diff --git a/infrastructure/helm/quantumserverless/Chart.lock b/infrastructure/helm/quantumserverless/Chart.lock index 3b868b688..524f7eab5 100644 --- a/infrastructure/helm/quantumserverless/Chart.lock +++ b/infrastructure/helm/quantumserverless/Chart.lock @@ -2,17 +2,17 @@ dependencies: - name: jupyter repository: "" version: 0.1.0 -- name: operator - repository: "" - version: 0.3.0 +- name: kuberay-operator + repository: https://ray-project.github.io/kuberay-helm + version: 0.4.0 - name: ray-cluster - repository: "" - version: 0.3.0 + repository: https://ray-project.github.io/kuberay-helm + version: 0.4.0 - name: manager repository: "" version: 0.1.0 - name: redis repository: https://charts.bitnami.com/bitnami version: 17.4.1 -digest: sha256:7f98311605fe354572f27462aba2f2606e646e80db7da003c87c29e22671d43a -generated: "2023-01-05T14:16:47.505228+01:00" +digest: sha256:505bca14d3c11880618e3acced06e9d78420bb5659b1141d089b01104b5cafb3 +generated: "2023-01-11T15:59:23.454696+01:00" diff --git a/infrastructure/helm/quantumserverless/Chart.yaml b/infrastructure/helm/quantumserverless/Chart.yaml index dfa9d7b76..8c5e0c3cd 100644 --- a/infrastructure/helm/quantumserverless/Chart.yaml +++ b/infrastructure/helm/quantumserverless/Chart.yaml @@ -11,12 +11,14 @@ dependencies: - name: jupyter condition: jupyterEnable version: 0.1.0 - - name: operator - condition: rayOperatorEnable - version: 0.3.0 + - name: kuberay-operator + condition: kuberayOperatorEnable + version: 0.4.0 + repository: https://ray-project.github.io/kuberay-helm - name: ray-cluster condition: rayClusterEnable - version: 0.3.0 + version: 0.4.0 + repository: https://ray-project.github.io/kuberay-helm - name: manager condition: managerEnable version: 0.1.0 diff --git a/infrastructure/helm/quantumserverless/README.md b/infrastructure/helm/quantumserverless/README.md index 67f6ed4da..c1ae2270c 100644 --- a/infrastructure/helm/quantumserverless/README.md +++ b/infrastructure/helm/quantumserverless/README.md @@ -17,11 +17,15 @@ Install from specific values file helm -n ray install quantum-serverless -f --create-namespace . ``` +## Helm chart versions + +The Quantum Serverless Chart has several internal and external dependencies. If you are interested to know what versions the project is using you can check them in the [Chart.lock file](./Chart.lock). + ## Helm chart values **Redis** -For our Redis dependency we are using the configuration offered by Bitnami. To simplify the configuration we offered you with a straigh-forward initial parameters setup. But if you are interested in more complex configurations you have access to all the parameters that Bitnami added in the chart specified in their [README](https://artifacthub.io/packages/helm/bitnami/redis). +For our Redis dependency we are using the configuration created by Bitnami. To simplify the configuration we offered you with a straigh-forward initial parameters setup. But if you are interested in more complex configurations you have access to all the parameters that Bitnami added in the chart specified in their [README](https://artifacthub.io/packages/helm/bitnami/redis). **Jupyter notebook** @@ -46,43 +50,10 @@ For our Redis dependency we are using the configuration offered by Bitnami. To s | manager.service.port | Port number that service will be exposed externally. | | manager.ingress.enabled | Specifies if you are going to use ingress to expose the service. | -**Ray cluster** - -| Name | Description | -|-------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| rayClusterEnable | Specify if helm will execute the ray-cluster configuration. | -| ray-cluster.image | Docker image configuration to deploy the manager. | -| ray-cluster.imagePullSecrets | Secrets to pull the image from a private registry. | -| ray-cluster.nameOverride | Replaces the name of the chart in the Chart.yaml. | -| ray-cluster.fullnameOverride | Completely replaces the generated name. | -| ray-cluster.head | Head pod configuration which hosts global control processes for the Ray cluster. | -| ray-cluster.head.initArgs.dashboard-host | Host to expose the Ray dashboard outside the Ray cluster. | -| ray-cluster.head.initArgs.port | Port to expose the Ray dashboard outside the Ray cluster. | -| ray-cluster.worker | Worker pods configuration which run Ray tasks and actors. | -| ray-cluster.worker.replicas | Specifies the number of worker pods of that group to keep in the cluster. It has optional **minReplicas** and **maxReplicas** fields. | -| ray-cluster.ports | Port configuration for the worker. | -| ray-cluster.resources | Computational resources configuration for the worker. | -| ray-cluster.headServiceSuffix | Suffix used by the head service. | -| ray-cluster.service.type | Options are ClusterIP, NodePort, and LoadBalancer. Exposing the head’s service outside the cluster may require using a service of type LoadBalancer or NodePort. | -| ray-cluster.service.port | Port number that the head's service will be exposed externally. | - - - -**KubeRay operator** - -| Name | Description | -|-------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| rayOperatorEnable | Specify if helm will execute the kuberay-operator configuration. | -| operator.image | Docker image configuration to deploy the KubeRay Operator. | -| operator.nameOverride | Replaces the name of the chart in the Chart.yaml. | -| operator.fullnameOverride | Completely replaces the generated name. | -| operator.rbac.true | Specifies whether you want to install the default RBAC roles and bindings. | -| operator.serviceAccount.true | Specifies whether a service account should be created. | -| operator.serviceAccount.name | The name of the service account to use. | -| operator.service.type | Options are ClusterIP, NodePort, and LoadBalancer. Exposing the operators’ service outside the cluster may require using a service of type LoadBalancer or NodePort. | -| operator.service.port | Port number that the operators' service will user. | -| operator.ingress.enabled | Specifies if you are going to use ingress to expose the service. | -| operator.livenessProbe | Liveness probe configuration. | -| operator.readinessProbe | Readiness probe configuration. | -| operator.createCustomResource | Specifies whether helm should create a custom resource. | -| operator.rbacEnable | Specifies whether rbac roles are enable. | +**Ray cluster & Kuberay operator** + +For our Ray Charts dependencies we are using the configuration created by the Ray Project. To simplify the configuration we offered you with a straigh-forward initial parameters setup. But if you are interested in more complex configurations you have access to their Helm project [in GitHub](https://github.com/ray-project/kuberay-helm) to analyze the different variables: + +- For Kuberay Operator you can read their [values.yaml](https://github.com/ray-project/kuberay-helm/blob/main/helm-chart/kuberay-operator/values.yaml). + +- For Ray Cluster they provide you with a commented initial setup in their [values.yaml](https://github.com/ray-project/kuberay-helm/blob/main/helm-chart/ray-cluster/values.yaml). diff --git a/infrastructure/helm/quantumserverless/charts/operator/.helmignore b/infrastructure/helm/quantumserverless/charts/operator/.helmignore deleted file mode 100644 index 50af03172..000000000 --- a/infrastructure/helm/quantumserverless/charts/operator/.helmignore +++ /dev/null @@ -1,22 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj -.vscode/ diff --git a/infrastructure/helm/quantumserverless/charts/operator/Chart.yaml b/infrastructure/helm/quantumserverless/charts/operator/Chart.yaml deleted file mode 100644 index 95cdabe3e..000000000 --- a/infrastructure/helm/quantumserverless/charts/operator/Chart.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: v2 -appVersion: "1.0" -description: A Helm chart for Kubernetes -name: operator -version: 0.3.0 -icon: https://github.com/ray-project/ray/raw/master/doc/source/images/ray_header_logo.png -type: application diff --git a/infrastructure/helm/quantumserverless/charts/operator/README.md b/infrastructure/helm/quantumserverless/charts/operator/README.md deleted file mode 100644 index ce7c20f60..000000000 --- a/infrastructure/helm/quantumserverless/charts/operator/README.md +++ /dev/null @@ -1,97 +0,0 @@ -# KubeRay Operator - -Kuberay-operator: A simple Helm chart - -Run a deployment of Ray Operator. - -Deploy ray operator first, then deploy ray cluster. - -## Helm - -Make sure helm version is v3+ -```console -$ helm version -version.BuildInfo{Version:"v3.6.2", GitCommit:"ee407bdf364942bcb8e8c665f82e15aa28009b71", GitTreeState:"dirty", GoVersion:"go1.16.5"} -``` - -## Installing the Chart - -To avoid duplicate CRD definitions in this repo, we reuse CRD config in `ray-operator`: -```console -$ kubectl create -k "github.com/ray-project/kuberay/ray-operator/config/crd?ref=v0.3.0&timeout=90s" -``` -> Note that we must use `kubectl create` to install the CRDs. -> The corresponding `kubectl apply` command will not work. See [KubeRay issue #271](https://github.com/ray-project/kuberay/issues/271). - -Use the following command to install the chart: -```console -$ helm install kuberay-operator --namespace ray-system --create-namespace $(curl -s https://api.github.com/repos/ray-project/kuberay/releases/tags/v0.3.0 | grep '"browser_download_url":' | sort | grep -om1 'https.*helm-chart-kuberay-operator.*tgz') -``` - -## List the Chart - -To list the `my-release` deployment: - -```console -$ helm list -n ray-system -``` - -## Uninstalling the Chart - -To uninstall/delete the `my-release` deployment: - -```console -$ helm delete kuberay-operator -n ray-system -``` - -The command removes nearly all the Kubernetes components associated with the -chart and deletes the release. - -## Working with Argo CD - -If you are using [Argo CD](https://argoproj.github.io) to manage the operator, you will encounter the issue which complains the CRDs too long. Same with [this issue](https://github.com/prometheus-operator/prometheus-operator/issues/4439). -The recommended solution is to split the operator into two Argo apps, such as: - -* The first app just for installing the CRDs with `Replace=true` directly, snippet: - -```yaml -apiVersion: argoproj.io/v1alpha1 -kind: Application -metadata: - name: ray-operator-crds -spec: - project: default - source: - repoURL: https://github.com/ray-project/kuberay - targetRevision: v0.3.0 - path: helm-chart/kuberay-operator/crds - destination: - server: https://kubernetes.default.svc - syncPolicy: - syncOptions: - - Replace=true -... -``` - -* The second app that installs the Helm chart with `skipCrds=true` (new feature in Argo CD 2.3.0), snippet: - -```yaml -apiVersion: argoproj.io/v1alpha1 -kind: Application -metadata: - name: ray-operator -spec: - source: - repoURL: https://github.com/ray-project/kuberay - targetRevision: v0.3.0 - path: helm-chart/kuberay-operator - helm: - skipCrds: true - destination: - server: https://kubernetes.default.svc - namespace: ray-operator - syncPolicy: - syncOptions: - - CreateNamespace=true -... -``` diff --git a/infrastructure/helm/quantumserverless/charts/operator/crds/ray.io_rayclusters.yaml b/infrastructure/helm/quantumserverless/charts/operator/crds/ray.io_rayclusters.yaml deleted file mode 100644 index d2ce5baf3..000000000 --- a/infrastructure/helm/quantumserverless/charts/operator/crds/ray.io_rayclusters.yaml +++ /dev/null @@ -1,11156 +0,0 @@ - ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.6.0 - creationTimestamp: null - name: rayclusters.ray.io -spec: - group: ray.io - names: - kind: RayCluster - listKind: RayClusterList - plural: rayclusters - singular: raycluster - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: RayCluster is the Schema for the RayClusters API - properties: - apiVersion: - description: APIVersion defines the versioned schema of this representation - of an object. - type: string - kind: - description: Kind is a string value representing the REST resource this - object represents. - type: string - metadata: - type: object - spec: - description: Specification of the desired behavior of the RayCluster. - properties: - autoscalerOptions: - description: AutoscalerOptions specifies optional configuration for - the Ray autoscaler. - properties: - env: - description: Optional list of environment variables to set in - the autoscaler container. - items: - description: EnvVar represents an environment variable present - in a Container. - properties: - name: - description: Name of the environment variable. Must be a - C_IDENTIFIER. - type: string - value: - description: Variable references $(VAR_NAME) are expanded - using the previously defined environment variables in - t - type: string - valueFrom: - description: Source for the environment variable's value. - Cannot be used if value is not empty. - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.' - type: string - optional: - description: Specify whether the ConfigMap or its - key must be defined - type: boolean - required: - - key - type: object - fieldRef: - description: 'Selects a field of the pod: supports metadata.name, - metadata.namespace, `metadata.' - properties: - apiVersion: - description: Version of the schema the FieldPath - is written in terms of, defaults to "v1". - type: string - fieldPath: - description: Path of the field to select in the - specified API version. - type: string - required: - - fieldPath - type: object - resourceFieldRef: - description: 'Selects a resource of the container: only - resources limits and requests (limits.cpu, limits.' - properties: - containerName: - description: 'Container name: required for volumes, - optional for env vars' - type: string - divisor: - anyOf: - - type: integer - - type: string - description: Specifies the output format of the - exposed resources, defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: 'Required: resource to select' - type: string - required: - - resource - type: object - secretKeyRef: - description: Selects a key of a secret in the pod's - namespace - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.' - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - envFrom: - description: Optional list of sources to populate environment - variables in the autoscaler container. - items: - description: EnvFromSource represents the source of a set of - ConfigMaps - properties: - configMapRef: - description: The ConfigMap to select from - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.' - type: string - optional: - description: Specify whether the ConfigMap must be defined - type: boolean - type: object - prefix: - description: An optional identifier to prepend to each key - in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.' - type: string - optional: - description: Specify whether the Secret must be defined - type: boolean - type: object - type: object - type: array - idleTimeoutSeconds: - description: IdleTimeoutSeconds is the number of seconds to wait - before scaling down a worker pod which is not us - format: int32 - type: integer - image: - description: Image optionally overrides the autoscaler's container - image. - type: string - imagePullPolicy: - description: ImagePullPolicy optionally overrides the autoscaler - container's image pull policy. - type: string - resources: - description: Resources specifies optional resource request and - limit overrides for the autoscaler container. - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.' - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: Requests describes the minimum amount of compute - resources required. - type: object - type: object - upscalingMode: - description: UpscalingMode is "Conservative", "Default", or "Aggressive. - enum: - - Default - - Aggressive - - Conservative - type: string - type: object - enableInTreeAutoscaling: - description: EnableInTreeAutoscaling indicates whether operator should - create in tree autoscaling configs - type: boolean - headGroupSpec: - description: 'INSERT ADDITIONAL SPEC FIELDS - desired state of cluster - Important: Run "make" to regenerate code af' - properties: - enableIngress: - description: EnableIngress indicates whether operator should create - ingress object for head service or not. - type: boolean - rayStartParams: - additionalProperties: - type: string - description: 'RayStartParams are the params of the start command: - node-manager-port, object-store-memory, ...' - type: object - replicas: - description: HeadGroupSpec.Replicas is deprecated and ignored; - there can only be one head pod per Ray cluster. - format: int32 - type: integer - serviceType: - description: ServiceType is Kubernetes service type of the head - service. - type: string - template: - description: Template is the eaxct pod template used in K8s depoyments, - statefulsets, etc. - properties: - metadata: - description: 'Standard object''s metadata. More info: https://git.k8s.' - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - description: 'Specification of the desired behavior of the - pod. More info: https://git.k8s.' - properties: - activeDeadlineSeconds: - description: Optional duration in seconds the pod may - be active on the node relative to StartTime before the - syst - format: int64 - type: integer - affinity: - description: If specified, the pod's scheduling constraints - properties: - nodeAffinity: - description: Describes node affinity scheduling rules - for the pod. - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: 'The scheduler will prefer to schedule - pods to nodes that satisfy the affinity expressions - specified ' - items: - description: An empty preferred scheduling term - matches all objects with implicit weight 0 - (i.e. it's a no-op). - properties: - preference: - description: A node selector term, associated - with the corresponding weight. - properties: - matchExpressions: - description: A list of node selector - requirements by node's labels. - items: - description: 'A node selector requirement - is a selector that contains values, - a key, and an operator that relates ' - properties: - key: - description: The label key that - the selector applies to. - type: string - operator: - description: Represents a key's - relationship to a set of values. - type: string - values: - description: An array of string - values. If the operator is In - or NotIn, the values array must - be non-empty. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - description: A list of node selector - requirements by node's fields. - items: - description: 'A node selector requirement - is a selector that contains values, - a key, and an operator that relates ' - properties: - key: - description: The label key that - the selector applies to. - type: string - operator: - description: Represents a key's - relationship to a set of values. - type: string - values: - description: An array of string - values. If the operator is In - or NotIn, the values array must - be non-empty. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - weight: - description: Weight associated with matching - the corresponding nodeSelectorTerm, in - the range 1-100. - format: int32 - type: integer - required: - - preference - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements specified - by this field are not met at scheduling time, - the pod will no - properties: - nodeSelectorTerms: - description: Required. A list of node selector - terms. The terms are ORed. - items: - description: A null or empty node selector - term matches no objects. The requirements - of them are ANDed. - properties: - matchExpressions: - description: A list of node selector - requirements by node's labels. - items: - description: 'A node selector requirement - is a selector that contains values, - a key, and an operator that relates ' - properties: - key: - description: The label key that - the selector applies to. - type: string - operator: - description: Represents a key's - relationship to a set of values. - type: string - values: - description: An array of string - values. If the operator is In - or NotIn, the values array must - be non-empty. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - description: A list of node selector - requirements by node's fields. - items: - description: 'A node selector requirement - is a selector that contains values, - a key, and an operator that relates ' - properties: - key: - description: The label key that - the selector applies to. - type: string - operator: - description: Represents a key's - relationship to a set of values. - type: string - values: - description: An array of string - values. If the operator is In - or NotIn, the values array must - be non-empty. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - type: array - required: - - nodeSelectorTerms - type: object - type: object - podAffinity: - description: Describes pod affinity scheduling rules - (e.g. co-locate this pod in the same node, zone, - etc. - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: 'The scheduler will prefer to schedule - pods to nodes that satisfy the affinity expressions - specified ' - items: - description: The weights of all of the matched - WeightedPodAffinityTerm fields are added per-node - to find the most - properties: - podAffinityTerm: - description: Required. A pod affinity term, - associated with the corresponding weight. - properties: - labelSelector: - description: A label query over a set - of resources, in this case pods. - properties: - matchExpressions: - description: matchExpressions is - a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector - requirement is a selector that - contains values, a key, and - an operator that relates - properties: - key: - description: key is the label - key that the selector applies - to. - type: string - operator: - description: operator represents - a key's relationship to - a set of values. - type: string - values: - description: values is an - array of string values. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map - of {key,value} pairs. - type: object - type: object - namespaceSelector: - description: A label query over the - set of namespaces that the term applies - to. - properties: - matchExpressions: - description: matchExpressions is - a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector - requirement is a selector that - contains values, a key, and - an operator that relates - properties: - key: - description: key is the label - key that the selector applies - to. - type: string - operator: - description: operator represents - a key's relationship to - a set of values. - type: string - values: - description: values is an - array of string values. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map - of {key,value} pairs. - type: object - type: object - namespaces: - description: namespaces specifies a - static list of namespace names that - the term applies to. - items: - type: string - type: array - topologyKey: - description: This pod should be co-located - (affinity) or not co-located (anti-affinity) - with the pods matching th - type: string - required: - - topologyKey - type: object - weight: - description: weight associated with matching - the corresponding podAffinityTerm, in - the range 1-100. - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements specified - by this field are not met at scheduling time, - the pod will no - items: - description: Defines a set of pods (namely those - matching the labelSelector relative to the - given namespace(s)) t - properties: - labelSelector: - description: A label query over a set of - resources, in this case pods. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The - requirements are ANDed. - items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - properties: - key: - description: key is the label - key that the selector applies - to. - type: string - operator: - description: operator represents - a key's relationship to a set - of values. - type: string - values: - description: values is an array - of string values. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of - {key,value} pairs. - type: object - type: object - namespaceSelector: - description: A label query over the set - of namespaces that the term applies to. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The - requirements are ANDed. - items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - properties: - key: - description: key is the label - key that the selector applies - to. - type: string - operator: - description: operator represents - a key's relationship to a set - of values. - type: string - values: - description: values is an array - of string values. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of - {key,value} pairs. - type: object - type: object - namespaces: - description: namespaces specifies a static - list of namespace names that the term - applies to. - items: - type: string - type: array - topologyKey: - description: This pod should be co-located - (affinity) or not co-located (anti-affinity) - with the pods matching th - type: string - required: - - topologyKey - type: object - type: array - type: object - podAntiAffinity: - description: Describes pod anti-affinity scheduling - rules (e.g. - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule - pods to nodes that satisfy the anti-affinity - expressions speci - items: - description: The weights of all of the matched - WeightedPodAffinityTerm fields are added per-node - to find the most - properties: - podAffinityTerm: - description: Required. A pod affinity term, - associated with the corresponding weight. - properties: - labelSelector: - description: A label query over a set - of resources, in this case pods. - properties: - matchExpressions: - description: matchExpressions is - a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector - requirement is a selector that - contains values, a key, and - an operator that relates - properties: - key: - description: key is the label - key that the selector applies - to. - type: string - operator: - description: operator represents - a key's relationship to - a set of values. - type: string - values: - description: values is an - array of string values. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map - of {key,value} pairs. - type: object - type: object - namespaceSelector: - description: A label query over the - set of namespaces that the term applies - to. - properties: - matchExpressions: - description: matchExpressions is - a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector - requirement is a selector that - contains values, a key, and - an operator that relates - properties: - key: - description: key is the label - key that the selector applies - to. - type: string - operator: - description: operator represents - a key's relationship to - a set of values. - type: string - values: - description: values is an - array of string values. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map - of {key,value} pairs. - type: object - type: object - namespaces: - description: namespaces specifies a - static list of namespace names that - the term applies to. - items: - type: string - type: array - topologyKey: - description: This pod should be co-located - (affinity) or not co-located (anti-affinity) - with the pods matching th - type: string - required: - - topologyKey - type: object - weight: - description: weight associated with matching - the corresponding podAffinityTerm, in - the range 1-100. - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: If the anti-affinity requirements - specified by this field are not met at scheduling - time, the pod wi - items: - description: Defines a set of pods (namely those - matching the labelSelector relative to the - given namespace(s)) t - properties: - labelSelector: - description: A label query over a set of - resources, in this case pods. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The - requirements are ANDed. - items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - properties: - key: - description: key is the label - key that the selector applies - to. - type: string - operator: - description: operator represents - a key's relationship to a set - of values. - type: string - values: - description: values is an array - of string values. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of - {key,value} pairs. - type: object - type: object - namespaceSelector: - description: A label query over the set - of namespaces that the term applies to. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The - requirements are ANDed. - items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - properties: - key: - description: key is the label - key that the selector applies - to. - type: string - operator: - description: operator represents - a key's relationship to a set - of values. - type: string - values: - description: values is an array - of string values. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of - {key,value} pairs. - type: object - type: object - namespaces: - description: namespaces specifies a static - list of namespace names that the term - applies to. - items: - type: string - type: array - topologyKey: - description: This pod should be co-located - (affinity) or not co-located (anti-affinity) - with the pods matching th - type: string - required: - - topologyKey - type: object - type: array - type: object - type: object - automountServiceAccountToken: - description: AutomountServiceAccountToken indicates whether - a service account token should be automatically mount - type: boolean - containers: - description: List of containers belonging to the pod. - Containers cannot currently be added or removed. - items: - description: A single application container that you - want to run within a pod. - properties: - args: - description: Arguments to the entrypoint. The docker - image's CMD is used if this is not provided. - items: - type: string - type: array - command: - description: Entrypoint array. Not executed within - a shell. - items: - type: string - type: array - env: - description: List of environment variables to set - in the container. Cannot be updated. - items: - description: EnvVar represents an environment - variable present in a Container. - properties: - name: - description: Name of the environment variable. - Must be a C_IDENTIFIER. - type: string - value: - description: Variable references $(VAR_NAME) - are expanded using the previously defined - environment variables in t - type: string - valueFrom: - description: Source for the environment variable's - value. Cannot be used if value is not empty. - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether the ConfigMap - or its key must be defined - type: boolean - required: - - key - type: object - fieldRef: - description: 'Selects a field of the pod: - supports metadata.name, metadata.namespace, - `metadata.' - properties: - apiVersion: - description: Version of the schema - the FieldPath is written in terms - of, defaults to "v1". - type: string - fieldPath: - description: Path of the field to - select in the specified API version. - type: string - required: - - fieldPath - type: object - resourceFieldRef: - description: 'Selects a resource of the - container: only resources limits and - requests (limits.cpu, limits.' - properties: - containerName: - description: 'Container name: required - for volumes, optional for env vars' - type: string - divisor: - anyOf: - - type: integer - - type: string - description: Specifies the output - format of the exposed resources, - defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: 'Required: resource to - select' - type: string - required: - - resource - type: object - secretKeyRef: - description: Selects a key of a secret - in the pod's namespace - properties: - key: - description: The key of the secret - to select from. Must be a valid - secret key. - type: string - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether the Secret - or its key must be defined - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - envFrom: - description: List of sources to populate environment - variables in the container. - items: - description: EnvFromSource represents the source - of a set of ConfigMaps - properties: - configMapRef: - description: The ConfigMap to select from - properties: - name: - description: 'Name of the referent. More - info: https://kubernetes.' - type: string - optional: - description: Specify whether the ConfigMap - must be defined - type: boolean - type: object - prefix: - description: An optional identifier to prepend - to each key in the ConfigMap. Must be a - C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - properties: - name: - description: 'Name of the referent. More - info: https://kubernetes.' - type: string - optional: - description: Specify whether the Secret - must be defined - type: boolean - type: object - type: object - type: array - image: - description: 'Docker image name. More info: https://kubernetes.' - type: string - imagePullPolicy: - description: Image pull policy. One of Always, Never, - IfNotPresent. - type: string - lifecycle: - description: Actions that the management system - should take in response to container lifecycle - events. - properties: - postStart: - description: PostStart is called immediately - after a container is created. - properties: - exec: - description: Exec specifies the action to - take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the command ' - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect to, - defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set in - the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in HTTP - probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP - server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port - to access on the container. Number - must be in the range 1 to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - tcpSocket: - description: Deprecated. - properties: - host: - description: 'Optional: Host name to - connect to, defaults to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port - to access on the container. Number - must be in the range 1 to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - preStop: - description: PreStop is called immediately before - a container is terminated due to an API request - or management e - properties: - exec: - description: Exec specifies the action to - take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the command ' - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect to, - defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set in - the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in HTTP - probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP - server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port - to access on the container. Number - must be in the range 1 to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - tcpSocket: - description: Deprecated. - properties: - host: - description: 'Optional: Host name to - connect to, defaults to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port - to access on the container. Number - must be in the range 1 to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - type: object - livenessProbe: - description: Periodic probe of container liveness. - Container will be restarted if the probe fails. - properties: - exec: - description: Exec specifies the action to take. - properties: - command: - description: 'Command is the command line - to execute inside the container, the working - directory for the command ' - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures for - the probe to be considered failed after having - succeeded. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving - a GRPC port. - properties: - port: - description: Port number of the gRPC service. - Number must be in the range 1 to 65535. - format: int32 - type: integer - service: - description: Service is the name of the - service to place in the gRPC HealthCheckRequest - (see https://github. - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http request - to perform. - properties: - host: - description: Host name to connect to, defaults - to the pod IP. - type: string - httpHeaders: - description: Custom headers to set in the - request. HTTP allows repeated headers. - items: - description: HTTPHeader describes a custom - header to be used in HTTP probes - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP - server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port - to access on the container. Number must - be in the range 1 to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: Number of seconds after the container - has started before liveness probes are initiated. - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform - the probe. Default to 10 seconds. Minimum - value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes for - the probe to be considered successful after - having failed. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action involving - a TCP port. - properties: - host: - description: 'Optional: Host name to connect - to, defaults to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port - to access on the container. Number must - be in the range 1 to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds the - pod needs to terminate gracefully upon probe - failure. - format: int64 - type: integer - timeoutSeconds: - description: Number of seconds after which the - probe times out. Defaults to 1 second. Minimum - value is 1. - format: int32 - type: integer - type: object - name: - description: Name of the container specified as - a DNS_LABEL. - type: string - ports: - description: List of ports to expose from the container. - items: - description: ContainerPort represents a network - port in a single container. - properties: - containerPort: - description: Number of port to expose on the - pod's IP address. This must be a valid port - number, 0 < x < 65536. - format: int32 - type: integer - hostIP: - description: What host IP to bind the external - port to. - type: string - hostPort: - description: Number of port to expose on the - host. If specified, this must be a valid - port number, 0 < x < 65536. - format: int32 - type: integer - name: - description: If specified, this must be an - IANA_SVC_NAME and unique within the pod. - type: string - protocol: - default: TCP - description: Protocol for port. Must be UDP, - TCP, or SCTP. Defaults to "TCP". - type: string - required: - - containerPort - type: object - type: array - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: Periodic probe of container service - readiness. - properties: - exec: - description: Exec specifies the action to take. - properties: - command: - description: 'Command is the command line - to execute inside the container, the working - directory for the command ' - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures for - the probe to be considered failed after having - succeeded. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving - a GRPC port. - properties: - port: - description: Port number of the gRPC service. - Number must be in the range 1 to 65535. - format: int32 - type: integer - service: - description: Service is the name of the - service to place in the gRPC HealthCheckRequest - (see https://github. - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http request - to perform. - properties: - host: - description: Host name to connect to, defaults - to the pod IP. - type: string - httpHeaders: - description: Custom headers to set in the - request. HTTP allows repeated headers. - items: - description: HTTPHeader describes a custom - header to be used in HTTP probes - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP - server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port - to access on the container. Number must - be in the range 1 to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: Number of seconds after the container - has started before liveness probes are initiated. - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform - the probe. Default to 10 seconds. Minimum - value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes for - the probe to be considered successful after - having failed. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action involving - a TCP port. - properties: - host: - description: 'Optional: Host name to connect - to, defaults to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port - to access on the container. Number must - be in the range 1 to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds the - pod needs to terminate gracefully upon probe - failure. - format: int64 - type: integer - timeoutSeconds: - description: Number of seconds after which the - probe times out. Defaults to 1 second. Minimum - value is 1. - format: int32 - type: integer - type: object - resources: - description: 'Compute Resources required by this - container. Cannot be updated. More info: https://kubernetes.' - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount - of compute resources allowed. More info: https://kubernetes.' - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: Requests describes the minimum - amount of compute resources required. - type: object - type: object - securityContext: - description: SecurityContext defines the security - options the container should be run with. - properties: - allowPrivilegeEscalation: - description: AllowPrivilegeEscalation controls - whether a process can gain more privileges - than its parent process - type: boolean - capabilities: - description: The capabilities to add/drop when - running containers. - properties: - add: - description: Added capabilities - items: - description: Capability represent POSIX - capabilities type - type: string - type: array - drop: - description: Removed capabilities - items: - description: Capability represent POSIX - capabilities type - type: string - type: array - type: object - privileged: - description: Run container in privileged mode. - type: boolean - procMount: - description: procMount denotes the type of proc - mount to use for the containers. - type: string - readOnlyRootFilesystem: - description: Whether this container has a read-only - root filesystem. Default is false. - type: boolean - runAsGroup: - description: The GID to run the entrypoint of - the container process. Uses runtime default - if unset. - format: int64 - type: integer - runAsNonRoot: - description: Indicates that the container must - run as a non-root user. - type: boolean - runAsUser: - description: The UID to run the entrypoint of - the container process. - format: int64 - type: integer - seLinuxOptions: - description: The SELinux context to be applied - to the container. - properties: - level: - description: Level is SELinux level label - that applies to the container. - type: string - role: - description: Role is a SELinux role label - that applies to the container. - type: string - type: - description: Type is a SELinux type label - that applies to the container. - type: string - user: - description: User is a SELinux user label - that applies to the container. - type: string - type: object - seccompProfile: - description: The seccomp options to use by this - container. - properties: - localhostProfile: - description: localhostProfile indicates - a profile defined in a file on the node - should be used. - type: string - type: - description: type indicates which kind of - seccomp profile will be applied. - type: string - required: - - type - type: object - windowsOptions: - description: The Windows specific settings applied - to all containers. - properties: - gmsaCredentialSpec: - description: GMSACredentialSpec is where - the GMSA admission webhook (https://github. - type: string - gmsaCredentialSpecName: - description: GMSACredentialSpecName is the - name of the GMSA credential spec to use. - type: string - hostProcess: - description: HostProcess determines if a - container should be run as a 'Host Process' - container. - type: boolean - runAsUserName: - description: The UserName in Windows to - run the entrypoint of the container process. - type: string - type: object - type: object - startupProbe: - description: StartupProbe indicates that the Pod - has successfully initialized. - properties: - exec: - description: Exec specifies the action to take. - properties: - command: - description: 'Command is the command line - to execute inside the container, the working - directory for the command ' - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures for - the probe to be considered failed after having - succeeded. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving - a GRPC port. - properties: - port: - description: Port number of the gRPC service. - Number must be in the range 1 to 65535. - format: int32 - type: integer - service: - description: Service is the name of the - service to place in the gRPC HealthCheckRequest - (see https://github. - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http request - to perform. - properties: - host: - description: Host name to connect to, defaults - to the pod IP. - type: string - httpHeaders: - description: Custom headers to set in the - request. HTTP allows repeated headers. - items: - description: HTTPHeader describes a custom - header to be used in HTTP probes - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP - server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port - to access on the container. Number must - be in the range 1 to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: Number of seconds after the container - has started before liveness probes are initiated. - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform - the probe. Default to 10 seconds. Minimum - value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes for - the probe to be considered successful after - having failed. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action involving - a TCP port. - properties: - host: - description: 'Optional: Host name to connect - to, defaults to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port - to access on the container. Number must - be in the range 1 to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds the - pod needs to terminate gracefully upon probe - failure. - format: int64 - type: integer - timeoutSeconds: - description: Number of seconds after which the - probe times out. Defaults to 1 second. Minimum - value is 1. - format: int32 - type: integer - type: object - stdin: - description: Whether this container should allocate - a buffer for stdin in the container runtime. - type: boolean - stdinOnce: - description: Whether the container runtime should - close the stdin channel after it has been opened - by a single at - type: boolean - terminationMessagePath: - description: 'Optional: Path at which the file to - which the container''s termination message will - be written is mou' - type: string - terminationMessagePolicy: - description: Indicate how the termination message - should be populated. - type: string - tty: - description: Whether this container should allocate - a TTY for itself, also requires 'stdin' to be - true. - type: boolean - volumeDevices: - description: volumeDevices is the list of block - devices to be used by the container. - items: - description: volumeDevice describes a mapping - of a raw block device within a container. - properties: - devicePath: - description: devicePath is the path inside - of the container that the device will be - mapped to. - type: string - name: - description: name must match the name of a - persistentVolumeClaim in the pod - type: string - required: - - devicePath - - name - type: object - type: array - volumeMounts: - description: Pod volumes to mount into the container's - filesystem. Cannot be updated. - items: - description: VolumeMount describes a mounting - of a Volume within a container. - properties: - mountPath: - description: Path within the container at - which the volume should be mounted. Must - not contain ':'. - type: string - mountPropagation: - description: mountPropagation determines how - mounts are propagated from the host to container - and the other way a - type: string - name: - description: This must match the Name of a - Volume. - type: string - readOnly: - description: Mounted read-only if true, read-write - otherwise (false or unspecified). Defaults - to false. - type: boolean - subPath: - description: Path within the volume from which - the container's volume should be mounted. - type: string - subPathExpr: - description: Expanded path within the volume - from which the container's volume should - be mounted. - type: string - required: - - mountPath - - name - type: object - type: array - workingDir: - description: Container's working directory. - type: string - required: - - name - type: object - type: array - dnsConfig: - description: Specifies the DNS parameters of a pod. - properties: - nameservers: - description: A list of DNS name server IP addresses. - items: - type: string - type: array - options: - description: A list of DNS resolver options. This - will be merged with the base options generated from - DNSPolicy. - items: - description: PodDNSConfigOption defines DNS resolver - options of a pod. - properties: - name: - description: Required. - type: string - value: - type: string - type: object - type: array - searches: - description: A list of DNS search domains for host-name - lookup. - items: - type: string - type: array - type: object - dnsPolicy: - description: Set DNS policy for the pod. Defaults to "ClusterFirst". - type: string - enableServiceLinks: - description: EnableServiceLinks indicates whether information - about services should be injected into pod's enviro - type: boolean - ephemeralContainers: - description: List of ephemeral containers run in this - pod. - items: - description: An EphemeralContainer is a temporary container - that you may add to an existing Pod for user-initiate - properties: - args: - description: Arguments to the entrypoint. The docker - image's CMD is used if this is not provided. - items: - type: string - type: array - command: - description: Entrypoint array. Not executed within - a shell. - items: - type: string - type: array - env: - description: List of environment variables to set - in the container. Cannot be updated. - items: - description: EnvVar represents an environment - variable present in a Container. - properties: - name: - description: Name of the environment variable. - Must be a C_IDENTIFIER. - type: string - value: - description: Variable references $(VAR_NAME) - are expanded using the previously defined - environment variables in t - type: string - valueFrom: - description: Source for the environment variable's - value. Cannot be used if value is not empty. - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether the ConfigMap - or its key must be defined - type: boolean - required: - - key - type: object - fieldRef: - description: 'Selects a field of the pod: - supports metadata.name, metadata.namespace, - `metadata.' - properties: - apiVersion: - description: Version of the schema - the FieldPath is written in terms - of, defaults to "v1". - type: string - fieldPath: - description: Path of the field to - select in the specified API version. - type: string - required: - - fieldPath - type: object - resourceFieldRef: - description: 'Selects a resource of the - container: only resources limits and - requests (limits.cpu, limits.' - properties: - containerName: - description: 'Container name: required - for volumes, optional for env vars' - type: string - divisor: - anyOf: - - type: integer - - type: string - description: Specifies the output - format of the exposed resources, - defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: 'Required: resource to - select' - type: string - required: - - resource - type: object - secretKeyRef: - description: Selects a key of a secret - in the pod's namespace - properties: - key: - description: The key of the secret - to select from. Must be a valid - secret key. - type: string - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether the Secret - or its key must be defined - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - envFrom: - description: List of sources to populate environment - variables in the container. - items: - description: EnvFromSource represents the source - of a set of ConfigMaps - properties: - configMapRef: - description: The ConfigMap to select from - properties: - name: - description: 'Name of the referent. More - info: https://kubernetes.' - type: string - optional: - description: Specify whether the ConfigMap - must be defined - type: boolean - type: object - prefix: - description: An optional identifier to prepend - to each key in the ConfigMap. Must be a - C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - properties: - name: - description: 'Name of the referent. More - info: https://kubernetes.' - type: string - optional: - description: Specify whether the Secret - must be defined - type: boolean - type: object - type: object - type: array - image: - description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images' - type: string - imagePullPolicy: - description: Image pull policy. One of Always, Never, - IfNotPresent. - type: string - lifecycle: - description: Lifecycle is not allowed for ephemeral - containers. - properties: - postStart: - description: PostStart is called immediately - after a container is created. - properties: - exec: - description: Exec specifies the action to - take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the command ' - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect to, - defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set in - the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in HTTP - probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP - server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port - to access on the container. Number - must be in the range 1 to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - tcpSocket: - description: Deprecated. - properties: - host: - description: 'Optional: Host name to - connect to, defaults to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port - to access on the container. Number - must be in the range 1 to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - preStop: - description: PreStop is called immediately before - a container is terminated due to an API request - or management e - properties: - exec: - description: Exec specifies the action to - take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the command ' - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect to, - defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set in - the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in HTTP - probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP - server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port - to access on the container. Number - must be in the range 1 to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - tcpSocket: - description: Deprecated. - properties: - host: - description: 'Optional: Host name to - connect to, defaults to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port - to access on the container. Number - must be in the range 1 to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - type: object - livenessProbe: - description: Probes are not allowed for ephemeral - containers. - properties: - exec: - description: Exec specifies the action to take. - properties: - command: - description: 'Command is the command line - to execute inside the container, the working - directory for the command ' - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures for - the probe to be considered failed after having - succeeded. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving - a GRPC port. - properties: - port: - description: Port number of the gRPC service. - Number must be in the range 1 to 65535. - format: int32 - type: integer - service: - description: Service is the name of the - service to place in the gRPC HealthCheckRequest - (see https://github. - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http request - to perform. - properties: - host: - description: Host name to connect to, defaults - to the pod IP. - type: string - httpHeaders: - description: Custom headers to set in the - request. HTTP allows repeated headers. - items: - description: HTTPHeader describes a custom - header to be used in HTTP probes - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP - server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port - to access on the container. Number must - be in the range 1 to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: Number of seconds after the container - has started before liveness probes are initiated. - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform - the probe. Default to 10 seconds. Minimum - value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes for - the probe to be considered successful after - having failed. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action involving - a TCP port. - properties: - host: - description: 'Optional: Host name to connect - to, defaults to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port - to access on the container. Number must - be in the range 1 to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds the - pod needs to terminate gracefully upon probe - failure. - format: int64 - type: integer - timeoutSeconds: - description: Number of seconds after which the - probe times out. Defaults to 1 second. Minimum - value is 1. - format: int32 - type: integer - type: object - name: - description: Name of the ephemeral container specified - as a DNS_LABEL. - type: string - ports: - description: Ports are not allowed for ephemeral - containers. - items: - description: ContainerPort represents a network - port in a single container. - properties: - containerPort: - description: Number of port to expose on the - pod's IP address. This must be a valid port - number, 0 < x < 65536. - format: int32 - type: integer - hostIP: - description: What host IP to bind the external - port to. - type: string - hostPort: - description: Number of port to expose on the - host. If specified, this must be a valid - port number, 0 < x < 65536. - format: int32 - type: integer - name: - description: If specified, this must be an - IANA_SVC_NAME and unique within the pod. - type: string - protocol: - default: TCP - description: Protocol for port. Must be UDP, - TCP, or SCTP. Defaults to "TCP". - type: string - required: - - containerPort - type: object - type: array - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: Probes are not allowed for ephemeral - containers. - properties: - exec: - description: Exec specifies the action to take. - properties: - command: - description: 'Command is the command line - to execute inside the container, the working - directory for the command ' - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures for - the probe to be considered failed after having - succeeded. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving - a GRPC port. - properties: - port: - description: Port number of the gRPC service. - Number must be in the range 1 to 65535. - format: int32 - type: integer - service: - description: Service is the name of the - service to place in the gRPC HealthCheckRequest - (see https://github. - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http request - to perform. - properties: - host: - description: Host name to connect to, defaults - to the pod IP. - type: string - httpHeaders: - description: Custom headers to set in the - request. HTTP allows repeated headers. - items: - description: HTTPHeader describes a custom - header to be used in HTTP probes - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP - server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port - to access on the container. Number must - be in the range 1 to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: Number of seconds after the container - has started before liveness probes are initiated. - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform - the probe. Default to 10 seconds. Minimum - value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes for - the probe to be considered successful after - having failed. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action involving - a TCP port. - properties: - host: - description: 'Optional: Host name to connect - to, defaults to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port - to access on the container. Number must - be in the range 1 to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds the - pod needs to terminate gracefully upon probe - failure. - format: int64 - type: integer - timeoutSeconds: - description: Number of seconds after which the - probe times out. Defaults to 1 second. Minimum - value is 1. - format: int32 - type: integer - type: object - resources: - description: Resources are not allowed for ephemeral - containers. - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount - of compute resources allowed. More info: https://kubernetes.' - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: Requests describes the minimum - amount of compute resources required. - type: object - type: object - securityContext: - description: 'Optional: SecurityContext defines - the security options the ephemeral container should - be run with.' - properties: - allowPrivilegeEscalation: - description: AllowPrivilegeEscalation controls - whether a process can gain more privileges - than its parent process - type: boolean - capabilities: - description: The capabilities to add/drop when - running containers. - properties: - add: - description: Added capabilities - items: - description: Capability represent POSIX - capabilities type - type: string - type: array - drop: - description: Removed capabilities - items: - description: Capability represent POSIX - capabilities type - type: string - type: array - type: object - privileged: - description: Run container in privileged mode. - type: boolean - procMount: - description: procMount denotes the type of proc - mount to use for the containers. - type: string - readOnlyRootFilesystem: - description: Whether this container has a read-only - root filesystem. Default is false. - type: boolean - runAsGroup: - description: The GID to run the entrypoint of - the container process. Uses runtime default - if unset. - format: int64 - type: integer - runAsNonRoot: - description: Indicates that the container must - run as a non-root user. - type: boolean - runAsUser: - description: The UID to run the entrypoint of - the container process. - format: int64 - type: integer - seLinuxOptions: - description: The SELinux context to be applied - to the container. - properties: - level: - description: Level is SELinux level label - that applies to the container. - type: string - role: - description: Role is a SELinux role label - that applies to the container. - type: string - type: - description: Type is a SELinux type label - that applies to the container. - type: string - user: - description: User is a SELinux user label - that applies to the container. - type: string - type: object - seccompProfile: - description: The seccomp options to use by this - container. - properties: - localhostProfile: - description: localhostProfile indicates - a profile defined in a file on the node - should be used. - type: string - type: - description: type indicates which kind of - seccomp profile will be applied. - type: string - required: - - type - type: object - windowsOptions: - description: The Windows specific settings applied - to all containers. - properties: - gmsaCredentialSpec: - description: GMSACredentialSpec is where - the GMSA admission webhook (https://github. - type: string - gmsaCredentialSpecName: - description: GMSACredentialSpecName is the - name of the GMSA credential spec to use. - type: string - hostProcess: - description: HostProcess determines if a - container should be run as a 'Host Process' - container. - type: boolean - runAsUserName: - description: The UserName in Windows to - run the entrypoint of the container process. - type: string - type: object - type: object - startupProbe: - description: Probes are not allowed for ephemeral - containers. - properties: - exec: - description: Exec specifies the action to take. - properties: - command: - description: 'Command is the command line - to execute inside the container, the working - directory for the command ' - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures for - the probe to be considered failed after having - succeeded. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving - a GRPC port. - properties: - port: - description: Port number of the gRPC service. - Number must be in the range 1 to 65535. - format: int32 - type: integer - service: - description: Service is the name of the - service to place in the gRPC HealthCheckRequest - (see https://github. - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http request - to perform. - properties: - host: - description: Host name to connect to, defaults - to the pod IP. - type: string - httpHeaders: - description: Custom headers to set in the - request. HTTP allows repeated headers. - items: - description: HTTPHeader describes a custom - header to be used in HTTP probes - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP - server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port - to access on the container. Number must - be in the range 1 to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: Number of seconds after the container - has started before liveness probes are initiated. - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform - the probe. Default to 10 seconds. Minimum - value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes for - the probe to be considered successful after - having failed. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action involving - a TCP port. - properties: - host: - description: 'Optional: Host name to connect - to, defaults to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port - to access on the container. Number must - be in the range 1 to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds the - pod needs to terminate gracefully upon probe - failure. - format: int64 - type: integer - timeoutSeconds: - description: Number of seconds after which the - probe times out. Defaults to 1 second. Minimum - value is 1. - format: int32 - type: integer - type: object - stdin: - description: Whether this container should allocate - a buffer for stdin in the container runtime. - type: boolean - stdinOnce: - description: Whether the container runtime should - close the stdin channel after it has been opened - by a single at - type: boolean - targetContainerName: - description: If set, the name of the container from - PodSpec that this ephemeral container targets. - type: string - terminationMessagePath: - description: 'Optional: Path at which the file to - which the container''s termination message will - be written is mou' - type: string - terminationMessagePolicy: - description: Indicate how the termination message - should be populated. - type: string - tty: - description: Whether this container should allocate - a TTY for itself, also requires 'stdin' to be - true. - type: boolean - volumeDevices: - description: volumeDevices is the list of block - devices to be used by the container. - items: - description: volumeDevice describes a mapping - of a raw block device within a container. - properties: - devicePath: - description: devicePath is the path inside - of the container that the device will be - mapped to. - type: string - name: - description: name must match the name of a - persistentVolumeClaim in the pod - type: string - required: - - devicePath - - name - type: object - type: array - volumeMounts: - description: Pod volumes to mount into the container's - filesystem. - items: - description: VolumeMount describes a mounting - of a Volume within a container. - properties: - mountPath: - description: Path within the container at - which the volume should be mounted. Must - not contain ':'. - type: string - mountPropagation: - description: mountPropagation determines how - mounts are propagated from the host to container - and the other way a - type: string - name: - description: This must match the Name of a - Volume. - type: string - readOnly: - description: Mounted read-only if true, read-write - otherwise (false or unspecified). Defaults - to false. - type: boolean - subPath: - description: Path within the volume from which - the container's volume should be mounted. - type: string - subPathExpr: - description: Expanded path within the volume - from which the container's volume should - be mounted. - type: string - required: - - mountPath - - name - type: object - type: array - workingDir: - description: Container's working directory. - type: string - required: - - name - type: object - type: array - hostAliases: - description: 'HostAliases is an optional list of hosts - and IPs that will be injected into the pod''s hosts - file if ' - items: - description: 'HostAlias holds the mapping between IP - and hostnames that will be injected as an entry in - the pod''s ' - properties: - hostnames: - description: Hostnames for the above IP address. - items: - type: string - type: array - ip: - description: IP address of the host file entry. - type: string - type: object - type: array - hostIPC: - description: 'Use the host''s ipc namespace. Optional: - Default to false.' - type: boolean - hostNetwork: - description: Host networking requested for this pod. Use - the host's network namespace. - type: boolean - hostPID: - description: 'Use the host''s pid namespace. Optional: - Default to false.' - type: boolean - hostname: - description: Specifies the hostname of the Pod If not - specified, the pod's hostname will be set to a system-defin - type: string - imagePullSecrets: - description: ImagePullSecrets is an optional list of references - to secrets in the same namespace to use for pulli - items: - description: 'LocalObjectReference contains enough information - to let you locate the referenced object inside the ' - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.' - type: string - type: object - type: array - initContainers: - description: List of initialization containers belonging - to the pod. - items: - description: A single application container that you - want to run within a pod. - properties: - args: - description: Arguments to the entrypoint. The docker - image's CMD is used if this is not provided. - items: - type: string - type: array - command: - description: Entrypoint array. Not executed within - a shell. - items: - type: string - type: array - env: - description: List of environment variables to set - in the container. Cannot be updated. - items: - description: EnvVar represents an environment - variable present in a Container. - properties: - name: - description: Name of the environment variable. - Must be a C_IDENTIFIER. - type: string - value: - description: Variable references $(VAR_NAME) - are expanded using the previously defined - environment variables in t - type: string - valueFrom: - description: Source for the environment variable's - value. Cannot be used if value is not empty. - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether the ConfigMap - or its key must be defined - type: boolean - required: - - key - type: object - fieldRef: - description: 'Selects a field of the pod: - supports metadata.name, metadata.namespace, - `metadata.' - properties: - apiVersion: - description: Version of the schema - the FieldPath is written in terms - of, defaults to "v1". - type: string - fieldPath: - description: Path of the field to - select in the specified API version. - type: string - required: - - fieldPath - type: object - resourceFieldRef: - description: 'Selects a resource of the - container: only resources limits and - requests (limits.cpu, limits.' - properties: - containerName: - description: 'Container name: required - for volumes, optional for env vars' - type: string - divisor: - anyOf: - - type: integer - - type: string - description: Specifies the output - format of the exposed resources, - defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: 'Required: resource to - select' - type: string - required: - - resource - type: object - secretKeyRef: - description: Selects a key of a secret - in the pod's namespace - properties: - key: - description: The key of the secret - to select from. Must be a valid - secret key. - type: string - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether the Secret - or its key must be defined - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - envFrom: - description: List of sources to populate environment - variables in the container. - items: - description: EnvFromSource represents the source - of a set of ConfigMaps - properties: - configMapRef: - description: The ConfigMap to select from - properties: - name: - description: 'Name of the referent. More - info: https://kubernetes.' - type: string - optional: - description: Specify whether the ConfigMap - must be defined - type: boolean - type: object - prefix: - description: An optional identifier to prepend - to each key in the ConfigMap. Must be a - C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - properties: - name: - description: 'Name of the referent. More - info: https://kubernetes.' - type: string - optional: - description: Specify whether the Secret - must be defined - type: boolean - type: object - type: object - type: array - image: - description: 'Docker image name. More info: https://kubernetes.' - type: string - imagePullPolicy: - description: Image pull policy. One of Always, Never, - IfNotPresent. - type: string - lifecycle: - description: Actions that the management system - should take in response to container lifecycle - events. - properties: - postStart: - description: PostStart is called immediately - after a container is created. - properties: - exec: - description: Exec specifies the action to - take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the command ' - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect to, - defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set in - the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in HTTP - probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP - server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port - to access on the container. Number - must be in the range 1 to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - tcpSocket: - description: Deprecated. - properties: - host: - description: 'Optional: Host name to - connect to, defaults to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port - to access on the container. Number - must be in the range 1 to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - preStop: - description: PreStop is called immediately before - a container is terminated due to an API request - or management e - properties: - exec: - description: Exec specifies the action to - take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the command ' - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect to, - defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set in - the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in HTTP - probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP - server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port - to access on the container. Number - must be in the range 1 to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - tcpSocket: - description: Deprecated. - properties: - host: - description: 'Optional: Host name to - connect to, defaults to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port - to access on the container. Number - must be in the range 1 to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - type: object - livenessProbe: - description: Periodic probe of container liveness. - Container will be restarted if the probe fails. - properties: - exec: - description: Exec specifies the action to take. - properties: - command: - description: 'Command is the command line - to execute inside the container, the working - directory for the command ' - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures for - the probe to be considered failed after having - succeeded. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving - a GRPC port. - properties: - port: - description: Port number of the gRPC service. - Number must be in the range 1 to 65535. - format: int32 - type: integer - service: - description: Service is the name of the - service to place in the gRPC HealthCheckRequest - (see https://github. - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http request - to perform. - properties: - host: - description: Host name to connect to, defaults - to the pod IP. - type: string - httpHeaders: - description: Custom headers to set in the - request. HTTP allows repeated headers. - items: - description: HTTPHeader describes a custom - header to be used in HTTP probes - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP - server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port - to access on the container. Number must - be in the range 1 to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: Number of seconds after the container - has started before liveness probes are initiated. - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform - the probe. Default to 10 seconds. Minimum - value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes for - the probe to be considered successful after - having failed. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action involving - a TCP port. - properties: - host: - description: 'Optional: Host name to connect - to, defaults to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port - to access on the container. Number must - be in the range 1 to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds the - pod needs to terminate gracefully upon probe - failure. - format: int64 - type: integer - timeoutSeconds: - description: Number of seconds after which the - probe times out. Defaults to 1 second. Minimum - value is 1. - format: int32 - type: integer - type: object - name: - description: Name of the container specified as - a DNS_LABEL. - type: string - ports: - description: List of ports to expose from the container. - items: - description: ContainerPort represents a network - port in a single container. - properties: - containerPort: - description: Number of port to expose on the - pod's IP address. This must be a valid port - number, 0 < x < 65536. - format: int32 - type: integer - hostIP: - description: What host IP to bind the external - port to. - type: string - hostPort: - description: Number of port to expose on the - host. If specified, this must be a valid - port number, 0 < x < 65536. - format: int32 - type: integer - name: - description: If specified, this must be an - IANA_SVC_NAME and unique within the pod. - type: string - protocol: - default: TCP - description: Protocol for port. Must be UDP, - TCP, or SCTP. Defaults to "TCP". - type: string - required: - - containerPort - type: object - type: array - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: Periodic probe of container service - readiness. - properties: - exec: - description: Exec specifies the action to take. - properties: - command: - description: 'Command is the command line - to execute inside the container, the working - directory for the command ' - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures for - the probe to be considered failed after having - succeeded. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving - a GRPC port. - properties: - port: - description: Port number of the gRPC service. - Number must be in the range 1 to 65535. - format: int32 - type: integer - service: - description: Service is the name of the - service to place in the gRPC HealthCheckRequest - (see https://github. - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http request - to perform. - properties: - host: - description: Host name to connect to, defaults - to the pod IP. - type: string - httpHeaders: - description: Custom headers to set in the - request. HTTP allows repeated headers. - items: - description: HTTPHeader describes a custom - header to be used in HTTP probes - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP - server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port - to access on the container. Number must - be in the range 1 to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: Number of seconds after the container - has started before liveness probes are initiated. - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform - the probe. Default to 10 seconds. Minimum - value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes for - the probe to be considered successful after - having failed. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action involving - a TCP port. - properties: - host: - description: 'Optional: Host name to connect - to, defaults to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port - to access on the container. Number must - be in the range 1 to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds the - pod needs to terminate gracefully upon probe - failure. - format: int64 - type: integer - timeoutSeconds: - description: Number of seconds after which the - probe times out. Defaults to 1 second. Minimum - value is 1. - format: int32 - type: integer - type: object - resources: - description: 'Compute Resources required by this - container. Cannot be updated. More info: https://kubernetes.' - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount - of compute resources allowed. More info: https://kubernetes.' - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: Requests describes the minimum - amount of compute resources required. - type: object - type: object - securityContext: - description: SecurityContext defines the security - options the container should be run with. - properties: - allowPrivilegeEscalation: - description: AllowPrivilegeEscalation controls - whether a process can gain more privileges - than its parent process - type: boolean - capabilities: - description: The capabilities to add/drop when - running containers. - properties: - add: - description: Added capabilities - items: - description: Capability represent POSIX - capabilities type - type: string - type: array - drop: - description: Removed capabilities - items: - description: Capability represent POSIX - capabilities type - type: string - type: array - type: object - privileged: - description: Run container in privileged mode. - type: boolean - procMount: - description: procMount denotes the type of proc - mount to use for the containers. - type: string - readOnlyRootFilesystem: - description: Whether this container has a read-only - root filesystem. Default is false. - type: boolean - runAsGroup: - description: The GID to run the entrypoint of - the container process. Uses runtime default - if unset. - format: int64 - type: integer - runAsNonRoot: - description: Indicates that the container must - run as a non-root user. - type: boolean - runAsUser: - description: The UID to run the entrypoint of - the container process. - format: int64 - type: integer - seLinuxOptions: - description: The SELinux context to be applied - to the container. - properties: - level: - description: Level is SELinux level label - that applies to the container. - type: string - role: - description: Role is a SELinux role label - that applies to the container. - type: string - type: - description: Type is a SELinux type label - that applies to the container. - type: string - user: - description: User is a SELinux user label - that applies to the container. - type: string - type: object - seccompProfile: - description: The seccomp options to use by this - container. - properties: - localhostProfile: - description: localhostProfile indicates - a profile defined in a file on the node - should be used. - type: string - type: - description: type indicates which kind of - seccomp profile will be applied. - type: string - required: - - type - type: object - windowsOptions: - description: The Windows specific settings applied - to all containers. - properties: - gmsaCredentialSpec: - description: GMSACredentialSpec is where - the GMSA admission webhook (https://github. - type: string - gmsaCredentialSpecName: - description: GMSACredentialSpecName is the - name of the GMSA credential spec to use. - type: string - hostProcess: - description: HostProcess determines if a - container should be run as a 'Host Process' - container. - type: boolean - runAsUserName: - description: The UserName in Windows to - run the entrypoint of the container process. - type: string - type: object - type: object - startupProbe: - description: StartupProbe indicates that the Pod - has successfully initialized. - properties: - exec: - description: Exec specifies the action to take. - properties: - command: - description: 'Command is the command line - to execute inside the container, the working - directory for the command ' - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures for - the probe to be considered failed after having - succeeded. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving - a GRPC port. - properties: - port: - description: Port number of the gRPC service. - Number must be in the range 1 to 65535. - format: int32 - type: integer - service: - description: Service is the name of the - service to place in the gRPC HealthCheckRequest - (see https://github. - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http request - to perform. - properties: - host: - description: Host name to connect to, defaults - to the pod IP. - type: string - httpHeaders: - description: Custom headers to set in the - request. HTTP allows repeated headers. - items: - description: HTTPHeader describes a custom - header to be used in HTTP probes - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP - server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port - to access on the container. Number must - be in the range 1 to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: Number of seconds after the container - has started before liveness probes are initiated. - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform - the probe. Default to 10 seconds. Minimum - value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes for - the probe to be considered successful after - having failed. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action involving - a TCP port. - properties: - host: - description: 'Optional: Host name to connect - to, defaults to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port - to access on the container. Number must - be in the range 1 to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds the - pod needs to terminate gracefully upon probe - failure. - format: int64 - type: integer - timeoutSeconds: - description: Number of seconds after which the - probe times out. Defaults to 1 second. Minimum - value is 1. - format: int32 - type: integer - type: object - stdin: - description: Whether this container should allocate - a buffer for stdin in the container runtime. - type: boolean - stdinOnce: - description: Whether the container runtime should - close the stdin channel after it has been opened - by a single at - type: boolean - terminationMessagePath: - description: 'Optional: Path at which the file to - which the container''s termination message will - be written is mou' - type: string - terminationMessagePolicy: - description: Indicate how the termination message - should be populated. - type: string - tty: - description: Whether this container should allocate - a TTY for itself, also requires 'stdin' to be - true. - type: boolean - volumeDevices: - description: volumeDevices is the list of block - devices to be used by the container. - items: - description: volumeDevice describes a mapping - of a raw block device within a container. - properties: - devicePath: - description: devicePath is the path inside - of the container that the device will be - mapped to. - type: string - name: - description: name must match the name of a - persistentVolumeClaim in the pod - type: string - required: - - devicePath - - name - type: object - type: array - volumeMounts: - description: Pod volumes to mount into the container's - filesystem. Cannot be updated. - items: - description: VolumeMount describes a mounting - of a Volume within a container. - properties: - mountPath: - description: Path within the container at - which the volume should be mounted. Must - not contain ':'. - type: string - mountPropagation: - description: mountPropagation determines how - mounts are propagated from the host to container - and the other way a - type: string - name: - description: This must match the Name of a - Volume. - type: string - readOnly: - description: Mounted read-only if true, read-write - otherwise (false or unspecified). Defaults - to false. - type: boolean - subPath: - description: Path within the volume from which - the container's volume should be mounted. - type: string - subPathExpr: - description: Expanded path within the volume - from which the container's volume should - be mounted. - type: string - required: - - mountPath - - name - type: object - type: array - workingDir: - description: Container's working directory. - type: string - required: - - name - type: object - type: array - nodeName: - description: NodeName is a request to schedule this pod - onto a specific node. - type: string - nodeSelector: - additionalProperties: - type: string - description: NodeSelector is a selector which must be - true for the pod to fit on a node. - type: object - x-kubernetes-map-type: atomic - os: - description: Specifies the OS of the containers in the - pod. - properties: - name: - description: Name is the name of the operating system. - The currently supported values are linux and windows. - type: string - required: - - name - type: object - overhead: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: Overhead represents the resource overhead - associated with running a pod for a given RuntimeClass. - type: object - preemptionPolicy: - description: PreemptionPolicy is the Policy for preempting - pods with lower priority. - type: string - priority: - description: The priority value. Various system components - use this field to find the priority of the pod. - format: int32 - type: integer - priorityClassName: - description: If specified, indicates the pod's priority. - type: string - readinessGates: - description: If specified, all readiness gates will be - evaluated for pod readiness. - items: - description: PodReadinessGate contains the reference - to a pod condition - properties: - conditionType: - description: ConditionType refers to a condition - in the pod's condition list with matching type. - type: string - required: - - conditionType - type: object - type: array - restartPolicy: - description: Restart policy for all containers within - the pod. One of Always, OnFailure, Never. - type: string - runtimeClassName: - description: RuntimeClassName refers to a RuntimeClass - object in the node.k8s. - type: string - schedulerName: - description: If specified, the pod will be dispatched - by specified scheduler. - type: string - securityContext: - description: SecurityContext holds pod-level security - attributes and common container settings. - properties: - fsGroup: - description: A special supplemental group that applies - to all containers in a pod. - format: int64 - type: integer - fsGroupChangePolicy: - description: fsGroupChangePolicy defines behavior - of changing ownership and permission of the volume - before being - type: string - runAsGroup: - description: The GID to run the entrypoint of the - container process. Uses runtime default if unset. - format: int64 - type: integer - runAsNonRoot: - description: Indicates that the container must run - as a non-root user. - type: boolean - runAsUser: - description: The UID to run the entrypoint of the - container process. - format: int64 - type: integer - seLinuxOptions: - description: The SELinux context to be applied to - all containers. - properties: - level: - description: Level is SELinux level label that - applies to the container. - type: string - role: - description: Role is a SELinux role label that - applies to the container. - type: string - type: - description: Type is a SELinux type label that - applies to the container. - type: string - user: - description: User is a SELinux user label that - applies to the container. - type: string - type: object - seccompProfile: - description: The seccomp options to use by the containers - in this pod. - properties: - localhostProfile: - description: localhostProfile indicates a profile - defined in a file on the node should be used. - type: string - type: - description: type indicates which kind of seccomp - profile will be applied. - type: string - required: - - type - type: object - supplementalGroups: - description: 'A list of groups applied to the first - process run in each container, in addition to the - container''s ' - items: - format: int64 - type: integer - type: array - sysctls: - description: Sysctls hold a list of namespaced sysctls - used for the pod. - items: - description: Sysctl defines a kernel parameter to - be set - properties: - name: - description: Name of a property to set - type: string - value: - description: Value of a property to set - type: string - required: - - name - - value - type: object - type: array - windowsOptions: - description: The Windows specific settings applied - to all containers. - properties: - gmsaCredentialSpec: - description: GMSACredentialSpec is where the GMSA - admission webhook (https://github. - type: string - gmsaCredentialSpecName: - description: GMSACredentialSpecName is the name - of the GMSA credential spec to use. - type: string - hostProcess: - description: HostProcess determines if a container - should be run as a 'Host Process' container. - type: boolean - runAsUserName: - description: The UserName in Windows to run the - entrypoint of the container process. - type: string - type: object - type: object - serviceAccount: - description: DeprecatedServiceAccount is a depreciated - alias for ServiceAccountName. - type: string - serviceAccountName: - description: ServiceAccountName is the name of the ServiceAccount - to use to run this pod. - type: string - setHostnameAsFQDN: - description: If true the pod's hostname will be configured - as the pod's FQDN, rather than the leaf name (the defa - type: boolean - shareProcessNamespace: - description: Share a single process namespace between - all of the containers in a pod. - type: boolean - subdomain: - description: If specified, the fully qualified Pod hostname - will be "...svc. - type: string - terminationGracePeriodSeconds: - description: Optional duration in seconds the pod needs - to terminate gracefully. - format: int64 - type: integer - tolerations: - description: If specified, the pod's tolerations. - items: - description: The pod this Toleration is attached to - tolerates any taint that matches the triple name on the dataset for Flocker should - be considered as de - type: string - datasetUUID: - description: UUID of the dataset. This is unique - identifier of a Flocker dataset - type: string - type: object - gcePersistentDisk: - description: GCEPersistentDisk represents a GCE - Disk resource that is attached to a kubelet's - host machine and th - properties: - fsType: - description: Filesystem type of the volume that - you want to mount. - type: string - partition: - description: The partition in the volume that - you want to mount. - format: int32 - type: integer - pdName: - description: Unique name of the PD resource - in GCE. Used to identify the disk in GCE. - type: string - readOnly: - description: ReadOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. - type: boolean - required: - - pdName - type: object - gitRepo: - description: 'GitRepo represents a git repository - at a particular revision. DEPRECATED: GitRepo - is deprecated.' - properties: - directory: - description: Target directory name. Must not - contain or start with '..'. If '. - type: string - repository: - description: Repository URL - type: string - revision: - description: Commit hash for the specified revision. - type: string - required: - - repository - type: object - glusterfs: - description: Glusterfs represents a Glusterfs mount - on the host that shares a pod's lifetime. - properties: - endpoints: - description: 'EndpointsName is the endpoint - name that details Glusterfs topology. More - info: https://examples.k8s.' - type: string - path: - description: 'Path is the Glusterfs volume path. - More info: https://examples.k8s.io/volumes/glusterfs/README.' - type: string - readOnly: - description: ReadOnly here will force the Glusterfs - volume to be mounted with read-only permissions. - type: boolean - required: - - endpoints - - path - type: object - hostPath: - description: HostPath represents a pre-existing - file or directory on the host machine that is - directly exposed to - properties: - path: - description: Path of the directory on the host. - type: string - type: - description: 'Type for HostPath Volume Defaults - to "" More info: https://kubernetes.' - type: string - required: - - path - type: object - iscsi: - description: ISCSI represents an ISCSI Disk resource - that is attached to a kubelet's host machine and - then expose - properties: - chapAuthDiscovery: - description: whether support iSCSI Discovery - CHAP authentication - type: boolean - chapAuthSession: - description: whether support iSCSI Session CHAP - authentication - type: boolean - fsType: - description: Filesystem type of the volume that - you want to mount. - type: string - initiatorName: - description: Custom iSCSI Initiator Name. - type: string - iqn: - description: Target iSCSI Qualified Name. - type: string - iscsiInterface: - description: iSCSI Interface Name that uses - an iSCSI transport. Defaults to 'default' - (tcp). - type: string - lun: - description: iSCSI Target Lun number. - format: int32 - type: integer - portals: - description: iSCSI Target Portal List. - items: - type: string - type: array - readOnly: - description: ReadOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. - type: boolean - secretRef: - description: CHAP Secret for iSCSI target and - initiator authentication - properties: - name: - description: 'Name of the referent. More - info: https://kubernetes.' - type: string - type: object - targetPortal: - description: iSCSI Target Portal. - type: string - required: - - iqn - - lun - - targetPortal - type: object - name: - description: 'Volume''s name. Must be a DNS_LABEL - and unique within the pod. More info: https://kubernetes.' - type: string - nfs: - description: 'NFS represents an NFS mount on the - host that shares a pod''s lifetime More info: - https://kubernetes.' - properties: - path: - description: 'Path that is exported by the NFS - server. More info: https://kubernetes.' - type: string - readOnly: - description: ReadOnly here will force the NFS - export to be mounted with read-only permissions. - Defaults to false. - type: boolean - server: - description: 'Server is the hostname or IP address - of the NFS server. More info: https://kubernetes.' - type: string - required: - - path - - server - type: object - persistentVolumeClaim: - description: PersistentVolumeClaimVolumeSource represents - a reference to a PersistentVolumeClaim in the - same name - properties: - claimName: - description: ClaimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this - volume. - type: string - readOnly: - description: Will force the ReadOnly setting - in VolumeMounts. Default false. - type: boolean - required: - - claimName - type: object - photonPersistentDisk: - description: 'PhotonPersistentDisk represents a - PhotonController persistent disk attached and - mounted on kubelets ' - properties: - fsType: - description: Filesystem type to mount. Must - be a filesystem type supported by the host - operating system. Ex. - type: string - pdID: - description: ID that identifies Photon Controller - persistent disk - type: string - required: - - pdID - type: object - portworxVolume: - description: PortworxVolume represents a portworx - volume attached and mounted on kubelets host machine - properties: - fsType: - description: FSType represents the filesystem - type to mount Must be a filesystem type supported - by the host opera - type: string - readOnly: - description: Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. - type: boolean - volumeID: - description: VolumeID uniquely identifies a - Portworx volume - type: string - required: - - volumeID - type: object - projected: - description: Items for all in one resources secrets, - configmaps, and downward API - properties: - defaultMode: - description: Mode bits used to set permissions - on created files by default. - format: int32 - type: integer - sources: - description: list of volume projections - items: - description: Projection that may be projected - along with other supported volume types - properties: - configMap: - description: information about the configMap - data to project - properties: - items: - description: 'If unspecified, each - key-value pair in the Data field - of the referenced ConfigMap will - be projected ' - items: - description: Maps a string key to - a path within a volume. - properties: - key: - description: The key to project. - type: string - mode: - description: 'Optional: mode - bits used to set permissions - on this file.' - format: int32 - type: integer - path: - description: The relative path - of the file to map the key - to. May not be an absolute - path. - type: string - required: - - key - - path - type: object - type: array - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether the ConfigMap - or its keys must be defined - type: boolean - type: object - downwardAPI: - description: information about the downwardAPI - data to project - properties: - items: - description: Items is a list of DownwardAPIVolume - file - items: - description: DownwardAPIVolumeFile - represents information to create - the file containing the pod field - properties: - fieldRef: - description: 'Required: Selects - a field of the pod: only annotations, - labels, name and namespace - are supported.' - properties: - apiVersion: - description: Version of - the schema the FieldPath - is written in terms of, - defaults to "v1". - type: string - fieldPath: - description: Path of the - field to select in the - specified API version. - type: string - required: - - fieldPath - type: object - mode: - description: 'Optional: mode - bits used to set permissions - on this file, must be an octal - value between 0000 and 07' - format: int32 - type: integer - path: - description: 'Required: Path - is the relative path name - of the file to be created.' - type: string - resourceFieldRef: - description: 'Selects a resource - of the container: only resources - limits and requests (limits.cpu, - limits.' - properties: - containerName: - description: 'Container - name: required for volumes, - optional for env vars' - type: string - divisor: - anyOf: - - type: integer - - type: string - description: Specifies the - output format of the exposed - resources, defaults to - "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: 'Required: - resource to select' - type: string - required: - - resource - type: object - required: - - path - type: object - type: array - type: object - secret: - description: information about the secret - data to project - properties: - items: - description: If unspecified, each - key-value pair in the Data field - of the referenced Secret will be - projected int - items: - description: Maps a string key to - a path within a volume. - properties: - key: - description: The key to project. - type: string - mode: - description: 'Optional: mode - bits used to set permissions - on this file.' - format: int32 - type: integer - path: - description: The relative path - of the file to map the key - to. May not be an absolute - path. - type: string - required: - - key - - path - type: object - type: array - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether the Secret - or its key must be defined - type: boolean - type: object - serviceAccountToken: - description: information about the serviceAccountToken - data to project - properties: - audience: - description: Audience is the intended - audience of the token. - type: string - expirationSeconds: - description: ExpirationSeconds is - the requested duration of validity - of the service account token. - format: int64 - type: integer - path: - description: Path is the path relative - to the mount point of the file to - project the token into. - type: string - required: - - path - type: object - type: object - type: array - type: object - quobyte: - description: Quobyte represents a Quobyte mount - on the host that shares a pod's lifetime - properties: - group: - description: Group to map volume access to Default - is no group - type: string - readOnly: - description: ReadOnly here will force the Quobyte - volume to be mounted with read-only permissions. - type: boolean - registry: - description: Registry represents a single or - multiple Quobyte Registry services specified - as a string as host:por - type: string - tenant: - description: Tenant owning the given Quobyte - volume in the Backend Used with dynamically - provisioned Quobyte volu - type: string - user: - description: User to map volume access to Defaults - to serivceaccount user - type: string - volume: - description: Volume is a string that references - an already created Quobyte volume by name. - type: string - required: - - registry - - volume - type: object - rbd: - description: RBD represents a Rados Block Device - mount on the host that shares a pod's lifetime. - properties: - fsType: - description: Filesystem type of the volume that - you want to mount. - type: string - image: - description: 'The rados image name. More info: - https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: string - keyring: - description: Keyring is the path to key ring - for RBDUser. Default is /etc/ceph/keyring. - type: string - monitors: - description: 'A collection of Ceph monitors. - More info: https://examples.k8s.io/volumes/rbd/README.' - items: - type: string - type: array - pool: - description: 'The rados pool name. Default is - rbd. More info: https://examples.k8s.io/volumes/rbd/README.' - type: string - readOnly: - description: ReadOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. - type: boolean - secretRef: - description: SecretRef is name of the authentication - secret for RBDUser. If provided overrides - keyring. - properties: - name: - description: 'Name of the referent. More - info: https://kubernetes.' - type: string - type: object - user: - description: 'The rados user name. Default is - admin. More info: https://examples.k8s.io/volumes/rbd/README.' - type: string - required: - - image - - monitors - type: object - scaleIO: - description: ScaleIO represents a ScaleIO persistent - volume attached and mounted on Kubernetes nodes. - properties: - fsType: - description: Filesystem type to mount. Must - be a filesystem type supported by the host - operating system. Ex. - type: string - gateway: - description: The host address of the ScaleIO - API Gateway. - type: string - protectionDomain: - description: The name of the ScaleIO Protection - Domain for the configured storage. - type: string - readOnly: - description: Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. - type: boolean - secretRef: - description: SecretRef references to the secret - for ScaleIO user and other sensitive information. - properties: - name: - description: 'Name of the referent. More - info: https://kubernetes.' - type: string - type: object - sslEnabled: - description: Flag to enable/disable SSL communication - with Gateway, default false - type: boolean - storageMode: - description: Indicates whether the storage for - a volume should be ThickProvisioned or ThinProvisioned. - type: string - storagePool: - description: The ScaleIO Storage Pool associated - with the protection domain. - type: string - system: - description: The name of the storage system - as configured in ScaleIO. - type: string - volumeName: - description: The name of a volume already created - in the ScaleIO system that is associated with - this volume sourc - type: string - required: - - gateway - - secretRef - - system - type: object - secret: - description: 'Secret represents a secret that should - populate this volume. More info: https://kubernetes.' - properties: - defaultMode: - description: 'Optional: mode bits used to set - permissions on created files by default.' - format: int32 - type: integer - items: - description: If unspecified, each key-value - pair in the Data field of the referenced Secret - will be projected int - items: - description: Maps a string key to a path within - a volume. - properties: - key: - description: The key to project. - type: string - mode: - description: 'Optional: mode bits used - to set permissions on this file.' - format: int32 - type: integer - path: - description: The relative path of the - file to map the key to. May not be an - absolute path. - type: string - required: - - key - - path - type: object - type: array - optional: - description: Specify whether the Secret or its - keys must be defined - type: boolean - secretName: - description: 'Name of the secret in the pod''s - namespace to use. More info: https://kubernetes.' - type: string - type: object - storageos: - description: StorageOS represents a StorageOS volume - attached and mounted on Kubernetes nodes. - properties: - fsType: - description: Filesystem type to mount. Must - be a filesystem type supported by the host - operating system. Ex. - type: string - readOnly: - description: Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. - type: boolean - secretRef: - description: SecretRef specifies the secret - to use for obtaining the StorageOS API credentials. - properties: - name: - description: 'Name of the referent. More - info: https://kubernetes.' - type: string - type: object - volumeName: - description: VolumeName is the human-readable - name of the StorageOS volume. - type: string - volumeNamespace: - description: VolumeNamespace specifies the scope - of the volume within StorageOS. - type: string - type: object - vsphereVolume: - description: VsphereVolume represents a vSphere - volume attached and mounted on kubelets host machine - properties: - fsType: - description: Filesystem type to mount. Must - be a filesystem type supported by the host - operating system. Ex. - type: string - storagePolicyID: - description: Storage Policy Based Management - (SPBM) profile ID associated with the StoragePolicyName. - type: string - storagePolicyName: - description: Storage Policy Based Management - (SPBM) profile name. - type: string - volumePath: - description: Path that identifies vSphere volume - vmdk - type: string - required: - - volumePath - type: object - required: - - name - type: object - type: array - required: - - containers - type: object - type: object - required: - - rayStartParams - - serviceType - - template - type: object - rayVersion: - description: RayVersion is the version of ray being used. this affects - the command used to start ray - type: string - workerGroupSpecs: - description: WorkerGroupSpecs are the specs for the worker pods - items: - description: WorkerGroupSpec are the specs for the worker pods - properties: - groupName: - description: we can have multiple worker groups, we distinguish - them by name - type: string - maxReplicas: - description: MaxReplicas defaults to maxInt32 - format: int32 - type: integer - minReplicas: - description: MinReplicas defaults to 1 - format: int32 - type: integer - rayStartParams: - additionalProperties: - type: string - description: 'RayStartParams are the params of the start command: - address, object-store-memory, ...' - type: object - replicas: - description: Replicas Number of desired pods in this pod group. - format: int32 - type: integer - scaleStrategy: - description: ScaleStrategy defines which pods to remove - properties: - workersToDelete: - description: WorkersToDelete workers to be deleted - items: - type: string - type: array - type: object - template: - description: Template is a pod template for the worker - properties: - metadata: - description: 'Standard object''s metadata. More info: https://git.k8s.' - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - description: 'Specification of the desired behavior of the - pod. More info: https://git.k8s.' - properties: - activeDeadlineSeconds: - description: Optional duration in seconds the pod may - be active on the node relative to StartTime before - the syst - format: int64 - type: integer - affinity: - description: If specified, the pod's scheduling constraints - properties: - nodeