory with the given name. + in + + the subdirectory with the given name.' type: string repository: description: repository is the URL @@ -5403,22 +7202,28 @@ objects: type: object glusterfs: description: 'glusterfs represents a Glusterfs mount - on the host that shares a pod''s lifetime. More - info: https://examples.k8s.io/volumes/glusterfs/README.md' + on the host that shares a pod''s lifetime. + + More info: https://examples.k8s.io/volumes/glusterfs/README.md' properties: endpoints: description: 'endpoints is the endpoint name - that details Glusterfs topology. More info: - https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + that details Glusterfs topology. + + More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: string path: description: 'path is the Glusterfs volume path. + More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: string readOnly: description: 'readOnly here will force the Glusterfs volume to be mounted with read-only permissions. - Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + + Defaults to false. + + More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: boolean required: - endpoints @@ -5426,31 +7231,139 @@ objects: type: object hostPath: description: 'hostPath represents a pre-existing - file or directory on the host machine that is - directly exposed to the container. This is generally + file or directory on the host + + machine that is directly exposed to the container. + This is generally + used for system agents or other privileged things - that are allowed to see the host machine. Most - containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - --- TODO(jonesdl) We need to restrict who can - use host directory mounts and who can/can not - mount host directories as read/write.' + that are allowed + + to see the host machine. Most containers will + NOT need this. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' properties: path: description: 'path of the directory on the host. + If the path is a symlink, it will follow the - link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + link to the real path. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' type: string type: - description: 'type for HostPath Volume Defaults - to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + description: 'type for HostPath Volume + + Defaults to "" + + More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' type: string required: - path type: object + image: + description: 'image represents an OCI object (a + container image or artifact) pulled and mounted + on the kubelet''s host machine. + + The volume is resolved at pod startup depending + on which PullPolicy value is provided: + + + - Always: the kubelet always attempts to pull + the reference. Container creation will fail If + the pull fails. + + - Never: the kubelet never pulls the reference + and only uses a local image or artifact. Container + creation will fail if the reference isn''t present. + + - IfNotPresent: the kubelet pulls if the reference + isn''t already present on disk. Container creation + will fail if the reference isn''t present and + the pull fails. + + + The volume gets re-resolved if the pod gets deleted + and recreated, which means that new remote content + will become available on pod recreation. + + A failure to resolve or pull the image during + pod startup will block containers from starting + and may add significant latency. Failures will + be retried using normal volume backoff and will + be reported on the pod reason and message. + + The types of objects that may be mounted by this + volume are defined by the container runtime implementation + on a host machine and at minimum must include + all valid types supported by the container image + field. + + The OCI object gets mounted in a single directory + (spec.containers[*].volumeMounts.mountPath) by + merging the manifest layers in the same way as + for container images. + + The volume will be mounted read-only (ro) and + non-executable files (noexec). + + Sub path mounts for containers are not supported + (spec.containers[*].volumeMounts.subpath). + + The field spec.securityContext.fsGroupChangePolicy + has no effect on this volume type.' + properties: + pullPolicy: + description: 'Policy for pulling OCI objects. + Possible values are: + + Always: the kubelet always attempts to pull + the reference. Container creation will fail + If the pull fails. + + Never: the kubelet never pulls the reference + and only uses a local image or artifact. Container + creation will fail if the reference isn''t + present. + + IfNotPresent: the kubelet pulls if the reference + isn''t already present on disk. Container + creation will fail if the reference isn''t + present and the pull fails. + + Defaults to Always if :latest tag is specified, + or IfNotPresent otherwise.' + type: string + reference: + description: 'Required: Image or artifact reference + to be used. + + Behaves in the same way as pod.spec.containers[*].image. + + Pull secrets will be assembled in the same + way as for the container image by looking + up node credentials, SA image pull secrets, + and pod spec image pull secrets. + + More info: https://kubernetes.io/docs/concepts/containers/images + + This field is optional to allow higher level + config management to default or override + + container images in workload controllers like + Deployments and StatefulSets.' + type: string + type: object iscsi: description: 'iscsi represents an ISCSI Disk resource - that is attached to a kubelet''s host machine - and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' + that is attached to a + + kubelet''s host machine and then exposed to the + pod. + + More info: https://examples.k8s.io/volumes/iscsi/README.md' properties: chapAuthDiscovery: description: chapAuthDiscovery defines whether @@ -5462,29 +7375,36 @@ objects: type: boolean fsType: description: 'fsType is the filesystem type - of the volume that you want to mount. Tip: - Ensure that the filesystem type is supported - by the host operating system. Examples: "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi - TODO: how do we prevent errors in the filesystem - from compromising the machine' + of the volume that you want to mount. + + Tip: Ensure that the filesystem type is supported + by the host operating system. + + Examples: "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi' type: string initiatorName: - description: initiatorName is the custom iSCSI - Initiator Name. If initiatorName is specified - with iscsiInterface simultaneously, new iSCSI - interface : will - be created for the connection. + description: 'initiatorName is the custom iSCSI + Initiator Name. + + If initiatorName is specified with iscsiInterface + simultaneously, new iSCSI interface + + : will be created + for the connection.' type: string iqn: description: iqn is the target iSCSI Qualified Name. type: string iscsiInterface: - description: iscsiInterface is the interface - Name that uses an iSCSI transport. Defaults - to 'default' (tcp). + default: default + description: 'iscsiInterface is the interface + Name that uses an iSCSI transport. + + Defaults to ''default'' (tcp).' type: string lun: description: lun represents iSCSI Target Lun @@ -5492,33 +7412,49 @@ objects: format: int32 type: integer portals: - description: portals is the iSCSI Target Portal + description: 'portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port - if the port is other than default (typically - TCP ports 860 and 3260). + if the port + + is other than default (typically TCP ports + 860 and 3260).' items: type: string type: array + x-kubernetes-list-type: atomic readOnly: - description: readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. + description: 'readOnly here will force the ReadOnly + setting in VolumeMounts. + + Defaults to false.' type: boolean secretRef: description: secretRef is the CHAP Secret for iSCSI target and initiator authentication properties: name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: '' + description: 'Name of the referent. + + This field is effectively required, but + due to backwards compatibility is + + allowed to be empty. Instances of this + type with an empty value here are + + almost certainly wrong. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string type: object + x-kubernetes-map-type: atomic targetPortal: - description: targetPortal is iSCSI Target Portal. + description: 'targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port - if the port is other than default (typically - TCP ports 860 and 3260). + if the port + + is other than default (typically TCP ports + 860 and 3260).' type: string required: - iqn @@ -5526,26 +7462,37 @@ objects: - targetPortal type: object name: - description: 'name of the volume. Must be a DNS_LABEL - and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: 'name of the volume. + + Must be a DNS_LABEL and unique within the pod. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string nfs: description: 'nfs represents an NFS mount on the - host that shares a pod''s lifetime More info: - https://kubernetes.io/docs/concepts/storage/volumes#nfs' + host that shares a pod''s lifetime + + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' properties: path: description: 'path that is exported by the NFS - server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + server. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: string readOnly: description: 'readOnly here will force the NFS export to be mounted with read-only permissions. - Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + + Defaults to false. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: boolean server: description: 'server is the hostname or IP address - of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + of the NFS server. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: string required: - path @@ -5553,17 +7500,24 @@ objects: type: object persistentVolumeClaim: description: 'persistentVolumeClaimVolumeSource - represents a reference to a PersistentVolumeClaim - in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + represents a reference to a + + PersistentVolumeClaim in the same namespace. + + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' properties: claimName: description: 'claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this - volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + volume. + + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string readOnly: - description: readOnly Will force the ReadOnly - setting in VolumeMounts. Default false. + description: 'readOnly Will force the ReadOnly + setting in VolumeMounts. + + Default false.' type: boolean required: - claimName @@ -5574,11 +7528,14 @@ objects: host machine properties: fsType: - description: fsType is the filesystem type to - mount. Must be a filesystem type supported - by the host operating system. Ex. "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. + description: 'fsType is the filesystem type + to mount. + + Must be a filesystem type supported by the + host operating system. + + Ex. "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified.' type: string pdID: description: pdID is the ID that identifies @@ -5592,16 +7549,20 @@ objects: volume attached and mounted on kubelets host machine properties: fsType: - description: fSType represents the filesystem - type to mount Must be a filesystem type supported - by the host operating system. Ex. "ext4", - "xfs". Implicitly inferred to be "ext4" if - unspecified. + description: 'fSType represents the filesystem + type to mount + + Must be a filesystem type supported by the + host operating system. + + Ex. "ext4", "xfs". Implicitly inferred to + be "ext4" if unspecified.' type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. + description: 'readOnly defaults to false (read/write). + ReadOnly here will force + + the ReadOnly setting in VolumeMounts.' type: boolean volumeID: description: volumeID uniquely identifies a @@ -5615,51 +7576,83 @@ objects: secrets, configmaps, and downward API properties: defaultMode: - description: defaultMode are the mode bits used - to set permissions on created files by default. + description: 'defaultMode are the mode bits + used to set permissions on created files by + default. + Must be an octal value between 0000 and 0777 - or a decimal value between 0 and 511. YAML - accepts both octal and decimal values, JSON - requires decimal values for mode bits. Directories - within the path are not affected by this setting. + or a decimal value between 0 and 511. + + YAML accepts both octal and decimal values, + JSON requires decimal values for mode bits. + + Directories within the path are not affected + by this setting. + This might be in conflict with other options - that affect the file mode, like fsGroup, and - the result can be other mode bits set. + that affect the file + + mode, like fsGroup, and the result can be + other mode bits set.' format: int32 type: integer sources: - description: sources is the list of volume projections + description: 'sources is the list of volume + projections. Each entry in this list + + handles one source.' items: - description: Projection that may be projected - along with other supported volume types + description: 'Projection that may be projected + along with other supported volume types. + + Exactly one of these fields must be set.' properties: clusterTrustBundle: - description: "ClusterTrustBundle allows\ - \ a pod to access the `.spec.trustBundle`\ - \ field of ClusterTrustBundle objects\ - \ in an auto-updating file. \n Alpha,\ - \ gated by the ClusterTrustBundleProjection\ - \ feature gate. \n ClusterTrustBundle\ - \ objects can either be selected by\ - \ name, or by the combination of signer\ - \ name and a label selector. \n Kubelet\ - \ performs aggressive normalization\ - \ of the PEM contents written into the\ - \ pod filesystem. Esoteric PEM features\ - \ such as inter-block comments and block\ - \ headers are stripped. Certificates\ - \ are deduplicated. The ordering of\ - \ certificates within the file is arbitrary,\ - \ and Kubelet may change the order over\ - \ time." + description: 'ClusterTrustBundle allows + a pod to access the `.spec.trustBundle` + field + + of ClusterTrustBundle objects in an + auto-updating file. + + + Alpha, gated by the ClusterTrustBundleProjection + feature gate. + + + ClusterTrustBundle objects can either + be selected by name, or by the + + combination of signer name and a label + selector. + + + Kubelet performs aggressive normalization + of the PEM contents written + + into the pod filesystem. Esoteric PEM + features such as inter-block + + comments and block headers are stripped. Certificates + are deduplicated. + + The ordering of certificates within + the file is arbitrary, and Kubelet + + may change the order over time.' properties: labelSelector: - description: Select all ClusterTrustBundles + description: 'Select all ClusterTrustBundles that match this label selector. Only - has effect if signerName is set. Mutually-exclusive - with name. If unset, interpreted - as "match nothing". If set but - empty, interpreted as "match everything". + has + + effect if signerName is set. Mutually-exclusive + with name. If unset, + + interpreted as "match nothing". If + set but empty, interpreted as "match + + everything".' properties: matchExpressions: description: matchExpressions @@ -5667,11 +7660,12 @@ objects: requirements. The requirements are ANDed. items: - description: A label selector + description: 'A label selector requirement is a selector that contains values, a key, - and an operator that relates - the key and values. + and an operator that + + relates the key and values.' properties: key: description: key is the @@ -5679,70 +7673,91 @@ objects: applies to. type: string operator: - description: operator represents - a key's relationship to - a set of values. Valid - operators are In, NotIn, - Exists and DoesNotExist. + description: 'operator represents + a key''s relationship + to a set of values. + + Valid operators are In, + NotIn, Exists and DoesNotExist.' type: string values: - description: values is an - array of string values. + description: 'values is + an array of string values. If the operator is In - or NotIn, the values array - must be non-empty. If - the operator is Exists - or DoesNotExist, the values - array must be empty. This - array is replaced during - a strategic merge patch. + or NotIn, + + the values array must + be non-empty. If the operator + is Exists or DoesNotExist, + + the values array must + be empty. This array is + replaced during a strategic + + merge patch.' items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string - description: matchLabels is a + description: 'matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key - field is "key", the operator - is "In", and the values array - contains only "value". The requirements - are ANDed. + field is "key", the + + operator is "In", and the values + array contains only "value". + The requirements are ANDed.' type: object type: object + x-kubernetes-map-type: atomic name: - description: Select a single ClusterTrustBundle + description: 'Select a single ClusterTrustBundle by object name. Mutually-exclusive - with signerName and labelSelector. + + with signerName and labelSelector.' type: string optional: - description: If true, don't block + description: 'If true, don''t block pod startup if the referenced ClusterTrustBundle(s) - aren't available. If using name, + + aren''t available. If using name, then the named ClusterTrustBundle - is allowed not to exist. If using + is + + allowed not to exist. If using signerName, then the combination - of signerName and labelSelector - is allowed to match zero ClusterTrustBundles. + of + + signerName and labelSelector is + allowed to match zero + + ClusterTrustBundles.' type: boolean path: description: Relative path from the volume root to write the bundle. type: string signerName: - description: Select all ClusterTrustBundles - that match this signer name. Mutually-exclusive - with name. The contents of all - selected ClusterTrustBundles will - be unified and deduplicated. + description: 'Select all ClusterTrustBundles + that match this signer name. + + Mutually-exclusive with name. The + contents of all selected + + ClusterTrustBundles will be unified + and deduplicated.' type: string required: - path @@ -5752,21 +7767,30 @@ objects: the configMap data to project properties: items: - description: items if unspecified, + description: 'items if unspecified, each key-value pair in the Data - field of the referenced ConfigMap - will be projected into the volume - as a file whose name is the key - and content is the value. If specified, - the listed keys will be projected - into the specified paths, and unlisted - keys will not be present. If a key - is specified which is not present - in the ConfigMap, the volume setup - will error unless it is marked optional. - Paths must be relative and may not - contain the '..' path or start with - '..'. + field of the referenced + + ConfigMap will be projected into + the volume as a file whose name + is the + + key and content is the value. If + specified, the listed keys will + be + + projected into the specified paths, + and unlisted keys will not be + + present. If a key is specified which + is not present in the ConfigMap, + + the volume setup will error unless + it is marked optional. Paths must + be + + relative and may not contain the + ''..'' path or start with ''..''.' items: description: Maps a string key to a path within a volume. @@ -5778,39 +7802,62 @@ objects: mode: description: 'mode is Optional: mode bits used to set permissions - on this file. Must be an octal - value between 0000 and 0777 - or a decimal value between - 0 and 511. YAML accepts both - octal and decimal values, - JSON requires decimal values - for mode bits. If not specified, - the volume defaultMode will - be used. This might be in - conflict with other options - that affect the file mode, - like fsGroup, and the result - can be other mode bits set.' + on this file. + + Must be an octal value between + 0000 and 0777 or a decimal + value between 0 and 511. + + YAML accepts both octal and + decimal values, JSON requires + decimal values for mode bits. + + If not specified, the volume + defaultMode will be used. + + This might be in conflict + with other options that affect + the file + + mode, like fsGroup, and the + result can be other mode bits + set.' format: int32 type: integer path: - description: path is the relative + description: 'path is the relative path of the file to map the - key to. May not be an absolute - path. May not contain the - path element '..'. May not - start with the string '..'. + key to. + + May not be an absolute path. + + May not contain the path element + ''..''. + + May not start with the string + ''..''.' type: string required: - key - path type: object type: array + x-kubernetes-list-type: atomic name: + default: '' description: 'Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + + This field is effectively required, + but due to backwards compatibility + is + + allowed to be empty. Instances of + this type with an empty value here + are + + almost certainly wrong. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string optional: description: optional specify whether @@ -5818,6 +7865,7 @@ objects: defined type: boolean type: object + x-kubernetes-map-type: atomic downwardAPI: description: downwardAPI information about the downwardAPI data to project @@ -5833,8 +7881,8 @@ objects: fieldRef: description: 'Required: Selects a field of the pod: only annotations, - labels, name and namespace - are supported.' + labels, name, namespace and + uid are supported.' properties: apiVersion: description: Version of @@ -5850,22 +7898,31 @@ objects: required: - fieldPath type: object + x-kubernetes-map-type: atomic mode: description: 'Optional: mode bits used to set permissions on this file, must be an octal - value between 0000 and 0777 - or a decimal value between - 0 and 511. YAML accepts both - octal and decimal values, - JSON requires decimal values - for mode bits. If not specified, - the volume defaultMode will - be used. This might be in - conflict with other options - that affect the file mode, - like fsGroup, and the result - can be other mode bits set.' + value + + between 0000 and 0777 or a + decimal value between 0 and + 511. + + YAML accepts both octal and + decimal values, JSON requires + decimal values for mode bits. + + If not specified, the volume + defaultMode will be used. + + This might be in conflict + with other options that affect + the file + + mode, like fsGroup, and the + result can be other mode bits + set.' format: int32 type: integer path: @@ -5881,10 +7938,11 @@ objects: resourceFieldRef: description: 'Selects a resource of the container: only resources - limits and requests (limits.cpu, - limits.memory, requests.cpu - and requests.memory) are currently - supported.' + limits and requests + + (limits.cpu, limits.memory, + requests.cpu and requests.memory) + are currently supported.' properties: containerName: description: 'Container @@ -5908,31 +7966,41 @@ objects: required: - resource type: object + x-kubernetes-map-type: atomic required: - path type: object type: array + x-kubernetes-list-type: atomic type: object secret: description: secret information about the secret data to project properties: items: - description: items if unspecified, + description: 'items if unspecified, each key-value pair in the Data - field of the referenced Secret will - be projected into the volume as - a file whose name is the key and - content is the value. If specified, - the listed keys will be projected - into the specified paths, and unlisted - keys will not be present. If a key - is specified which is not present - in the Secret, the volume setup - will error unless it is marked optional. - Paths must be relative and may not - contain the '..' path or start with - '..'. + field of the referenced + + Secret will be projected into the + volume as a file whose name is the + + key and content is the value. If + specified, the listed keys will + be + + projected into the specified paths, + and unlisted keys will not be + + present. If a key is specified which + is not present in the Secret, + + the volume setup will error unless + it is marked optional. Paths must + be + + relative and may not contain the + ''..'' path or start with ''..''.' items: description: Maps a string key to a path within a volume. @@ -5944,39 +8012,62 @@ objects: mode: description: 'mode is Optional: mode bits used to set permissions - on this file. Must be an octal - value between 0000 and 0777 - or a decimal value between - 0 and 511. YAML accepts both - octal and decimal values, - JSON requires decimal values - for mode bits. If not specified, - the volume defaultMode will - be used. This might be in - conflict with other options - that affect the file mode, - like fsGroup, and the result - can be other mode bits set.' + on this file. + + Must be an octal value between + 0000 and 0777 or a decimal + value between 0 and 511. + + YAML accepts both octal and + decimal values, JSON requires + decimal values for mode bits. + + If not specified, the volume + defaultMode will be used. + + This might be in conflict + with other options that affect + the file + + mode, like fsGroup, and the + result can be other mode bits + set.' format: int32 type: integer path: - description: path is the relative + description: 'path is the relative path of the file to map the - key to. May not be an absolute - path. May not contain the - path element '..'. May not - start with the string '..'. + key to. + + May not be an absolute path. + + May not contain the path element + ''..''. + + May not start with the string + ''..''.' type: string required: - key - path type: object type: array + x-kubernetes-list-type: atomic name: + default: '' description: 'Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + + This field is effectively required, + but due to backwards compatibility + is + + allowed to be empty. Instances of + this type with an empty value here + are + + almost certainly wrong. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string optional: description: optional field specify @@ -5984,76 +8075,98 @@ objects: be defined type: boolean type: object + x-kubernetes-map-type: atomic serviceAccountToken: description: serviceAccountToken is information about the serviceAccountToken data to project properties: audience: - description: audience is the intended + description: 'audience is the intended audience of the token. A recipient - of a token must identify itself - with an identifier specified in - the audience of the token, and otherwise - should reject the token. The audience - defaults to the identifier of the - apiserver. + of a token + + must identify itself with an identifier + specified in the audience of the + + token, and otherwise should reject + the token. The audience defaults + to the + + identifier of the apiserver.' type: string expirationSeconds: - description: expirationSeconds is + description: 'expirationSeconds is the requested duration of validity - of the service account token. As - the token approaches expiration, - the kubelet volume plugin will proactively - rotate the service account token. - The kubelet will start trying to - rotate the token if the token is - older than 80 percent of its time - to live or if the token is older - than 24 hours.Defaults to 1 hour - and must be at least 10 minutes. + of the service + + account token. As the token approaches + expiration, the kubelet volume + + plugin will proactively rotate the + service account token. The kubelet + will + + start trying to rotate the token + if the token is older than 80 percent + of + + its time to live or if the token + is older than 24 hours.Defaults + to 1 hour + + and must be at least 10 minutes.' format: int64 type: integer path: - description: path is the path relative + description: 'path is the path relative to the mount point of the file to - project the token into. + project the + + token into.' type: string required: - path type: object type: object type: array + x-kubernetes-list-type: atomic type: object quobyte: description: quobyte represents a Quobyte mount on the host that shares a pod's lifetime properties: group: - description: group to map volume access to Default - is no group + description: 'group to map volume access to + + Default is no group' type: string readOnly: - description: readOnly here will force the Quobyte + description: 'readOnly here will force the Quobyte volume to be mounted with read-only permissions. - Defaults to false. + + Defaults to false.' type: boolean registry: - description: registry represents a single or - multiple Quobyte Registry services specified - as a string as host:port pair (multiple entries - are separated with commas) which acts as the - central registry for volumes + description: 'registry represents a single or + multiple Quobyte Registry services + + specified as a string as host:port pair (multiple + entries are separated with commas) + + which acts as the central registry for volumes' type: string tenant: - description: tenant owning the given Quobyte - volume in the Backend Used with dynamically - provisioned Quobyte volumes, value is set - by the plugin + description: 'tenant owning the given Quobyte + volume in the Backend + + Used with dynamically provisioned Quobyte + volumes, value is set by the plugin' type: string user: - description: user to map volume access to Defaults - to serivceaccount user + description: 'user to map volume access to + + Defaults to serivceaccount user' type: string volume: description: volume is a string that references @@ -6066,57 +8179,93 @@ objects: rbd: description: 'rbd represents a Rados Block Device mount on the host that shares a pod''s lifetime. + More info: https://examples.k8s.io/volumes/rbd/README.md' properties: fsType: description: 'fsType is the filesystem type - of the volume that you want to mount. Tip: - Ensure that the filesystem type is supported - by the host operating system. Examples: "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd - TODO: how do we prevent errors in the filesystem - from compromising the machine' + of the volume that you want to mount. + + Tip: Ensure that the filesystem type is supported + by the host operating system. + + Examples: "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd' type: string image: description: 'image is the rados image name. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string keyring: + default: /etc/ceph/keyring description: 'keyring is the path to key ring - for RBDUser. Default is /etc/ceph/keyring. + for RBDUser. + + Default is /etc/ceph/keyring. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string monitors: description: 'monitors is a collection of Ceph - monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + monitors. + + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' items: type: string type: array + x-kubernetes-list-type: atomic pool: - description: 'pool is the rados pool name. Default - is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + default: rbd + description: 'pool is the rados pool name. + + Default is rbd. + + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string readOnly: description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. + setting in VolumeMounts. + + Defaults to false. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: boolean secretRef: description: 'secretRef is name of the authentication - secret for RBDUser. If provided overrides - keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + secret for RBDUser. If provided + + overrides keyring. + + Default is nil. + + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' properties: name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: '' + description: 'Name of the referent. + + This field is effectively required, but + due to backwards compatibility is + + allowed to be empty. Instances of this + type with an empty value here are + + almost certainly wrong. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string type: object + x-kubernetes-map-type: atomic user: - description: 'user is the rados user name. Default - is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + default: admin + description: 'user is the rados user name. + + Default is admin. + + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string required: - image @@ -6127,10 +8276,16 @@ objects: volume attached and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to - mount. Must be a filesystem type supported - by the host operating system. Ex. "ext4", - "xfs", "ntfs". Default is "xfs". + default: xfs + description: 'fsType is the filesystem type + to mount. + + Must be a filesystem type supported by the + host operating system. + + Ex. "ext4", "xfs", "ntfs". + + Default is "xfs".' type: string gateway: description: gateway is the host address of @@ -6142,31 +8297,45 @@ objects: storage. type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. + description: 'readOnly Defaults to false (read/write). + ReadOnly here will force + + the ReadOnly setting in VolumeMounts.' type: boolean secretRef: - description: secretRef references to the secret - for ScaleIO user and other sensitive information. - If this is not provided, Login operation will - fail. + description: 'secretRef references to the secret + for ScaleIO user and other + + sensitive information. If this is not provided, + Login operation will fail.' properties: name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: '' + description: 'Name of the referent. + + This field is effectively required, but + due to backwards compatibility is + + allowed to be empty. Instances of this + type with an empty value here are + + almost certainly wrong. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string type: object + x-kubernetes-map-type: atomic sslEnabled: description: sslEnabled Flag enable/disable SSL communication with Gateway, default false type: boolean storageMode: - description: storageMode indicates whether the - storage for a volume should be ThickProvisioned - or ThinProvisioned. Default is ThinProvisioned. + default: ThinProvisioned + description: 'storageMode indicates whether + the storage for a volume should be ThickProvisioned + or ThinProvisioned. + + Default is ThinProvisioned.' type: string storagePool: description: storagePool is the ScaleIO Storage @@ -6177,9 +8346,10 @@ objects: system as configured in ScaleIO. type: string volumeName: - description: volumeName is the name of a volume - already created in the ScaleIO system that - is associated with this volume source. + description: 'volumeName is the name of a volume + already created in the ScaleIO system + + that is associated with this volume source.' type: string required: - gateway @@ -6188,34 +8358,54 @@ objects: type: object secret: description: 'secret represents a secret that should - populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + populate this volume. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' properties: defaultMode: description: 'defaultMode is Optional: mode bits used to set permissions on created files - by default. Must be an octal value between - 0000 and 0777 or a decimal value between 0 - and 511. YAML accepts both octal and decimal - values, JSON requires decimal values for mode - bits. Defaults to 0644. Directories within - the path are not affected by this setting. + by default. + + Must be an octal value between 0000 and 0777 + or a decimal value between 0 and 511. + + YAML accepts both octal and decimal values, + JSON requires decimal values + + for mode bits. Defaults to 0644. + + Directories within the path are not affected + by this setting. + This might be in conflict with other options - that affect the file mode, like fsGroup, and - the result can be other mode bits set.' + that affect the file + + mode, like fsGroup, and the result can be + other mode bits set.' format: int32 type: integer items: - description: items If unspecified, each key-value - pair in the Data field of the referenced Secret - will be projected into the volume as a file - whose name is the key and content is the value. - If specified, the listed keys will be projected - into the specified paths, and unlisted keys - will not be present. If a key is specified - which is not present in the Secret, the volume - setup will error unless it is marked optional. - Paths must be relative and may not contain - the '..' path or start with '..'. + description: 'items If unspecified, each key-value + pair in the Data field of the referenced + + Secret will be projected into the volume as + a file whose name is the + + key and content is the value. If specified, + the listed keys will be + + projected into the specified paths, and unlisted + keys will not be + + present. If a key is specified which is not + present in the Secret, + + the volume setup will error unless it is marked + optional. Paths must be + + relative and may not contain the ''..'' path + or start with ''..''.' items: description: Maps a string key to a path within a volume. @@ -6226,38 +8416,50 @@ objects: mode: description: 'mode is Optional: mode bits used to set permissions on this file. + Must be an octal value between 0000 and 0777 or a decimal value between - 0 and 511. YAML accepts both octal and - decimal values, JSON requires decimal - values for mode bits. If not specified, - the volume defaultMode will be used. + 0 and 511. + + YAML accepts both octal and decimal + values, JSON requires decimal values + for mode bits. + + If not specified, the volume defaultMode + will be used. + This might be in conflict with other - options that affect the file mode, like - fsGroup, and the result can be other - mode bits set.' + options that affect the file + + mode, like fsGroup, and the result can + be other mode bits set.' format: int32 type: integer path: - description: path is the relative path - of the file to map the key to. May not - be an absolute path. May not contain - the path element '..'. May not start - with the string '..'. + description: 'path is the relative path + of the file to map the key to. + + May not be an absolute path. + + May not contain the path element ''..''. + + May not start with the string ''..''.' type: string required: - key - path type: object type: array + x-kubernetes-list-type: atomic optional: description: optional field specify whether the Secret or its keys must be defined type: boolean secretName: description: 'secretName is the name of the - secret in the pod''s namespace to use. More - info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + secret in the pod''s namespace to use. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' type: string type: object storageos: @@ -6265,45 +8467,69 @@ objects: attached and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to - mount. Must be a filesystem type supported - by the host operating system. Ex. "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. + description: 'fsType is the filesystem type + to mount. + + Must be a filesystem type supported by the + host operating system. + + Ex. "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified.' type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. + description: 'readOnly defaults to false (read/write). + ReadOnly here will force + + the ReadOnly setting in VolumeMounts.' type: boolean secretRef: - description: secretRef specifies the secret - to use for obtaining the StorageOS API credentials. If - not specified, default values will be attempted. + description: 'secretRef specifies the secret + to use for obtaining the StorageOS API + + credentials. If not specified, default values + will be attempted.' properties: name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: '' + description: 'Name of the referent. + + This field is effectively required, but + due to backwards compatibility is + + allowed to be empty. Instances of this + type with an empty value here are + + almost certainly wrong. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string type: object + x-kubernetes-map-type: atomic volumeName: - description: volumeName is the human-readable - name of the StorageOS volume. Volume names - are only unique within a namespace. + description: 'volumeName is the human-readable + name of the StorageOS volume. Volume + + names are only unique within a namespace.' type: string volumeNamespace: - description: volumeNamespace specifies the scope - of the volume within StorageOS. If no namespace - is specified then the Pod's namespace will - be used. This allows the Kubernetes name - scoping to be mirrored within StorageOS for - tighter integration. Set VolumeName to any - name to override the default behaviour. Set - to "default" if you are not using namespaces - within StorageOS. Namespaces that do not pre-exist - within StorageOS will be created. + description: 'volumeNamespace specifies the + scope of the volume within StorageOS. If + no + + namespace is specified then the Pod''s namespace + will be used. This allows the + + Kubernetes name scoping to be mirrored within + StorageOS for tighter integration. + + Set VolumeName to any name to override the + default behaviour. + + Set to "default" if you are not using namespaces + within StorageOS. + + Namespaces that do not pre-exist within StorageOS + will be created.' type: string type: object vsphereVolume: @@ -6311,11 +8537,13 @@ objects: volume attached and mounted on kubelets host machine properties: fsType: - description: fsType is filesystem type to mount. + description: 'fsType is filesystem type to mount. + Must be a filesystem type supported by the - host operating system. Ex. "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. + host operating system. + + Ex. "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified.' type: string storagePolicyID: description: storagePolicyID is the storage @@ -6350,15 +8578,21 @@ objects: format: int64 type: integer successfulJobsHistoryLimit: - description: The number of successful finished jobs to retain. - Value must be non-negative integer. Defaults to 3. Only - applies to Cronjobs + description: 'The number of successful finished jobs to retain. + Value must be non-negative integer. + + Defaults to 3. + + Only applies to Cronjobs' format: int32 type: integer suspend: - description: This flag tells the controller to suspend subsequent - executions, it does not apply to already started executions. Defaults - to false. Only applies to Cronjobs + description: 'This flag tells the controller to suspend subsequent + executions, it does + + not apply to already started executions. Defaults to false. + + Only applies to Cronjobs' type: boolean required: - name @@ -6366,8 +8600,10 @@ objects: type: object type: array kafkaTopics: - description: A list of Kafka topics that will be created and made - available to all the pods listed in the ClowdApp. + description: 'A list of Kafka topics that will be created and made + available to all + + the pods listed in the ClowdApp.' items: description: KafkaTopicSpec defines the desired state of KafkaTopic properties: @@ -6402,16 +8638,18 @@ objects: type: object type: array objectStore: - description: A list of string names defining storage buckets. In - certain modes, defined by the ClowdEnvironment, Clowder will create - those buckets. + description: 'A list of string names defining storage buckets. In + certain modes, + + defined by the ClowdEnvironment, Clowder will create those buckets.' items: type: string type: array optionalDependencies: - description: A list of optional dependencies in the form of the - name of the ClowdApps that will be added to the configuration - when present. + description: 'A list of optional dependencies in the form of the + name of the ClowdApps that + + will be added to the configuration when present.' items: type: string type: array @@ -6435,38 +8673,50 @@ objects: resource operational state. properties: lastTransitionTime: - description: Last time the condition transitioned from one - status to another. This should be when the underlying condition - changed. If that is not known, then using the time when - the API field changed is acceptable. + description: 'Last time the condition transitioned from one + status to another. + + This should be when the underlying condition changed. If + that is not known, then using the time when + + the API field changed is acceptable.' format: date-time type: string message: - description: A human readable message indicating details about - the transition. This field may be empty. + description: 'A human readable message indicating details + about the transition. + + This field may be empty.' type: string reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not - this field is considered a guaranteed API. This field may - not be empty. + description: 'The reason for the condition''s last transition + in CamelCase. + + The specific API may choose whether or not this field is + considered a guaranteed API. + + This field may not be empty.' type: string severity: - description: Severity provides an explicit classification + description: 'Severity provides an explicit classification of Reason code, so the users or machines can immediately - understand the current situation and act accordingly. The - Severity field MUST be set only when Status=False. + + understand the current situation and act accordingly. + + The Severity field MUST be set only when Status=False.' type: string status: description: Status of the condition, one of True, False, Unknown. type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. + description: 'Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict - is important. + like Available, but because arbitrary conditions + + can be useful (see .node.status.conditions), the ability + to deconflict is important.' type: string required: - lastTransitionTime @@ -6476,9 +8726,12 @@ objects: type: array deployments: description: 'INSERT ADDITIONAL STATUS FIELD - define observed state - of cluster Important: Run "make" to regenerate code after modifying - this file ClowdEnvironmentStatus defines the observed state of - ClowdEnvironment' + of cluster + + Important: Run "make" to regenerate code after modifying this + file + + ClowdEnvironmentStatus defines the observed state of ClowdEnvironment' properties: managedDeployments: format: int32 @@ -6500,18 +8753,11 @@ objects: storage: true subresources: status: {} - status: - acceptedNames: - kind: '' - plural: '' - conditions: [] - storedVersions: [] - apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.16.4 name: clowdenvironments.cloud.redhat.com spec: group: cloud.redhat.com @@ -6544,14 +8790,27 @@ objects: properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + of an object. + + Servers should convert recognized schemas to the latest internal value, + and + + may reject unrecognized values. + + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: description: 'Kind is a string value representing the REST resource - this object represents. Servers may infer this from the endpoint the - client submits requests to. Cannot be updated. In CamelCase. More - info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + this object represents. + + Servers may infer this from the endpoint the client submits requests + to. + + Cannot be updated. + + In CamelCase. + + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object @@ -6562,8 +8821,10 @@ objects: description: Disabled turns off reconciliation for this ClowdEnv type: boolean providers: - description: A ProvidersConfig object, detailing the setup and configuration - of all the providers used in this ClowdEnvironment. + description: 'A ProvidersConfig object, detailing the setup and + configuration of all the + + providers used in this ClowdEnvironment.' properties: autoScaler: description: Defines the autoscaler configuration @@ -6581,19 +8842,25 @@ objects: Provider. properties: caBundleURL: - description: Indicates where Clowder will fetch the database - CA certificate bundle from. Currently only used in (*_app-interface_*) - mode. If none is specified, the AWS RDS combined CA bundle - is used. + description: 'Indicates where Clowder will fetch the database + CA certificate bundle from. Currently only used in + + (*_app-interface_*) mode. If none is specified, the AWS + RDS combined CA bundle is used.' pattern: ^https?:\/\/.+$ type: string mode: description: 'The mode of operation of the Clowder Database - Provider. Valid options are: (*_app-interface_*) where - the provider will pass through database credentials found - in the secret defined by the database name in the ClowdApp, - and (*_local_*) where the provider will spin up a local - instance of the database.' + Provider. Valid options are: + + (*_app-interface_*) where the provider will pass through + database credentials + + found in the secret defined by the database name in the + ClowdApp, and (*_local_*) + + where the provider will spin up a local instance of the + database.' enum: - shared - app-interface @@ -6601,9 +8868,11 @@ objects: - none type: string pvc: - description: If using the (*_local_*) mode and PVC is set - to true, this instructs the local Database instance to - use a PVC instead of emptyDir for its volumes. + description: 'If using the (*_local_*) mode and PVC is set + to true, this instructs the local + + Database instance to use a PVC instead of emptyDir for + its volumes.' type: boolean required: - mode @@ -6619,8 +8888,10 @@ objects: Provider. properties: credentialRef: - description: Defines the secret containing the client access - token, only used for (*_app-interface_*) mode. + description: 'Defines the secret containing the client access + token, only used for (*_app-interface_*) + + mode.' properties: name: description: Name defines the Name of a resource. @@ -6641,13 +8912,20 @@ objects: properties: unleash: type: string + unleashEdge: + type: string type: object mode: description: 'The mode of operation of the Clowder FeatureFlag - Provider. Valid options are: (*_app-interface_*) where - the provider will pass through credentials to the app - configuration, and (*_local_*) where a local Unleash instance - will be created.' + Provider. Valid options are: + + (*_app-interface_*) where the provider will pass through + credentials + + to the app configuration, and (*_local_*) where a local + Unleash instance will + + be created.' enum: - local - app-interface @@ -6658,19 +8936,30 @@ objects: format: int32 type: integer pvc: - description: If using the (*_local_*) mode and PVC is set - to true, this instructs the local Database instance to - use a PVC instead of emptyDir for its volumes. + description: 'If using the (*_local_*) mode and PVC is set + to true, this instructs the local + + Database instance to use a PVC instead of emptyDir for + its volumes.' type: boolean type: object inMemoryDb: description: Defines the Configuration for the Clowder InMemoryDB Provider. properties: + image: + description: 'This image is only used in the (*_redis_*) + mode, as elsewhere it will try to + + inspect for a secret for a hostname and credentials.' + type: string mode: description: 'The mode of operation of the Clowder InMemory - Provider. Valid options are: (*_redis_*) where a local - Minio instance will be created, and (*_elasticache_*) + Provider. Valid options are: + + (*_redis_*) where a local Minio instance will be created, + and (*_elasticache_*) + which will search the namespace of the ClowdApp for a secret called ''elasticache''' enum: @@ -6680,9 +8969,11 @@ objects: - none type: string pvc: - description: If using the (*_local_*) mode and PVC is set - to true, this instructs the local Database instance to - use a PVC instead of emptyDir for its volumes. + description: 'If using the (*_local_*) mode and PVC is set + to true, this instructs the local + + Database instance to use a PVC instead of emptyDir for + its volumes.' type: boolean required: - mode @@ -6701,9 +8992,10 @@ objects: description: Config full options type: object deleteClaim: - description: Delete persistent volume claim if the Kafka - cluster is deleted Only applies when KafkaConfig.PVC - is set to 'true' + description: 'Delete persistent volume claim if the + Kafka cluster is deleted + + Only applies when KafkaConfig.PVC is set to ''true''' type: boolean forceTLS: description: Force TLS @@ -6721,13 +9013,16 @@ objects: description: -Xmx option to to the JVM. type: string gcLoggingEnabled: - description: Specifies whether the Garbage Collection - logging is enabled. The default is false. + description: 'Specifies whether the Garbage Collection + logging is enabled. The default is + + false.' type: boolean javaSystemProperties: - description: A map of additional system properties - which will be passed using the `-D` option to - the JVM. + description: 'A map of additional system properties + which will be passed using the `-D` + + option to the JVM.' items: properties: name: @@ -6756,6 +9051,17 @@ objects: resources: description: Resource Limits properties: + claims: + description: Claims corresponds to the JSON schema + field "claims". + items: + properties: + name: + description: Name corresponds to the JSON + schema field "name". + type: string + type: object + type: array limits: description: Limits corresponds to the JSON schema field "limits". @@ -6766,9 +9072,10 @@ objects: x-kubernetes-preserve-unknown-fields: true type: object storageSize: - description: Persistent volume storage size. If unset, - default is '1Gi' Only applies when KafkaConfig.PVC - is set to 'true' + description: 'Persistent volume storage size. If unset, + default is ''1Gi'' + + Only applies when KafkaConfig.PVC is set to ''true''' type: string version: description: Version. If unset, default is '2.5.0' @@ -6779,9 +9086,10 @@ objects: mode. type: string clusterName: - description: (Deprecated) Defines the cluster name to be - used by the Kafka Provider this will be used in some modes - to locate the Kafka instance. + description: '(Deprecated) Defines the cluster name to be + used by the Kafka Provider this will + + be used in some modes to locate the Kafka instance.' type: string connect: description: Defines options related to the Kafka Connect @@ -6809,6 +9117,17 @@ objects: resources: description: Resource Limits properties: + claims: + description: Claims corresponds to the JSON schema + field "claims". + items: + properties: + name: + description: Name corresponds to the JSON + schema field "name". + type: string + type: object + type: array limits: description: Limits corresponds to the JSON schema field "limits". @@ -6827,9 +9146,11 @@ objects: name that is used in this environment. type: string connectNamespace: - description: (Deprecated) The namespace that the Kafka Connect - cluster is expected to reside in. This is only used in - (*_app-interface_*) and (*_operator_*) modes. + description: '(Deprecated) The namespace that the Kafka + Connect cluster is expected to reside in. This is only + used + + in (*_app-interface_*) and (*_operator_*) modes.' type: string enableLegacyStrimzi: description: EnableLegacyStrimzi disables TLS + user auth @@ -6858,15 +9179,24 @@ objects: type: object mode: description: 'The mode of operation of the Clowder Kafka - Provider. Valid options are: (*_operator_*) which provisions - Strimzi resources and will configure KafkaTopic CRs and - place them in the Kafka cluster''s namespace described - in the configuration, (*_app-interface_*) which simply - passes the topic names through to the App''s cdappconfig.json - and expects app-interface to have created the relevant + Provider. Valid options are: + + (*_operator_*) which provisions Strimzi resources and + will configure + + KafkaTopic CRs and place them in the Kafka cluster''s + namespace described in the configuration, + + (*_app-interface_*) which simply passes the topic names + through to the App''s + + cdappconfig.json and expects app-interface to have created + the relevant + topics, and (*_local_*) where a small instance of Kafka - is created in the desired cluster namespace and configured - to auto-create topics.' + is created in the desired cluster namespace + + and configured to auto-create topics.' enum: - ephem-msk - managed @@ -6876,15 +9206,17 @@ objects: - none type: string namespace: - description: (Deprecated) The Namespace the cluster is expected - to reside in. This is only used in (*_app-interface_*) - and (*_operator_*) modes. + description: '(Deprecated) The Namespace the cluster is + expected to reside in. This is only used + + in (*_app-interface_*) and (*_operator_*) modes.' type: string pvc: - description: If using the (*_local_*) or (*_operator_*) + description: 'If using the (*_local_*) or (*_operator_*) mode and PVC is set to true, this sets the provisioned + Kafka instance to use a PVC instead of emptyDir for its - volumes. + volumes.' type: boolean suffix: description: (Deprecated) (Unused) @@ -6902,8 +9234,11 @@ objects: properties: mode: description: 'The mode of operation of the Clowder Logging - Provider. Valid options are: (*_app-interface_*) where - the provider will pass through cloudwatch credentials + Provider. Valid options are: + + (*_app-interface_*) where the provider will pass through + cloudwatch credentials + to the app configuration, and (*_none_*) where no logging will be configured.' enum: @@ -6919,19 +9254,21 @@ objects: Provider. properties: mode: - description: The mode of operation of the Metrics provider. - The allowed modes are (*_none_*), which disables metrics - service generation, or (*_operator_*) where services and - probes are generated. (*_app-interface_*) where services - and probes are generated for app-interface. + description: "The mode of operation of the Metrics provider.\ + \ The allowed modes are\n (*_none_*), which disables metrics\ + \ service generation, or\n(*_operator_*) where services\ + \ and probes are generated.\n(*_app-interface_*) where\ + \ services and probes are generated for app-interface." enum: - none - operator - app-interface type: string path: - description: A prefix path that pods will be instructed - to use when setting up their metrics server. + description: 'A prefix path that pods will be instructed + to use when setting up their + + metrics server.' type: string port: description: The port that metrics services inside ClowdApp @@ -6966,19 +9303,26 @@ objects: type: object mode: description: 'The mode of operation of the Clowder ObjectStore - Provider. Valid options are: (*_app-interface_*) where - the provider will pass through Amazon S3 credentials to - the app configuration, and (*_minio_*) where a local Minio - instance will be created.' + Provider. Valid options are: + + (*_app-interface_*) where the provider will pass through + Amazon S3 credentials + + to the app configuration, and (*_minio_*) where a local + Minio instance will + + be created.' enum: - minio - app-interface - none type: string pvc: - description: If using the (*_local_*) mode and PVC is set - to true, this instructs the local Database instance to - use a PVC instead of emptyDir for its volumes. + description: 'If using the (*_local_*) mode and PVC is set + to true, this instructs the local + + Database instance to use a PVC instead of emptyDir for + its volumes.' type: boolean suffix: description: Currently unused. @@ -7049,10 +9393,17 @@ objects: properties: configAccess: description: 'The mode of operation for access to outside - app configs. Valid options are: (*_none_*) -- no app config - is mounted to the pod (*_app_*) -- only the ClowdApp''s - config is mounted to the pod (*_environment_*) -- the - config for all apps in the env are mounted' + app configs. Valid + + options are: + + (*_none_*) -- no app config is mounted to the pod + + (*_app_*) -- only the ClowdApp''s config is mounted to + the pod + + (*_environment_*) -- the config for all apps in the env + are mounted' enum: - none - app @@ -7065,27 +9416,49 @@ objects: imageBase: type: string resources: - description: A pass-through of a resource requirements - in k8s ResourceRequirements format. If omitted, the - default resource requirements from the ClowdEnvironment - will be used. + description: 'A pass-through of a resource requirements + in k8s ResourceRequirements + + format. If omitted, the default resource requirements + from the + + ClowdEnvironment will be used.' properties: claims: - description: "Claims lists the names of resources,\ - \ defined in spec.resourceClaims, that are used\ - \ by this container. \n This is an alpha field\ - \ and requires enabling the DynamicResourceAllocation\ - \ feature gate. \n This field is immutable. It\ - \ can only be set for containers." + description: 'Claims lists the names of resources, + defined in spec.resourceClaims, + + that are used by this container. + + + This is an alpha field and requires enabling the + + DynamicResourceAllocation feature gate. + + + This field is immutable. It can only be set for + containers.' items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one - entry in pod.spec.resourceClaims of the - Pod where this field is used. It makes that - resource available inside a container. + description: 'Name must match the name of + one entry in pod.spec.resourceClaims of + + the Pod where this field is used. It makes + that resource available + + inside a container.' + type: string + request: + description: 'Request is the name chosen for + a request in the referenced claim. + + If empty, everything from the claim is made + available, otherwise + + only the result of this request.' type: string required: - name @@ -7102,7 +9475,9 @@ objects: pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: 'Limits describes the maximum amount - of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + of compute resources allowed. + + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -7112,11 +9487,15 @@ objects: pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: 'Requests describes the minimum amount - of compute resources required. If Requests is - omitted for a container, it defaults to Limits - if that is explicitly specified, otherwise to - an implementation-defined value. Requests cannot - exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + of compute resources required. + + If Requests is omitted for a container, it defaults + to Limits if that is explicitly specified, + + otherwise to an implementation-defined value. + Requests cannot exceed Limits. + + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object ui: @@ -7140,23 +9519,43 @@ objects: set on selenium containers properties: claims: - description: "Claims lists the names of\ - \ resources, defined in spec.resourceClaims,\ - \ that are used by this container. \n\ - \ This is an alpha field and requires\ - \ enabling the DynamicResourceAllocation\ - \ feature gate. \n This field is immutable.\ - \ It can only be set for containers." + description: 'Claims lists the names of + resources, defined in spec.resourceClaims, + + that are used by this container. + + + This is an alpha field and requires enabling + the + + DynamicResourceAllocation feature gate. + + + This field is immutable. It can only be + set for containers.' items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name - of one entry in pod.spec.resourceClaims - of the Pod where this field is used. + description: 'Name must match the + name of one entry in pod.spec.resourceClaims + of + + the Pod where this field is used. It makes that resource available - inside a container. + + inside a container.' + type: string + request: + description: 'Request is the name + chosen for a request in the referenced + claim. + + If empty, everything from the claim + is made available, otherwise + + only the result of this request.' type: string required: - name @@ -7173,8 +9572,9 @@ objects: pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: 'Limits describes the maximum - amount of compute resources allowed. More - info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + amount of compute resources allowed. + + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -7185,10 +9585,14 @@ objects: x-kubernetes-int-or-string: true description: 'Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly - specified, otherwise to an implementation-defined + specified, + + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object @@ -7214,7 +9618,9 @@ objects: type: object k8sAccessLevel: description: 'The mode of operation of the testing Pod. - Valid options are: ''default'', ''view'' or ''edit''' + Valid options are: + + ''default'', ''view'' or ''edit''' enum: - default - view @@ -7234,8 +9640,10 @@ objects: format: int32 type: integer apiPrefix: - description: An api prefix path that pods will be instructed - to use when setting up their web server. + description: 'An api prefix path that pods will be instructed + to use when setting up + + their web server.' type: string bopURL: description: The URL of BOP - only used in (*_none_*/*_operator_*) @@ -7308,9 +9716,11 @@ objects: is used. type: string mode: - description: The mode of operation of the Web provider. - The allowed modes are (*_none_*/*_operator_*), and (*_local_*) - which deploys keycloak and BOP. + description: 'The mode of operation of the Web provider. + The allowed modes are + + (*_none_*/*_operator_*), and (*_local_*) which deploys + keycloak and BOP.' enum: - none - operator @@ -7349,23 +9759,44 @@ objects: - objectStore type: object resourceDefaults: - description: Defines the default resource requirements in standard - k8s format in the event that they omitted from a PodSpec inside - a ClowdApp. + description: 'Defines the default resource requirements in standard + k8s format in the + + event that they omitted from a PodSpec inside a ClowdApp.' properties: claims: - description: "Claims lists the names of resources, defined in\ - \ spec.resourceClaims, that are used by this container. \n\ - \ This is an alpha field and requires enabling the DynamicResourceAllocation\ - \ feature gate. \n This field is immutable. It can only be\ - \ set for containers." + description: 'Claims lists the names of resources, defined in + spec.resourceClaims, + + that are used by this container. + + + This is an alpha field and requires enabling the + + DynamicResourceAllocation feature gate. + + + This field is immutable. It can only be set for containers.' items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a container. + description: 'Name must match the name of one entry in + pod.spec.resourceClaims of + + the Pod where this field is used. It makes that resource + available + + inside a container.' + type: string + request: + description: 'Request is the name chosen for a request + in the referenced claim. + + If empty, everything from the claim is made available, + otherwise + + only the result of this request.' type: string required: - name @@ -7382,7 +9813,9 @@ objects: pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + resources allowed. + + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -7392,10 +9825,15 @@ objects: pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. Requests cannot exceed - Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + resources required. + + If Requests is omitted for a container, it defaults to Limits + if that is explicitly specified, + + otherwise to an implementation-defined value. Requests cannot + exceed Limits. + + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceConfig: @@ -7411,9 +9849,11 @@ objects: - type type: object targetNamespace: - description: TargetNamespace describes the namespace where any generated - environmental resources should end up, this is particularly important - in (*_local_*) mode. + description: 'TargetNamespace describes the namespace where any + generated environmental + + resources should end up, this is particularly important in (*_local_*) + mode.' type: string required: - providers @@ -7451,45 +9891,59 @@ objects: type: array conditions: description: 'INSERT ADDITIONAL STATUS FIELD - define observed state - of cluster Important: Run "make" to regenerate code after modifying - this file' + of cluster + + Important: Run "make" to regenerate code after modifying this + file' items: description: Condition defines an observation of a Cluster API resource operational state. properties: lastTransitionTime: - description: Last time the condition transitioned from one - status to another. This should be when the underlying condition - changed. If that is not known, then using the time when - the API field changed is acceptable. + description: 'Last time the condition transitioned from one + status to another. + + This should be when the underlying condition changed. If + that is not known, then using the time when + + the API field changed is acceptable.' format: date-time type: string message: - description: A human readable message indicating details about - the transition. This field may be empty. + description: 'A human readable message indicating details + about the transition. + + This field may be empty.' type: string reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not - this field is considered a guaranteed API. This field may - not be empty. + description: 'The reason for the condition''s last transition + in CamelCase. + + The specific API may choose whether or not this field is + considered a guaranteed API. + + This field may not be empty.' type: string severity: - description: Severity provides an explicit classification + description: 'Severity provides an explicit classification of Reason code, so the users or machines can immediately - understand the current situation and act accordingly. The - Severity field MUST be set only when Status=False. + + understand the current situation and act accordingly. + + The Severity field MUST be set only when Status=False.' type: string status: description: Status of the condition, one of True, False, Unknown. type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. + description: 'Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict - is important. + like Available, but because arbitrary conditions + + can be useful (see .node.status.conditions), the ability + to deconflict is important.' type: string required: - lastTransitionTime @@ -7541,18 +9995,11 @@ objects: storage: true subresources: status: {} - status: - acceptedNames: - kind: '' - plural: '' - conditions: [] - storedVersions: [] - apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.16.4 name: clowdjobinvocations.cloud.redhat.com spec: group: cloud.redhat.com @@ -7576,14 +10023,27 @@ objects: properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + of an object. + + Servers should convert recognized schemas to the latest internal value, + and + + may reject unrecognized values. + + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: description: 'Kind is a string value representing the REST resource - this object represents. Servers may infer this from the endpoint the - client submits requests to. Cannot be updated. In CamelCase. More - info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + this object represents. + + Servers may infer this from the endpoint the client submits requests + to. + + Cannot be updated. + + In CamelCase. + + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object @@ -7610,8 +10070,10 @@ objects: etc) in a CJI properties: iqe: - description: Iqe is the job spec to override defaults from the - ClowdApp's definition of the job + description: 'Iqe is the job spec to override defaults from + the ClowdApp''s + + definition of the job' properties: debug: description: Changes entrypoint to invoke 'iqe container-debug' @@ -7635,16 +10097,28 @@ objects: type: string value: description: 'Variable references $(VAR_NAME) are - expanded using the previously defined environment - variables in the container and any service environment - variables. If a variable cannot be resolved, the - reference in the input string will be unchanged. - Double $$ are reduced to a single $, which allows - for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" - will produce the string literal "$(VAR_NAME)". Escaped - references will never be expanded, regardless of - whether the variable exists or not. Defaults to - "".' + expanded + + using the previously defined environment variables + in the container and + + any service environment variables. If a variable + cannot be resolved, + + the reference in the input string will be unchanged. + Double $$ are reduced + + to a single $, which allows for escaping the $(VAR_NAME) + syntax: i.e. + + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + + Escaped references will never be expanded, regardless + of whether the variable + + exists or not. + + Defaults to "".' type: string valueFrom: description: Source for the environment variable's @@ -7657,10 +10131,18 @@ objects: description: The key to select. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: '' + description: 'Name of the referent. + + This field is effectively required, but + due to backwards compatibility is + + allowed to be empty. Instances of this type + with an empty value here are + + almost certainly wrong. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string optional: description: Specify whether the ConfigMap @@ -7669,12 +10151,14 @@ objects: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['''']`, - `metadata.annotations['''']`, spec.nodeName, - spec.serviceAccountName, status.hostIP, status.podIP, - status.podIPs.' + `metadata.annotations['''']`, + + spec.nodeName, spec.serviceAccountName, status.hostIP, + status.podIP, status.podIPs.' properties: apiVersion: description: Version of the schema the FieldPath @@ -7687,11 +10171,13 @@ objects: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: description: 'Selects a resource of the container: - only resources limits and requests (limits.cpu, - limits.memory, limits.ephemeral-storage, requests.cpu, - requests.memory and requests.ephemeral-storage) + only resources limits and requests + + (limits.cpu, limits.memory, limits.ephemeral-storage, + requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.' properties: containerName: @@ -7712,6 +10198,7 @@ objects: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: description: Selects a key of a secret in the pod's namespace @@ -7721,10 +10208,18 @@ objects: from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: '' + description: 'Name of the referent. + + This field is effectively required, but + due to backwards compatibility is + + allowed to be empty. Instances of this type + with an empty value here are + + almost certainly wrong. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string optional: description: Specify whether the Secret or @@ -7733,6 +10228,7 @@ objects: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -7747,10 +10243,12 @@ objects: IQE_IBUTSU_SOURCE env var on the IQE container type: string imageTag: - description: Image tag to use for IQE container. By default, - Clowder will set the image tag to be baseImage:name-of-iqe-plugin, - where baseImage is defined in the ClowdEnvironment. Only - the tag can be overridden here. + description: 'Image tag to use for IQE container. By default, + Clowder will set the image tag to be + + baseImage:name-of-iqe-plugin, where baseImage is defined + in the ClowdEnvironment. Only the tag can be overridden + here.' type: string logLevel: description: (DEPRECATED, using 'env' now preferred) sets @@ -7777,10 +10275,12 @@ objects: IQE_PARALLEL_WORKER_COUNT env var on the IQE container type: string plugins: - description: A comma,separated,list indicating IQE plugin(s) + description: 'A comma,separated,list indicating IQE plugin(s) to run tests for. By default, Clowder will use the plugin - name given on the ClowdApp's spec.testing.iqePlugin field. - Use this field if you wish you override the plugin list. + name given on the ClowdApp''s + + spec.testing.iqePlugin field. Use this field if you wish + you override the plugin list.' type: string requirements: description: (DEPRECATED, using 'env' now preferred) sets @@ -7835,8 +10335,10 @@ objects: ClowdJobInvocation properties: completed: - description: Completed is false and updated when all jobs have either - finished successfully or failed past their backoff and retry values + description: 'Completed is false and updated when all jobs have + either finished + + successfully or failed past their backoff and retry values' type: boolean conditions: items: @@ -7844,38 +10346,50 @@ objects: resource operational state. properties: lastTransitionTime: - description: Last time the condition transitioned from one - status to another. This should be when the underlying condition - changed. If that is not known, then using the time when - the API field changed is acceptable. + description: 'Last time the condition transitioned from one + status to another. + + This should be when the underlying condition changed. If + that is not known, then using the time when + + the API field changed is acceptable.' format: date-time type: string message: - description: A human readable message indicating details about - the transition. This field may be empty. + description: 'A human readable message indicating details + about the transition. + + This field may be empty.' type: string reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not - this field is considered a guaranteed API. This field may - not be empty. + description: 'The reason for the condition''s last transition + in CamelCase. + + The specific API may choose whether or not this field is + considered a guaranteed API. + + This field may not be empty.' type: string severity: - description: Severity provides an explicit classification + description: 'Severity provides an explicit classification of Reason code, so the users or machines can immediately - understand the current situation and act accordingly. The - Severity field MUST be set only when Status=False. + + understand the current situation and act accordingly. + + The Severity field MUST be set only when Status=False.' type: string status: description: Status of the condition, one of True, False, Unknown. type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. + description: 'Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict - is important. + like Available, but because arbitrary conditions + + can be useful (see .node.status.conditions), the ability + to deconflict is important.' type: string required: - lastTransitionTime @@ -7904,12 +10418,6 @@ objects: storage: true subresources: status: {} - status: - acceptedNames: - kind: '' - plural: '' - conditions: [] - storedVersions: [] - apiVersion: v1 kind: ServiceAccount metadata: @@ -8590,7 +11098,6 @@ objects: metadata: annotations: service.beta.openshift.io/inject-cabundle: 'true' - creationTimestamp: null name: clowder-mutating-webhook-configuration webhooks: - admissionReviewVersions: @@ -8618,7 +11125,6 @@ objects: metadata: annotations: service.beta.openshift.io/inject-cabundle: 'true' - creationTimestamp: null name: clowder-validating-webhook-configuration webhooks: - admissionReviewVersions: diff --git a/deploy.yml b/deploy.yml index 7cb8cd9d8..dd61e8f1e 100644 --- a/deploy.yml +++ b/deploy.yml @@ -13,8 +13,7 @@ objects: kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.16.4 name: clowdapps.cloud.redhat.com spec: group: cloud.redhat.com @@ -47,14 +46,27 @@ objects: properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + of an object. + + Servers should convert recognized schemas to the latest internal value, + and + + may reject unrecognized values. + + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: description: 'Kind is a string value representing the REST resource - this object represents. Servers may infer this from the endpoint the - client submits requests to. Cannot be updated. In CamelCase. More - info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + this object represents. + + Servers may infer this from the endpoint the client submits requests + to. + + Cannot be updated. + + In CamelCase. + + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object @@ -62,14 +74,22 @@ objects: description: A ClowdApp specification. properties: cyndi: - description: Configures 'cyndi' database syndication for this app. - When the app's ClowdEnvironment has the kafka provider set to - (*_operator_*) mode, Clowder will configure a CyndiPipeline for - this app in the environment's kafka-connect namespace. When the - kafka provider is in (*_app-interface_*) mode, Clowder will check - to ensure that a CyndiPipeline resource exists for the application - in the environment's kafka-connect namespace. For all other kafka - provider modes, this configuration option has no effect. + description: 'Configures ''cyndi'' database syndication for this + app. When the app''s ClowdEnvironment has + + the kafka provider set to (*_operator_*) mode, Clowder will configure + a CyndiPipeline + + for this app in the environment''s kafka-connect namespace. When + the kafka provider is in + + (*_app-interface_*) mode, Clowder will check to ensure that a + CyndiPipeline resource exists + + for the application in the environment''s kafka-connect namespace. + For all other kafka + + provider modes, this configuration option has no effect.' properties: additionalFilters: description: AdditionalFilters @@ -95,9 +115,10 @@ objects: type: boolean type: object database: - description: The database specification defines a single database, - the configuration of which will be made available to all the pods - in the ClowdApp. + description: 'The database specification defines a single database, + the configuration + + of which will be made available to all the pods in the ClowdApp.' properties: dbResourceSize: description: T-shirt size, one of small, medium, large @@ -115,13 +136,19 @@ objects: type: string name: description: 'Defines the Name of the database used by this - app. This will be used as the name of the logical database - created by Clowder when the DB provider is in (*_local_*) - mode. In (*_app-interface_*) mode, the name here is used to - locate the DB secret as a fallback mechanism in cases where - there is no ''clowder/database: '' annotation set - on any secrets by looking for a secret with ''db.host'' starting - with ''-'' where env is usually ''stage'' or ''prod''' + app. This will be used as the + + name of the logical database created by Clowder when the DB + provider is in (*_local_*) mode. + + In (*_app-interface_*) mode, the name here is used to locate + the DB secret as a fallback mechanism + + in cases where there is no ''clowder/database: '' + annotation set on any secrets by looking + + for a secret with ''db.host'' starting with ''-'' + where env is usually ''stage'' or ''prod''' type: string sharedDbAppName: description: Defines the Name of the app to share a database @@ -140,18 +167,21 @@ objects: type: integer type: object dependencies: - description: A list of dependencies in the form of the name of the - ClowdApps that are required to be present for this ClowdApp to - function. + description: 'A list of dependencies in the form of the name of + the ClowdApps that are + + required to be present for this ClowdApp to function.' items: type: string type: array deployments: description: A list of deployments items: - description: Deployment defines a service running inside a ClowdApp - and will output a deployment resource. Only one container per - pod is allowed and this is defined in the PodSpec attribute. + description: 'Deployment defines a service running inside a ClowdApp + and will output a deployment resource. + + Only one container per pod is allowed and this is defined in + the PodSpec attribute.' properties: autoScaler: description: AutoScaler defines the configuration for the @@ -166,37 +196,46 @@ objects: horizontal scale config properties: behavior: - description: HorizontalPodAutoscalerBehavior configures - the scaling behavior of the target in both Up - and Down directions (scaleUp and scaleDown fields - respectively). + description: 'HorizontalPodAutoscalerBehavior + configures the scaling behavior of the target + + in both Up and Down directions (scaleUp and + scaleDown fields respectively).' properties: scaleDown: - description: scaleDown is scaling policy for - scaling Down. If not set, the default value - is to allow to scale down to minReplicas - pods, with a 300 second stabilization window - (i.e., the highest recommendation for the - last 300sec is used). + description: 'scaleDown is scaling policy + for scaling Down. + + If not set, the default value is to allow + to scale down to minReplicas pods, with + a + + 300 second stabilization window (i.e., the + highest recommendation for + + the last 300sec is used).' properties: policies: - description: policies is a list of potential + description: 'policies is a list of potential scaling polices which can be used during - scaling. At least one policy must be - specified, otherwise the HPAScalingRules - will be discarded as invalid + scaling. + + At least one policy must be specified, + otherwise the HPAScalingRules will be + discarded as invalid' items: description: HPAScalingPolicy is a single policy which must hold true for a specified past interval. properties: periodSeconds: - description: periodSeconds specifies + description: 'periodSeconds specifies the window of time for which the - policy should hold true. PeriodSeconds - must be greater than zero and - less than or equal to 1800 (30 - min). + policy should hold true. + + PeriodSeconds must be greater + than zero and less than or equal + to 1800 (30 min).' format: int32 type: integer type: @@ -204,10 +243,11 @@ objects: the scaling policy. type: string value: - description: value contains the + description: 'value contains the amount of change which is permitted - by the policy. It must be greater - than zero + by the policy. + + It must be greater than zero' format: int32 type: integer required: @@ -216,53 +256,65 @@ objects: - value type: object type: array + x-kubernetes-list-type: atomic selectPolicy: - description: selectPolicy is used to specify - which policy should be used. If not - set, the default value MaxPolicySelect - is used. + description: 'selectPolicy is used to + specify which policy should be used. + + If not set, the default value MaxPolicySelect + is used.' type: string stabilizationWindowSeconds: description: 'stabilizationWindowSeconds is the number of seconds for which past - recommendations should be considered - while scaling up or scaling down. StabilizationWindowSeconds - must be greater than or equal to zero - and less than or equal to 3600 (one - hour). If not set, use the default values: + recommendations should be + + considered while scaling up or scaling + down. + + StabilizationWindowSeconds must be greater + than or equal to zero and less than + or equal to 3600 (one hour). + + If not set, use the default values: + - For scale up: 0 (i.e. no stabilization - is done). - For scale down: 300 (i.e. - the stabilization window is 300 seconds - long).' + is done). + + - For scale down: 300 (i.e. the stabilization + window is 300 seconds long).' format: int32 type: integer type: object scaleUp: - description: 'scaleUp is scaling policy for - scaling Up. If not set, the default value - is the higher of: * increase no more than - 4 pods per 60 seconds * double the number - of pods per 60 seconds No stabilization - is used.' + description: "scaleUp is scaling policy for\ + \ scaling Up.\nIf not set, the default value\ + \ is the higher of:\n * increase no more\ + \ than 4 pods per 60 seconds\n * double\ + \ the number of pods per 60 seconds\nNo\ + \ stabilization is used." properties: policies: - description: policies is a list of potential + description: 'policies is a list of potential scaling polices which can be used during - scaling. At least one policy must be - specified, otherwise the HPAScalingRules - will be discarded as invalid + scaling. + + At least one policy must be specified, + otherwise the HPAScalingRules will be + discarded as invalid' items: description: HPAScalingPolicy is a single policy which must hold true for a specified past interval. properties: periodSeconds: - description: periodSeconds specifies + description: 'periodSeconds specifies the window of time for which the - policy should hold true. PeriodSeconds - must be greater than zero and - less than or equal to 1800 (30 - min). + policy should hold true. + + PeriodSeconds must be greater + than zero and less than or equal + to 1800 (30 min).' format: int32 type: integer type: @@ -270,10 +322,11 @@ objects: the scaling policy. type: string value: - description: value contains the + description: 'value contains the amount of change which is permitted - by the policy. It must be greater - than zero + by the policy. + + It must be greater than zero' format: int32 type: integer required: @@ -282,24 +335,33 @@ objects: - value type: object type: array + x-kubernetes-list-type: atomic selectPolicy: - description: selectPolicy is used to specify - which policy should be used. If not - set, the default value MaxPolicySelect - is used. + description: 'selectPolicy is used to + specify which policy should be used. + + If not set, the default value MaxPolicySelect + is used.' type: string stabilizationWindowSeconds: description: 'stabilizationWindowSeconds is the number of seconds for which past - recommendations should be considered - while scaling up or scaling down. StabilizationWindowSeconds - must be greater than or equal to zero - and less than or equal to 3600 (one - hour). If not set, use the default values: + recommendations should be + + considered while scaling up or scaling + down. + + StabilizationWindowSeconds must be greater + than or equal to zero and less than + or equal to 3600 (one hour). + + If not set, use the default values: + - For scale up: 0 (i.e. no stabilization - is done). - For scale down: 300 (i.e. - the stabilization window is 300 seconds - long).' + is done). + + - For scale down: 300 (i.e. the stabilization + window is 300 seconds long).' format: int32 type: integer type: object @@ -311,17 +373,19 @@ objects: type: boolean type: object cooldownPeriod: - description: CooldownPeriod is the interval (in seconds) + description: 'CooldownPeriod is the interval (in seconds) to wait after the last trigger reported active before + scaling the deployment down. Default is 5 minutes (300 - seconds). + seconds).' format: int32 type: integer externalHPA: - description: ExternalHPA allows replicas on deployments - to be controlled by another resource, but will not be - allowed to fall under the minReplicas as set in the - ClowdApp. + description: 'ExternalHPA allows replicas on deployments + to be controlled by another resource, but will + + not be allowed to fall under the minReplicas as set + in the ClowdApp.' type: boolean fallback: description: Fallback is the spec for fallback options @@ -337,9 +401,10 @@ objects: - replicas type: object maxReplicaCount: - description: MaxReplicaCount is the maximum number of - replicas the scaler will scale the deployment to. Default - is 10. + description: 'MaxReplicaCount is the maximum number of + replicas the scaler will scale the deployment to. + + Default is 10.' format: int32 type: integer minReplicaCount: @@ -348,8 +413,10 @@ objects: format: int32 type: integer pollingInterval: - description: PollingInterval is the interval (in seconds) - to check each trigger on. Default is 30 seconds. + description: 'PollingInterval is the interval (in seconds) + to check each trigger on. + + Default is 30 seconds.' format: int32 type: integer triggers: @@ -358,9 +425,11 @@ objects: will be used properties: authenticationRef: - description: ScaledObjectAuthRef points to the TriggerAuthentication - or ClusterTriggerAuthentication object that is - used to authenticate the scaler with the environment + description: 'ScaledObjectAuthRef points to the + TriggerAuthentication or ClusterTriggerAuthentication + object that + + is used to authenticate the scaler with the environment' properties: kind: description: Kind of the resource being referred @@ -376,9 +445,10 @@ objects: type: string type: object metricType: - description: MetricTargetType specifies the type + description: 'MetricTargetType specifies the type of metric being targeted, and should be either - "Value", "AverageValue", or "Utilization" + + "Value", "AverageValue", or "Utilization"' type: string name: type: string @@ -391,9 +461,11 @@ objects: type: array type: object autoScalerSimple: - description: SimpleAutoScaler defines a simple HPA with scaling - for RAM and CPU by value and utilization thresholds, along - with replica count limits + description: 'SimpleAutoScaler defines a simple HPA with scaling + for RAM and CPU by + + value and utilization thresholds, along with replica count + limits' properties: cpu: description: SimpleAutoScalerMetric defines a metric of @@ -433,15 +505,22 @@ objects: - replicas type: object deploymentStrategy: - description: DeploymentStrategy allows the deployment strategy - to be set only if the deployment has no public service enabled + description: 'DeploymentStrategy allows the deployment strategy + to be set only if the + + deployment has no public service enabled' properties: privateStrategy: - description: PrivateStrategy allows a deployment that - only uses a private port to set the deployment strategy - one of Recreate or Rolling, default for a private service - is Recreate. This is to enable a quicker roll out for - services that do not have public facing endpoints. + description: 'PrivateStrategy allows a deployment that + only uses a private port to set + + the deployment strategy one of Recreate or Rolling, + default for a + + private service is Recreate. This is to enable a quicker + roll out for + + services that do not have public facing endpoints.' type: string type: object k8sAccessLevel: @@ -461,17 +540,23 @@ objects: type: object type: object minReplicas: - description: 'Deprecated: Use Replicas instead If Replicas - is not set and MinReplicas is set, then MinReplicas will - be used' + description: 'Deprecated: Use Replicas instead + + If Replicas is not set and MinReplicas is set, then MinReplicas + will be used' format: int32 type: integer name: - description: Name defines the identifier of a Pod inside the - ClowdApp. This name will be used along side the name of - the ClowdApp itself to form a - pattern which - will be used for all other created resources and also for - some labels. It must be unique within a ClowdApp. + description: 'Name defines the identifier of a Pod inside + the ClowdApp. This name will + + be used along side the name of the ClowdApp itself to form + a - + + pattern which will be used for all other created resources + and also for + + some labels. It must be unique within a ClowdApp.' type: string podSpec: description: PodSpec defines a container running inside a @@ -501,16 +586,29 @@ objects: type: string value: description: 'Variable references $(VAR_NAME) are - expanded using the previously defined environment - variables in the container and any service environment - variables. If a variable cannot be resolved, the - reference in the input string will be unchanged. - Double $$ are reduced to a single $, which allows - for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" - will produce the string literal "$(VAR_NAME)". + expanded + + using the previously defined environment variables + in the container and + + any service environment variables. If a variable + cannot be resolved, + + the reference in the input string will be unchanged. + Double $$ are reduced + + to a single $, which allows for escaping the $(VAR_NAME) + syntax: i.e. + + "$$(VAR_NAME)" will produce the string literal + "$(VAR_NAME)". + Escaped references will never be expanded, regardless - of whether the variable exists or not. Defaults - to "".' + of whether the variable + + exists or not. + + Defaults to "".' type: string valueFrom: description: Source for the environment variable's @@ -523,10 +621,18 @@ objects: description: The key to select. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: '' + description: 'Name of the referent. + + This field is effectively required, but + due to backwards compatibility is + + allowed to be empty. Instances of this + type with an empty value here are + + almost certainly wrong. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string optional: description: Specify whether the ConfigMap @@ -535,12 +641,14 @@ objects: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['''']`, - `metadata.annotations['''']`, spec.nodeName, - spec.serviceAccountName, status.hostIP, status.podIP, - status.podIPs.' + `metadata.annotations['''']`, + + spec.nodeName, spec.serviceAccountName, status.hostIP, + status.podIP, status.podIPs.' properties: apiVersion: description: Version of the schema the FieldPath @@ -553,11 +661,13 @@ objects: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: description: 'Selects a resource of the container: - only resources limits and requests (limits.cpu, - limits.memory, limits.ephemeral-storage, requests.cpu, - requests.memory and requests.ephemeral-storage) + only resources limits and requests + + (limits.cpu, limits.memory, limits.ephemeral-storage, + requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.' properties: containerName: @@ -579,6 +689,7 @@ objects: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: description: Selects a key of a secret in the pod's namespace @@ -588,10 +699,18 @@ objects: from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: '' + description: 'Name of the referent. + + This field is effectively required, but + due to backwards compatibility is + + allowed to be empty. Instances of this + type with an empty value here are + + almost certainly wrong. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string optional: description: Specify whether the Secret @@ -600,6 +719,7 @@ objects: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -613,10 +733,13 @@ objects: description: A list of init containers used to perform at-startup operations. items: - description: InitContainer is a struct defining a k8s - init container. This will be deployed along with the - parent pod and is used to carry out one time initialization - procedures. + description: 'InitContainer is a struct defining a k8s + init container. This will be + + deployed along with the parent pod and is used to + carry out one time + + initialization procedures.' properties: args: description: A list of args to be passed to the @@ -643,17 +766,29 @@ objects: type: string value: description: 'Variable references $(VAR_NAME) - are expanded using the previously defined - environment variables in the container and + are expanded + + using the previously defined environment + variables in the container and + any service environment variables. If a - variable cannot be resolved, the reference - in the input string will be unchanged. Double - $$ are reduced to a single $, which allows - for escaping the $(VAR_NAME) syntax: i.e. + variable cannot be resolved, + + the reference in the input string will be + unchanged. Double $$ are reduced + + to a single $, which allows for escaping + the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal - "$(VAR_NAME)". Escaped references will never - be expanded, regardless of whether the variable - exists or not. Defaults to "".' + "$(VAR_NAME)". + + Escaped references will never be expanded, + regardless of whether the variable + + exists or not. + + Defaults to "".' type: string valueFrom: description: Source for the environment variable's @@ -666,10 +801,20 @@ objects: description: The key to select. type: string name: + default: '' description: 'Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + + This field is effectively required, + but due to backwards compatibility + is + + allowed to be empty. Instances of + this type with an empty value here + are + + almost certainly wrong. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string optional: description: Specify whether the ConfigMap @@ -678,10 +823,12 @@ objects: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['''']`, `metadata.annotations['''']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.' properties: @@ -697,12 +844,14 @@ objects: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: description: 'Selects a resource of the container: only resources limits and - requests (limits.cpu, limits.memory, - limits.ephemeral-storage, requests.cpu, - requests.memory and requests.ephemeral-storage) + requests + + (limits.cpu, limits.memory, limits.ephemeral-storage, + requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.' properties: containerName: @@ -725,6 +874,7 @@ objects: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: description: Selects a key of a secret in the pod's namespace @@ -735,10 +885,20 @@ objects: secret key. type: string name: + default: '' description: 'Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + + This field is effectively required, + but due to backwards compatibility + is + + allowed to be empty. Instances of + this type with an empty value here + are + + almost certainly wrong. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string optional: description: Specify whether the Secret @@ -747,19 +907,23 @@ objects: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name type: object type: array image: - description: Image refers to the container image - used to create the init container (if different - from the primary pod image). + description: 'Image refers to the container image + used to create the init container + + (if different from the primary pod image).' type: string inheritEnv: - description: If true, inheirts the environment variables - from the parent pod. specification + description: 'If true, inheirts the environment + variables from the parent pod. + + specification' type: boolean name: description: Name gives an identifier in the situation @@ -773,37 +937,51 @@ objects: properties: postStart: description: 'PostStart is called immediately after - a container is created. If the handler fails, the - container is terminated and restarted according - to its restart policy. Other management of the container - blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + a container is created. If the handler fails, + + the container is terminated and restarted according + to its restart policy. + + Other management of the container blocks until the + hook completes. + + More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' properties: exec: description: Exec specifies the action to take. properties: command: - description: Command is the command line to - execute inside the container, the working - directory for the command is root ('/') - in the container's filesystem. The command - is simply exec'd, it is not run inside a - shell, so traditional shell instructions - ('|', etc) won't work. To use a shell, you - need to explicitly call out to that shell. + description: 'Command is the command line + to execute inside the container, the working + directory for the + + command is root (''/'') in the container''s + filesystem. The command is simply exec''d, + it is + + not run inside a shell, so traditional shell + instructions (''|'', etc) won''t work. To + use + + a shell, you need to explicitly call out + to that shell. + Exit status of 0 is treated as live/healthy - and non-zero is unhealthy. + and non-zero is unhealthy.' items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. properties: host: - description: Host name to connect to, defaults + description: 'Host name to connect to, defaults to the pod IP. You probably want to set - "Host" in httpHeaders instead. + + "Host" in httpHeaders instead.' type: string httpHeaders: description: Custom headers to set in the @@ -813,10 +991,11 @@ objects: header to be used in HTTP probes properties: name: - description: The header field name. + description: 'The header field name. + This will be canonicalized upon output, so case-variant names will be understood - as the same header. + as the same header.' type: string value: description: The header field value @@ -826,6 +1005,7 @@ objects: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -833,14 +1013,18 @@ objects: anyOf: - type: integer - type: string - description: Name or number of the port to - access on the container. Number must be - in the range 1 to 65535. Name must be an - IANA_SVC_NAME. + description: 'Name or number of the port to + access on the container. + + Number must be in the range 1 to 65535. + + Name must be an IANA_SVC_NAME.' x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. + description: 'Scheme to use for connecting + to the host. + + Defaults to HTTP.' type: string required: - port @@ -858,11 +1042,14 @@ objects: - seconds type: object tcpSocket: - description: Deprecated. TCPSocket is NOT supported - as a LifecycleHandler and kept for the backward - compatibility. There are no validation of this - field and lifecycle hooks will fail in runtime - when tcp handler is specified. + description: 'Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept + + for the backward compatibility. There are no + validation of this field and + + lifecycle hooks will fail in runtime when tcp + handler is specified.' properties: host: description: 'Optional: Host name to connect @@ -872,10 +1059,12 @@ objects: anyOf: - type: integer - type: string - description: Number or name of the port to - access on the container. Number must be - in the range 1 to 65535. Name must be an - IANA_SVC_NAME. + description: 'Number or name of the port to + access on the container. + + Number must be in the range 1 to 65535. + + Name must be an IANA_SVC_NAME.' x-kubernetes-int-or-string: true required: - port @@ -883,45 +1072,65 @@ objects: type: object preStop: description: 'PreStop is called immediately before - a container is terminated due to an API request - or management event such as liveness/startup probe - failure, preemption, resource contention, etc. The - handler is not called if the container crashes or - exits. The Pod''s termination grace period countdown - begins before the PreStop hook is executed. Regardless - of the outcome of the handler, the container will - eventually terminate within the Pod''s termination - grace period (unless delayed by finalizers). Other - management of the container blocks until the hook - completes or until the termination grace period - is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + a container is terminated due to an + + API request or management event such as liveness/startup + probe failure, + + preemption, resource contention, etc. The handler + is not called if the + + container crashes or exits. The Pod''s termination + grace period countdown begins before the + + PreStop hook is executed. Regardless of the outcome + of the handler, the + + container will eventually terminate within the Pod''s + termination grace + + period (unless delayed by finalizers). Other management + of the container blocks until the hook completes + + or until the termination grace period is reached. + + More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' properties: exec: description: Exec specifies the action to take. properties: command: - description: Command is the command line to - execute inside the container, the working - directory for the command is root ('/') - in the container's filesystem. The command - is simply exec'd, it is not run inside a - shell, so traditional shell instructions - ('|', etc) won't work. To use a shell, you - need to explicitly call out to that shell. + description: 'Command is the command line + to execute inside the container, the working + directory for the + + command is root (''/'') in the container''s + filesystem. The command is simply exec''d, + it is + + not run inside a shell, so traditional shell + instructions (''|'', etc) won''t work. To + use + + a shell, you need to explicitly call out + to that shell. + Exit status of 0 is treated as live/healthy - and non-zero is unhealthy. + and non-zero is unhealthy.' items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. properties: host: - description: Host name to connect to, defaults + description: 'Host name to connect to, defaults to the pod IP. You probably want to set - "Host" in httpHeaders instead. + + "Host" in httpHeaders instead.' type: string httpHeaders: description: Custom headers to set in the @@ -931,10 +1140,11 @@ objects: header to be used in HTTP probes properties: name: - description: The header field name. + description: 'The header field name. + This will be canonicalized upon output, so case-variant names will be understood - as the same header. + as the same header.' type: string value: description: The header field value @@ -944,6 +1154,7 @@ objects: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -951,14 +1162,18 @@ objects: anyOf: - type: integer - type: string - description: Name or number of the port to - access on the container. Number must be - in the range 1 to 65535. Name must be an - IANA_SVC_NAME. + description: 'Name or number of the port to + access on the container. + + Number must be in the range 1 to 65535. + + Name must be an IANA_SVC_NAME.' x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. + description: 'Scheme to use for connecting + to the host. + + Defaults to HTTP.' type: string required: - port @@ -976,11 +1191,14 @@ objects: - seconds type: object tcpSocket: - description: Deprecated. TCPSocket is NOT supported - as a LifecycleHandler and kept for the backward - compatibility. There are no validation of this - field and lifecycle hooks will fail in runtime - when tcp handler is specified. + description: 'Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept + + for the backward compatibility. There are no + validation of this field and + + lifecycle hooks will fail in runtime when tcp + handler is specified.' properties: host: description: 'Optional: Host name to connect @@ -990,10 +1208,12 @@ objects: anyOf: - type: integer - type: string - description: Number or name of the port to - access on the container. Number must be - in the range 1 to 65535. Name must be an - IANA_SVC_NAME. + description: 'Number or name of the port to + access on the container. + + Number must be in the range 1 to 65535. + + Name must be an IANA_SVC_NAME.' x-kubernetes-int-or-string: true required: - port @@ -1001,32 +1221,47 @@ objects: type: object type: object livenessProbe: - description: A pass-through of a Liveness Probe specification - in standard k8s format. If omitted, a standard probe - will be setup point to the webPort defined in the ClowdEnvironment - and a path of /healthz. Ignored if Web is set to false. + description: 'A pass-through of a Liveness Probe specification + in standard k8s format. + + If omitted, a standard probe will be setup point to + the webPort defined + + in the ClowdEnvironment and a path of /healthz. Ignored + if Web is set to + + false.' properties: exec: description: Exec specifies the action to take. properties: command: - description: Command is the command line to execute + description: 'Command is the command line to execute inside the container, the working directory - for the command is root ('/') in the container's - filesystem. The command is simply exec'd, it - is not run inside a shell, so traditional shell - instructions ('|', etc) won't work. To use a - shell, you need to explicitly call out to that - shell. Exit status of 0 is treated as live/healthy - and non-zero is unhealthy. + for the + + command is root (''/'') in the container''s + filesystem. The command is simply exec''d, it + is + + not run inside a shell, so traditional shell + instructions (''|'', etc) won''t work. To use + + a shell, you need to explicitly call out to + that shell. + + Exit status of 0 is treated as live/healthy + and non-zero is unhealthy.' items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: - description: Minimum consecutive failures for the + description: 'Minimum consecutive failures for the probe to be considered failed after having succeeded. - Defaults to 3. Minimum value is 1. + + Defaults to 3. Minimum value is 1.' format: int32 type: integer grpc: @@ -1039,11 +1274,15 @@ objects: format: int32 type: integer service: - description: "Service is the name of the service\ - \ to place in the gRPC HealthCheckRequest (see\ - \ https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\ - \ \n If this is not specified, the default behavior\ - \ is defined by gRPC." + default: '' + description: 'Service is the name of the service + to place in the gRPC HealthCheckRequest + + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + + + If this is not specified, the default behavior + is defined by gRPC.' type: string required: - port @@ -1053,9 +1292,10 @@ objects: perform. properties: host: - description: Host name to connect to, defaults - to the pod IP. You probably want to set "Host" - in httpHeaders instead. + description: 'Host name to connect to, defaults + to the pod IP. You probably want to set + + "Host" in httpHeaders instead.' type: string httpHeaders: description: Custom headers to set in the request. @@ -1065,10 +1305,11 @@ objects: to be used in HTTP probes properties: name: - description: The header field name. This - will be canonicalized upon output, so - case-variant names will be understood - as the same header. + description: 'The header field name. + + This will be canonicalized upon output, + so case-variant names will be understood + as the same header.' type: string value: description: The header field value @@ -1078,6 +1319,7 @@ objects: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -1085,13 +1327,18 @@ objects: anyOf: - type: integer - type: string - description: Name or number of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + description: 'Name or number of the port to access + on the container. + + Number must be in the range 1 to 65535. + + Name must be an IANA_SVC_NAME.' x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting to the - host. Defaults to HTTP. + description: 'Scheme to use for connecting to + the host. + + Defaults to HTTP.' type: string required: - port @@ -1099,19 +1346,23 @@ objects: initialDelaySeconds: description: 'Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' format: int32 type: integer periodSeconds: - description: How often (in seconds) to perform the - probe. Default to 10 seconds. Minimum value is 1. + description: 'How often (in seconds) to perform the + probe. + + Default to 10 seconds. Minimum value is 1.' format: int32 type: integer successThreshold: - description: Minimum consecutive successes for the + description: 'Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. - Minimum value is 1. + Minimum value is 1.' format: int32 type: integer tcpSocket: @@ -1126,35 +1377,53 @@ objects: anyOf: - type: integer - type: string - description: Number or name of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + description: 'Number or name of the port to access + on the container. + + Number must be in the range 1 to 65535. + + Name must be an IANA_SVC_NAME.' x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: - description: Optional duration in seconds the pod + description: 'Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after - the processes running in the pod are sent a termination - signal and the time when the processes are forcibly - halted with a kill signal. Set this value longer - than the expected cleanup time for your process. - If this value is nil, the pod's terminationGracePeriodSeconds - will be used. Otherwise, this value overrides the - value provided by the pod spec. Value must be non-negative - integer. The value zero indicates stop immediately - via the kill signal (no opportunity to shut down). + the processes running in the pod are sent + + a termination signal and the time when the processes + are forcibly halted with a kill signal. + + Set this value longer than the expected cleanup + time for your process. + + If this value is nil, the pod''s terminationGracePeriodSeconds + will be used. Otherwise, this + + value overrides the value provided by the pod spec. + + Value must be non-negative integer. The value zero + indicates stop immediately via + + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod - feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds - is used if unset. + feature gate. + + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset.' format: int64 type: integer timeoutSeconds: description: 'Number of seconds after which the probe - times out. Defaults to 1 second. Minimum value is - 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + times out. + + Defaults to 1 second. Minimum value is 1. + + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' format: int32 type: integer type: object @@ -1172,32 +1441,47 @@ objects: type: object type: object readinessProbe: - description: A pass-through of a Readiness Probe specification - in standard k8s format. If omitted, a standard probe - will be setup point to the webPort defined in the ClowdEnvironment - and a path of /healthz. Ignored if Web is set to false. + description: 'A pass-through of a Readiness Probe specification + in standard k8s format. + + If omitted, a standard probe will be setup point to + the webPort defined + + in the ClowdEnvironment and a path of /healthz. Ignored + if Web is set to + + false.' properties: exec: description: Exec specifies the action to take. properties: command: - description: Command is the command line to execute + description: 'Command is the command line to execute inside the container, the working directory - for the command is root ('/') in the container's - filesystem. The command is simply exec'd, it - is not run inside a shell, so traditional shell - instructions ('|', etc) won't work. To use a - shell, you need to explicitly call out to that - shell. Exit status of 0 is treated as live/healthy - and non-zero is unhealthy. + for the + + command is root (''/'') in the container''s + filesystem. The command is simply exec''d, it + is + + not run inside a shell, so traditional shell + instructions (''|'', etc) won''t work. To use + + a shell, you need to explicitly call out to + that shell. + + Exit status of 0 is treated as live/healthy + and non-zero is unhealthy.' items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: - description: Minimum consecutive failures for the + description: 'Minimum consecutive failures for the probe to be considered failed after having succeeded. - Defaults to 3. Minimum value is 1. + + Defaults to 3. Minimum value is 1.' format: int32 type: integer grpc: @@ -1210,11 +1494,15 @@ objects: format: int32 type: integer service: - description: "Service is the name of the service\ - \ to place in the gRPC HealthCheckRequest (see\ - \ https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\ - \ \n If this is not specified, the default behavior\ - \ is defined by gRPC." + default: '' + description: 'Service is the name of the service + to place in the gRPC HealthCheckRequest + + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + + + If this is not specified, the default behavior + is defined by gRPC.' type: string required: - port @@ -1224,9 +1512,10 @@ objects: perform. properties: host: - description: Host name to connect to, defaults - to the pod IP. You probably want to set "Host" - in httpHeaders instead. + description: 'Host name to connect to, defaults + to the pod IP. You probably want to set + + "Host" in httpHeaders instead.' type: string httpHeaders: description: Custom headers to set in the request. @@ -1236,10 +1525,11 @@ objects: to be used in HTTP probes properties: name: - description: The header field name. This - will be canonicalized upon output, so - case-variant names will be understood - as the same header. + description: 'The header field name. + + This will be canonicalized upon output, + so case-variant names will be understood + as the same header.' type: string value: description: The header field value @@ -1249,6 +1539,7 @@ objects: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -1256,13 +1547,18 @@ objects: anyOf: - type: integer - type: string - description: Name or number of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + description: 'Name or number of the port to access + on the container. + + Number must be in the range 1 to 65535. + + Name must be an IANA_SVC_NAME.' x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting to the - host. Defaults to HTTP. + description: 'Scheme to use for connecting to + the host. + + Defaults to HTTP.' type: string required: - port @@ -1270,19 +1566,23 @@ objects: initialDelaySeconds: description: 'Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' format: int32 type: integer periodSeconds: - description: How often (in seconds) to perform the - probe. Default to 10 seconds. Minimum value is 1. + description: 'How often (in seconds) to perform the + probe. + + Default to 10 seconds. Minimum value is 1.' format: int32 type: integer successThreshold: - description: Minimum consecutive successes for the + description: 'Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. - Minimum value is 1. + Minimum value is 1.' format: int32 type: integer tcpSocket: @@ -1297,60 +1597,100 @@ objects: anyOf: - type: integer - type: string - description: Number or name of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + description: 'Number or name of the port to access + on the container. + + Number must be in the range 1 to 65535. + + Name must be an IANA_SVC_NAME.' x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: - description: Optional duration in seconds the pod + description: 'Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after - the processes running in the pod are sent a termination - signal and the time when the processes are forcibly - halted with a kill signal. Set this value longer - than the expected cleanup time for your process. - If this value is nil, the pod's terminationGracePeriodSeconds - will be used. Otherwise, this value overrides the - value provided by the pod spec. Value must be non-negative - integer. The value zero indicates stop immediately - via the kill signal (no opportunity to shut down). + the processes running in the pod are sent + + a termination signal and the time when the processes + are forcibly halted with a kill signal. + + Set this value longer than the expected cleanup + time for your process. + + If this value is nil, the pod''s terminationGracePeriodSeconds + will be used. Otherwise, this + + value overrides the value provided by the pod spec. + + Value must be non-negative integer. The value zero + indicates stop immediately via + + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod - feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds - is used if unset. + feature gate. + + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset.' format: int64 type: integer timeoutSeconds: description: 'Number of seconds after which the probe - times out. Defaults to 1 second. Minimum value is - 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + times out. + + Defaults to 1 second. Minimum value is 1. + + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' format: int32 type: integer type: object resources: - description: A pass-through of a resource requirements - in k8s ResourceRequirements format. If omitted, the - default resource requirements from the ClowdEnvironment - will be used. + description: 'A pass-through of a resource requirements + in k8s ResourceRequirements + + format. If omitted, the default resource requirements + from the + + ClowdEnvironment will be used.' properties: claims: - description: "Claims lists the names of resources,\ - \ defined in spec.resourceClaims, that are used\ - \ by this container. \n This is an alpha field and\ - \ requires enabling the DynamicResourceAllocation\ - \ feature gate. \n This field is immutable. It can\ - \ only be set for containers." + description: 'Claims lists the names of resources, + defined in spec.resourceClaims, + + that are used by this container. + + + This is an alpha field and requires enabling the + + DynamicResourceAllocation feature gate. + + + This field is immutable. It can only be set for + containers.' items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one - entry in pod.spec.resourceClaims of the Pod - where this field is used. It makes that resource - available inside a container. + description: 'Name must match the name of one + entry in pod.spec.resourceClaims of + + the Pod where this field is used. It makes + that resource available + + inside a container.' + type: string + request: + description: 'Request is the name chosen for + a request in the referenced claim. + + If empty, everything from the claim is made + available, otherwise + + only the result of this request.' type: string required: - name @@ -1367,7 +1707,9 @@ objects: pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: 'Limits describes the maximum amount - of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + of compute resources allowed. + + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -1377,11 +1719,15 @@ objects: pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: 'Requests describes the minimum amount - of compute resources required. If Requests is omitted - for a container, it defaults to Limits if that is - explicitly specified, otherwise to an implementation-defined - value. Requests cannot exceed Limits. More info: - https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + of compute resources required. + + If Requests is omitted for a container, it defaults + to Limits if that is explicitly specified, + + otherwise to an implementation-defined value. Requests + cannot exceed Limits. + + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object sidecars: @@ -1403,8 +1749,10 @@ objects: type: object type: array terminationGracePeriodSeconds: - description: A pass-through of TerminationGracePeriodSeconds - specification in standard k8s format default is 30 seconds + description: 'A pass-through of TerminationGracePeriodSeconds + specification in standard k8s format + + default is 30 seconds' format: int64 type: integer volumeMounts: @@ -1415,36 +1763,90 @@ objects: within a container. properties: mountPath: - description: Path within the container at which - the volume should be mounted. Must not contain - ':'. + description: 'Path within the container at which + the volume should be mounted. Must + + not contain '':''.' type: string mountPropagation: - description: mountPropagation determines how mounts - are propagated from the host to container and - the other way around. When not set, MountPropagationNone - is used. This field is beta in 1.10. + description: 'mountPropagation determines how mounts + are propagated from the host + + to container and the other way around. + + When not set, MountPropagationNone is used. + + This field is beta in 1.10. + + When RecursiveReadOnly is set to IfPossible or + to Enabled, MountPropagation must be None or unspecified + + (which defaults to None).' type: string name: description: This must match the Name of a Volume. type: string readOnly: - description: Mounted read-only if true, read-write - otherwise (false or unspecified). Defaults to - false. + description: 'Mounted read-only if true, read-write + otherwise (false or unspecified). + + Defaults to false.' type: boolean + recursiveReadOnly: + description: 'RecursiveReadOnly specifies whether + read-only mounts should be handled + + recursively. + + + If ReadOnly is false, this field has no meaning + and must be unspecified. + + + If ReadOnly is true, and this field is set to + Disabled, the mount is not made + + recursively read-only. If this field is set to + IfPossible, the mount is made + + recursively read-only, if it is supported by the + container runtime. If this + + field is set to Enabled, the mount is made recursively + read-only if it is + + supported by the container runtime, otherwise + the pod will not be started and + + an error will be generated to indicate the reason. + + + If this field is set to IfPossible or Enabled, + MountPropagation must be set to + + None (or be unspecified, which defaults to None). + + + If this field is not specified, it is treated + as an equivalent of Disabled.' + type: string subPath: - description: Path within the volume from which the - container's volume should be mounted. Defaults - to "" (volume's root). + description: 'Path within the volume from which + the container''s volume should be mounted. + + Defaults to "" (volume''s root).' type: string subPathExpr: - description: Expanded path within the volume from - which the container's volume should be mounted. + description: 'Expanded path within the volume from + which the container''s volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the - container's environment. Defaults to "" (volume's - root). SubPathExpr and SubPath are mutually exclusive. + container''s environment. + + Defaults to "" (volume''s root). + + SubPathExpr and SubPath are mutually exclusive.' type: string required: - mountPath @@ -1460,38 +1862,49 @@ objects: properties: awsElasticBlockStore: description: 'awsElasticBlockStore represents an - AWS Disk resource that is attached to a kubelet''s - host machine and then exposed to the pod. More - info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + AWS Disk resource that is attached to a + + kubelet''s host machine and then exposed to the + pod. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' properties: fsType: description: 'fsType is the filesystem type - of the volume that you want to mount. Tip: - Ensure that the filesystem type is supported - by the host operating system. Examples: "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - TODO: how do we prevent errors in the filesystem - from compromising the machine' + of the volume that you want to mount. + + Tip: Ensure that the filesystem type is supported + by the host operating system. + + Examples: "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: string partition: description: 'partition is the partition in - the volume that you want to mount. If omitted, - the default is to mount by volume name. Examples: - For volume /dev/sda1, you specify the partition - as "1". Similarly, the volume partition for - /dev/sda is "0" (or you can leave the property - empty).' + the volume that you want to mount. + + If omitted, the default is to mount by volume + name. + + Examples: For volume /dev/sda1, you specify + the partition as "1". + + Similarly, the volume partition for /dev/sda + is "0" (or you can leave the property empty).' format: int32 type: integer readOnly: description: 'readOnly value true will force - the readOnly setting in VolumeMounts. More - info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + the readOnly setting in VolumeMounts. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: boolean volumeID: description: 'volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). + More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: string required: @@ -1514,11 +1927,14 @@ objects: in the blob storage type: string fsType: - description: fsType is Filesystem type to mount. + default: ext4 + description: 'fsType is Filesystem type to mount. + Must be a filesystem type supported by the - host operating system. Ex. "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. + host operating system. + + Ex. "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified.' type: string kind: description: 'kind expected values are Shared: @@ -1528,9 +1944,11 @@ objects: set). defaults to shared' type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. + default: false + description: 'readOnly Defaults to false (read/write). + ReadOnly here will force + + the ReadOnly setting in VolumeMounts.' type: boolean required: - diskName @@ -1542,9 +1960,10 @@ objects: pod. properties: readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. + description: 'readOnly defaults to false (read/write). + ReadOnly here will force + + the ReadOnly setting in VolumeMounts.' type: boolean secretName: description: secretName is the name of secret @@ -1564,11 +1983,13 @@ objects: properties: monitors: description: 'monitors is Required: Monitors - is a collection of Ceph monitors More info: - https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + is a collection of Ceph monitors + + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' items: type: string type: array + x-kubernetes-list-type: atomic path: description: 'path is Optional: Used as the mounted root, rather than the full Ceph tree, @@ -1577,30 +1998,47 @@ objects: readOnly: description: 'readOnly is Optional: Defaults to false (read/write). ReadOnly here will - force the ReadOnly setting in VolumeMounts. + force + + the ReadOnly setting in VolumeMounts. + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: boolean secretFile: description: 'secretFile is Optional: SecretFile is the path to key ring for User, default - is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + is /etc/ceph/user.secret + + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string secretRef: description: 'secretRef is Optional: SecretRef is reference to the authentication secret - for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + for User, default is empty. + + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' properties: name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: '' + description: 'Name of the referent. + + This field is effectively required, but + due to backwards compatibility is + + allowed to be empty. Instances of this + type with an empty value here are + + almost certainly wrong. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string type: object + x-kubernetes-map-type: atomic user: description: 'user is optional: User is the - rados user name, default is admin More info: - https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + rados user name, default is admin + + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string required: - monitors @@ -1608,35 +2046,57 @@ objects: cinder: description: 'cinder represents a cinder volume attached and mounted on kubelets host machine. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md' properties: fsType: description: 'fsType is the filesystem type - to mount. Must be a filesystem type supported - by the host operating system. Examples: "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + to mount. + + Must be a filesystem type supported by the + host operating system. + + Examples: "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + + More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string readOnly: description: 'readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + ReadOnly here will force + + the ReadOnly setting in VolumeMounts. + + More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: boolean secretRef: description: 'secretRef is optional: points to a secret object containing parameters used - to connect to OpenStack.' + to connect + + to OpenStack.' properties: name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: '' + description: 'Name of the referent. + + This field is effectively required, but + due to backwards compatibility is + + allowed to be empty. Instances of this + type with an empty value here are + + almost certainly wrong. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string type: object + x-kubernetes-map-type: atomic volumeID: description: 'volumeID used to identify the - volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + volume in cinder. + + More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string required: - volumeID @@ -1648,29 +2108,47 @@ objects: defaultMode: description: 'defaultMode is optional: mode bits used to set permissions on created files - by default. Must be an octal value between - 0000 and 0777 or a decimal value between 0 - and 511. YAML accepts both octal and decimal - values, JSON requires decimal values for mode - bits. Defaults to 0644. Directories within - the path are not affected by this setting. + by default. + + Must be an octal value between 0000 and 0777 + or a decimal value between 0 and 511. + + YAML accepts both octal and decimal values, + JSON requires decimal values for mode bits. + + Defaults to 0644. + + Directories within the path are not affected + by this setting. + This might be in conflict with other options - that affect the file mode, like fsGroup, and - the result can be other mode bits set.' + that affect the file + + mode, like fsGroup, and the result can be + other mode bits set.' format: int32 type: integer items: - description: items if unspecified, each key-value - pair in the Data field of the referenced ConfigMap - will be projected into the volume as a file - whose name is the key and content is the value. - If specified, the listed keys will be projected - into the specified paths, and unlisted keys - will not be present. If a key is specified - which is not present in the ConfigMap, the - volume setup will error unless it is marked - optional. Paths must be relative and may not - contain the '..' path or start with '..'. + description: 'items if unspecified, each key-value + pair in the Data field of the referenced + + ConfigMap will be projected into the volume + as a file whose name is the + + key and content is the value. If specified, + the listed keys will be + + projected into the specified paths, and unlisted + keys will not be + + present. If a key is specified which is not + present in the ConfigMap, + + the volume setup will error unless it is marked + optional. Paths must be + + relative and may not contain the ''..'' path + or start with ''..''.' items: description: Maps a string key to a path within a volume. @@ -1681,87 +2159,129 @@ objects: mode: description: 'mode is Optional: mode bits used to set permissions on this file. + Must be an octal value between 0000 and 0777 or a decimal value between - 0 and 511. YAML accepts both octal and - decimal values, JSON requires decimal - values for mode bits. If not specified, - the volume defaultMode will be used. + 0 and 511. + + YAML accepts both octal and decimal + values, JSON requires decimal values + for mode bits. + + If not specified, the volume defaultMode + will be used. + This might be in conflict with other - options that affect the file mode, like - fsGroup, and the result can be other - mode bits set.' + options that affect the file + + mode, like fsGroup, and the result can + be other mode bits set.' format: int32 type: integer path: - description: path is the relative path - of the file to map the key to. May not - be an absolute path. May not contain - the path element '..'. May not start - with the string '..'. + description: 'path is the relative path + of the file to map the key to. + + May not be an absolute path. + + May not contain the path element ''..''. + + May not start with the string ''..''.' type: string required: - key - path type: object type: array + x-kubernetes-list-type: atomic name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: '' + description: 'Name of the referent. + + This field is effectively required, but due + to backwards compatibility is + + allowed to be empty. Instances of this type + with an empty value here are + + almost certainly wrong. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string optional: description: optional specify whether the ConfigMap or its keys must be defined type: boolean type: object + x-kubernetes-map-type: atomic csi: description: csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). properties: driver: - description: driver is the name of the CSI driver - that handles this volume. Consult with your - admin for the correct name as registered in - the cluster. + description: 'driver is the name of the CSI + driver that handles this volume. + + Consult with your admin for the correct name + as registered in the cluster.' type: string fsType: - description: fsType to mount. Ex. "ext4", "xfs", - "ntfs". If not provided, the empty value is - passed to the associated CSI driver which - will determine the default filesystem to apply. + description: 'fsType to mount. Ex. "ext4", "xfs", + "ntfs". + + If not provided, the empty value is passed + to the associated CSI driver + + which will determine the default filesystem + to apply.' type: string nodePublishSecretRef: - description: nodePublishSecretRef is a reference - to the secret object containing sensitive - information to pass to the CSI driver to complete - the CSI NodePublishVolume and NodeUnpublishVolume - calls. This field is optional, and may be - empty if no secret is required. If the secret - object contains more than one secret, all - secret references are passed. + description: 'nodePublishSecretRef is a reference + to the secret object containing + + sensitive information to pass to the CSI driver + to complete the CSI + + NodePublishVolume and NodeUnpublishVolume + calls. + + This field is optional, and may be empty + if no secret is required. If the + + secret object contains more than one secret, + all secret references are passed.' properties: name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: '' + description: 'Name of the referent. + + This field is effectively required, but + due to backwards compatibility is + + allowed to be empty. Instances of this + type with an empty value here are + + almost certainly wrong. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string type: object + x-kubernetes-map-type: atomic readOnly: - description: readOnly specifies a read-only - configuration for the volume. Defaults to - false (read/write). + description: 'readOnly specifies a read-only + configuration for the volume. + + Defaults to false (read/write).' type: boolean volumeAttributes: additionalProperties: type: string - description: volumeAttributes stores driver-specific - properties that are passed to the CSI driver. - Consult your driver's documentation for supported - values. + description: 'volumeAttributes stores driver-specific + properties that are passed to the CSI + + driver. Consult your driver''s documentation + for supported values.' type: object required: - driver @@ -1772,17 +2292,27 @@ objects: properties: defaultMode: description: 'Optional: mode bits to use on - created files by default. Must be a Optional: - mode bits used to set permissions on created - files by default. Must be an octal value between - 0000 and 0777 or a decimal value between 0 - and 511. YAML accepts both octal and decimal - values, JSON requires decimal values for mode - bits. Defaults to 0644. Directories within - the path are not affected by this setting. + created files by default. Must be a + + Optional: mode bits used to set permissions + on created files by default. + + Must be an octal value between 0000 and 0777 + or a decimal value between 0 and 511. + + YAML accepts both octal and decimal values, + JSON requires decimal values for mode bits. + + Defaults to 0644. + + Directories within the path are not affected + by this setting. + This might be in conflict with other options - that affect the file mode, like fsGroup, and - the result can be other mode bits set.' + that affect the file + + mode, like fsGroup, and the result can be + other mode bits set.' format: int32 type: integer items: @@ -1796,7 +2326,7 @@ objects: fieldRef: description: 'Required: Selects a field of the pod: only annotations, labels, - name and namespace are supported.' + name, namespace and uid are supported.' properties: apiVersion: description: Version of the schema @@ -1810,19 +2340,27 @@ objects: required: - fieldPath type: object + x-kubernetes-map-type: atomic mode: description: 'Optional: mode bits used to set permissions on this file, must - be an octal value between 0000 and 0777 - or a decimal value between 0 and 511. + be an octal value + + between 0000 and 0777 or a decimal value + between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values - for mode bits. If not specified, the - volume defaultMode will be used. This - might be in conflict with other options - that affect the file mode, like fsGroup, - and the result can be other mode bits - set.' + for mode bits. + + If not specified, the volume defaultMode + will be used. + + This might be in conflict with other + options that affect the file + + mode, like fsGroup, and the result can + be other mode bits set.' format: int32 type: integer path: @@ -1836,9 +2374,10 @@ objects: resourceFieldRef: description: 'Selects a resource of the container: only resources limits and - requests (limits.cpu, limits.memory, - requests.cpu and requests.memory) are - currently supported.' + requests + + (limits.cpu, limits.memory, requests.cpu + and requests.memory) are currently supported.' properties: containerName: description: 'Container name: required @@ -1860,21 +2399,29 @@ objects: required: - resource type: object + x-kubernetes-map-type: atomic required: - path type: object type: array + x-kubernetes-list-type: atomic type: object emptyDir: description: 'emptyDir represents a temporary directory - that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + that shares a pod''s lifetime. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' properties: medium: description: 'medium represents what type of storage medium should back this directory. + The default is "" which means to use the node''s - default medium. Must be an empty string (default) - or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + default medium. + + Must be an empty string (default) or Memory. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' type: string sizeLimit: anyOf: @@ -1882,114 +2429,173 @@ objects: - type: string description: 'sizeLimit is the total amount of local storage required for this EmptyDir - volume. The size limit is also applicable - for memory medium. The maximum usage on memory - medium EmptyDir would be the minimum value - between the SizeLimit specified here and the - sum of memory limits of all containers in - a pod. The default is nil which means that - the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + volume. + + The size limit is also applicable for memory + medium. + + The maximum usage on memory medium EmptyDir + would be the minimum value between + + the SizeLimit specified here and the sum of + memory limits of all containers in a pod. + + The default is nil which means that the limit + is undefined. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object ephemeral: description: "ephemeral represents a volume that\ - \ is handled by a cluster storage driver. The\ + \ is handled by a cluster storage driver.\nThe\ \ volume's lifecycle is tied to the pod that defines\ - \ it - it will be created before the pod starts,\ - \ and deleted when the pod is removed. \n Use\ - \ this if: a) the volume is only needed while\ - \ the pod runs, b) features of normal volumes\ - \ like restoring from snapshot or capacity tracking\ - \ are needed, c) the storage driver is specified\ - \ through a storage class, and d) the storage\ + \ it - it will be created before the pod starts,\n\ + and deleted when the pod is removed.\n\nUse this\ + \ if:\na) the volume is only needed while the\ + \ pod runs,\nb) features of normal volumes like\ + \ restoring from snapshot or capacity\n tracking\ + \ are needed,\nc) the storage driver is specified\ + \ through a storage class, and\nd) the storage\ \ driver supports dynamic volume provisioning\ - \ through a PersistentVolumeClaim (see EphemeralVolumeSource\ - \ for more information on the connection between\ - \ this volume type and PersistentVolumeClaim).\ - \ \n Use PersistentVolumeClaim or one of the vendor-specific\ - \ APIs for volumes that persist for longer than\ - \ the lifecycle of an individual pod. \n Use CSI\ - \ for light-weight local ephemeral volumes if\ - \ the CSI driver is meant to be used that way\ - \ - see the documentation of the driver for more\ - \ information. \n A pod can use both types of\ - \ ephemeral volumes and persistent volumes at\ - \ the same time." + \ through\n a PersistentVolumeClaim (see EphemeralVolumeSource\ + \ for more\n information on the connection between\ + \ this volume type\n and PersistentVolumeClaim).\n\ + \nUse PersistentVolumeClaim or one of the vendor-specific\n\ + APIs for volumes that persist for longer than\ + \ the lifecycle\nof an individual pod.\n\nUse\ + \ CSI for light-weight local ephemeral volumes\ + \ if the CSI driver is meant to\nbe used that\ + \ way - see the documentation of the driver for\n\ + more information.\n\nA pod can use both types\ + \ of ephemeral volumes and\npersistent volumes\ + \ at the same time." properties: volumeClaimTemplate: - description: "Will be used to create a stand-alone\ - \ PVC to provision the volume. The pod in\ - \ which this EphemeralVolumeSource is embedded\ - \ will be the owner of the PVC, i.e. the PVC\ - \ will be deleted together with the pod. \ - \ The name of the PVC will be `-` where `` is the name\ - \ from the `PodSpec.Volumes` array entry.\ - \ Pod validation will reject the pod if the\ - \ concatenated name is not valid for a PVC\ - \ (for example, too long). \n An existing\ - \ PVC with that name that is not owned by\ - \ the pod will *not* be used for the pod to\ - \ avoid using an unrelated volume by mistake.\ - \ Starting the pod is then blocked until the\ - \ unrelated PVC is removed. If such a pre-created\ - \ PVC is meant to be used by the pod, the\ - \ PVC has to updated with an owner reference\ - \ to the pod once the pod exists. Normally\ - \ this should not be necessary, but it may\ - \ be useful when manually reconstructing a\ - \ broken cluster. \n This field is read-only\ - \ and no changes will be made by Kubernetes\ - \ to the PVC after it has been created. \n\ - \ Required, must not be nil." + description: 'Will be used to create a stand-alone + PVC to provision the volume. + + The pod in which this EphemeralVolumeSource + is embedded will be the + + owner of the PVC, i.e. the PVC will be deleted + together with the + + pod. The name of the PVC will be `-` where + + `` is the name from the `PodSpec.Volumes` + array + + entry. Pod validation will reject the pod + if the concatenated name + + is not valid for a PVC (for example, too long). + + + An existing PVC with that name that is not + owned by the pod + + will *not* be used for the pod to avoid using + an unrelated + + volume by mistake. Starting the pod is then + blocked until + + the unrelated PVC is removed. If such a pre-created + PVC is + + meant to be used by the pod, the PVC has to + updated with an + + owner reference to the pod once the pod exists. + Normally + + this should not be necessary, but it may be + useful when + + manually reconstructing a broken cluster. + + + This field is read-only and no changes will + be made by Kubernetes + + to the PVC after it has been created. + + + Required, must not be nil.' properties: metadata: - description: May contain labels and annotations - that will be copied into the PVC when - creating it. No other fields are allowed - and will be rejected during validation. + description: 'May contain labels and annotations + that will be copied into the PVC + + when creating it. No other fields are + allowed and will be rejected during + + validation.' type: object spec: - description: The specification for the PersistentVolumeClaim. - The entire content is copied unchanged - into the PVC that gets created from this + description: 'The specification for the + PersistentVolumeClaim. The entire content + is + + copied unchanged into the PVC that gets + created from this + template. The same fields as in a PersistentVolumeClaim - are also valid here. + + are also valid here.' properties: accessModes: description: 'accessModes contains the desired access modes the volume should - have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + have. + + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' items: type: string type: array + x-kubernetes-list-type: atomic dataSource: description: 'dataSource field can be - used to specify either: * An existing - VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + used to specify either: + + * An existing VolumeSnapshot object + (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external controller can support the specified - data source, it will create a new - volume based on the contents of the - specified data source. When the AnyVolumeDataSource - feature gate is enabled, dataSource - contents will be copied to dataSourceRef, + data source, + + it will create a new volume based + on the contents of the specified data + source. + + When the AnyVolumeDataSource feature + gate is enabled, dataSource contents + will be copied to dataSourceRef, + and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace - is not specified. If the namespace - is specified, then dataSourceRef will - not be copied to dataSource.' + is not specified. + + If the namespace is specified, then + dataSourceRef will not be copied to + dataSource.' properties: apiGroup: - description: APIGroup is the group + description: 'APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in - the core API group. For any other - third-party types, APIGroup is - required. + the core API group. + + For any other third-party types, + APIGroup is required.' type: string kind: description: Kind is the type of @@ -2003,58 +2609,62 @@ objects: - kind - name type: object + x-kubernetes-map-type: atomic dataSourceRef: - description: 'dataSourceRef specifies - the object from which to populate - the volume with data, if a non-empty - volume is desired. This may be any - object from a non-empty API group - (non core object) or a PersistentVolumeClaim - object. When this field is specified, - volume binding will only succeed if - the type of the specified object matches - some installed volume populator or - dynamic provisioner. This field will - replace the functionality of the dataSource - field and as such if both fields are - non-empty, they must have the same - value. For backwards compatibility, - when namespace isn''t specified in - dataSourceRef, both fields (dataSource - and dataSourceRef) will be set to - the same value automatically if one - of them is empty and the other is - non-empty. When namespace is specified - in dataSourceRef, dataSource isn''t - set to the same value and must be - empty. There are three important differences - between dataSource and dataSourceRef: - * While dataSource only allows two - specific types of objects, dataSourceRef - allows any non-core object, as well - as PersistentVolumeClaim objects. - * While dataSource ignores disallowed - values (dropping them), dataSourceRef - preserves all values, and generates - an error if a disallowed value is - specified. * While dataSource only - allows local objects, dataSourceRef - allows objects in any namespaces. - (Beta) Using this field requires the - AnyVolumeDataSource feature gate to - be enabled. (Alpha) Using the namespace - field of dataSourceRef requires the - CrossNamespaceVolumeDataSource feature - gate to be enabled.' + description: "dataSourceRef specifies\ + \ the object from which to populate\ + \ the volume with data, if a non-empty\n\ + volume is desired. This may be any\ + \ object from a non-empty API group\ + \ (non\ncore object) or a PersistentVolumeClaim\ + \ object.\nWhen this field is specified,\ + \ volume binding will only succeed\ + \ if the type of\nthe specified object\ + \ matches some installed volume populator\ + \ or dynamic\nprovisioner.\nThis field\ + \ will replace the functionality of\ + \ the dataSource field and as such\n\ + if both fields are non-empty, they\ + \ must have the same value. For backwards\n\ + compatibility, when namespace isn't\ + \ specified in dataSourceRef,\nboth\ + \ fields (dataSource and dataSourceRef)\ + \ will be set to the same\nvalue automatically\ + \ if one of them is empty and the\ + \ other is non-empty.\nWhen namespace\ + \ is specified in dataSourceRef,\n\ + dataSource isn't set to the same value\ + \ and must be empty.\nThere are three\ + \ important differences between dataSource\ + \ and dataSourceRef:\n* While dataSource\ + \ only allows two specific types of\ + \ objects, dataSourceRef\n allows\ + \ any non-core object, as well as\ + \ PersistentVolumeClaim objects.\n\ + * While dataSource ignores disallowed\ + \ values (dropping them), dataSourceRef\n\ + \ preserves all values, and generates\ + \ an error if a disallowed value is\n\ + \ specified.\n* While dataSource\ + \ only allows local objects, dataSourceRef\ + \ allows objects\n in any namespaces.\n\ + (Beta) Using this field requires the\ + \ AnyVolumeDataSource feature gate\ + \ to be enabled.\n(Alpha) Using the\ + \ namespace field of dataSourceRef\ + \ requires the CrossNamespaceVolumeDataSource\ + \ feature gate to be enabled." properties: apiGroup: - description: APIGroup is the group + description: 'APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in - the core API group. For any other - third-party types, APIGroup is - required. + the core API group. + + For any other third-party types, + APIGroup is required.' type: string kind: description: Kind is the type of @@ -2065,17 +2675,20 @@ objects: resource being referenced type: string namespace: - description: Namespace is the namespace - of resource being referenced Note - that when a namespace is specified, - a gateway.networking.k8s.io/ReferenceGrant + description: 'Namespace is the namespace + of resource being referenced + + Note that when a namespace is + specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent - namespace to allow that namespace's + namespace to allow that namespace''s owner to accept the reference. See the ReferenceGrant documentation - for details. (Alpha) This field - requires the CrossNamespaceVolumeDataSource - feature gate to be enabled. + for details. + + (Alpha) This field requires the + CrossNamespaceVolumeDataSource + feature gate to be enabled.' type: string required: - kind @@ -2084,13 +2697,19 @@ objects: resources: description: 'resources represents the minimum resources the volume should - have. If RecoverVolumeExpansionFailure - feature is enabled users are allowed - to specify resource requirements that - are lower than previous value but - must still be higher than capacity - recorded in the status field of the - claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' + have. + + If RecoverVolumeExpansionFailure feature + is enabled users are allowed to specify + resource requirements + + that are lower than previous value + but must still be higher than capacity + recorded in the + + status field of the claim. + + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' properties: limits: additionalProperties: @@ -2101,7 +2720,9 @@ objects: x-kubernetes-int-or-string: true description: 'Limits describes the maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + allowed. + + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -2112,12 +2733,16 @@ objects: x-kubernetes-int-or-string: true description: 'Requests describes the minimum amount of compute - resources required. If Requests - is omitted for a container, it - defaults to Limits if that is - explicitly specified, otherwise - to an implementation-defined value. - Requests cannot exceed Limits. + resources required. + + If Requests is omitted for a container, + it defaults to Limits if that + is explicitly specified, + + otherwise to an implementation-defined + value. Requests cannot exceed + Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object @@ -2130,11 +2755,12 @@ objects: a list of label selector requirements. The requirements are ANDed. items: - description: A label selector + description: 'A label selector requirement is a selector that contains values, a key, and - an operator that relates the - key and values. + an operator that + + relates the key and values.' properties: key: description: key is the label @@ -2142,83 +2768,112 @@ objects: to. type: string operator: - description: operator represents - a key's relationship to - a set of values. Valid operators - are In, NotIn, Exists and - DoesNotExist. + description: 'operator represents + a key''s relationship to + a set of values. + + Valid operators are In, + NotIn, Exists and DoesNotExist.' type: string values: - description: values is an + description: 'values is an array of string values. If the operator is In or - NotIn, the values array - must be non-empty. If the - operator is Exists or DoesNotExist, + NotIn, + + the values array must be + non-empty. If the operator + is Exists or DoesNotExist, + the values array must be empty. This array is replaced - during a strategic merge - patch. + during a strategic + + merge patch.' items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string - description: matchLabels is a map + description: 'matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key - field is "key", the operator is - "In", and the values array contains - only "value". The requirements - are ANDed. + field is "key", the + + operator is "In", and the values + array contains only "value". The + requirements are ANDed.' type: object type: object + x-kubernetes-map-type: atomic storageClassName: description: 'storageClassName is the name of the StorageClass required - by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + by the claim. + + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' type: string volumeAttributesClassName: description: 'volumeAttributesClassName may be used to set the VolumeAttributesClass - used by this claim. If specified, - the CSI driver will create or update - the volume with the attributes defined + used by this claim. + + If specified, the CSI driver will + create or update the volume with the + attributes defined + in the corresponding VolumeAttributesClass. This has a different purpose than - storageClassName, it can be changed - after the claim is created. An empty - string value means that no VolumeAttributesClass + storageClassName, + + it can be changed after the claim + is created. An empty string value + means that no VolumeAttributesClass + will be applied to the claim but it''s not allowed to reset this field to - empty string once it is set. If unspecified - and the PersistentVolumeClaim is unbound, - the default VolumeAttributesClass + empty string once it is set. + + If unspecified and the PersistentVolumeClaim + is unbound, the default VolumeAttributesClass + will be set by the persistentvolume - controller if it exists. If the resource - referred to by volumeAttributesClass + controller if it exists. + + If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim - will be set to a Pending state, as - reflected by the modifyVolumeStatus - field, until such as a resource exists. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass - (Alpha) Using this field requires - the VolumeAttributesClass feature - gate to be enabled.' + will be + + set to a Pending state, as reflected + by the modifyVolumeStatus field, until + such as a resource + + exists. + + More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + + (Beta) Using this field requires the + VolumeAttributesClass feature gate + to be enabled (off by default).' type: string volumeMode: - description: volumeMode defines what + description: 'volumeMode defines what type of volume is required by the - claim. Value of Filesystem is implied - when not included in claim spec. + claim. + + Value of Filesystem is implied when + not included in claim spec.' type: string volumeName: description: volumeName is the binding @@ -2237,11 +2892,13 @@ objects: properties: fsType: description: 'fsType is the filesystem type - to mount. Must be a filesystem type supported - by the host operating system. Ex. "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. TODO: how do we prevent errors - in the filesystem from compromising the machine' + to mount. + + Must be a filesystem type supported by the + host operating system. + + Ex. "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified.' type: string lun: description: 'lun is Optional: FC target lun @@ -2251,7 +2908,9 @@ objects: readOnly: description: 'readOnly is Optional: Defaults to false (read/write). ReadOnly here will - force the ReadOnly setting in VolumeMounts.' + force + + the ReadOnly setting in VolumeMounts.' type: boolean targetWWNs: description: 'targetWWNs is Optional: FC target @@ -2259,30 +2918,37 @@ objects: items: type: string type: array + x-kubernetes-list-type: atomic wwids: description: 'wwids Optional: FC volume world - wide identifiers (wwids) Either wwids or combination - of targetWWNs and lun must be set, but not - both simultaneously.' + wide identifiers (wwids) + + Either wwids or combination of targetWWNs + and lun must be set, but not both simultaneously.' items: type: string type: array + x-kubernetes-list-type: atomic type: object flexVolume: - description: flexVolume represents a generic volume - resource that is provisioned/attached using an - exec based plugin. + description: 'flexVolume represents a generic volume + resource that is + + provisioned/attached using an exec based plugin.' properties: driver: description: driver is the name of the driver to use for this volume. type: string fsType: - description: fsType is the filesystem type to - mount. Must be a filesystem type supported - by the host operating system. Ex. "ext4", - "xfs", "ntfs". The default filesystem depends - on FlexVolume script. + description: 'fsType is the filesystem type + to mount. + + Must be a filesystem type supported by the + host operating system. + + Ex. "ext4", "xfs", "ntfs". The default filesystem + depends on FlexVolume script.' type: string options: additionalProperties: @@ -2293,24 +2959,41 @@ objects: readOnly: description: 'readOnly is Optional: defaults to false (read/write). ReadOnly here will - force the ReadOnly setting in VolumeMounts.' + force + + the ReadOnly setting in VolumeMounts.' type: boolean secretRef: description: 'secretRef is Optional: secretRef is reference to the secret object containing + sensitive information to pass to the plugin - scripts. This may be empty if no secret object - is specified. If the secret object contains - more than one secret, all secrets are passed - to the plugin scripts.' + scripts. This may be + + empty if no secret object is specified. If + the secret object + + contains more than one secret, all secrets + are passed to the plugin + + scripts.' properties: name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: '' + description: 'Name of the referent. + + This field is effectively required, but + due to backwards compatibility is + + allowed to be empty. Instances of this + type with an empty value here are + + almost certainly wrong. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string type: object + x-kubernetes-map-type: atomic required: - driver type: object @@ -2320,9 +3003,11 @@ objects: on the Flocker control service being running properties: datasetName: - description: datasetName is Name of the dataset + description: 'datasetName is Name of the dataset stored as metadata -> name on the dataset - for Flocker should be considered as deprecated + for Flocker + + should be considered as deprecated' type: string datasetUUID: description: datasetUUID is the UUID of the @@ -2332,38 +3017,54 @@ objects: type: object gcePersistentDisk: description: 'gcePersistentDisk represents a GCE - Disk resource that is attached to a kubelet''s - host machine and then exposed to the pod. More - info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + Disk resource that is attached to a + + kubelet''s host machine and then exposed to the + pod. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' properties: fsType: description: 'fsType is filesystem type of the - volume that you want to mount. Tip: Ensure - that the filesystem type is supported by the - host operating system. Examples: "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - TODO: how do we prevent errors in the filesystem - from compromising the machine' + volume that you want to mount. + + Tip: Ensure that the filesystem type is supported + by the host operating system. + + Examples: "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: string partition: description: 'partition is the partition in - the volume that you want to mount. If omitted, - the default is to mount by volume name. Examples: - For volume /dev/sda1, you specify the partition - as "1". Similarly, the volume partition for - /dev/sda is "0" (or you can leave the property - empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + the volume that you want to mount. + + If omitted, the default is to mount by volume + name. + + Examples: For volume /dev/sda1, you specify + the partition as "1". + + Similarly, the volume partition for /dev/sda + is "0" (or you can leave the property empty). + + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' format: int32 type: integer pdName: description: 'pdName is unique name of the PD resource in GCE. Used to identify the disk - in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + in GCE. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: string readOnly: description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. + setting in VolumeMounts. + + Defaults to false. + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: boolean required: @@ -2371,19 +3072,29 @@ objects: type: object gitRepo: description: 'gitRepo represents a git repository - at a particular revision. DEPRECATED: GitRepo - is deprecated. To provision a container with a - git repo, mount an EmptyDir into an InitContainer - that clones the repo using git, then mount the - EmptyDir into the Pod''s container.' + at a particular revision. + + DEPRECATED: GitRepo is deprecated. To provision + a container with a git repo, mount an + + EmptyDir into an InitContainer that clones the + repo using git, then mount the EmptyDir + + into the Pod''s container.' properties: directory: - description: directory is the target directory - name. Must not contain or start with '..'. If - '.' is supplied, the volume directory will - be the git repository. Otherwise, if specified, + description: 'directory is the target directory + name. + + Must not contain or start with ''..''. If + ''.'' is supplied, the volume directory will + be the + + git repository. Otherwise, if specified, the volume will contain the git repository - in the subdirectory with the given name. + in + + the subdirectory with the given name.' type: string repository: description: repository is the URL @@ -2397,22 +3108,28 @@ objects: type: object glusterfs: description: 'glusterfs represents a Glusterfs mount - on the host that shares a pod''s lifetime. More - info: https://examples.k8s.io/volumes/glusterfs/README.md' + on the host that shares a pod''s lifetime. + + More info: https://examples.k8s.io/volumes/glusterfs/README.md' properties: endpoints: description: 'endpoints is the endpoint name - that details Glusterfs topology. More info: - https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + that details Glusterfs topology. + + More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: string path: description: 'path is the Glusterfs volume path. + More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: string readOnly: description: 'readOnly here will force the Glusterfs volume to be mounted with read-only permissions. - Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + + Defaults to false. + + More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: boolean required: - endpoints @@ -2420,31 +3137,139 @@ objects: type: object hostPath: description: 'hostPath represents a pre-existing - file or directory on the host machine that is - directly exposed to the container. This is generally + file or directory on the host + + machine that is directly exposed to the container. + This is generally + used for system agents or other privileged things - that are allowed to see the host machine. Most - containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - --- TODO(jonesdl) We need to restrict who can - use host directory mounts and who can/can not - mount host directories as read/write.' + that are allowed + + to see the host machine. Most containers will + NOT need this. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' properties: path: description: 'path of the directory on the host. + If the path is a symlink, it will follow the - link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + link to the real path. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' type: string type: - description: 'type for HostPath Volume Defaults - to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + description: 'type for HostPath Volume + + Defaults to "" + + More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' type: string required: - path type: object + image: + description: 'image represents an OCI object (a + container image or artifact) pulled and mounted + on the kubelet''s host machine. + + The volume is resolved at pod startup depending + on which PullPolicy value is provided: + + + - Always: the kubelet always attempts to pull + the reference. Container creation will fail If + the pull fails. + + - Never: the kubelet never pulls the reference + and only uses a local image or artifact. Container + creation will fail if the reference isn''t present. + + - IfNotPresent: the kubelet pulls if the reference + isn''t already present on disk. Container creation + will fail if the reference isn''t present and + the pull fails. + + + The volume gets re-resolved if the pod gets deleted + and recreated, which means that new remote content + will become available on pod recreation. + + A failure to resolve or pull the image during + pod startup will block containers from starting + and may add significant latency. Failures will + be retried using normal volume backoff and will + be reported on the pod reason and message. + + The types of objects that may be mounted by this + volume are defined by the container runtime implementation + on a host machine and at minimum must include + all valid types supported by the container image + field. + + The OCI object gets mounted in a single directory + (spec.containers[*].volumeMounts.mountPath) by + merging the manifest layers in the same way as + for container images. + + The volume will be mounted read-only (ro) and + non-executable files (noexec). + + Sub path mounts for containers are not supported + (spec.containers[*].volumeMounts.subpath). + + The field spec.securityContext.fsGroupChangePolicy + has no effect on this volume type.' + properties: + pullPolicy: + description: 'Policy for pulling OCI objects. + Possible values are: + + Always: the kubelet always attempts to pull + the reference. Container creation will fail + If the pull fails. + + Never: the kubelet never pulls the reference + and only uses a local image or artifact. Container + creation will fail if the reference isn''t + present. + + IfNotPresent: the kubelet pulls if the reference + isn''t already present on disk. Container + creation will fail if the reference isn''t + present and the pull fails. + + Defaults to Always if :latest tag is specified, + or IfNotPresent otherwise.' + type: string + reference: + description: 'Required: Image or artifact reference + to be used. + + Behaves in the same way as pod.spec.containers[*].image. + + Pull secrets will be assembled in the same + way as for the container image by looking + up node credentials, SA image pull secrets, + and pod spec image pull secrets. + + More info: https://kubernetes.io/docs/concepts/containers/images + + This field is optional to allow higher level + config management to default or override + + container images in workload controllers like + Deployments and StatefulSets.' + type: string + type: object iscsi: description: 'iscsi represents an ISCSI Disk resource - that is attached to a kubelet''s host machine - and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' + that is attached to a + + kubelet''s host machine and then exposed to the + pod. + + More info: https://examples.k8s.io/volumes/iscsi/README.md' properties: chapAuthDiscovery: description: chapAuthDiscovery defines whether @@ -2456,29 +3281,36 @@ objects: type: boolean fsType: description: 'fsType is the filesystem type - of the volume that you want to mount. Tip: - Ensure that the filesystem type is supported - by the host operating system. Examples: "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi - TODO: how do we prevent errors in the filesystem - from compromising the machine' + of the volume that you want to mount. + + Tip: Ensure that the filesystem type is supported + by the host operating system. + + Examples: "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi' type: string initiatorName: - description: initiatorName is the custom iSCSI - Initiator Name. If initiatorName is specified - with iscsiInterface simultaneously, new iSCSI - interface : will - be created for the connection. + description: 'initiatorName is the custom iSCSI + Initiator Name. + + If initiatorName is specified with iscsiInterface + simultaneously, new iSCSI interface + + : will be created + for the connection.' type: string iqn: description: iqn is the target iSCSI Qualified Name. type: string iscsiInterface: - description: iscsiInterface is the interface - Name that uses an iSCSI transport. Defaults - to 'default' (tcp). + default: default + description: 'iscsiInterface is the interface + Name that uses an iSCSI transport. + + Defaults to ''default'' (tcp).' type: string lun: description: lun represents iSCSI Target Lun @@ -2486,33 +3318,49 @@ objects: format: int32 type: integer portals: - description: portals is the iSCSI Target Portal + description: 'portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port - if the port is other than default (typically - TCP ports 860 and 3260). + if the port + + is other than default (typically TCP ports + 860 and 3260).' items: type: string type: array + x-kubernetes-list-type: atomic readOnly: - description: readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. + description: 'readOnly here will force the ReadOnly + setting in VolumeMounts. + + Defaults to false.' type: boolean secretRef: description: secretRef is the CHAP Secret for iSCSI target and initiator authentication properties: name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: '' + description: 'Name of the referent. + + This field is effectively required, but + due to backwards compatibility is + + allowed to be empty. Instances of this + type with an empty value here are + + almost certainly wrong. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string type: object + x-kubernetes-map-type: atomic targetPortal: - description: targetPortal is iSCSI Target Portal. + description: 'targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port - if the port is other than default (typically - TCP ports 860 and 3260). + if the port + + is other than default (typically TCP ports + 860 and 3260).' type: string required: - iqn @@ -2520,26 +3368,37 @@ objects: - targetPortal type: object name: - description: 'name of the volume. Must be a DNS_LABEL - and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: 'name of the volume. + + Must be a DNS_LABEL and unique within the pod. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string nfs: description: 'nfs represents an NFS mount on the - host that shares a pod''s lifetime More info: - https://kubernetes.io/docs/concepts/storage/volumes#nfs' + host that shares a pod''s lifetime + + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' properties: path: description: 'path that is exported by the NFS - server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + server. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: string readOnly: description: 'readOnly here will force the NFS export to be mounted with read-only permissions. - Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + + Defaults to false. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: boolean server: description: 'server is the hostname or IP address - of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + of the NFS server. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: string required: - path @@ -2547,17 +3406,24 @@ objects: type: object persistentVolumeClaim: description: 'persistentVolumeClaimVolumeSource - represents a reference to a PersistentVolumeClaim - in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + represents a reference to a + + PersistentVolumeClaim in the same namespace. + + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' properties: claimName: description: 'claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this - volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + volume. + + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string readOnly: - description: readOnly Will force the ReadOnly - setting in VolumeMounts. Default false. + description: 'readOnly Will force the ReadOnly + setting in VolumeMounts. + + Default false.' type: boolean required: - claimName @@ -2568,11 +3434,14 @@ objects: host machine properties: fsType: - description: fsType is the filesystem type to - mount. Must be a filesystem type supported - by the host operating system. Ex. "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. + description: 'fsType is the filesystem type + to mount. + + Must be a filesystem type supported by the + host operating system. + + Ex. "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified.' type: string pdID: description: pdID is the ID that identifies @@ -2586,16 +3455,20 @@ objects: volume attached and mounted on kubelets host machine properties: fsType: - description: fSType represents the filesystem - type to mount Must be a filesystem type supported - by the host operating system. Ex. "ext4", - "xfs". Implicitly inferred to be "ext4" if - unspecified. + description: 'fSType represents the filesystem + type to mount + + Must be a filesystem type supported by the + host operating system. + + Ex. "ext4", "xfs". Implicitly inferred to + be "ext4" if unspecified.' type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. + description: 'readOnly defaults to false (read/write). + ReadOnly here will force + + the ReadOnly setting in VolumeMounts.' type: boolean volumeID: description: volumeID uniquely identifies a @@ -2609,51 +3482,83 @@ objects: secrets, configmaps, and downward API properties: defaultMode: - description: defaultMode are the mode bits used - to set permissions on created files by default. + description: 'defaultMode are the mode bits + used to set permissions on created files by + default. + Must be an octal value between 0000 and 0777 - or a decimal value between 0 and 511. YAML - accepts both octal and decimal values, JSON - requires decimal values for mode bits. Directories - within the path are not affected by this setting. + or a decimal value between 0 and 511. + + YAML accepts both octal and decimal values, + JSON requires decimal values for mode bits. + + Directories within the path are not affected + by this setting. + This might be in conflict with other options - that affect the file mode, like fsGroup, and - the result can be other mode bits set. + that affect the file + + mode, like fsGroup, and the result can be + other mode bits set.' format: int32 type: integer sources: - description: sources is the list of volume projections + description: 'sources is the list of volume + projections. Each entry in this list + + handles one source.' items: - description: Projection that may be projected - along with other supported volume types + description: 'Projection that may be projected + along with other supported volume types. + + Exactly one of these fields must be set.' properties: clusterTrustBundle: - description: "ClusterTrustBundle allows\ - \ a pod to access the `.spec.trustBundle`\ - \ field of ClusterTrustBundle objects\ - \ in an auto-updating file. \n Alpha,\ - \ gated by the ClusterTrustBundleProjection\ - \ feature gate. \n ClusterTrustBundle\ - \ objects can either be selected by\ - \ name, or by the combination of signer\ - \ name and a label selector. \n Kubelet\ - \ performs aggressive normalization\ - \ of the PEM contents written into the\ - \ pod filesystem. Esoteric PEM features\ - \ such as inter-block comments and block\ - \ headers are stripped. Certificates\ - \ are deduplicated. The ordering of\ - \ certificates within the file is arbitrary,\ - \ and Kubelet may change the order over\ - \ time." + description: 'ClusterTrustBundle allows + a pod to access the `.spec.trustBundle` + field + + of ClusterTrustBundle objects in an + auto-updating file. + + + Alpha, gated by the ClusterTrustBundleProjection + feature gate. + + + ClusterTrustBundle objects can either + be selected by name, or by the + + combination of signer name and a label + selector. + + + Kubelet performs aggressive normalization + of the PEM contents written + + into the pod filesystem. Esoteric PEM + features such as inter-block + + comments and block headers are stripped. Certificates + are deduplicated. + + The ordering of certificates within + the file is arbitrary, and Kubelet + + may change the order over time.' properties: labelSelector: - description: Select all ClusterTrustBundles + description: 'Select all ClusterTrustBundles that match this label selector. Only - has effect if signerName is set. Mutually-exclusive - with name. If unset, interpreted - as "match nothing". If set but - empty, interpreted as "match everything". + has + + effect if signerName is set. Mutually-exclusive + with name. If unset, + + interpreted as "match nothing". If + set but empty, interpreted as "match + + everything".' properties: matchExpressions: description: matchExpressions @@ -2661,11 +3566,12 @@ objects: requirements. The requirements are ANDed. items: - description: A label selector + description: 'A label selector requirement is a selector that contains values, a key, - and an operator that relates - the key and values. + and an operator that + + relates the key and values.' properties: key: description: key is the @@ -2673,70 +3579,91 @@ objects: applies to. type: string operator: - description: operator represents - a key's relationship to - a set of values. Valid - operators are In, NotIn, - Exists and DoesNotExist. + description: 'operator represents + a key''s relationship + to a set of values. + + Valid operators are In, + NotIn, Exists and DoesNotExist.' type: string values: - description: values is an - array of string values. + description: 'values is + an array of string values. If the operator is In - or NotIn, the values array - must be non-empty. If - the operator is Exists - or DoesNotExist, the values - array must be empty. This - array is replaced during - a strategic merge patch. + or NotIn, + + the values array must + be non-empty. If the operator + is Exists or DoesNotExist, + + the values array must + be empty. This array is + replaced during a strategic + + merge patch.' items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string - description: matchLabels is a + description: 'matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key - field is "key", the operator - is "In", and the values array - contains only "value". The requirements - are ANDed. + field is "key", the + + operator is "In", and the values + array contains only "value". + The requirements are ANDed.' type: object type: object + x-kubernetes-map-type: atomic name: - description: Select a single ClusterTrustBundle + description: 'Select a single ClusterTrustBundle by object name. Mutually-exclusive - with signerName and labelSelector. + + with signerName and labelSelector.' type: string optional: - description: If true, don't block + description: 'If true, don''t block pod startup if the referenced ClusterTrustBundle(s) - aren't available. If using name, + + aren''t available. If using name, then the named ClusterTrustBundle - is allowed not to exist. If using + is + + allowed not to exist. If using signerName, then the combination - of signerName and labelSelector - is allowed to match zero ClusterTrustBundles. + of + + signerName and labelSelector is + allowed to match zero + + ClusterTrustBundles.' type: boolean path: description: Relative path from the volume root to write the bundle. type: string signerName: - description: Select all ClusterTrustBundles - that match this signer name. Mutually-exclusive - with name. The contents of all - selected ClusterTrustBundles will - be unified and deduplicated. + description: 'Select all ClusterTrustBundles + that match this signer name. + + Mutually-exclusive with name. The + contents of all selected + + ClusterTrustBundles will be unified + and deduplicated.' type: string required: - path @@ -2746,21 +3673,30 @@ objects: the configMap data to project properties: items: - description: items if unspecified, + description: 'items if unspecified, each key-value pair in the Data - field of the referenced ConfigMap - will be projected into the volume - as a file whose name is the key - and content is the value. If specified, - the listed keys will be projected - into the specified paths, and unlisted - keys will not be present. If a key - is specified which is not present - in the ConfigMap, the volume setup - will error unless it is marked optional. - Paths must be relative and may not - contain the '..' path or start with - '..'. + field of the referenced + + ConfigMap will be projected into + the volume as a file whose name + is the + + key and content is the value. If + specified, the listed keys will + be + + projected into the specified paths, + and unlisted keys will not be + + present. If a key is specified which + is not present in the ConfigMap, + + the volume setup will error unless + it is marked optional. Paths must + be + + relative and may not contain the + ''..'' path or start with ''..''.' items: description: Maps a string key to a path within a volume. @@ -2772,39 +3708,62 @@ objects: mode: description: 'mode is Optional: mode bits used to set permissions - on this file. Must be an octal - value between 0000 and 0777 - or a decimal value between - 0 and 511. YAML accepts both - octal and decimal values, - JSON requires decimal values - for mode bits. If not specified, - the volume defaultMode will - be used. This might be in - conflict with other options - that affect the file mode, - like fsGroup, and the result - can be other mode bits set.' + on this file. + + Must be an octal value between + 0000 and 0777 or a decimal + value between 0 and 511. + + YAML accepts both octal and + decimal values, JSON requires + decimal values for mode bits. + + If not specified, the volume + defaultMode will be used. + + This might be in conflict + with other options that affect + the file + + mode, like fsGroup, and the + result can be other mode bits + set.' format: int32 type: integer path: - description: path is the relative + description: 'path is the relative path of the file to map the - key to. May not be an absolute - path. May not contain the - path element '..'. May not - start with the string '..'. + key to. + + May not be an absolute path. + + May not contain the path element + ''..''. + + May not start with the string + ''..''.' type: string required: - key - path type: object type: array + x-kubernetes-list-type: atomic name: + default: '' description: 'Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + + This field is effectively required, + but due to backwards compatibility + is + + allowed to be empty. Instances of + this type with an empty value here + are + + almost certainly wrong. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string optional: description: optional specify whether @@ -2812,6 +3771,7 @@ objects: defined type: boolean type: object + x-kubernetes-map-type: atomic downwardAPI: description: downwardAPI information about the downwardAPI data to project @@ -2827,8 +3787,8 @@ objects: fieldRef: description: 'Required: Selects a field of the pod: only annotations, - labels, name and namespace - are supported.' + labels, name, namespace and + uid are supported.' properties: apiVersion: description: Version of @@ -2844,22 +3804,31 @@ objects: required: - fieldPath type: object + x-kubernetes-map-type: atomic mode: description: 'Optional: mode bits used to set permissions on this file, must be an octal - value between 0000 and 0777 - or a decimal value between - 0 and 511. YAML accepts both - octal and decimal values, - JSON requires decimal values - for mode bits. If not specified, - the volume defaultMode will - be used. This might be in - conflict with other options - that affect the file mode, - like fsGroup, and the result - can be other mode bits set.' + value + + between 0000 and 0777 or a + decimal value between 0 and + 511. + + YAML accepts both octal and + decimal values, JSON requires + decimal values for mode bits. + + If not specified, the volume + defaultMode will be used. + + This might be in conflict + with other options that affect + the file + + mode, like fsGroup, and the + result can be other mode bits + set.' format: int32 type: integer path: @@ -2875,10 +3844,11 @@ objects: resourceFieldRef: description: 'Selects a resource of the container: only resources - limits and requests (limits.cpu, - limits.memory, requests.cpu - and requests.memory) are currently - supported.' + limits and requests + + (limits.cpu, limits.memory, + requests.cpu and requests.memory) + are currently supported.' properties: containerName: description: 'Container @@ -2902,31 +3872,41 @@ objects: required: - resource type: object + x-kubernetes-map-type: atomic required: - path type: object type: array + x-kubernetes-list-type: atomic type: object secret: description: secret information about the secret data to project properties: items: - description: items if unspecified, + description: 'items if unspecified, each key-value pair in the Data - field of the referenced Secret will - be projected into the volume as - a file whose name is the key and - content is the value. If specified, - the listed keys will be projected - into the specified paths, and unlisted - keys will not be present. If a key - is specified which is not present - in the Secret, the volume setup - will error unless it is marked optional. - Paths must be relative and may not - contain the '..' path or start with - '..'. + field of the referenced + + Secret will be projected into the + volume as a file whose name is the + + key and content is the value. If + specified, the listed keys will + be + + projected into the specified paths, + and unlisted keys will not be + + present. If a key is specified which + is not present in the Secret, + + the volume setup will error unless + it is marked optional. Paths must + be + + relative and may not contain the + ''..'' path or start with ''..''.' items: description: Maps a string key to a path within a volume. @@ -2938,39 +3918,62 @@ objects: mode: description: 'mode is Optional: mode bits used to set permissions - on this file. Must be an octal - value between 0000 and 0777 - or a decimal value between - 0 and 511. YAML accepts both - octal and decimal values, - JSON requires decimal values - for mode bits. If not specified, - the volume defaultMode will - be used. This might be in - conflict with other options - that affect the file mode, - like fsGroup, and the result - can be other mode bits set.' + on this file. + + Must be an octal value between + 0000 and 0777 or a decimal + value between 0 and 511. + + YAML accepts both octal and + decimal values, JSON requires + decimal values for mode bits. + + If not specified, the volume + defaultMode will be used. + + This might be in conflict + with other options that affect + the file + + mode, like fsGroup, and the + result can be other mode bits + set.' format: int32 type: integer path: - description: path is the relative + description: 'path is the relative path of the file to map the - key to. May not be an absolute - path. May not contain the - path element '..'. May not - start with the string '..'. + key to. + + May not be an absolute path. + + May not contain the path element + ''..''. + + May not start with the string + ''..''.' type: string required: - key - path type: object type: array + x-kubernetes-list-type: atomic name: + default: '' description: 'Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + + This field is effectively required, + but due to backwards compatibility + is + + allowed to be empty. Instances of + this type with an empty value here + are + + almost certainly wrong. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string optional: description: optional field specify @@ -2978,76 +3981,98 @@ objects: be defined type: boolean type: object + x-kubernetes-map-type: atomic serviceAccountToken: description: serviceAccountToken is information about the serviceAccountToken data to project properties: audience: - description: audience is the intended + description: 'audience is the intended audience of the token. A recipient - of a token must identify itself - with an identifier specified in - the audience of the token, and otherwise - should reject the token. The audience - defaults to the identifier of the - apiserver. + of a token + + must identify itself with an identifier + specified in the audience of the + + token, and otherwise should reject + the token. The audience defaults + to the + + identifier of the apiserver.' type: string expirationSeconds: - description: expirationSeconds is + description: 'expirationSeconds is the requested duration of validity - of the service account token. As - the token approaches expiration, - the kubelet volume plugin will proactively - rotate the service account token. - The kubelet will start trying to - rotate the token if the token is - older than 80 percent of its time - to live or if the token is older - than 24 hours.Defaults to 1 hour - and must be at least 10 minutes. + of the service + + account token. As the token approaches + expiration, the kubelet volume + + plugin will proactively rotate the + service account token. The kubelet + will + + start trying to rotate the token + if the token is older than 80 percent + of + + its time to live or if the token + is older than 24 hours.Defaults + to 1 hour + + and must be at least 10 minutes.' format: int64 type: integer path: - description: path is the path relative + description: 'path is the path relative to the mount point of the file to - project the token into. + project the + + token into.' type: string required: - path type: object type: object type: array + x-kubernetes-list-type: atomic type: object quobyte: description: quobyte represents a Quobyte mount on the host that shares a pod's lifetime properties: group: - description: group to map volume access to Default - is no group + description: 'group to map volume access to + + Default is no group' type: string readOnly: - description: readOnly here will force the Quobyte + description: 'readOnly here will force the Quobyte volume to be mounted with read-only permissions. - Defaults to false. + + Defaults to false.' type: boolean registry: - description: registry represents a single or - multiple Quobyte Registry services specified - as a string as host:port pair (multiple entries - are separated with commas) which acts as the - central registry for volumes + description: 'registry represents a single or + multiple Quobyte Registry services + + specified as a string as host:port pair (multiple + entries are separated with commas) + + which acts as the central registry for volumes' type: string tenant: - description: tenant owning the given Quobyte - volume in the Backend Used with dynamically - provisioned Quobyte volumes, value is set - by the plugin + description: 'tenant owning the given Quobyte + volume in the Backend + + Used with dynamically provisioned Quobyte + volumes, value is set by the plugin' type: string user: - description: user to map volume access to Defaults - to serivceaccount user + description: 'user to map volume access to + + Defaults to serivceaccount user' type: string volume: description: volume is a string that references @@ -3060,57 +4085,93 @@ objects: rbd: description: 'rbd represents a Rados Block Device mount on the host that shares a pod''s lifetime. + More info: https://examples.k8s.io/volumes/rbd/README.md' properties: fsType: description: 'fsType is the filesystem type - of the volume that you want to mount. Tip: - Ensure that the filesystem type is supported - by the host operating system. Examples: "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd - TODO: how do we prevent errors in the filesystem - from compromising the machine' + of the volume that you want to mount. + + Tip: Ensure that the filesystem type is supported + by the host operating system. + + Examples: "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd' type: string image: description: 'image is the rados image name. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string keyring: + default: /etc/ceph/keyring description: 'keyring is the path to key ring - for RBDUser. Default is /etc/ceph/keyring. + for RBDUser. + + Default is /etc/ceph/keyring. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string monitors: description: 'monitors is a collection of Ceph - monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + monitors. + + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' items: type: string type: array + x-kubernetes-list-type: atomic pool: - description: 'pool is the rados pool name. Default - is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + default: rbd + description: 'pool is the rados pool name. + + Default is rbd. + + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string readOnly: description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. + setting in VolumeMounts. + + Defaults to false. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: boolean secretRef: description: 'secretRef is name of the authentication - secret for RBDUser. If provided overrides - keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + secret for RBDUser. If provided + + overrides keyring. + + Default is nil. + + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' properties: name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: '' + description: 'Name of the referent. + + This field is effectively required, but + due to backwards compatibility is + + allowed to be empty. Instances of this + type with an empty value here are + + almost certainly wrong. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string type: object + x-kubernetes-map-type: atomic user: - description: 'user is the rados user name. Default - is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + default: admin + description: 'user is the rados user name. + + Default is admin. + + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string required: - image @@ -3121,10 +4182,16 @@ objects: volume attached and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to - mount. Must be a filesystem type supported - by the host operating system. Ex. "ext4", - "xfs", "ntfs". Default is "xfs". + default: xfs + description: 'fsType is the filesystem type + to mount. + + Must be a filesystem type supported by the + host operating system. + + Ex. "ext4", "xfs", "ntfs". + + Default is "xfs".' type: string gateway: description: gateway is the host address of @@ -3136,31 +4203,45 @@ objects: storage. type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. + description: 'readOnly Defaults to false (read/write). + ReadOnly here will force + + the ReadOnly setting in VolumeMounts.' type: boolean secretRef: - description: secretRef references to the secret - for ScaleIO user and other sensitive information. - If this is not provided, Login operation will - fail. + description: 'secretRef references to the secret + for ScaleIO user and other + + sensitive information. If this is not provided, + Login operation will fail.' properties: name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: '' + description: 'Name of the referent. + + This field is effectively required, but + due to backwards compatibility is + + allowed to be empty. Instances of this + type with an empty value here are + + almost certainly wrong. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string type: object + x-kubernetes-map-type: atomic sslEnabled: description: sslEnabled Flag enable/disable SSL communication with Gateway, default false type: boolean storageMode: - description: storageMode indicates whether the - storage for a volume should be ThickProvisioned - or ThinProvisioned. Default is ThinProvisioned. + default: ThinProvisioned + description: 'storageMode indicates whether + the storage for a volume should be ThickProvisioned + or ThinProvisioned. + + Default is ThinProvisioned.' type: string storagePool: description: storagePool is the ScaleIO Storage @@ -3171,9 +4252,10 @@ objects: system as configured in ScaleIO. type: string volumeName: - description: volumeName is the name of a volume - already created in the ScaleIO system that - is associated with this volume source. + description: 'volumeName is the name of a volume + already created in the ScaleIO system + + that is associated with this volume source.' type: string required: - gateway @@ -3182,34 +4264,54 @@ objects: type: object secret: description: 'secret represents a secret that should - populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + populate this volume. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' properties: defaultMode: description: 'defaultMode is Optional: mode bits used to set permissions on created files - by default. Must be an octal value between - 0000 and 0777 or a decimal value between 0 - and 511. YAML accepts both octal and decimal - values, JSON requires decimal values for mode - bits. Defaults to 0644. Directories within - the path are not affected by this setting. + by default. + + Must be an octal value between 0000 and 0777 + or a decimal value between 0 and 511. + + YAML accepts both octal and decimal values, + JSON requires decimal values + + for mode bits. Defaults to 0644. + + Directories within the path are not affected + by this setting. + This might be in conflict with other options - that affect the file mode, like fsGroup, and - the result can be other mode bits set.' + that affect the file + + mode, like fsGroup, and the result can be + other mode bits set.' format: int32 type: integer items: - description: items If unspecified, each key-value - pair in the Data field of the referenced Secret - will be projected into the volume as a file - whose name is the key and content is the value. - If specified, the listed keys will be projected - into the specified paths, and unlisted keys - will not be present. If a key is specified - which is not present in the Secret, the volume - setup will error unless it is marked optional. - Paths must be relative and may not contain - the '..' path or start with '..'. + description: 'items If unspecified, each key-value + pair in the Data field of the referenced + + Secret will be projected into the volume as + a file whose name is the + + key and content is the value. If specified, + the listed keys will be + + projected into the specified paths, and unlisted + keys will not be + + present. If a key is specified which is not + present in the Secret, + + the volume setup will error unless it is marked + optional. Paths must be + + relative and may not contain the ''..'' path + or start with ''..''.' items: description: Maps a string key to a path within a volume. @@ -3220,38 +4322,50 @@ objects: mode: description: 'mode is Optional: mode bits used to set permissions on this file. + Must be an octal value between 0000 and 0777 or a decimal value between - 0 and 511. YAML accepts both octal and - decimal values, JSON requires decimal - values for mode bits. If not specified, - the volume defaultMode will be used. + 0 and 511. + + YAML accepts both octal and decimal + values, JSON requires decimal values + for mode bits. + + If not specified, the volume defaultMode + will be used. + This might be in conflict with other - options that affect the file mode, like - fsGroup, and the result can be other - mode bits set.' + options that affect the file + + mode, like fsGroup, and the result can + be other mode bits set.' format: int32 type: integer path: - description: path is the relative path - of the file to map the key to. May not - be an absolute path. May not contain - the path element '..'. May not start - with the string '..'. + description: 'path is the relative path + of the file to map the key to. + + May not be an absolute path. + + May not contain the path element ''..''. + + May not start with the string ''..''.' type: string required: - key - path type: object type: array + x-kubernetes-list-type: atomic optional: description: optional field specify whether the Secret or its keys must be defined type: boolean secretName: description: 'secretName is the name of the - secret in the pod''s namespace to use. More - info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + secret in the pod''s namespace to use. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' type: string type: object storageos: @@ -3259,45 +4373,69 @@ objects: attached and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to - mount. Must be a filesystem type supported - by the host operating system. Ex. "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. + description: 'fsType is the filesystem type + to mount. + + Must be a filesystem type supported by the + host operating system. + + Ex. "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified.' type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. + description: 'readOnly defaults to false (read/write). + ReadOnly here will force + + the ReadOnly setting in VolumeMounts.' type: boolean secretRef: - description: secretRef specifies the secret - to use for obtaining the StorageOS API credentials. If - not specified, default values will be attempted. + description: 'secretRef specifies the secret + to use for obtaining the StorageOS API + + credentials. If not specified, default values + will be attempted.' properties: name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: '' + description: 'Name of the referent. + + This field is effectively required, but + due to backwards compatibility is + + allowed to be empty. Instances of this + type with an empty value here are + + almost certainly wrong. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string type: object + x-kubernetes-map-type: atomic volumeName: - description: volumeName is the human-readable - name of the StorageOS volume. Volume names - are only unique within a namespace. + description: 'volumeName is the human-readable + name of the StorageOS volume. Volume + + names are only unique within a namespace.' type: string volumeNamespace: - description: volumeNamespace specifies the scope - of the volume within StorageOS. If no namespace - is specified then the Pod's namespace will - be used. This allows the Kubernetes name - scoping to be mirrored within StorageOS for - tighter integration. Set VolumeName to any - name to override the default behaviour. Set - to "default" if you are not using namespaces - within StorageOS. Namespaces that do not pre-exist - within StorageOS will be created. + description: 'volumeNamespace specifies the + scope of the volume within StorageOS. If + no + + namespace is specified then the Pod''s namespace + will be used. This allows the + + Kubernetes name scoping to be mirrored within + StorageOS for tighter integration. + + Set VolumeName to any name to override the + default behaviour. + + Set to "default" if you are not using namespaces + within StorageOS. + + Namespaces that do not pre-exist within StorageOS + will be created.' type: string type: object vsphereVolume: @@ -3305,11 +4443,13 @@ objects: volume attached and mounted on kubelets host machine properties: fsType: - description: fsType is filesystem type to mount. + description: 'fsType is filesystem type to mount. + Must be a filesystem type supported by the - host operating system. Ex. "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. + host operating system. + + Ex. "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified.' type: string storagePolicyID: description: storagePolicyID is the storage @@ -3337,24 +4477,34 @@ objects: format: int32 type: integer web: - description: If set to true, creates a service on the webPort - defined in the ClowdEnvironment resource, along with the - relevant liveness and readiness probes. + description: 'If set to true, creates a service on the webPort + defined in + + the ClowdEnvironment resource, along with the relevant liveness + and + + readiness probes.' type: boolean webServices: description: 'WebServices defines the structs for the three - exposed web services: public, private and metrics.' + exposed web services: public, + + private and metrics.' properties: metrics: - description: MetricsWebService is the definition of the - metrics web service. This is automatically enabled and - the configuration here at the moment is included for - completeness, as there are no configurable options. + description: 'MetricsWebService is the definition of the + metrics web service. This is automatically + + enabled and the configuration here at the moment is + included for completeness, as there + + are no configurable options.' type: object private: - description: PrivateWebService is the definition of the - private web service. There can be only one private service - managed by Clowder. + description: 'PrivateWebService is the definition of the + private web service. There can be only + + one private service managed by Clowder.' properties: appProtocol: description: AppProtocol determines the protocol to @@ -3372,15 +4522,17 @@ objects: - redis type: string enabled: - description: Enabled describes if Clowder should enable - the private service and provide the configuration - in the cdappconfig. + description: 'Enabled describes if Clowder should + enable the private service and provide the + + configuration in the cdappconfig.' type: boolean type: object public: - description: PublicWebService is the definition of the - public web service. There can be only one public service - managed by Clowder. + description: 'PublicWebService is the definition of the + public web service. There can be only + + one public service managed by Clowder.' properties: apiPath: description: (DEPRECATED, use apiPaths instead) Configures @@ -3399,9 +4551,10 @@ objects: type: string type: array enabled: - description: Enabled describes if Clowder should enable - the public service and provide the configuration - in the cdappconfig. + description: 'Enabled describes if Clowder should + enable the public service and provide the + + configuration in the cdappconfig.' type: boolean sessionAffinity: description: Set SessionAffinity to true to enable @@ -3424,30 +4577,43 @@ objects: description: Disabled turns off reconciliation for this ClowdApp type: boolean envName: - description: The name of the ClowdEnvironment resource that this - ClowdApp will use as its base. This does not mean that the ClowdApp - needs to be placed in the same directory as the targetNamespace - of the ClowdEnvironment. + description: 'The name of the ClowdEnvironment resource that this + ClowdApp will use as + + its base. This does not mean that the ClowdApp needs to be placed + in the + + same directory as the targetNamespace of the ClowdEnvironment.' type: string featureFlags: - description: If featureFlags is set to true, Clowder will pass configuration - of a FeatureFlags instance to the pods in the ClowdApp. This single - instance will be shared between all apps. + description: 'If featureFlags is set to true, Clowder will pass + configuration of a + + FeatureFlags instance to the pods in the ClowdApp. This single + + instance will be shared between all apps.' type: boolean inMemoryDb: - description: If inMemoryDb is set to true, Clowder will pass configuration + description: 'If inMemoryDb is set to true, Clowder will pass configuration + of an In Memory Database to the pods in the ClowdApp. This single - instance will be shared between all apps. + + instance will be shared between all apps.' type: boolean jobs: description: A list of jobs items: - description: Job defines a ClowdJob A Job struct will deploy as - a CronJob if `schedule` is set and will deploy as a Job if it - is not set. Unsupported fields will be dropped from Jobs + description: 'Job defines a ClowdJob + + A Job struct will deploy as a CronJob if `schedule` is set + + and will deploy as a Job if it is not set. Unsupported fields + + will be dropped from Jobs' properties: activeDeadlineSeconds: description: 'The activeDeadlineSeconds for the Job or CronJob. + More info: https://kubernetes.io/docs/concepts/workloads/controllers/job/' format: int64 type: integer @@ -3456,24 +4622,31 @@ objects: format: int32 type: integer concurrencyPolicy: - description: Defines the concurrency policy for the CronJob, - defaults to Allow Only applies to Cronjobs + description: 'Defines the concurrency policy for the CronJob, + defaults to Allow + + Only applies to Cronjobs' type: string disabled: - description: Disabled allows a job to be disabled, as such, - the resource is not created on the system and cannot be - invoked with a CJI + description: 'Disabled allows a job to be disabled, as such, + the resource is not + + created on the system and cannot be invoked with a CJI' type: boolean failedJobsHistoryLimit: - description: The number of failed finished jobs to retain. - Value must be non-negative integer. Defaults to 1. Only - applies to Cronjobs + description: 'The number of failed finished jobs to retain. + Value must be non-negative integer. + + Defaults to 1. + + Only applies to Cronjobs' format: int32 type: integer name: - description: Name defines identifier of the Job. This name - will be used to name the CronJob resource, the container - will be name identically. + description: 'Name defines identifier of the Job. This name + will be used to name the + + CronJob resource, the container will be name identically.' type: string parallelism: description: Defines the parallelism of the job @@ -3507,16 +4680,29 @@ objects: type: string value: description: 'Variable references $(VAR_NAME) are - expanded using the previously defined environment - variables in the container and any service environment - variables. If a variable cannot be resolved, the - reference in the input string will be unchanged. - Double $$ are reduced to a single $, which allows - for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" - will produce the string literal "$(VAR_NAME)". + expanded + + using the previously defined environment variables + in the container and + + any service environment variables. If a variable + cannot be resolved, + + the reference in the input string will be unchanged. + Double $$ are reduced + + to a single $, which allows for escaping the $(VAR_NAME) + syntax: i.e. + + "$$(VAR_NAME)" will produce the string literal + "$(VAR_NAME)". + Escaped references will never be expanded, regardless - of whether the variable exists or not. Defaults - to "".' + of whether the variable + + exists or not. + + Defaults to "".' type: string valueFrom: description: Source for the environment variable's @@ -3529,10 +4715,18 @@ objects: description: The key to select. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: '' + description: 'Name of the referent. + + This field is effectively required, but + due to backwards compatibility is + + allowed to be empty. Instances of this + type with an empty value here are + + almost certainly wrong. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string optional: description: Specify whether the ConfigMap @@ -3541,12 +4735,14 @@ objects: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['''']`, - `metadata.annotations['''']`, spec.nodeName, - spec.serviceAccountName, status.hostIP, status.podIP, - status.podIPs.' + `metadata.annotations['''']`, + + spec.nodeName, spec.serviceAccountName, status.hostIP, + status.podIP, status.podIPs.' properties: apiVersion: description: Version of the schema the FieldPath @@ -3559,11 +4755,13 @@ objects: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: description: 'Selects a resource of the container: - only resources limits and requests (limits.cpu, - limits.memory, limits.ephemeral-storage, requests.cpu, - requests.memory and requests.ephemeral-storage) + only resources limits and requests + + (limits.cpu, limits.memory, limits.ephemeral-storage, + requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.' properties: containerName: @@ -3585,6 +4783,7 @@ objects: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: description: Selects a key of a secret in the pod's namespace @@ -3594,10 +4793,18 @@ objects: from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: '' + description: 'Name of the referent. + + This field is effectively required, but + due to backwards compatibility is + + allowed to be empty. Instances of this + type with an empty value here are + + almost certainly wrong. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string optional: description: Specify whether the Secret @@ -3606,6 +4813,7 @@ objects: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -3619,10 +4827,13 @@ objects: description: A list of init containers used to perform at-startup operations. items: - description: InitContainer is a struct defining a k8s - init container. This will be deployed along with the - parent pod and is used to carry out one time initialization - procedures. + description: 'InitContainer is a struct defining a k8s + init container. This will be + + deployed along with the parent pod and is used to + carry out one time + + initialization procedures.' properties: args: description: A list of args to be passed to the @@ -3649,17 +4860,29 @@ objects: type: string value: description: 'Variable references $(VAR_NAME) - are expanded using the previously defined - environment variables in the container and + are expanded + + using the previously defined environment + variables in the container and + any service environment variables. If a - variable cannot be resolved, the reference - in the input string will be unchanged. Double - $$ are reduced to a single $, which allows - for escaping the $(VAR_NAME) syntax: i.e. + variable cannot be resolved, + + the reference in the input string will be + unchanged. Double $$ are reduced + + to a single $, which allows for escaping + the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal - "$(VAR_NAME)". Escaped references will never - be expanded, regardless of whether the variable - exists or not. Defaults to "".' + "$(VAR_NAME)". + + Escaped references will never be expanded, + regardless of whether the variable + + exists or not. + + Defaults to "".' type: string valueFrom: description: Source for the environment variable's @@ -3672,10 +4895,20 @@ objects: description: The key to select. type: string name: + default: '' description: 'Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + + This field is effectively required, + but due to backwards compatibility + is + + allowed to be empty. Instances of + this type with an empty value here + are + + almost certainly wrong. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string optional: description: Specify whether the ConfigMap @@ -3684,10 +4917,12 @@ objects: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['''']`, `metadata.annotations['''']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.' properties: @@ -3703,12 +4938,14 @@ objects: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: description: 'Selects a resource of the container: only resources limits and - requests (limits.cpu, limits.memory, - limits.ephemeral-storage, requests.cpu, - requests.memory and requests.ephemeral-storage) + requests + + (limits.cpu, limits.memory, limits.ephemeral-storage, + requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.' properties: containerName: @@ -3731,6 +4968,7 @@ objects: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: description: Selects a key of a secret in the pod's namespace @@ -3741,10 +4979,20 @@ objects: secret key. type: string name: + default: '' description: 'Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + + This field is effectively required, + but due to backwards compatibility + is + + allowed to be empty. Instances of + this type with an empty value here + are + + almost certainly wrong. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string optional: description: Specify whether the Secret @@ -3753,19 +5001,23 @@ objects: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name type: object type: array image: - description: Image refers to the container image - used to create the init container (if different - from the primary pod image). + description: 'Image refers to the container image + used to create the init container + + (if different from the primary pod image).' type: string inheritEnv: - description: If true, inheirts the environment variables - from the parent pod. specification + description: 'If true, inheirts the environment + variables from the parent pod. + + specification' type: boolean name: description: Name gives an identifier in the situation @@ -3779,37 +5031,51 @@ objects: properties: postStart: description: 'PostStart is called immediately after - a container is created. If the handler fails, the - container is terminated and restarted according - to its restart policy. Other management of the container - blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + a container is created. If the handler fails, + + the container is terminated and restarted according + to its restart policy. + + Other management of the container blocks until the + hook completes. + + More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' properties: exec: description: Exec specifies the action to take. properties: command: - description: Command is the command line to - execute inside the container, the working - directory for the command is root ('/') - in the container's filesystem. The command - is simply exec'd, it is not run inside a - shell, so traditional shell instructions - ('|', etc) won't work. To use a shell, you - need to explicitly call out to that shell. + description: 'Command is the command line + to execute inside the container, the working + directory for the + + command is root (''/'') in the container''s + filesystem. The command is simply exec''d, + it is + + not run inside a shell, so traditional shell + instructions (''|'', etc) won''t work. To + use + + a shell, you need to explicitly call out + to that shell. + Exit status of 0 is treated as live/healthy - and non-zero is unhealthy. + and non-zero is unhealthy.' items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. properties: host: - description: Host name to connect to, defaults + description: 'Host name to connect to, defaults to the pod IP. You probably want to set - "Host" in httpHeaders instead. + + "Host" in httpHeaders instead.' type: string httpHeaders: description: Custom headers to set in the @@ -3819,10 +5085,11 @@ objects: header to be used in HTTP probes properties: name: - description: The header field name. + description: 'The header field name. + This will be canonicalized upon output, so case-variant names will be understood - as the same header. + as the same header.' type: string value: description: The header field value @@ -3832,6 +5099,7 @@ objects: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -3839,14 +5107,18 @@ objects: anyOf: - type: integer - type: string - description: Name or number of the port to - access on the container. Number must be - in the range 1 to 65535. Name must be an - IANA_SVC_NAME. + description: 'Name or number of the port to + access on the container. + + Number must be in the range 1 to 65535. + + Name must be an IANA_SVC_NAME.' x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. + description: 'Scheme to use for connecting + to the host. + + Defaults to HTTP.' type: string required: - port @@ -3864,11 +5136,14 @@ objects: - seconds type: object tcpSocket: - description: Deprecated. TCPSocket is NOT supported - as a LifecycleHandler and kept for the backward - compatibility. There are no validation of this - field and lifecycle hooks will fail in runtime - when tcp handler is specified. + description: 'Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept + + for the backward compatibility. There are no + validation of this field and + + lifecycle hooks will fail in runtime when tcp + handler is specified.' properties: host: description: 'Optional: Host name to connect @@ -3878,10 +5153,12 @@ objects: anyOf: - type: integer - type: string - description: Number or name of the port to - access on the container. Number must be - in the range 1 to 65535. Name must be an - IANA_SVC_NAME. + description: 'Number or name of the port to + access on the container. + + Number must be in the range 1 to 65535. + + Name must be an IANA_SVC_NAME.' x-kubernetes-int-or-string: true required: - port @@ -3889,45 +5166,65 @@ objects: type: object preStop: description: 'PreStop is called immediately before - a container is terminated due to an API request - or management event such as liveness/startup probe - failure, preemption, resource contention, etc. The - handler is not called if the container crashes or - exits. The Pod''s termination grace period countdown - begins before the PreStop hook is executed. Regardless - of the outcome of the handler, the container will - eventually terminate within the Pod''s termination - grace period (unless delayed by finalizers). Other - management of the container blocks until the hook - completes or until the termination grace period - is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + a container is terminated due to an + + API request or management event such as liveness/startup + probe failure, + + preemption, resource contention, etc. The handler + is not called if the + + container crashes or exits. The Pod''s termination + grace period countdown begins before the + + PreStop hook is executed. Regardless of the outcome + of the handler, the + + container will eventually terminate within the Pod''s + termination grace + + period (unless delayed by finalizers). Other management + of the container blocks until the hook completes + + or until the termination grace period is reached. + + More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' properties: exec: description: Exec specifies the action to take. properties: command: - description: Command is the command line to - execute inside the container, the working - directory for the command is root ('/') - in the container's filesystem. The command - is simply exec'd, it is not run inside a - shell, so traditional shell instructions - ('|', etc) won't work. To use a shell, you - need to explicitly call out to that shell. + description: 'Command is the command line + to execute inside the container, the working + directory for the + + command is root (''/'') in the container''s + filesystem. The command is simply exec''d, + it is + + not run inside a shell, so traditional shell + instructions (''|'', etc) won''t work. To + use + + a shell, you need to explicitly call out + to that shell. + Exit status of 0 is treated as live/healthy - and non-zero is unhealthy. + and non-zero is unhealthy.' items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. properties: host: - description: Host name to connect to, defaults + description: 'Host name to connect to, defaults to the pod IP. You probably want to set - "Host" in httpHeaders instead. + + "Host" in httpHeaders instead.' type: string httpHeaders: description: Custom headers to set in the @@ -3937,10 +5234,11 @@ objects: header to be used in HTTP probes properties: name: - description: The header field name. + description: 'The header field name. + This will be canonicalized upon output, so case-variant names will be understood - as the same header. + as the same header.' type: string value: description: The header field value @@ -3950,6 +5248,7 @@ objects: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -3957,14 +5256,18 @@ objects: anyOf: - type: integer - type: string - description: Name or number of the port to - access on the container. Number must be - in the range 1 to 65535. Name must be an - IANA_SVC_NAME. + description: 'Name or number of the port to + access on the container. + + Number must be in the range 1 to 65535. + + Name must be an IANA_SVC_NAME.' x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. + description: 'Scheme to use for connecting + to the host. + + Defaults to HTTP.' type: string required: - port @@ -3982,11 +5285,14 @@ objects: - seconds type: object tcpSocket: - description: Deprecated. TCPSocket is NOT supported - as a LifecycleHandler and kept for the backward - compatibility. There are no validation of this - field and lifecycle hooks will fail in runtime - when tcp handler is specified. + description: 'Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept + + for the backward compatibility. There are no + validation of this field and + + lifecycle hooks will fail in runtime when tcp + handler is specified.' properties: host: description: 'Optional: Host name to connect @@ -3996,10 +5302,12 @@ objects: anyOf: - type: integer - type: string - description: Number or name of the port to - access on the container. Number must be - in the range 1 to 65535. Name must be an - IANA_SVC_NAME. + description: 'Number or name of the port to + access on the container. + + Number must be in the range 1 to 65535. + + Name must be an IANA_SVC_NAME.' x-kubernetes-int-or-string: true required: - port @@ -4007,32 +5315,47 @@ objects: type: object type: object livenessProbe: - description: A pass-through of a Liveness Probe specification - in standard k8s format. If omitted, a standard probe - will be setup point to the webPort defined in the ClowdEnvironment - and a path of /healthz. Ignored if Web is set to false. + description: 'A pass-through of a Liveness Probe specification + in standard k8s format. + + If omitted, a standard probe will be setup point to + the webPort defined + + in the ClowdEnvironment and a path of /healthz. Ignored + if Web is set to + + false.' properties: exec: description: Exec specifies the action to take. properties: command: - description: Command is the command line to execute + description: 'Command is the command line to execute inside the container, the working directory - for the command is root ('/') in the container's - filesystem. The command is simply exec'd, it - is not run inside a shell, so traditional shell - instructions ('|', etc) won't work. To use a - shell, you need to explicitly call out to that - shell. Exit status of 0 is treated as live/healthy - and non-zero is unhealthy. + for the + + command is root (''/'') in the container''s + filesystem. The command is simply exec''d, it + is + + not run inside a shell, so traditional shell + instructions (''|'', etc) won''t work. To use + + a shell, you need to explicitly call out to + that shell. + + Exit status of 0 is treated as live/healthy + and non-zero is unhealthy.' items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: - description: Minimum consecutive failures for the + description: 'Minimum consecutive failures for the probe to be considered failed after having succeeded. - Defaults to 3. Minimum value is 1. + + Defaults to 3. Minimum value is 1.' format: int32 type: integer grpc: @@ -4045,11 +5368,15 @@ objects: format: int32 type: integer service: - description: "Service is the name of the service\ - \ to place in the gRPC HealthCheckRequest (see\ - \ https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\ - \ \n If this is not specified, the default behavior\ - \ is defined by gRPC." + default: '' + description: 'Service is the name of the service + to place in the gRPC HealthCheckRequest + + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + + + If this is not specified, the default behavior + is defined by gRPC.' type: string required: - port @@ -4059,9 +5386,10 @@ objects: perform. properties: host: - description: Host name to connect to, defaults - to the pod IP. You probably want to set "Host" - in httpHeaders instead. + description: 'Host name to connect to, defaults + to the pod IP. You probably want to set + + "Host" in httpHeaders instead.' type: string httpHeaders: description: Custom headers to set in the request. @@ -4071,10 +5399,11 @@ objects: to be used in HTTP probes properties: name: - description: The header field name. This - will be canonicalized upon output, so - case-variant names will be understood - as the same header. + description: 'The header field name. + + This will be canonicalized upon output, + so case-variant names will be understood + as the same header.' type: string value: description: The header field value @@ -4084,6 +5413,7 @@ objects: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -4091,13 +5421,18 @@ objects: anyOf: - type: integer - type: string - description: Name or number of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + description: 'Name or number of the port to access + on the container. + + Number must be in the range 1 to 65535. + + Name must be an IANA_SVC_NAME.' x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting to the - host. Defaults to HTTP. + description: 'Scheme to use for connecting to + the host. + + Defaults to HTTP.' type: string required: - port @@ -4105,19 +5440,23 @@ objects: initialDelaySeconds: description: 'Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' format: int32 type: integer periodSeconds: - description: How often (in seconds) to perform the - probe. Default to 10 seconds. Minimum value is 1. + description: 'How often (in seconds) to perform the + probe. + + Default to 10 seconds. Minimum value is 1.' format: int32 type: integer successThreshold: - description: Minimum consecutive successes for the + description: 'Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. - Minimum value is 1. + Minimum value is 1.' format: int32 type: integer tcpSocket: @@ -4132,35 +5471,53 @@ objects: anyOf: - type: integer - type: string - description: Number or name of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + description: 'Number or name of the port to access + on the container. + + Number must be in the range 1 to 65535. + + Name must be an IANA_SVC_NAME.' x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: - description: Optional duration in seconds the pod + description: 'Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after - the processes running in the pod are sent a termination - signal and the time when the processes are forcibly - halted with a kill signal. Set this value longer - than the expected cleanup time for your process. - If this value is nil, the pod's terminationGracePeriodSeconds - will be used. Otherwise, this value overrides the - value provided by the pod spec. Value must be non-negative - integer. The value zero indicates stop immediately - via the kill signal (no opportunity to shut down). + the processes running in the pod are sent + + a termination signal and the time when the processes + are forcibly halted with a kill signal. + + Set this value longer than the expected cleanup + time for your process. + + If this value is nil, the pod''s terminationGracePeriodSeconds + will be used. Otherwise, this + + value overrides the value provided by the pod spec. + + Value must be non-negative integer. The value zero + indicates stop immediately via + + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod - feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds - is used if unset. + feature gate. + + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset.' format: int64 type: integer timeoutSeconds: description: 'Number of seconds after which the probe - times out. Defaults to 1 second. Minimum value is - 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + times out. + + Defaults to 1 second. Minimum value is 1. + + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' format: int32 type: integer type: object @@ -4178,32 +5535,47 @@ objects: type: object type: object readinessProbe: - description: A pass-through of a Readiness Probe specification - in standard k8s format. If omitted, a standard probe - will be setup point to the webPort defined in the ClowdEnvironment - and a path of /healthz. Ignored if Web is set to false. + description: 'A pass-through of a Readiness Probe specification + in standard k8s format. + + If omitted, a standard probe will be setup point to + the webPort defined + + in the ClowdEnvironment and a path of /healthz. Ignored + if Web is set to + + false.' properties: exec: description: Exec specifies the action to take. properties: command: - description: Command is the command line to execute + description: 'Command is the command line to execute inside the container, the working directory - for the command is root ('/') in the container's - filesystem. The command is simply exec'd, it - is not run inside a shell, so traditional shell - instructions ('|', etc) won't work. To use a - shell, you need to explicitly call out to that - shell. Exit status of 0 is treated as live/healthy - and non-zero is unhealthy. + for the + + command is root (''/'') in the container''s + filesystem. The command is simply exec''d, it + is + + not run inside a shell, so traditional shell + instructions (''|'', etc) won''t work. To use + + a shell, you need to explicitly call out to + that shell. + + Exit status of 0 is treated as live/healthy + and non-zero is unhealthy.' items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: - description: Minimum consecutive failures for the + description: 'Minimum consecutive failures for the probe to be considered failed after having succeeded. - Defaults to 3. Minimum value is 1. + + Defaults to 3. Minimum value is 1.' format: int32 type: integer grpc: @@ -4216,11 +5588,15 @@ objects: format: int32 type: integer service: - description: "Service is the name of the service\ - \ to place in the gRPC HealthCheckRequest (see\ - \ https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\ - \ \n If this is not specified, the default behavior\ - \ is defined by gRPC." + default: '' + description: 'Service is the name of the service + to place in the gRPC HealthCheckRequest + + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + + + If this is not specified, the default behavior + is defined by gRPC.' type: string required: - port @@ -4230,9 +5606,10 @@ objects: perform. properties: host: - description: Host name to connect to, defaults - to the pod IP. You probably want to set "Host" - in httpHeaders instead. + description: 'Host name to connect to, defaults + to the pod IP. You probably want to set + + "Host" in httpHeaders instead.' type: string httpHeaders: description: Custom headers to set in the request. @@ -4242,10 +5619,11 @@ objects: to be used in HTTP probes properties: name: - description: The header field name. This - will be canonicalized upon output, so - case-variant names will be understood - as the same header. + description: 'The header field name. + + This will be canonicalized upon output, + so case-variant names will be understood + as the same header.' type: string value: description: The header field value @@ -4255,6 +5633,7 @@ objects: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -4262,13 +5641,18 @@ objects: anyOf: - type: integer - type: string - description: Name or number of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + description: 'Name or number of the port to access + on the container. + + Number must be in the range 1 to 65535. + + Name must be an IANA_SVC_NAME.' x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting to the - host. Defaults to HTTP. + description: 'Scheme to use for connecting to + the host. + + Defaults to HTTP.' type: string required: - port @@ -4276,19 +5660,23 @@ objects: initialDelaySeconds: description: 'Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' format: int32 type: integer periodSeconds: - description: How often (in seconds) to perform the - probe. Default to 10 seconds. Minimum value is 1. + description: 'How often (in seconds) to perform the + probe. + + Default to 10 seconds. Minimum value is 1.' format: int32 type: integer successThreshold: - description: Minimum consecutive successes for the + description: 'Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. - Minimum value is 1. + Minimum value is 1.' format: int32 type: integer tcpSocket: @@ -4303,60 +5691,100 @@ objects: anyOf: - type: integer - type: string - description: Number or name of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + description: 'Number or name of the port to access + on the container. + + Number must be in the range 1 to 65535. + + Name must be an IANA_SVC_NAME.' x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: - description: Optional duration in seconds the pod + description: 'Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after - the processes running in the pod are sent a termination - signal and the time when the processes are forcibly - halted with a kill signal. Set this value longer - than the expected cleanup time for your process. - If this value is nil, the pod's terminationGracePeriodSeconds - will be used. Otherwise, this value overrides the - value provided by the pod spec. Value must be non-negative - integer. The value zero indicates stop immediately - via the kill signal (no opportunity to shut down). + the processes running in the pod are sent + + a termination signal and the time when the processes + are forcibly halted with a kill signal. + + Set this value longer than the expected cleanup + time for your process. + + If this value is nil, the pod''s terminationGracePeriodSeconds + will be used. Otherwise, this + + value overrides the value provided by the pod spec. + + Value must be non-negative integer. The value zero + indicates stop immediately via + + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod - feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds - is used if unset. + feature gate. + + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset.' format: int64 type: integer timeoutSeconds: description: 'Number of seconds after which the probe - times out. Defaults to 1 second. Minimum value is - 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + times out. + + Defaults to 1 second. Minimum value is 1. + + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' format: int32 type: integer type: object resources: - description: A pass-through of a resource requirements - in k8s ResourceRequirements format. If omitted, the - default resource requirements from the ClowdEnvironment - will be used. + description: 'A pass-through of a resource requirements + in k8s ResourceRequirements + + format. If omitted, the default resource requirements + from the + + ClowdEnvironment will be used.' properties: claims: - description: "Claims lists the names of resources,\ - \ defined in spec.resourceClaims, that are used\ - \ by this container. \n This is an alpha field and\ - \ requires enabling the DynamicResourceAllocation\ - \ feature gate. \n This field is immutable. It can\ - \ only be set for containers." + description: 'Claims lists the names of resources, + defined in spec.resourceClaims, + + that are used by this container. + + + This is an alpha field and requires enabling the + + DynamicResourceAllocation feature gate. + + + This field is immutable. It can only be set for + containers.' items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one - entry in pod.spec.resourceClaims of the Pod - where this field is used. It makes that resource - available inside a container. + description: 'Name must match the name of one + entry in pod.spec.resourceClaims of + + the Pod where this field is used. It makes + that resource available + + inside a container.' + type: string + request: + description: 'Request is the name chosen for + a request in the referenced claim. + + If empty, everything from the claim is made + available, otherwise + + only the result of this request.' type: string required: - name @@ -4373,7 +5801,9 @@ objects: pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: 'Limits describes the maximum amount - of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + of compute resources allowed. + + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -4383,11 +5813,15 @@ objects: pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: 'Requests describes the minimum amount - of compute resources required. If Requests is omitted - for a container, it defaults to Limits if that is - explicitly specified, otherwise to an implementation-defined - value. Requests cannot exceed Limits. More info: - https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + of compute resources required. + + If Requests is omitted for a container, it defaults + to Limits if that is explicitly specified, + + otherwise to an implementation-defined value. Requests + cannot exceed Limits. + + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object sidecars: @@ -4409,8 +5843,10 @@ objects: type: object type: array terminationGracePeriodSeconds: - description: A pass-through of TerminationGracePeriodSeconds - specification in standard k8s format default is 30 seconds + description: 'A pass-through of TerminationGracePeriodSeconds + specification in standard k8s format + + default is 30 seconds' format: int64 type: integer volumeMounts: @@ -4421,36 +5857,90 @@ objects: within a container. properties: mountPath: - description: Path within the container at which - the volume should be mounted. Must not contain - ':'. + description: 'Path within the container at which + the volume should be mounted. Must + + not contain '':''.' type: string mountPropagation: - description: mountPropagation determines how mounts - are propagated from the host to container and - the other way around. When not set, MountPropagationNone - is used. This field is beta in 1.10. + description: 'mountPropagation determines how mounts + are propagated from the host + + to container and the other way around. + + When not set, MountPropagationNone is used. + + This field is beta in 1.10. + + When RecursiveReadOnly is set to IfPossible or + to Enabled, MountPropagation must be None or unspecified + + (which defaults to None).' type: string name: description: This must match the Name of a Volume. type: string readOnly: - description: Mounted read-only if true, read-write - otherwise (false or unspecified). Defaults to - false. + description: 'Mounted read-only if true, read-write + otherwise (false or unspecified). + + Defaults to false.' type: boolean + recursiveReadOnly: + description: 'RecursiveReadOnly specifies whether + read-only mounts should be handled + + recursively. + + + If ReadOnly is false, this field has no meaning + and must be unspecified. + + + If ReadOnly is true, and this field is set to + Disabled, the mount is not made + + recursively read-only. If this field is set to + IfPossible, the mount is made + + recursively read-only, if it is supported by the + container runtime. If this + + field is set to Enabled, the mount is made recursively + read-only if it is + + supported by the container runtime, otherwise + the pod will not be started and + + an error will be generated to indicate the reason. + + + If this field is set to IfPossible or Enabled, + MountPropagation must be set to + + None (or be unspecified, which defaults to None). + + + If this field is not specified, it is treated + as an equivalent of Disabled.' + type: string subPath: - description: Path within the volume from which the - container's volume should be mounted. Defaults - to "" (volume's root). + description: 'Path within the volume from which + the container''s volume should be mounted. + + Defaults to "" (volume''s root).' type: string subPathExpr: - description: Expanded path within the volume from - which the container's volume should be mounted. + description: 'Expanded path within the volume from + which the container''s volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the - container's environment. Defaults to "" (volume's - root). SubPathExpr and SubPath are mutually exclusive. + container''s environment. + + Defaults to "" (volume''s root). + + SubPathExpr and SubPath are mutually exclusive.' type: string required: - mountPath @@ -4466,38 +5956,49 @@ objects: properties: awsElasticBlockStore: description: 'awsElasticBlockStore represents an - AWS Disk resource that is attached to a kubelet''s - host machine and then exposed to the pod. More - info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + AWS Disk resource that is attached to a + + kubelet''s host machine and then exposed to the + pod. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' properties: fsType: description: 'fsType is the filesystem type - of the volume that you want to mount. Tip: - Ensure that the filesystem type is supported - by the host operating system. Examples: "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - TODO: how do we prevent errors in the filesystem - from compromising the machine' + of the volume that you want to mount. + + Tip: Ensure that the filesystem type is supported + by the host operating system. + + Examples: "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: string partition: description: 'partition is the partition in - the volume that you want to mount. If omitted, - the default is to mount by volume name. Examples: - For volume /dev/sda1, you specify the partition - as "1". Similarly, the volume partition for - /dev/sda is "0" (or you can leave the property - empty).' + the volume that you want to mount. + + If omitted, the default is to mount by volume + name. + + Examples: For volume /dev/sda1, you specify + the partition as "1". + + Similarly, the volume partition for /dev/sda + is "0" (or you can leave the property empty).' format: int32 type: integer readOnly: description: 'readOnly value true will force - the readOnly setting in VolumeMounts. More - info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + the readOnly setting in VolumeMounts. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: boolean volumeID: description: 'volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). + More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: string required: @@ -4520,11 +6021,14 @@ objects: in the blob storage type: string fsType: - description: fsType is Filesystem type to mount. + default: ext4 + description: 'fsType is Filesystem type to mount. + Must be a filesystem type supported by the - host operating system. Ex. "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. + host operating system. + + Ex. "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified.' type: string kind: description: 'kind expected values are Shared: @@ -4534,9 +6038,11 @@ objects: set). defaults to shared' type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. + default: false + description: 'readOnly Defaults to false (read/write). + ReadOnly here will force + + the ReadOnly setting in VolumeMounts.' type: boolean required: - diskName @@ -4548,9 +6054,10 @@ objects: pod. properties: readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. + description: 'readOnly defaults to false (read/write). + ReadOnly here will force + + the ReadOnly setting in VolumeMounts.' type: boolean secretName: description: secretName is the name of secret @@ -4570,11 +6077,13 @@ objects: properties: monitors: description: 'monitors is Required: Monitors - is a collection of Ceph monitors More info: - https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + is a collection of Ceph monitors + + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' items: type: string type: array + x-kubernetes-list-type: atomic path: description: 'path is Optional: Used as the mounted root, rather than the full Ceph tree, @@ -4583,30 +6092,47 @@ objects: readOnly: description: 'readOnly is Optional: Defaults to false (read/write). ReadOnly here will - force the ReadOnly setting in VolumeMounts. + force + + the ReadOnly setting in VolumeMounts. + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: boolean secretFile: description: 'secretFile is Optional: SecretFile is the path to key ring for User, default - is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + is /etc/ceph/user.secret + + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string secretRef: description: 'secretRef is Optional: SecretRef is reference to the authentication secret - for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + for User, default is empty. + + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' properties: name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: '' + description: 'Name of the referent. + + This field is effectively required, but + due to backwards compatibility is + + allowed to be empty. Instances of this + type with an empty value here are + + almost certainly wrong. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string type: object + x-kubernetes-map-type: atomic user: description: 'user is optional: User is the - rados user name, default is admin More info: - https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + rados user name, default is admin + + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string required: - monitors @@ -4614,35 +6140,57 @@ objects: cinder: description: 'cinder represents a cinder volume attached and mounted on kubelets host machine. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md' properties: fsType: description: 'fsType is the filesystem type - to mount. Must be a filesystem type supported - by the host operating system. Examples: "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + to mount. + + Must be a filesystem type supported by the + host operating system. + + Examples: "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + + More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string readOnly: description: 'readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + ReadOnly here will force + + the ReadOnly setting in VolumeMounts. + + More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: boolean secretRef: description: 'secretRef is optional: points to a secret object containing parameters used - to connect to OpenStack.' + to connect + + to OpenStack.' properties: name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: '' + description: 'Name of the referent. + + This field is effectively required, but + due to backwards compatibility is + + allowed to be empty. Instances of this + type with an empty value here are + + almost certainly wrong. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string type: object + x-kubernetes-map-type: atomic volumeID: description: 'volumeID used to identify the - volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + volume in cinder. + + More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string required: - volumeID @@ -4654,29 +6202,47 @@ objects: defaultMode: description: 'defaultMode is optional: mode bits used to set permissions on created files - by default. Must be an octal value between - 0000 and 0777 or a decimal value between 0 - and 511. YAML accepts both octal and decimal - values, JSON requires decimal values for mode - bits. Defaults to 0644. Directories within - the path are not affected by this setting. + by default. + + Must be an octal value between 0000 and 0777 + or a decimal value between 0 and 511. + + YAML accepts both octal and decimal values, + JSON requires decimal values for mode bits. + + Defaults to 0644. + + Directories within the path are not affected + by this setting. + This might be in conflict with other options - that affect the file mode, like fsGroup, and - the result can be other mode bits set.' + that affect the file + + mode, like fsGroup, and the result can be + other mode bits set.' format: int32 type: integer items: - description: items if unspecified, each key-value - pair in the Data field of the referenced ConfigMap - will be projected into the volume as a file - whose name is the key and content is the value. - If specified, the listed keys will be projected - into the specified paths, and unlisted keys - will not be present. If a key is specified - which is not present in the ConfigMap, the - volume setup will error unless it is marked - optional. Paths must be relative and may not - contain the '..' path or start with '..'. + description: 'items if unspecified, each key-value + pair in the Data field of the referenced + + ConfigMap will be projected into the volume + as a file whose name is the + + key and content is the value. If specified, + the listed keys will be + + projected into the specified paths, and unlisted + keys will not be + + present. If a key is specified which is not + present in the ConfigMap, + + the volume setup will error unless it is marked + optional. Paths must be + + relative and may not contain the ''..'' path + or start with ''..''.' items: description: Maps a string key to a path within a volume. @@ -4687,87 +6253,129 @@ objects: mode: description: 'mode is Optional: mode bits used to set permissions on this file. + Must be an octal value between 0000 and 0777 or a decimal value between - 0 and 511. YAML accepts both octal and - decimal values, JSON requires decimal - values for mode bits. If not specified, - the volume defaultMode will be used. + 0 and 511. + + YAML accepts both octal and decimal + values, JSON requires decimal values + for mode bits. + + If not specified, the volume defaultMode + will be used. + This might be in conflict with other - options that affect the file mode, like - fsGroup, and the result can be other - mode bits set.' + options that affect the file + + mode, like fsGroup, and the result can + be other mode bits set.' format: int32 type: integer path: - description: path is the relative path - of the file to map the key to. May not - be an absolute path. May not contain - the path element '..'. May not start - with the string '..'. + description: 'path is the relative path + of the file to map the key to. + + May not be an absolute path. + + May not contain the path element ''..''. + + May not start with the string ''..''.' type: string required: - key - path type: object type: array + x-kubernetes-list-type: atomic name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: '' + description: 'Name of the referent. + + This field is effectively required, but due + to backwards compatibility is + + allowed to be empty. Instances of this type + with an empty value here are + + almost certainly wrong. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string optional: description: optional specify whether the ConfigMap or its keys must be defined type: boolean type: object + x-kubernetes-map-type: atomic csi: description: csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). properties: driver: - description: driver is the name of the CSI driver - that handles this volume. Consult with your - admin for the correct name as registered in - the cluster. + description: 'driver is the name of the CSI + driver that handles this volume. + + Consult with your admin for the correct name + as registered in the cluster.' type: string fsType: - description: fsType to mount. Ex. "ext4", "xfs", - "ntfs". If not provided, the empty value is - passed to the associated CSI driver which - will determine the default filesystem to apply. + description: 'fsType to mount. Ex. "ext4", "xfs", + "ntfs". + + If not provided, the empty value is passed + to the associated CSI driver + + which will determine the default filesystem + to apply.' type: string nodePublishSecretRef: - description: nodePublishSecretRef is a reference - to the secret object containing sensitive - information to pass to the CSI driver to complete - the CSI NodePublishVolume and NodeUnpublishVolume - calls. This field is optional, and may be - empty if no secret is required. If the secret - object contains more than one secret, all - secret references are passed. + description: 'nodePublishSecretRef is a reference + to the secret object containing + + sensitive information to pass to the CSI driver + to complete the CSI + + NodePublishVolume and NodeUnpublishVolume + calls. + + This field is optional, and may be empty + if no secret is required. If the + + secret object contains more than one secret, + all secret references are passed.' properties: name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: '' + description: 'Name of the referent. + + This field is effectively required, but + due to backwards compatibility is + + allowed to be empty. Instances of this + type with an empty value here are + + almost certainly wrong. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string type: object + x-kubernetes-map-type: atomic readOnly: - description: readOnly specifies a read-only - configuration for the volume. Defaults to - false (read/write). + description: 'readOnly specifies a read-only + configuration for the volume. + + Defaults to false (read/write).' type: boolean volumeAttributes: additionalProperties: type: string - description: volumeAttributes stores driver-specific - properties that are passed to the CSI driver. - Consult your driver's documentation for supported - values. + description: 'volumeAttributes stores driver-specific + properties that are passed to the CSI + + driver. Consult your driver''s documentation + for supported values.' type: object required: - driver @@ -4778,17 +6386,27 @@ objects: properties: defaultMode: description: 'Optional: mode bits to use on - created files by default. Must be a Optional: - mode bits used to set permissions on created - files by default. Must be an octal value between - 0000 and 0777 or a decimal value between 0 - and 511. YAML accepts both octal and decimal - values, JSON requires decimal values for mode - bits. Defaults to 0644. Directories within - the path are not affected by this setting. + created files by default. Must be a + + Optional: mode bits used to set permissions + on created files by default. + + Must be an octal value between 0000 and 0777 + or a decimal value between 0 and 511. + + YAML accepts both octal and decimal values, + JSON requires decimal values for mode bits. + + Defaults to 0644. + + Directories within the path are not affected + by this setting. + This might be in conflict with other options - that affect the file mode, like fsGroup, and - the result can be other mode bits set.' + that affect the file + + mode, like fsGroup, and the result can be + other mode bits set.' format: int32 type: integer items: @@ -4802,7 +6420,7 @@ objects: fieldRef: description: 'Required: Selects a field of the pod: only annotations, labels, - name and namespace are supported.' + name, namespace and uid are supported.' properties: apiVersion: description: Version of the schema @@ -4816,19 +6434,27 @@ objects: required: - fieldPath type: object + x-kubernetes-map-type: atomic mode: description: 'Optional: mode bits used to set permissions on this file, must - be an octal value between 0000 and 0777 - or a decimal value between 0 and 511. + be an octal value + + between 0000 and 0777 or a decimal value + between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values - for mode bits. If not specified, the - volume defaultMode will be used. This - might be in conflict with other options - that affect the file mode, like fsGroup, - and the result can be other mode bits - set.' + for mode bits. + + If not specified, the volume defaultMode + will be used. + + This might be in conflict with other + options that affect the file + + mode, like fsGroup, and the result can + be other mode bits set.' format: int32 type: integer path: @@ -4842,9 +6468,10 @@ objects: resourceFieldRef: description: 'Selects a resource of the container: only resources limits and - requests (limits.cpu, limits.memory, - requests.cpu and requests.memory) are - currently supported.' + requests + + (limits.cpu, limits.memory, requests.cpu + and requests.memory) are currently supported.' properties: containerName: description: 'Container name: required @@ -4866,21 +6493,29 @@ objects: required: - resource type: object + x-kubernetes-map-type: atomic required: - path type: object type: array + x-kubernetes-list-type: atomic type: object emptyDir: description: 'emptyDir represents a temporary directory - that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + that shares a pod''s lifetime. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' properties: medium: description: 'medium represents what type of storage medium should back this directory. + The default is "" which means to use the node''s - default medium. Must be an empty string (default) - or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + default medium. + + Must be an empty string (default) or Memory. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' type: string sizeLimit: anyOf: @@ -4888,114 +6523,173 @@ objects: - type: string description: 'sizeLimit is the total amount of local storage required for this EmptyDir - volume. The size limit is also applicable - for memory medium. The maximum usage on memory - medium EmptyDir would be the minimum value - between the SizeLimit specified here and the - sum of memory limits of all containers in - a pod. The default is nil which means that - the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + volume. + + The size limit is also applicable for memory + medium. + + The maximum usage on memory medium EmptyDir + would be the minimum value between + + the SizeLimit specified here and the sum of + memory limits of all containers in a pod. + + The default is nil which means that the limit + is undefined. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object ephemeral: description: "ephemeral represents a volume that\ - \ is handled by a cluster storage driver. The\ + \ is handled by a cluster storage driver.\nThe\ \ volume's lifecycle is tied to the pod that defines\ - \ it - it will be created before the pod starts,\ - \ and deleted when the pod is removed. \n Use\ - \ this if: a) the volume is only needed while\ - \ the pod runs, b) features of normal volumes\ - \ like restoring from snapshot or capacity tracking\ - \ are needed, c) the storage driver is specified\ - \ through a storage class, and d) the storage\ + \ it - it will be created before the pod starts,\n\ + and deleted when the pod is removed.\n\nUse this\ + \ if:\na) the volume is only needed while the\ + \ pod runs,\nb) features of normal volumes like\ + \ restoring from snapshot or capacity\n tracking\ + \ are needed,\nc) the storage driver is specified\ + \ through a storage class, and\nd) the storage\ \ driver supports dynamic volume provisioning\ - \ through a PersistentVolumeClaim (see EphemeralVolumeSource\ - \ for more information on the connection between\ - \ this volume type and PersistentVolumeClaim).\ - \ \n Use PersistentVolumeClaim or one of the vendor-specific\ - \ APIs for volumes that persist for longer than\ - \ the lifecycle of an individual pod. \n Use CSI\ - \ for light-weight local ephemeral volumes if\ - \ the CSI driver is meant to be used that way\ - \ - see the documentation of the driver for more\ - \ information. \n A pod can use both types of\ - \ ephemeral volumes and persistent volumes at\ - \ the same time." + \ through\n a PersistentVolumeClaim (see EphemeralVolumeSource\ + \ for more\n information on the connection between\ + \ this volume type\n and PersistentVolumeClaim).\n\ + \nUse PersistentVolumeClaim or one of the vendor-specific\n\ + APIs for volumes that persist for longer than\ + \ the lifecycle\nof an individual pod.\n\nUse\ + \ CSI for light-weight local ephemeral volumes\ + \ if the CSI driver is meant to\nbe used that\ + \ way - see the documentation of the driver for\n\ + more information.\n\nA pod can use both types\ + \ of ephemeral volumes and\npersistent volumes\ + \ at the same time." properties: volumeClaimTemplate: - description: "Will be used to create a stand-alone\ - \ PVC to provision the volume. The pod in\ - \ which this EphemeralVolumeSource is embedded\ - \ will be the owner of the PVC, i.e. the PVC\ - \ will be deleted together with the pod. \ - \ The name of the PVC will be `-` where `` is the name\ - \ from the `PodSpec.Volumes` array entry.\ - \ Pod validation will reject the pod if the\ - \ concatenated name is not valid for a PVC\ - \ (for example, too long). \n An existing\ - \ PVC with that name that is not owned by\ - \ the pod will *not* be used for the pod to\ - \ avoid using an unrelated volume by mistake.\ - \ Starting the pod is then blocked until the\ - \ unrelated PVC is removed. If such a pre-created\ - \ PVC is meant to be used by the pod, the\ - \ PVC has to updated with an owner reference\ - \ to the pod once the pod exists. Normally\ - \ this should not be necessary, but it may\ - \ be useful when manually reconstructing a\ - \ broken cluster. \n This field is read-only\ - \ and no changes will be made by Kubernetes\ - \ to the PVC after it has been created. \n\ - \ Required, must not be nil." + description: 'Will be used to create a stand-alone + PVC to provision the volume. + + The pod in which this EphemeralVolumeSource + is embedded will be the + + owner of the PVC, i.e. the PVC will be deleted + together with the + + pod. The name of the PVC will be `-` where + + `` is the name from the `PodSpec.Volumes` + array + + entry. Pod validation will reject the pod + if the concatenated name + + is not valid for a PVC (for example, too long). + + + An existing PVC with that name that is not + owned by the pod + + will *not* be used for the pod to avoid using + an unrelated + + volume by mistake. Starting the pod is then + blocked until + + the unrelated PVC is removed. If such a pre-created + PVC is + + meant to be used by the pod, the PVC has to + updated with an + + owner reference to the pod once the pod exists. + Normally + + this should not be necessary, but it may be + useful when + + manually reconstructing a broken cluster. + + + This field is read-only and no changes will + be made by Kubernetes + + to the PVC after it has been created. + + + Required, must not be nil.' properties: metadata: - description: May contain labels and annotations - that will be copied into the PVC when - creating it. No other fields are allowed - and will be rejected during validation. + description: 'May contain labels and annotations + that will be copied into the PVC + + when creating it. No other fields are + allowed and will be rejected during + + validation.' type: object spec: - description: The specification for the PersistentVolumeClaim. - The entire content is copied unchanged - into the PVC that gets created from this + description: 'The specification for the + PersistentVolumeClaim. The entire content + is + + copied unchanged into the PVC that gets + created from this + template. The same fields as in a PersistentVolumeClaim - are also valid here. + + are also valid here.' properties: accessModes: description: 'accessModes contains the desired access modes the volume should - have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + have. + + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' items: type: string type: array + x-kubernetes-list-type: atomic dataSource: description: 'dataSource field can be - used to specify either: * An existing - VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + used to specify either: + + * An existing VolumeSnapshot object + (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external controller can support the specified - data source, it will create a new - volume based on the contents of the - specified data source. When the AnyVolumeDataSource - feature gate is enabled, dataSource - contents will be copied to dataSourceRef, + data source, + + it will create a new volume based + on the contents of the specified data + source. + + When the AnyVolumeDataSource feature + gate is enabled, dataSource contents + will be copied to dataSourceRef, + and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace - is not specified. If the namespace - is specified, then dataSourceRef will - not be copied to dataSource.' + is not specified. + + If the namespace is specified, then + dataSourceRef will not be copied to + dataSource.' properties: apiGroup: - description: APIGroup is the group + description: 'APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in - the core API group. For any other - third-party types, APIGroup is - required. + the core API group. + + For any other third-party types, + APIGroup is required.' type: string kind: description: Kind is the type of @@ -5009,58 +6703,62 @@ objects: - kind - name type: object + x-kubernetes-map-type: atomic dataSourceRef: - description: 'dataSourceRef specifies - the object from which to populate - the volume with data, if a non-empty - volume is desired. This may be any - object from a non-empty API group - (non core object) or a PersistentVolumeClaim - object. When this field is specified, - volume binding will only succeed if - the type of the specified object matches - some installed volume populator or - dynamic provisioner. This field will - replace the functionality of the dataSource - field and as such if both fields are - non-empty, they must have the same - value. For backwards compatibility, - when namespace isn''t specified in - dataSourceRef, both fields (dataSource - and dataSourceRef) will be set to - the same value automatically if one - of them is empty and the other is - non-empty. When namespace is specified - in dataSourceRef, dataSource isn''t - set to the same value and must be - empty. There are three important differences - between dataSource and dataSourceRef: - * While dataSource only allows two - specific types of objects, dataSourceRef - allows any non-core object, as well - as PersistentVolumeClaim objects. - * While dataSource ignores disallowed - values (dropping them), dataSourceRef - preserves all values, and generates - an error if a disallowed value is - specified. * While dataSource only - allows local objects, dataSourceRef - allows objects in any namespaces. - (Beta) Using this field requires the - AnyVolumeDataSource feature gate to - be enabled. (Alpha) Using the namespace - field of dataSourceRef requires the - CrossNamespaceVolumeDataSource feature - gate to be enabled.' + description: "dataSourceRef specifies\ + \ the object from which to populate\ + \ the volume with data, if a non-empty\n\ + volume is desired. This may be any\ + \ object from a non-empty API group\ + \ (non\ncore object) or a PersistentVolumeClaim\ + \ object.\nWhen this field is specified,\ + \ volume binding will only succeed\ + \ if the type of\nthe specified object\ + \ matches some installed volume populator\ + \ or dynamic\nprovisioner.\nThis field\ + \ will replace the functionality of\ + \ the dataSource field and as such\n\ + if both fields are non-empty, they\ + \ must have the same value. For backwards\n\ + compatibility, when namespace isn't\ + \ specified in dataSourceRef,\nboth\ + \ fields (dataSource and dataSourceRef)\ + \ will be set to the same\nvalue automatically\ + \ if one of them is empty and the\ + \ other is non-empty.\nWhen namespace\ + \ is specified in dataSourceRef,\n\ + dataSource isn't set to the same value\ + \ and must be empty.\nThere are three\ + \ important differences between dataSource\ + \ and dataSourceRef:\n* While dataSource\ + \ only allows two specific types of\ + \ objects, dataSourceRef\n allows\ + \ any non-core object, as well as\ + \ PersistentVolumeClaim objects.\n\ + * While dataSource ignores disallowed\ + \ values (dropping them), dataSourceRef\n\ + \ preserves all values, and generates\ + \ an error if a disallowed value is\n\ + \ specified.\n* While dataSource\ + \ only allows local objects, dataSourceRef\ + \ allows objects\n in any namespaces.\n\ + (Beta) Using this field requires the\ + \ AnyVolumeDataSource feature gate\ + \ to be enabled.\n(Alpha) Using the\ + \ namespace field of dataSourceRef\ + \ requires the CrossNamespaceVolumeDataSource\ + \ feature gate to be enabled." properties: apiGroup: - description: APIGroup is the group + description: 'APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in - the core API group. For any other - third-party types, APIGroup is - required. + the core API group. + + For any other third-party types, + APIGroup is required.' type: string kind: description: Kind is the type of @@ -5071,17 +6769,20 @@ objects: resource being referenced type: string namespace: - description: Namespace is the namespace - of resource being referenced Note - that when a namespace is specified, - a gateway.networking.k8s.io/ReferenceGrant + description: 'Namespace is the namespace + of resource being referenced + + Note that when a namespace is + specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent - namespace to allow that namespace's + namespace to allow that namespace''s owner to accept the reference. See the ReferenceGrant documentation - for details. (Alpha) This field - requires the CrossNamespaceVolumeDataSource - feature gate to be enabled. + for details. + + (Alpha) This field requires the + CrossNamespaceVolumeDataSource + feature gate to be enabled.' type: string required: - kind @@ -5090,13 +6791,19 @@ objects: resources: description: 'resources represents the minimum resources the volume should - have. If RecoverVolumeExpansionFailure - feature is enabled users are allowed - to specify resource requirements that - are lower than previous value but - must still be higher than capacity - recorded in the status field of the - claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' + have. + + If RecoverVolumeExpansionFailure feature + is enabled users are allowed to specify + resource requirements + + that are lower than previous value + but must still be higher than capacity + recorded in the + + status field of the claim. + + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' properties: limits: additionalProperties: @@ -5107,7 +6814,9 @@ objects: x-kubernetes-int-or-string: true description: 'Limits describes the maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + allowed. + + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -5118,12 +6827,16 @@ objects: x-kubernetes-int-or-string: true description: 'Requests describes the minimum amount of compute - resources required. If Requests - is omitted for a container, it - defaults to Limits if that is - explicitly specified, otherwise - to an implementation-defined value. - Requests cannot exceed Limits. + resources required. + + If Requests is omitted for a container, + it defaults to Limits if that + is explicitly specified, + + otherwise to an implementation-defined + value. Requests cannot exceed + Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object @@ -5136,11 +6849,12 @@ objects: a list of label selector requirements. The requirements are ANDed. items: - description: A label selector + description: 'A label selector requirement is a selector that contains values, a key, and - an operator that relates the - key and values. + an operator that + + relates the key and values.' properties: key: description: key is the label @@ -5148,83 +6862,112 @@ objects: to. type: string operator: - description: operator represents - a key's relationship to - a set of values. Valid operators - are In, NotIn, Exists and - DoesNotExist. + description: 'operator represents + a key''s relationship to + a set of values. + + Valid operators are In, + NotIn, Exists and DoesNotExist.' type: string values: - description: values is an + description: 'values is an array of string values. If the operator is In or - NotIn, the values array - must be non-empty. If the - operator is Exists or DoesNotExist, + NotIn, + + the values array must be + non-empty. If the operator + is Exists or DoesNotExist, + the values array must be empty. This array is replaced - during a strategic merge - patch. + during a strategic + + merge patch.' items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string - description: matchLabels is a map + description: 'matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key - field is "key", the operator is - "In", and the values array contains - only "value". The requirements - are ANDed. + field is "key", the + + operator is "In", and the values + array contains only "value". The + requirements are ANDed.' type: object type: object + x-kubernetes-map-type: atomic storageClassName: description: 'storageClassName is the name of the StorageClass required - by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + by the claim. + + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' type: string volumeAttributesClassName: description: 'volumeAttributesClassName may be used to set the VolumeAttributesClass - used by this claim. If specified, - the CSI driver will create or update - the volume with the attributes defined + used by this claim. + + If specified, the CSI driver will + create or update the volume with the + attributes defined + in the corresponding VolumeAttributesClass. This has a different purpose than - storageClassName, it can be changed - after the claim is created. An empty - string value means that no VolumeAttributesClass + storageClassName, + + it can be changed after the claim + is created. An empty string value + means that no VolumeAttributesClass + will be applied to the claim but it''s not allowed to reset this field to - empty string once it is set. If unspecified - and the PersistentVolumeClaim is unbound, - the default VolumeAttributesClass + empty string once it is set. + + If unspecified and the PersistentVolumeClaim + is unbound, the default VolumeAttributesClass + will be set by the persistentvolume - controller if it exists. If the resource - referred to by volumeAttributesClass + controller if it exists. + + If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim - will be set to a Pending state, as - reflected by the modifyVolumeStatus - field, until such as a resource exists. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass - (Alpha) Using this field requires - the VolumeAttributesClass feature - gate to be enabled.' + will be + + set to a Pending state, as reflected + by the modifyVolumeStatus field, until + such as a resource + + exists. + + More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + + (Beta) Using this field requires the + VolumeAttributesClass feature gate + to be enabled (off by default).' type: string volumeMode: - description: volumeMode defines what + description: 'volumeMode defines what type of volume is required by the - claim. Value of Filesystem is implied - when not included in claim spec. + claim. + + Value of Filesystem is implied when + not included in claim spec.' type: string volumeName: description: volumeName is the binding @@ -5243,11 +6986,13 @@ objects: properties: fsType: description: 'fsType is the filesystem type - to mount. Must be a filesystem type supported - by the host operating system. Ex. "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. TODO: how do we prevent errors - in the filesystem from compromising the machine' + to mount. + + Must be a filesystem type supported by the + host operating system. + + Ex. "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified.' type: string lun: description: 'lun is Optional: FC target lun @@ -5257,7 +7002,9 @@ objects: readOnly: description: 'readOnly is Optional: Defaults to false (read/write). ReadOnly here will - force the ReadOnly setting in VolumeMounts.' + force + + the ReadOnly setting in VolumeMounts.' type: boolean targetWWNs: description: 'targetWWNs is Optional: FC target @@ -5265,30 +7012,37 @@ objects: items: type: string type: array + x-kubernetes-list-type: atomic wwids: description: 'wwids Optional: FC volume world - wide identifiers (wwids) Either wwids or combination - of targetWWNs and lun must be set, but not - both simultaneously.' + wide identifiers (wwids) + + Either wwids or combination of targetWWNs + and lun must be set, but not both simultaneously.' items: type: string type: array + x-kubernetes-list-type: atomic type: object flexVolume: - description: flexVolume represents a generic volume - resource that is provisioned/attached using an - exec based plugin. + description: 'flexVolume represents a generic volume + resource that is + + provisioned/attached using an exec based plugin.' properties: driver: description: driver is the name of the driver to use for this volume. type: string fsType: - description: fsType is the filesystem type to - mount. Must be a filesystem type supported - by the host operating system. Ex. "ext4", - "xfs", "ntfs". The default filesystem depends - on FlexVolume script. + description: 'fsType is the filesystem type + to mount. + + Must be a filesystem type supported by the + host operating system. + + Ex. "ext4", "xfs", "ntfs". The default filesystem + depends on FlexVolume script.' type: string options: additionalProperties: @@ -5299,24 +7053,41 @@ objects: readOnly: description: 'readOnly is Optional: defaults to false (read/write). ReadOnly here will - force the ReadOnly setting in VolumeMounts.' + force + + the ReadOnly setting in VolumeMounts.' type: boolean secretRef: description: 'secretRef is Optional: secretRef is reference to the secret object containing + sensitive information to pass to the plugin - scripts. This may be empty if no secret object - is specified. If the secret object contains - more than one secret, all secrets are passed - to the plugin scripts.' + scripts. This may be + + empty if no secret object is specified. If + the secret object + + contains more than one secret, all secrets + are passed to the plugin + + scripts.' properties: name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: '' + description: 'Name of the referent. + + This field is effectively required, but + due to backwards compatibility is + + allowed to be empty. Instances of this + type with an empty value here are + + almost certainly wrong. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string type: object + x-kubernetes-map-type: atomic required: - driver type: object @@ -5326,9 +7097,11 @@ objects: on the Flocker control service being running properties: datasetName: - description: datasetName is Name of the dataset + description: 'datasetName is Name of the dataset stored as metadata -> name on the dataset - for Flocker should be considered as deprecated + for Flocker + + should be considered as deprecated' type: string datasetUUID: description: datasetUUID is the UUID of the @@ -5338,38 +7111,54 @@ objects: type: object gcePersistentDisk: description: 'gcePersistentDisk represents a GCE - Disk resource that is attached to a kubelet''s - host machine and then exposed to the pod. More - info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + Disk resource that is attached to a + + kubelet''s host machine and then exposed to the + pod. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' properties: fsType: description: 'fsType is filesystem type of the - volume that you want to mount. Tip: Ensure - that the filesystem type is supported by the - host operating system. Examples: "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - TODO: how do we prevent errors in the filesystem - from compromising the machine' + volume that you want to mount. + + Tip: Ensure that the filesystem type is supported + by the host operating system. + + Examples: "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: string partition: description: 'partition is the partition in - the volume that you want to mount. If omitted, - the default is to mount by volume name. Examples: - For volume /dev/sda1, you specify the partition - as "1". Similarly, the volume partition for - /dev/sda is "0" (or you can leave the property - empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + the volume that you want to mount. + + If omitted, the default is to mount by volume + name. + + Examples: For volume /dev/sda1, you specify + the partition as "1". + + Similarly, the volume partition for /dev/sda + is "0" (or you can leave the property empty). + + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' format: int32 type: integer pdName: description: 'pdName is unique name of the PD resource in GCE. Used to identify the disk - in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + in GCE. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: string readOnly: description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. + setting in VolumeMounts. + + Defaults to false. + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: boolean required: @@ -5377,19 +7166,29 @@ objects: type: object gitRepo: description: 'gitRepo represents a git repository - at a particular revision. DEPRECATED: GitRepo - is deprecated. To provision a container with a - git repo, mount an EmptyDir into an InitContainer - that clones the repo using git, then mount the - EmptyDir into the Pod''s container.' + at a particular revision. + + DEPRECATED: GitRepo is deprecated. To provision + a container with a git repo, mount an + + EmptyDir into an InitContainer that clones the + repo using git, then mount the EmptyDir + + into the Pod''s container.' properties: directory: - description: directory is the target directory - name. Must not contain or start with '..'. If - '.' is supplied, the volume directory will - be the git repository. Otherwise, if specified, + description: 'directory is the target directory + name. + + Must not contain or start with ''..''. If + ''.'' is supplied, the volume directory will + be the + + git repository. Otherwise, if specified, the volume will contain the git repository - in the subdirectory with the given name. + in + + the subdirectory with the given name.' type: string repository: description: repository is the URL @@ -5403,22 +7202,28 @@ objects: type: object glusterfs: description: 'glusterfs represents a Glusterfs mount - on the host that shares a pod''s lifetime. More - info: https://examples.k8s.io/volumes/glusterfs/README.md' + on the host that shares a pod''s lifetime. + + More info: https://examples.k8s.io/volumes/glusterfs/README.md' properties: endpoints: description: 'endpoints is the endpoint name - that details Glusterfs topology. More info: - https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + that details Glusterfs topology. + + More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: string path: description: 'path is the Glusterfs volume path. + More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: string readOnly: description: 'readOnly here will force the Glusterfs volume to be mounted with read-only permissions. - Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + + Defaults to false. + + More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: boolean required: - endpoints @@ -5426,31 +7231,139 @@ objects: type: object hostPath: description: 'hostPath represents a pre-existing - file or directory on the host machine that is - directly exposed to the container. This is generally + file or directory on the host + + machine that is directly exposed to the container. + This is generally + used for system agents or other privileged things - that are allowed to see the host machine. Most - containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - --- TODO(jonesdl) We need to restrict who can - use host directory mounts and who can/can not - mount host directories as read/write.' + that are allowed + + to see the host machine. Most containers will + NOT need this. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' properties: path: description: 'path of the directory on the host. + If the path is a symlink, it will follow the - link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + link to the real path. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' type: string type: - description: 'type for HostPath Volume Defaults - to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + description: 'type for HostPath Volume + + Defaults to "" + + More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' type: string required: - path type: object + image: + description: 'image represents an OCI object (a + container image or artifact) pulled and mounted + on the kubelet''s host machine. + + The volume is resolved at pod startup depending + on which PullPolicy value is provided: + + + - Always: the kubelet always attempts to pull + the reference. Container creation will fail If + the pull fails. + + - Never: the kubelet never pulls the reference + and only uses a local image or artifact. Container + creation will fail if the reference isn''t present. + + - IfNotPresent: the kubelet pulls if the reference + isn''t already present on disk. Container creation + will fail if the reference isn''t present and + the pull fails. + + + The volume gets re-resolved if the pod gets deleted + and recreated, which means that new remote content + will become available on pod recreation. + + A failure to resolve or pull the image during + pod startup will block containers from starting + and may add significant latency. Failures will + be retried using normal volume backoff and will + be reported on the pod reason and message. + + The types of objects that may be mounted by this + volume are defined by the container runtime implementation + on a host machine and at minimum must include + all valid types supported by the container image + field. + + The OCI object gets mounted in a single directory + (spec.containers[*].volumeMounts.mountPath) by + merging the manifest layers in the same way as + for container images. + + The volume will be mounted read-only (ro) and + non-executable files (noexec). + + Sub path mounts for containers are not supported + (spec.containers[*].volumeMounts.subpath). + + The field spec.securityContext.fsGroupChangePolicy + has no effect on this volume type.' + properties: + pullPolicy: + description: 'Policy for pulling OCI objects. + Possible values are: + + Always: the kubelet always attempts to pull + the reference. Container creation will fail + If the pull fails. + + Never: the kubelet never pulls the reference + and only uses a local image or artifact. Container + creation will fail if the reference isn''t + present. + + IfNotPresent: the kubelet pulls if the reference + isn''t already present on disk. Container + creation will fail if the reference isn''t + present and the pull fails. + + Defaults to Always if :latest tag is specified, + or IfNotPresent otherwise.' + type: string + reference: + description: 'Required: Image or artifact reference + to be used. + + Behaves in the same way as pod.spec.containers[*].image. + + Pull secrets will be assembled in the same + way as for the container image by looking + up node credentials, SA image pull secrets, + and pod spec image pull secrets. + + More info: https://kubernetes.io/docs/concepts/containers/images + + This field is optional to allow higher level + config management to default or override + + container images in workload controllers like + Deployments and StatefulSets.' + type: string + type: object iscsi: description: 'iscsi represents an ISCSI Disk resource - that is attached to a kubelet''s host machine - and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' + that is attached to a + + kubelet''s host machine and then exposed to the + pod. + + More info: https://examples.k8s.io/volumes/iscsi/README.md' properties: chapAuthDiscovery: description: chapAuthDiscovery defines whether @@ -5462,29 +7375,36 @@ objects: type: boolean fsType: description: 'fsType is the filesystem type - of the volume that you want to mount. Tip: - Ensure that the filesystem type is supported - by the host operating system. Examples: "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi - TODO: how do we prevent errors in the filesystem - from compromising the machine' + of the volume that you want to mount. + + Tip: Ensure that the filesystem type is supported + by the host operating system. + + Examples: "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi' type: string initiatorName: - description: initiatorName is the custom iSCSI - Initiator Name. If initiatorName is specified - with iscsiInterface simultaneously, new iSCSI - interface : will - be created for the connection. + description: 'initiatorName is the custom iSCSI + Initiator Name. + + If initiatorName is specified with iscsiInterface + simultaneously, new iSCSI interface + + : will be created + for the connection.' type: string iqn: description: iqn is the target iSCSI Qualified Name. type: string iscsiInterface: - description: iscsiInterface is the interface - Name that uses an iSCSI transport. Defaults - to 'default' (tcp). + default: default + description: 'iscsiInterface is the interface + Name that uses an iSCSI transport. + + Defaults to ''default'' (tcp).' type: string lun: description: lun represents iSCSI Target Lun @@ -5492,33 +7412,49 @@ objects: format: int32 type: integer portals: - description: portals is the iSCSI Target Portal + description: 'portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port - if the port is other than default (typically - TCP ports 860 and 3260). + if the port + + is other than default (typically TCP ports + 860 and 3260).' items: type: string type: array + x-kubernetes-list-type: atomic readOnly: - description: readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. + description: 'readOnly here will force the ReadOnly + setting in VolumeMounts. + + Defaults to false.' type: boolean secretRef: description: secretRef is the CHAP Secret for iSCSI target and initiator authentication properties: name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: '' + description: 'Name of the referent. + + This field is effectively required, but + due to backwards compatibility is + + allowed to be empty. Instances of this + type with an empty value here are + + almost certainly wrong. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string type: object + x-kubernetes-map-type: atomic targetPortal: - description: targetPortal is iSCSI Target Portal. + description: 'targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port - if the port is other than default (typically - TCP ports 860 and 3260). + if the port + + is other than default (typically TCP ports + 860 and 3260).' type: string required: - iqn @@ -5526,26 +7462,37 @@ objects: - targetPortal type: object name: - description: 'name of the volume. Must be a DNS_LABEL - and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: 'name of the volume. + + Must be a DNS_LABEL and unique within the pod. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string nfs: description: 'nfs represents an NFS mount on the - host that shares a pod''s lifetime More info: - https://kubernetes.io/docs/concepts/storage/volumes#nfs' + host that shares a pod''s lifetime + + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' properties: path: description: 'path that is exported by the NFS - server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + server. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: string readOnly: description: 'readOnly here will force the NFS export to be mounted with read-only permissions. - Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + + Defaults to false. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: boolean server: description: 'server is the hostname or IP address - of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + of the NFS server. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: string required: - path @@ -5553,17 +7500,24 @@ objects: type: object persistentVolumeClaim: description: 'persistentVolumeClaimVolumeSource - represents a reference to a PersistentVolumeClaim - in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + represents a reference to a + + PersistentVolumeClaim in the same namespace. + + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' properties: claimName: description: 'claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this - volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + volume. + + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string readOnly: - description: readOnly Will force the ReadOnly - setting in VolumeMounts. Default false. + description: 'readOnly Will force the ReadOnly + setting in VolumeMounts. + + Default false.' type: boolean required: - claimName @@ -5574,11 +7528,14 @@ objects: host machine properties: fsType: - description: fsType is the filesystem type to - mount. Must be a filesystem type supported - by the host operating system. Ex. "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. + description: 'fsType is the filesystem type + to mount. + + Must be a filesystem type supported by the + host operating system. + + Ex. "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified.' type: string pdID: description: pdID is the ID that identifies @@ -5592,16 +7549,20 @@ objects: volume attached and mounted on kubelets host machine properties: fsType: - description: fSType represents the filesystem - type to mount Must be a filesystem type supported - by the host operating system. Ex. "ext4", - "xfs". Implicitly inferred to be "ext4" if - unspecified. + description: 'fSType represents the filesystem + type to mount + + Must be a filesystem type supported by the + host operating system. + + Ex. "ext4", "xfs". Implicitly inferred to + be "ext4" if unspecified.' type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. + description: 'readOnly defaults to false (read/write). + ReadOnly here will force + + the ReadOnly setting in VolumeMounts.' type: boolean volumeID: description: volumeID uniquely identifies a @@ -5615,51 +7576,83 @@ objects: secrets, configmaps, and downward API properties: defaultMode: - description: defaultMode are the mode bits used - to set permissions on created files by default. + description: 'defaultMode are the mode bits + used to set permissions on created files by + default. + Must be an octal value between 0000 and 0777 - or a decimal value between 0 and 511. YAML - accepts both octal and decimal values, JSON - requires decimal values for mode bits. Directories - within the path are not affected by this setting. + or a decimal value between 0 and 511. + + YAML accepts both octal and decimal values, + JSON requires decimal values for mode bits. + + Directories within the path are not affected + by this setting. + This might be in conflict with other options - that affect the file mode, like fsGroup, and - the result can be other mode bits set. + that affect the file + + mode, like fsGroup, and the result can be + other mode bits set.' format: int32 type: integer sources: - description: sources is the list of volume projections + description: 'sources is the list of volume + projections. Each entry in this list + + handles one source.' items: - description: Projection that may be projected - along with other supported volume types + description: 'Projection that may be projected + along with other supported volume types. + + Exactly one of these fields must be set.' properties: clusterTrustBundle: - description: "ClusterTrustBundle allows\ - \ a pod to access the `.spec.trustBundle`\ - \ field of ClusterTrustBundle objects\ - \ in an auto-updating file. \n Alpha,\ - \ gated by the ClusterTrustBundleProjection\ - \ feature gate. \n ClusterTrustBundle\ - \ objects can either be selected by\ - \ name, or by the combination of signer\ - \ name and a label selector. \n Kubelet\ - \ performs aggressive normalization\ - \ of the PEM contents written into the\ - \ pod filesystem. Esoteric PEM features\ - \ such as inter-block comments and block\ - \ headers are stripped. Certificates\ - \ are deduplicated. The ordering of\ - \ certificates within the file is arbitrary,\ - \ and Kubelet may change the order over\ - \ time." + description: 'ClusterTrustBundle allows + a pod to access the `.spec.trustBundle` + field + + of ClusterTrustBundle objects in an + auto-updating file. + + + Alpha, gated by the ClusterTrustBundleProjection + feature gate. + + + ClusterTrustBundle objects can either + be selected by name, or by the + + combination of signer name and a label + selector. + + + Kubelet performs aggressive normalization + of the PEM contents written + + into the pod filesystem. Esoteric PEM + features such as inter-block + + comments and block headers are stripped. Certificates + are deduplicated. + + The ordering of certificates within + the file is arbitrary, and Kubelet + + may change the order over time.' properties: labelSelector: - description: Select all ClusterTrustBundles + description: 'Select all ClusterTrustBundles that match this label selector. Only - has effect if signerName is set. Mutually-exclusive - with name. If unset, interpreted - as "match nothing". If set but - empty, interpreted as "match everything". + has + + effect if signerName is set. Mutually-exclusive + with name. If unset, + + interpreted as "match nothing". If + set but empty, interpreted as "match + + everything".' properties: matchExpressions: description: matchExpressions @@ -5667,11 +7660,12 @@ objects: requirements. The requirements are ANDed. items: - description: A label selector + description: 'A label selector requirement is a selector that contains values, a key, - and an operator that relates - the key and values. + and an operator that + + relates the key and values.' properties: key: description: key is the @@ -5679,70 +7673,91 @@ objects: applies to. type: string operator: - description: operator represents - a key's relationship to - a set of values. Valid - operators are In, NotIn, - Exists and DoesNotExist. + description: 'operator represents + a key''s relationship + to a set of values. + + Valid operators are In, + NotIn, Exists and DoesNotExist.' type: string values: - description: values is an - array of string values. + description: 'values is + an array of string values. If the operator is In - or NotIn, the values array - must be non-empty. If - the operator is Exists - or DoesNotExist, the values - array must be empty. This - array is replaced during - a strategic merge patch. + or NotIn, + + the values array must + be non-empty. If the operator + is Exists or DoesNotExist, + + the values array must + be empty. This array is + replaced during a strategic + + merge patch.' items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string - description: matchLabels is a + description: 'matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key - field is "key", the operator - is "In", and the values array - contains only "value". The requirements - are ANDed. + field is "key", the + + operator is "In", and the values + array contains only "value". + The requirements are ANDed.' type: object type: object + x-kubernetes-map-type: atomic name: - description: Select a single ClusterTrustBundle + description: 'Select a single ClusterTrustBundle by object name. Mutually-exclusive - with signerName and labelSelector. + + with signerName and labelSelector.' type: string optional: - description: If true, don't block + description: 'If true, don''t block pod startup if the referenced ClusterTrustBundle(s) - aren't available. If using name, + + aren''t available. If using name, then the named ClusterTrustBundle - is allowed not to exist. If using + is + + allowed not to exist. If using signerName, then the combination - of signerName and labelSelector - is allowed to match zero ClusterTrustBundles. + of + + signerName and labelSelector is + allowed to match zero + + ClusterTrustBundles.' type: boolean path: description: Relative path from the volume root to write the bundle. type: string signerName: - description: Select all ClusterTrustBundles - that match this signer name. Mutually-exclusive - with name. The contents of all - selected ClusterTrustBundles will - be unified and deduplicated. + description: 'Select all ClusterTrustBundles + that match this signer name. + + Mutually-exclusive with name. The + contents of all selected + + ClusterTrustBundles will be unified + and deduplicated.' type: string required: - path @@ -5752,21 +7767,30 @@ objects: the configMap data to project properties: items: - description: items if unspecified, + description: 'items if unspecified, each key-value pair in the Data - field of the referenced ConfigMap - will be projected into the volume - as a file whose name is the key - and content is the value. If specified, - the listed keys will be projected - into the specified paths, and unlisted - keys will not be present. If a key - is specified which is not present - in the ConfigMap, the volume setup - will error unless it is marked optional. - Paths must be relative and may not - contain the '..' path or start with - '..'. + field of the referenced + + ConfigMap will be projected into + the volume as a file whose name + is the + + key and content is the value. If + specified, the listed keys will + be + + projected into the specified paths, + and unlisted keys will not be + + present. If a key is specified which + is not present in the ConfigMap, + + the volume setup will error unless + it is marked optional. Paths must + be + + relative and may not contain the + ''..'' path or start with ''..''.' items: description: Maps a string key to a path within a volume. @@ -5778,39 +7802,62 @@ objects: mode: description: 'mode is Optional: mode bits used to set permissions - on this file. Must be an octal - value between 0000 and 0777 - or a decimal value between - 0 and 511. YAML accepts both - octal and decimal values, - JSON requires decimal values - for mode bits. If not specified, - the volume defaultMode will - be used. This might be in - conflict with other options - that affect the file mode, - like fsGroup, and the result - can be other mode bits set.' + on this file. + + Must be an octal value between + 0000 and 0777 or a decimal + value between 0 and 511. + + YAML accepts both octal and + decimal values, JSON requires + decimal values for mode bits. + + If not specified, the volume + defaultMode will be used. + + This might be in conflict + with other options that affect + the file + + mode, like fsGroup, and the + result can be other mode bits + set.' format: int32 type: integer path: - description: path is the relative + description: 'path is the relative path of the file to map the - key to. May not be an absolute - path. May not contain the - path element '..'. May not - start with the string '..'. + key to. + + May not be an absolute path. + + May not contain the path element + ''..''. + + May not start with the string + ''..''.' type: string required: - key - path type: object type: array + x-kubernetes-list-type: atomic name: + default: '' description: 'Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + + This field is effectively required, + but due to backwards compatibility + is + + allowed to be empty. Instances of + this type with an empty value here + are + + almost certainly wrong. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string optional: description: optional specify whether @@ -5818,6 +7865,7 @@ objects: defined type: boolean type: object + x-kubernetes-map-type: atomic downwardAPI: description: downwardAPI information about the downwardAPI data to project @@ -5833,8 +7881,8 @@ objects: fieldRef: description: 'Required: Selects a field of the pod: only annotations, - labels, name and namespace - are supported.' + labels, name, namespace and + uid are supported.' properties: apiVersion: description: Version of @@ -5850,22 +7898,31 @@ objects: required: - fieldPath type: object + x-kubernetes-map-type: atomic mode: description: 'Optional: mode bits used to set permissions on this file, must be an octal - value between 0000 and 0777 - or a decimal value between - 0 and 511. YAML accepts both - octal and decimal values, - JSON requires decimal values - for mode bits. If not specified, - the volume defaultMode will - be used. This might be in - conflict with other options - that affect the file mode, - like fsGroup, and the result - can be other mode bits set.' + value + + between 0000 and 0777 or a + decimal value between 0 and + 511. + + YAML accepts both octal and + decimal values, JSON requires + decimal values for mode bits. + + If not specified, the volume + defaultMode will be used. + + This might be in conflict + with other options that affect + the file + + mode, like fsGroup, and the + result can be other mode bits + set.' format: int32 type: integer path: @@ -5881,10 +7938,11 @@ objects: resourceFieldRef: description: 'Selects a resource of the container: only resources - limits and requests (limits.cpu, - limits.memory, requests.cpu - and requests.memory) are currently - supported.' + limits and requests + + (limits.cpu, limits.memory, + requests.cpu and requests.memory) + are currently supported.' properties: containerName: description: 'Container @@ -5908,31 +7966,41 @@ objects: required: - resource type: object + x-kubernetes-map-type: atomic required: - path type: object type: array + x-kubernetes-list-type: atomic type: object secret: description: secret information about the secret data to project properties: items: - description: items if unspecified, + description: 'items if unspecified, each key-value pair in the Data - field of the referenced Secret will - be projected into the volume as - a file whose name is the key and - content is the value. If specified, - the listed keys will be projected - into the specified paths, and unlisted - keys will not be present. If a key - is specified which is not present - in the Secret, the volume setup - will error unless it is marked optional. - Paths must be relative and may not - contain the '..' path or start with - '..'. + field of the referenced + + Secret will be projected into the + volume as a file whose name is the + + key and content is the value. If + specified, the listed keys will + be + + projected into the specified paths, + and unlisted keys will not be + + present. If a key is specified which + is not present in the Secret, + + the volume setup will error unless + it is marked optional. Paths must + be + + relative and may not contain the + ''..'' path or start with ''..''.' items: description: Maps a string key to a path within a volume. @@ -5944,39 +8012,62 @@ objects: mode: description: 'mode is Optional: mode bits used to set permissions - on this file. Must be an octal - value between 0000 and 0777 - or a decimal value between - 0 and 511. YAML accepts both - octal and decimal values, - JSON requires decimal values - for mode bits. If not specified, - the volume defaultMode will - be used. This might be in - conflict with other options - that affect the file mode, - like fsGroup, and the result - can be other mode bits set.' + on this file. + + Must be an octal value between + 0000 and 0777 or a decimal + value between 0 and 511. + + YAML accepts both octal and + decimal values, JSON requires + decimal values for mode bits. + + If not specified, the volume + defaultMode will be used. + + This might be in conflict + with other options that affect + the file + + mode, like fsGroup, and the + result can be other mode bits + set.' format: int32 type: integer path: - description: path is the relative + description: 'path is the relative path of the file to map the - key to. May not be an absolute - path. May not contain the - path element '..'. May not - start with the string '..'. + key to. + + May not be an absolute path. + + May not contain the path element + ''..''. + + May not start with the string + ''..''.' type: string required: - key - path type: object type: array + x-kubernetes-list-type: atomic name: + default: '' description: 'Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + + This field is effectively required, + but due to backwards compatibility + is + + allowed to be empty. Instances of + this type with an empty value here + are + + almost certainly wrong. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string optional: description: optional field specify @@ -5984,76 +8075,98 @@ objects: be defined type: boolean type: object + x-kubernetes-map-type: atomic serviceAccountToken: description: serviceAccountToken is information about the serviceAccountToken data to project properties: audience: - description: audience is the intended + description: 'audience is the intended audience of the token. A recipient - of a token must identify itself - with an identifier specified in - the audience of the token, and otherwise - should reject the token. The audience - defaults to the identifier of the - apiserver. + of a token + + must identify itself with an identifier + specified in the audience of the + + token, and otherwise should reject + the token. The audience defaults + to the + + identifier of the apiserver.' type: string expirationSeconds: - description: expirationSeconds is + description: 'expirationSeconds is the requested duration of validity - of the service account token. As - the token approaches expiration, - the kubelet volume plugin will proactively - rotate the service account token. - The kubelet will start trying to - rotate the token if the token is - older than 80 percent of its time - to live or if the token is older - than 24 hours.Defaults to 1 hour - and must be at least 10 minutes. + of the service + + account token. As the token approaches + expiration, the kubelet volume + + plugin will proactively rotate the + service account token. The kubelet + will + + start trying to rotate the token + if the token is older than 80 percent + of + + its time to live or if the token + is older than 24 hours.Defaults + to 1 hour + + and must be at least 10 minutes.' format: int64 type: integer path: - description: path is the path relative + description: 'path is the path relative to the mount point of the file to - project the token into. + project the + + token into.' type: string required: - path type: object type: object type: array + x-kubernetes-list-type: atomic type: object quobyte: description: quobyte represents a Quobyte mount on the host that shares a pod's lifetime properties: group: - description: group to map volume access to Default - is no group + description: 'group to map volume access to + + Default is no group' type: string readOnly: - description: readOnly here will force the Quobyte + description: 'readOnly here will force the Quobyte volume to be mounted with read-only permissions. - Defaults to false. + + Defaults to false.' type: boolean registry: - description: registry represents a single or - multiple Quobyte Registry services specified - as a string as host:port pair (multiple entries - are separated with commas) which acts as the - central registry for volumes + description: 'registry represents a single or + multiple Quobyte Registry services + + specified as a string as host:port pair (multiple + entries are separated with commas) + + which acts as the central registry for volumes' type: string tenant: - description: tenant owning the given Quobyte - volume in the Backend Used with dynamically - provisioned Quobyte volumes, value is set - by the plugin + description: 'tenant owning the given Quobyte + volume in the Backend + + Used with dynamically provisioned Quobyte + volumes, value is set by the plugin' type: string user: - description: user to map volume access to Defaults - to serivceaccount user + description: 'user to map volume access to + + Defaults to serivceaccount user' type: string volume: description: volume is a string that references @@ -6066,57 +8179,93 @@ objects: rbd: description: 'rbd represents a Rados Block Device mount on the host that shares a pod''s lifetime. + More info: https://examples.k8s.io/volumes/rbd/README.md' properties: fsType: description: 'fsType is the filesystem type - of the volume that you want to mount. Tip: - Ensure that the filesystem type is supported - by the host operating system. Examples: "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd - TODO: how do we prevent errors in the filesystem - from compromising the machine' + of the volume that you want to mount. + + Tip: Ensure that the filesystem type is supported + by the host operating system. + + Examples: "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd' type: string image: description: 'image is the rados image name. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string keyring: + default: /etc/ceph/keyring description: 'keyring is the path to key ring - for RBDUser. Default is /etc/ceph/keyring. + for RBDUser. + + Default is /etc/ceph/keyring. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string monitors: description: 'monitors is a collection of Ceph - monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + monitors. + + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' items: type: string type: array + x-kubernetes-list-type: atomic pool: - description: 'pool is the rados pool name. Default - is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + default: rbd + description: 'pool is the rados pool name. + + Default is rbd. + + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string readOnly: description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. + setting in VolumeMounts. + + Defaults to false. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: boolean secretRef: description: 'secretRef is name of the authentication - secret for RBDUser. If provided overrides - keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + secret for RBDUser. If provided + + overrides keyring. + + Default is nil. + + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' properties: name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: '' + description: 'Name of the referent. + + This field is effectively required, but + due to backwards compatibility is + + allowed to be empty. Instances of this + type with an empty value here are + + almost certainly wrong. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string type: object + x-kubernetes-map-type: atomic user: - description: 'user is the rados user name. Default - is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + default: admin + description: 'user is the rados user name. + + Default is admin. + + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string required: - image @@ -6127,10 +8276,16 @@ objects: volume attached and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to - mount. Must be a filesystem type supported - by the host operating system. Ex. "ext4", - "xfs", "ntfs". Default is "xfs". + default: xfs + description: 'fsType is the filesystem type + to mount. + + Must be a filesystem type supported by the + host operating system. + + Ex. "ext4", "xfs", "ntfs". + + Default is "xfs".' type: string gateway: description: gateway is the host address of @@ -6142,31 +8297,45 @@ objects: storage. type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. + description: 'readOnly Defaults to false (read/write). + ReadOnly here will force + + the ReadOnly setting in VolumeMounts.' type: boolean secretRef: - description: secretRef references to the secret - for ScaleIO user and other sensitive information. - If this is not provided, Login operation will - fail. + description: 'secretRef references to the secret + for ScaleIO user and other + + sensitive information. If this is not provided, + Login operation will fail.' properties: name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: '' + description: 'Name of the referent. + + This field is effectively required, but + due to backwards compatibility is + + allowed to be empty. Instances of this + type with an empty value here are + + almost certainly wrong. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string type: object + x-kubernetes-map-type: atomic sslEnabled: description: sslEnabled Flag enable/disable SSL communication with Gateway, default false type: boolean storageMode: - description: storageMode indicates whether the - storage for a volume should be ThickProvisioned - or ThinProvisioned. Default is ThinProvisioned. + default: ThinProvisioned + description: 'storageMode indicates whether + the storage for a volume should be ThickProvisioned + or ThinProvisioned. + + Default is ThinProvisioned.' type: string storagePool: description: storagePool is the ScaleIO Storage @@ -6177,9 +8346,10 @@ objects: system as configured in ScaleIO. type: string volumeName: - description: volumeName is the name of a volume - already created in the ScaleIO system that - is associated with this volume source. + description: 'volumeName is the name of a volume + already created in the ScaleIO system + + that is associated with this volume source.' type: string required: - gateway @@ -6188,34 +8358,54 @@ objects: type: object secret: description: 'secret represents a secret that should - populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + populate this volume. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' properties: defaultMode: description: 'defaultMode is Optional: mode bits used to set permissions on created files - by default. Must be an octal value between - 0000 and 0777 or a decimal value between 0 - and 511. YAML accepts both octal and decimal - values, JSON requires decimal values for mode - bits. Defaults to 0644. Directories within - the path are not affected by this setting. + by default. + + Must be an octal value between 0000 and 0777 + or a decimal value between 0 and 511. + + YAML accepts both octal and decimal values, + JSON requires decimal values + + for mode bits. Defaults to 0644. + + Directories within the path are not affected + by this setting. + This might be in conflict with other options - that affect the file mode, like fsGroup, and - the result can be other mode bits set.' + that affect the file + + mode, like fsGroup, and the result can be + other mode bits set.' format: int32 type: integer items: - description: items If unspecified, each key-value - pair in the Data field of the referenced Secret - will be projected into the volume as a file - whose name is the key and content is the value. - If specified, the listed keys will be projected - into the specified paths, and unlisted keys - will not be present. If a key is specified - which is not present in the Secret, the volume - setup will error unless it is marked optional. - Paths must be relative and may not contain - the '..' path or start with '..'. + description: 'items If unspecified, each key-value + pair in the Data field of the referenced + + Secret will be projected into the volume as + a file whose name is the + + key and content is the value. If specified, + the listed keys will be + + projected into the specified paths, and unlisted + keys will not be + + present. If a key is specified which is not + present in the Secret, + + the volume setup will error unless it is marked + optional. Paths must be + + relative and may not contain the ''..'' path + or start with ''..''.' items: description: Maps a string key to a path within a volume. @@ -6226,38 +8416,50 @@ objects: mode: description: 'mode is Optional: mode bits used to set permissions on this file. + Must be an octal value between 0000 and 0777 or a decimal value between - 0 and 511. YAML accepts both octal and - decimal values, JSON requires decimal - values for mode bits. If not specified, - the volume defaultMode will be used. + 0 and 511. + + YAML accepts both octal and decimal + values, JSON requires decimal values + for mode bits. + + If not specified, the volume defaultMode + will be used. + This might be in conflict with other - options that affect the file mode, like - fsGroup, and the result can be other - mode bits set.' + options that affect the file + + mode, like fsGroup, and the result can + be other mode bits set.' format: int32 type: integer path: - description: path is the relative path - of the file to map the key to. May not - be an absolute path. May not contain - the path element '..'. May not start - with the string '..'. + description: 'path is the relative path + of the file to map the key to. + + May not be an absolute path. + + May not contain the path element ''..''. + + May not start with the string ''..''.' type: string required: - key - path type: object type: array + x-kubernetes-list-type: atomic optional: description: optional field specify whether the Secret or its keys must be defined type: boolean secretName: description: 'secretName is the name of the - secret in the pod''s namespace to use. More - info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + secret in the pod''s namespace to use. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' type: string type: object storageos: @@ -6265,45 +8467,69 @@ objects: attached and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to - mount. Must be a filesystem type supported - by the host operating system. Ex. "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. + description: 'fsType is the filesystem type + to mount. + + Must be a filesystem type supported by the + host operating system. + + Ex. "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified.' type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. + description: 'readOnly defaults to false (read/write). + ReadOnly here will force + + the ReadOnly setting in VolumeMounts.' type: boolean secretRef: - description: secretRef specifies the secret - to use for obtaining the StorageOS API credentials. If - not specified, default values will be attempted. + description: 'secretRef specifies the secret + to use for obtaining the StorageOS API + + credentials. If not specified, default values + will be attempted.' properties: name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: '' + description: 'Name of the referent. + + This field is effectively required, but + due to backwards compatibility is + + allowed to be empty. Instances of this + type with an empty value here are + + almost certainly wrong. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string type: object + x-kubernetes-map-type: atomic volumeName: - description: volumeName is the human-readable - name of the StorageOS volume. Volume names - are only unique within a namespace. + description: 'volumeName is the human-readable + name of the StorageOS volume. Volume + + names are only unique within a namespace.' type: string volumeNamespace: - description: volumeNamespace specifies the scope - of the volume within StorageOS. If no namespace - is specified then the Pod's namespace will - be used. This allows the Kubernetes name - scoping to be mirrored within StorageOS for - tighter integration. Set VolumeName to any - name to override the default behaviour. Set - to "default" if you are not using namespaces - within StorageOS. Namespaces that do not pre-exist - within StorageOS will be created. + description: 'volumeNamespace specifies the + scope of the volume within StorageOS. If + no + + namespace is specified then the Pod''s namespace + will be used. This allows the + + Kubernetes name scoping to be mirrored within + StorageOS for tighter integration. + + Set VolumeName to any name to override the + default behaviour. + + Set to "default" if you are not using namespaces + within StorageOS. + + Namespaces that do not pre-exist within StorageOS + will be created.' type: string type: object vsphereVolume: @@ -6311,11 +8537,13 @@ objects: volume attached and mounted on kubelets host machine properties: fsType: - description: fsType is filesystem type to mount. + description: 'fsType is filesystem type to mount. + Must be a filesystem type supported by the - host operating system. Ex. "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. + host operating system. + + Ex. "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified.' type: string storagePolicyID: description: storagePolicyID is the storage @@ -6350,15 +8578,21 @@ objects: format: int64 type: integer successfulJobsHistoryLimit: - description: The number of successful finished jobs to retain. - Value must be non-negative integer. Defaults to 3. Only - applies to Cronjobs + description: 'The number of successful finished jobs to retain. + Value must be non-negative integer. + + Defaults to 3. + + Only applies to Cronjobs' format: int32 type: integer suspend: - description: This flag tells the controller to suspend subsequent - executions, it does not apply to already started executions. Defaults - to false. Only applies to Cronjobs + description: 'This flag tells the controller to suspend subsequent + executions, it does + + not apply to already started executions. Defaults to false. + + Only applies to Cronjobs' type: boolean required: - name @@ -6366,8 +8600,10 @@ objects: type: object type: array kafkaTopics: - description: A list of Kafka topics that will be created and made - available to all the pods listed in the ClowdApp. + description: 'A list of Kafka topics that will be created and made + available to all + + the pods listed in the ClowdApp.' items: description: KafkaTopicSpec defines the desired state of KafkaTopic properties: @@ -6402,16 +8638,18 @@ objects: type: object type: array objectStore: - description: A list of string names defining storage buckets. In - certain modes, defined by the ClowdEnvironment, Clowder will create - those buckets. + description: 'A list of string names defining storage buckets. In + certain modes, + + defined by the ClowdEnvironment, Clowder will create those buckets.' items: type: string type: array optionalDependencies: - description: A list of optional dependencies in the form of the - name of the ClowdApps that will be added to the configuration - when present. + description: 'A list of optional dependencies in the form of the + name of the ClowdApps that + + will be added to the configuration when present.' items: type: string type: array @@ -6435,38 +8673,50 @@ objects: resource operational state. properties: lastTransitionTime: - description: Last time the condition transitioned from one - status to another. This should be when the underlying condition - changed. If that is not known, then using the time when - the API field changed is acceptable. + description: 'Last time the condition transitioned from one + status to another. + + This should be when the underlying condition changed. If + that is not known, then using the time when + + the API field changed is acceptable.' format: date-time type: string message: - description: A human readable message indicating details about - the transition. This field may be empty. + description: 'A human readable message indicating details + about the transition. + + This field may be empty.' type: string reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not - this field is considered a guaranteed API. This field may - not be empty. + description: 'The reason for the condition''s last transition + in CamelCase. + + The specific API may choose whether or not this field is + considered a guaranteed API. + + This field may not be empty.' type: string severity: - description: Severity provides an explicit classification + description: 'Severity provides an explicit classification of Reason code, so the users or machines can immediately - understand the current situation and act accordingly. The - Severity field MUST be set only when Status=False. + + understand the current situation and act accordingly. + + The Severity field MUST be set only when Status=False.' type: string status: description: Status of the condition, one of True, False, Unknown. type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. + description: 'Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict - is important. + like Available, but because arbitrary conditions + + can be useful (see .node.status.conditions), the ability + to deconflict is important.' type: string required: - lastTransitionTime @@ -6476,9 +8726,12 @@ objects: type: array deployments: description: 'INSERT ADDITIONAL STATUS FIELD - define observed state - of cluster Important: Run "make" to regenerate code after modifying - this file ClowdEnvironmentStatus defines the observed state of - ClowdEnvironment' + of cluster + + Important: Run "make" to regenerate code after modifying this + file + + ClowdEnvironmentStatus defines the observed state of ClowdEnvironment' properties: managedDeployments: format: int32 @@ -6500,18 +8753,11 @@ objects: storage: true subresources: status: {} - status: - acceptedNames: - kind: '' - plural: '' - conditions: [] - storedVersions: [] - apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.16.4 name: clowdenvironments.cloud.redhat.com spec: group: cloud.redhat.com @@ -6544,14 +8790,27 @@ objects: properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + of an object. + + Servers should convert recognized schemas to the latest internal value, + and + + may reject unrecognized values. + + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: description: 'Kind is a string value representing the REST resource - this object represents. Servers may infer this from the endpoint the - client submits requests to. Cannot be updated. In CamelCase. More - info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + this object represents. + + Servers may infer this from the endpoint the client submits requests + to. + + Cannot be updated. + + In CamelCase. + + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object @@ -6562,8 +8821,10 @@ objects: description: Disabled turns off reconciliation for this ClowdEnv type: boolean providers: - description: A ProvidersConfig object, detailing the setup and configuration - of all the providers used in this ClowdEnvironment. + description: 'A ProvidersConfig object, detailing the setup and + configuration of all the + + providers used in this ClowdEnvironment.' properties: autoScaler: description: Defines the autoscaler configuration @@ -6581,19 +8842,25 @@ objects: Provider. properties: caBundleURL: - description: Indicates where Clowder will fetch the database - CA certificate bundle from. Currently only used in (*_app-interface_*) - mode. If none is specified, the AWS RDS combined CA bundle - is used. + description: 'Indicates where Clowder will fetch the database + CA certificate bundle from. Currently only used in + + (*_app-interface_*) mode. If none is specified, the AWS + RDS combined CA bundle is used.' pattern: ^https?:\/\/.+$ type: string mode: description: 'The mode of operation of the Clowder Database - Provider. Valid options are: (*_app-interface_*) where - the provider will pass through database credentials found - in the secret defined by the database name in the ClowdApp, - and (*_local_*) where the provider will spin up a local - instance of the database.' + Provider. Valid options are: + + (*_app-interface_*) where the provider will pass through + database credentials + + found in the secret defined by the database name in the + ClowdApp, and (*_local_*) + + where the provider will spin up a local instance of the + database.' enum: - shared - app-interface @@ -6601,9 +8868,11 @@ objects: - none type: string pvc: - description: If using the (*_local_*) mode and PVC is set - to true, this instructs the local Database instance to - use a PVC instead of emptyDir for its volumes. + description: 'If using the (*_local_*) mode and PVC is set + to true, this instructs the local + + Database instance to use a PVC instead of emptyDir for + its volumes.' type: boolean required: - mode @@ -6619,8 +8888,10 @@ objects: Provider. properties: credentialRef: - description: Defines the secret containing the client access - token, only used for (*_app-interface_*) mode. + description: 'Defines the secret containing the client access + token, only used for (*_app-interface_*) + + mode.' properties: name: description: Name defines the Name of a resource. @@ -6641,13 +8912,20 @@ objects: properties: unleash: type: string + unleashEdge: + type: string type: object mode: description: 'The mode of operation of the Clowder FeatureFlag - Provider. Valid options are: (*_app-interface_*) where - the provider will pass through credentials to the app - configuration, and (*_local_*) where a local Unleash instance - will be created.' + Provider. Valid options are: + + (*_app-interface_*) where the provider will pass through + credentials + + to the app configuration, and (*_local_*) where a local + Unleash instance will + + be created.' enum: - local - app-interface @@ -6658,19 +8936,30 @@ objects: format: int32 type: integer pvc: - description: If using the (*_local_*) mode and PVC is set - to true, this instructs the local Database instance to - use a PVC instead of emptyDir for its volumes. + description: 'If using the (*_local_*) mode and PVC is set + to true, this instructs the local + + Database instance to use a PVC instead of emptyDir for + its volumes.' type: boolean type: object inMemoryDb: description: Defines the Configuration for the Clowder InMemoryDB Provider. properties: + image: + description: 'This image is only used in the (*_redis_*) + mode, as elsewhere it will try to + + inspect for a secret for a hostname and credentials.' + type: string mode: description: 'The mode of operation of the Clowder InMemory - Provider. Valid options are: (*_redis_*) where a local - Minio instance will be created, and (*_elasticache_*) + Provider. Valid options are: + + (*_redis_*) where a local Minio instance will be created, + and (*_elasticache_*) + which will search the namespace of the ClowdApp for a secret called ''elasticache''' enum: @@ -6680,9 +8969,11 @@ objects: - none type: string pvc: - description: If using the (*_local_*) mode and PVC is set - to true, this instructs the local Database instance to - use a PVC instead of emptyDir for its volumes. + description: 'If using the (*_local_*) mode and PVC is set + to true, this instructs the local + + Database instance to use a PVC instead of emptyDir for + its volumes.' type: boolean required: - mode @@ -6701,9 +8992,10 @@ objects: description: Config full options type: object deleteClaim: - description: Delete persistent volume claim if the Kafka - cluster is deleted Only applies when KafkaConfig.PVC - is set to 'true' + description: 'Delete persistent volume claim if the + Kafka cluster is deleted + + Only applies when KafkaConfig.PVC is set to ''true''' type: boolean forceTLS: description: Force TLS @@ -6721,13 +9013,16 @@ objects: description: -Xmx option to to the JVM. type: string gcLoggingEnabled: - description: Specifies whether the Garbage Collection - logging is enabled. The default is false. + description: 'Specifies whether the Garbage Collection + logging is enabled. The default is + + false.' type: boolean javaSystemProperties: - description: A map of additional system properties - which will be passed using the `-D` option to - the JVM. + description: 'A map of additional system properties + which will be passed using the `-D` + + option to the JVM.' items: properties: name: @@ -6756,6 +9051,17 @@ objects: resources: description: Resource Limits properties: + claims: + description: Claims corresponds to the JSON schema + field "claims". + items: + properties: + name: + description: Name corresponds to the JSON + schema field "name". + type: string + type: object + type: array limits: description: Limits corresponds to the JSON schema field "limits". @@ -6766,9 +9072,10 @@ objects: x-kubernetes-preserve-unknown-fields: true type: object storageSize: - description: Persistent volume storage size. If unset, - default is '1Gi' Only applies when KafkaConfig.PVC - is set to 'true' + description: 'Persistent volume storage size. If unset, + default is ''1Gi'' + + Only applies when KafkaConfig.PVC is set to ''true''' type: string version: description: Version. If unset, default is '2.5.0' @@ -6779,9 +9086,10 @@ objects: mode. type: string clusterName: - description: (Deprecated) Defines the cluster name to be - used by the Kafka Provider this will be used in some modes - to locate the Kafka instance. + description: '(Deprecated) Defines the cluster name to be + used by the Kafka Provider this will + + be used in some modes to locate the Kafka instance.' type: string connect: description: Defines options related to the Kafka Connect @@ -6809,6 +9117,17 @@ objects: resources: description: Resource Limits properties: + claims: + description: Claims corresponds to the JSON schema + field "claims". + items: + properties: + name: + description: Name corresponds to the JSON + schema field "name". + type: string + type: object + type: array limits: description: Limits corresponds to the JSON schema field "limits". @@ -6827,9 +9146,11 @@ objects: name that is used in this environment. type: string connectNamespace: - description: (Deprecated) The namespace that the Kafka Connect - cluster is expected to reside in. This is only used in - (*_app-interface_*) and (*_operator_*) modes. + description: '(Deprecated) The namespace that the Kafka + Connect cluster is expected to reside in. This is only + used + + in (*_app-interface_*) and (*_operator_*) modes.' type: string enableLegacyStrimzi: description: EnableLegacyStrimzi disables TLS + user auth @@ -6858,15 +9179,24 @@ objects: type: object mode: description: 'The mode of operation of the Clowder Kafka - Provider. Valid options are: (*_operator_*) which provisions - Strimzi resources and will configure KafkaTopic CRs and - place them in the Kafka cluster''s namespace described - in the configuration, (*_app-interface_*) which simply - passes the topic names through to the App''s cdappconfig.json - and expects app-interface to have created the relevant + Provider. Valid options are: + + (*_operator_*) which provisions Strimzi resources and + will configure + + KafkaTopic CRs and place them in the Kafka cluster''s + namespace described in the configuration, + + (*_app-interface_*) which simply passes the topic names + through to the App''s + + cdappconfig.json and expects app-interface to have created + the relevant + topics, and (*_local_*) where a small instance of Kafka - is created in the desired cluster namespace and configured - to auto-create topics.' + is created in the desired cluster namespace + + and configured to auto-create topics.' enum: - ephem-msk - managed @@ -6876,15 +9206,17 @@ objects: - none type: string namespace: - description: (Deprecated) The Namespace the cluster is expected - to reside in. This is only used in (*_app-interface_*) - and (*_operator_*) modes. + description: '(Deprecated) The Namespace the cluster is + expected to reside in. This is only used + + in (*_app-interface_*) and (*_operator_*) modes.' type: string pvc: - description: If using the (*_local_*) or (*_operator_*) + description: 'If using the (*_local_*) or (*_operator_*) mode and PVC is set to true, this sets the provisioned + Kafka instance to use a PVC instead of emptyDir for its - volumes. + volumes.' type: boolean suffix: description: (Deprecated) (Unused) @@ -6902,8 +9234,11 @@ objects: properties: mode: description: 'The mode of operation of the Clowder Logging - Provider. Valid options are: (*_app-interface_*) where - the provider will pass through cloudwatch credentials + Provider. Valid options are: + + (*_app-interface_*) where the provider will pass through + cloudwatch credentials + to the app configuration, and (*_none_*) where no logging will be configured.' enum: @@ -6919,19 +9254,21 @@ objects: Provider. properties: mode: - description: The mode of operation of the Metrics provider. - The allowed modes are (*_none_*), which disables metrics - service generation, or (*_operator_*) where services and - probes are generated. (*_app-interface_*) where services - and probes are generated for app-interface. + description: "The mode of operation of the Metrics provider.\ + \ The allowed modes are\n (*_none_*), which disables metrics\ + \ service generation, or\n(*_operator_*) where services\ + \ and probes are generated.\n(*_app-interface_*) where\ + \ services and probes are generated for app-interface." enum: - none - operator - app-interface type: string path: - description: A prefix path that pods will be instructed - to use when setting up their metrics server. + description: 'A prefix path that pods will be instructed + to use when setting up their + + metrics server.' type: string port: description: The port that metrics services inside ClowdApp @@ -6966,19 +9303,26 @@ objects: type: object mode: description: 'The mode of operation of the Clowder ObjectStore - Provider. Valid options are: (*_app-interface_*) where - the provider will pass through Amazon S3 credentials to - the app configuration, and (*_minio_*) where a local Minio - instance will be created.' + Provider. Valid options are: + + (*_app-interface_*) where the provider will pass through + Amazon S3 credentials + + to the app configuration, and (*_minio_*) where a local + Minio instance will + + be created.' enum: - minio - app-interface - none type: string pvc: - description: If using the (*_local_*) mode and PVC is set - to true, this instructs the local Database instance to - use a PVC instead of emptyDir for its volumes. + description: 'If using the (*_local_*) mode and PVC is set + to true, this instructs the local + + Database instance to use a PVC instead of emptyDir for + its volumes.' type: boolean suffix: description: Currently unused. @@ -7049,10 +9393,17 @@ objects: properties: configAccess: description: 'The mode of operation for access to outside - app configs. Valid options are: (*_none_*) -- no app config - is mounted to the pod (*_app_*) -- only the ClowdApp''s - config is mounted to the pod (*_environment_*) -- the - config for all apps in the env are mounted' + app configs. Valid + + options are: + + (*_none_*) -- no app config is mounted to the pod + + (*_app_*) -- only the ClowdApp''s config is mounted to + the pod + + (*_environment_*) -- the config for all apps in the env + are mounted' enum: - none - app @@ -7065,27 +9416,49 @@ objects: imageBase: type: string resources: - description: A pass-through of a resource requirements - in k8s ResourceRequirements format. If omitted, the - default resource requirements from the ClowdEnvironment - will be used. + description: 'A pass-through of a resource requirements + in k8s ResourceRequirements + + format. If omitted, the default resource requirements + from the + + ClowdEnvironment will be used.' properties: claims: - description: "Claims lists the names of resources,\ - \ defined in spec.resourceClaims, that are used\ - \ by this container. \n This is an alpha field\ - \ and requires enabling the DynamicResourceAllocation\ - \ feature gate. \n This field is immutable. It\ - \ can only be set for containers." + description: 'Claims lists the names of resources, + defined in spec.resourceClaims, + + that are used by this container. + + + This is an alpha field and requires enabling the + + DynamicResourceAllocation feature gate. + + + This field is immutable. It can only be set for + containers.' items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one - entry in pod.spec.resourceClaims of the - Pod where this field is used. It makes that - resource available inside a container. + description: 'Name must match the name of + one entry in pod.spec.resourceClaims of + + the Pod where this field is used. It makes + that resource available + + inside a container.' + type: string + request: + description: 'Request is the name chosen for + a request in the referenced claim. + + If empty, everything from the claim is made + available, otherwise + + only the result of this request.' type: string required: - name @@ -7102,7 +9475,9 @@ objects: pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: 'Limits describes the maximum amount - of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + of compute resources allowed. + + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -7112,11 +9487,15 @@ objects: pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: 'Requests describes the minimum amount - of compute resources required. If Requests is - omitted for a container, it defaults to Limits - if that is explicitly specified, otherwise to - an implementation-defined value. Requests cannot - exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + of compute resources required. + + If Requests is omitted for a container, it defaults + to Limits if that is explicitly specified, + + otherwise to an implementation-defined value. + Requests cannot exceed Limits. + + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object ui: @@ -7140,23 +9519,43 @@ objects: set on selenium containers properties: claims: - description: "Claims lists the names of\ - \ resources, defined in spec.resourceClaims,\ - \ that are used by this container. \n\ - \ This is an alpha field and requires\ - \ enabling the DynamicResourceAllocation\ - \ feature gate. \n This field is immutable.\ - \ It can only be set for containers." + description: 'Claims lists the names of + resources, defined in spec.resourceClaims, + + that are used by this container. + + + This is an alpha field and requires enabling + the + + DynamicResourceAllocation feature gate. + + + This field is immutable. It can only be + set for containers.' items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name - of one entry in pod.spec.resourceClaims - of the Pod where this field is used. + description: 'Name must match the + name of one entry in pod.spec.resourceClaims + of + + the Pod where this field is used. It makes that resource available - inside a container. + + inside a container.' + type: string + request: + description: 'Request is the name + chosen for a request in the referenced + claim. + + If empty, everything from the claim + is made available, otherwise + + only the result of this request.' type: string required: - name @@ -7173,8 +9572,9 @@ objects: pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: 'Limits describes the maximum - amount of compute resources allowed. More - info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + amount of compute resources allowed. + + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -7185,10 +9585,14 @@ objects: x-kubernetes-int-or-string: true description: 'Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly - specified, otherwise to an implementation-defined + specified, + + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object @@ -7214,7 +9618,9 @@ objects: type: object k8sAccessLevel: description: 'The mode of operation of the testing Pod. - Valid options are: ''default'', ''view'' or ''edit''' + Valid options are: + + ''default'', ''view'' or ''edit''' enum: - default - view @@ -7234,8 +9640,10 @@ objects: format: int32 type: integer apiPrefix: - description: An api prefix path that pods will be instructed - to use when setting up their web server. + description: 'An api prefix path that pods will be instructed + to use when setting up + + their web server.' type: string bopURL: description: The URL of BOP - only used in (*_none_*/*_operator_*) @@ -7308,9 +9716,11 @@ objects: is used. type: string mode: - description: The mode of operation of the Web provider. - The allowed modes are (*_none_*/*_operator_*), and (*_local_*) - which deploys keycloak and BOP. + description: 'The mode of operation of the Web provider. + The allowed modes are + + (*_none_*/*_operator_*), and (*_local_*) which deploys + keycloak and BOP.' enum: - none - operator @@ -7349,23 +9759,44 @@ objects: - objectStore type: object resourceDefaults: - description: Defines the default resource requirements in standard - k8s format in the event that they omitted from a PodSpec inside - a ClowdApp. + description: 'Defines the default resource requirements in standard + k8s format in the + + event that they omitted from a PodSpec inside a ClowdApp.' properties: claims: - description: "Claims lists the names of resources, defined in\ - \ spec.resourceClaims, that are used by this container. \n\ - \ This is an alpha field and requires enabling the DynamicResourceAllocation\ - \ feature gate. \n This field is immutable. It can only be\ - \ set for containers." + description: 'Claims lists the names of resources, defined in + spec.resourceClaims, + + that are used by this container. + + + This is an alpha field and requires enabling the + + DynamicResourceAllocation feature gate. + + + This field is immutable. It can only be set for containers.' items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a container. + description: 'Name must match the name of one entry in + pod.spec.resourceClaims of + + the Pod where this field is used. It makes that resource + available + + inside a container.' + type: string + request: + description: 'Request is the name chosen for a request + in the referenced claim. + + If empty, everything from the claim is made available, + otherwise + + only the result of this request.' type: string required: - name @@ -7382,7 +9813,9 @@ objects: pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + resources allowed. + + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -7392,10 +9825,15 @@ objects: pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. Requests cannot exceed - Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + resources required. + + If Requests is omitted for a container, it defaults to Limits + if that is explicitly specified, + + otherwise to an implementation-defined value. Requests cannot + exceed Limits. + + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceConfig: @@ -7411,9 +9849,11 @@ objects: - type type: object targetNamespace: - description: TargetNamespace describes the namespace where any generated - environmental resources should end up, this is particularly important - in (*_local_*) mode. + description: 'TargetNamespace describes the namespace where any + generated environmental + + resources should end up, this is particularly important in (*_local_*) + mode.' type: string required: - providers @@ -7451,45 +9891,59 @@ objects: type: array conditions: description: 'INSERT ADDITIONAL STATUS FIELD - define observed state - of cluster Important: Run "make" to regenerate code after modifying - this file' + of cluster + + Important: Run "make" to regenerate code after modifying this + file' items: description: Condition defines an observation of a Cluster API resource operational state. properties: lastTransitionTime: - description: Last time the condition transitioned from one - status to another. This should be when the underlying condition - changed. If that is not known, then using the time when - the API field changed is acceptable. + description: 'Last time the condition transitioned from one + status to another. + + This should be when the underlying condition changed. If + that is not known, then using the time when + + the API field changed is acceptable.' format: date-time type: string message: - description: A human readable message indicating details about - the transition. This field may be empty. + description: 'A human readable message indicating details + about the transition. + + This field may be empty.' type: string reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not - this field is considered a guaranteed API. This field may - not be empty. + description: 'The reason for the condition''s last transition + in CamelCase. + + The specific API may choose whether or not this field is + considered a guaranteed API. + + This field may not be empty.' type: string severity: - description: Severity provides an explicit classification + description: 'Severity provides an explicit classification of Reason code, so the users or machines can immediately - understand the current situation and act accordingly. The - Severity field MUST be set only when Status=False. + + understand the current situation and act accordingly. + + The Severity field MUST be set only when Status=False.' type: string status: description: Status of the condition, one of True, False, Unknown. type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. + description: 'Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict - is important. + like Available, but because arbitrary conditions + + can be useful (see .node.status.conditions), the ability + to deconflict is important.' type: string required: - lastTransitionTime @@ -7541,18 +9995,11 @@ objects: storage: true subresources: status: {} - status: - acceptedNames: - kind: '' - plural: '' - conditions: [] - storedVersions: [] - apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.16.4 name: clowdjobinvocations.cloud.redhat.com spec: group: cloud.redhat.com @@ -7576,14 +10023,27 @@ objects: properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + of an object. + + Servers should convert recognized schemas to the latest internal value, + and + + may reject unrecognized values. + + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: description: 'Kind is a string value representing the REST resource - this object represents. Servers may infer this from the endpoint the - client submits requests to. Cannot be updated. In CamelCase. More - info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + this object represents. + + Servers may infer this from the endpoint the client submits requests + to. + + Cannot be updated. + + In CamelCase. + + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object @@ -7610,8 +10070,10 @@ objects: etc) in a CJI properties: iqe: - description: Iqe is the job spec to override defaults from the - ClowdApp's definition of the job + description: 'Iqe is the job spec to override defaults from + the ClowdApp''s + + definition of the job' properties: debug: description: Changes entrypoint to invoke 'iqe container-debug' @@ -7635,16 +10097,28 @@ objects: type: string value: description: 'Variable references $(VAR_NAME) are - expanded using the previously defined environment - variables in the container and any service environment - variables. If a variable cannot be resolved, the - reference in the input string will be unchanged. - Double $$ are reduced to a single $, which allows - for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" - will produce the string literal "$(VAR_NAME)". Escaped - references will never be expanded, regardless of - whether the variable exists or not. Defaults to - "".' + expanded + + using the previously defined environment variables + in the container and + + any service environment variables. If a variable + cannot be resolved, + + the reference in the input string will be unchanged. + Double $$ are reduced + + to a single $, which allows for escaping the $(VAR_NAME) + syntax: i.e. + + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + + Escaped references will never be expanded, regardless + of whether the variable + + exists or not. + + Defaults to "".' type: string valueFrom: description: Source for the environment variable's @@ -7657,10 +10131,18 @@ objects: description: The key to select. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: '' + description: 'Name of the referent. + + This field is effectively required, but + due to backwards compatibility is + + allowed to be empty. Instances of this type + with an empty value here are + + almost certainly wrong. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string optional: description: Specify whether the ConfigMap @@ -7669,12 +10151,14 @@ objects: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['''']`, - `metadata.annotations['''']`, spec.nodeName, - spec.serviceAccountName, status.hostIP, status.podIP, - status.podIPs.' + `metadata.annotations['''']`, + + spec.nodeName, spec.serviceAccountName, status.hostIP, + status.podIP, status.podIPs.' properties: apiVersion: description: Version of the schema the FieldPath @@ -7687,11 +10171,13 @@ objects: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: description: 'Selects a resource of the container: - only resources limits and requests (limits.cpu, - limits.memory, limits.ephemeral-storage, requests.cpu, - requests.memory and requests.ephemeral-storage) + only resources limits and requests + + (limits.cpu, limits.memory, limits.ephemeral-storage, + requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.' properties: containerName: @@ -7712,6 +10198,7 @@ objects: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: description: Selects a key of a secret in the pod's namespace @@ -7721,10 +10208,18 @@ objects: from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: '' + description: 'Name of the referent. + + This field is effectively required, but + due to backwards compatibility is + + allowed to be empty. Instances of this type + with an empty value here are + + almost certainly wrong. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string optional: description: Specify whether the Secret or @@ -7733,6 +10228,7 @@ objects: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -7747,10 +10243,12 @@ objects: IQE_IBUTSU_SOURCE env var on the IQE container type: string imageTag: - description: Image tag to use for IQE container. By default, - Clowder will set the image tag to be baseImage:name-of-iqe-plugin, - where baseImage is defined in the ClowdEnvironment. Only - the tag can be overridden here. + description: 'Image tag to use for IQE container. By default, + Clowder will set the image tag to be + + baseImage:name-of-iqe-plugin, where baseImage is defined + in the ClowdEnvironment. Only the tag can be overridden + here.' type: string logLevel: description: (DEPRECATED, using 'env' now preferred) sets @@ -7777,10 +10275,12 @@ objects: IQE_PARALLEL_WORKER_COUNT env var on the IQE container type: string plugins: - description: A comma,separated,list indicating IQE plugin(s) + description: 'A comma,separated,list indicating IQE plugin(s) to run tests for. By default, Clowder will use the plugin - name given on the ClowdApp's spec.testing.iqePlugin field. - Use this field if you wish you override the plugin list. + name given on the ClowdApp''s + + spec.testing.iqePlugin field. Use this field if you wish + you override the plugin list.' type: string requirements: description: (DEPRECATED, using 'env' now preferred) sets @@ -7835,8 +10335,10 @@ objects: ClowdJobInvocation properties: completed: - description: Completed is false and updated when all jobs have either - finished successfully or failed past their backoff and retry values + description: 'Completed is false and updated when all jobs have + either finished + + successfully or failed past their backoff and retry values' type: boolean conditions: items: @@ -7844,38 +10346,50 @@ objects: resource operational state. properties: lastTransitionTime: - description: Last time the condition transitioned from one - status to another. This should be when the underlying condition - changed. If that is not known, then using the time when - the API field changed is acceptable. + description: 'Last time the condition transitioned from one + status to another. + + This should be when the underlying condition changed. If + that is not known, then using the time when + + the API field changed is acceptable.' format: date-time type: string message: - description: A human readable message indicating details about - the transition. This field may be empty. + description: 'A human readable message indicating details + about the transition. + + This field may be empty.' type: string reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not - this field is considered a guaranteed API. This field may - not be empty. + description: 'The reason for the condition''s last transition + in CamelCase. + + The specific API may choose whether or not this field is + considered a guaranteed API. + + This field may not be empty.' type: string severity: - description: Severity provides an explicit classification + description: 'Severity provides an explicit classification of Reason code, so the users or machines can immediately - understand the current situation and act accordingly. The - Severity field MUST be set only when Status=False. + + understand the current situation and act accordingly. + + The Severity field MUST be set only when Status=False.' type: string status: description: Status of the condition, one of True, False, Unknown. type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. + description: 'Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict - is important. + like Available, but because arbitrary conditions + + can be useful (see .node.status.conditions), the ability + to deconflict is important.' type: string required: - lastTransitionTime @@ -7904,12 +10418,6 @@ objects: storage: true subresources: status: {} - status: - acceptedNames: - kind: '' - plural: '' - conditions: [] - storedVersions: [] - apiVersion: v1 kind: ServiceAccount metadata: @@ -8590,7 +11098,6 @@ objects: metadata: annotations: service.beta.openshift.io/inject-cabundle: 'true' - creationTimestamp: null name: clowder-validating-webhook-configuration webhooks: - admissionReviewVersions: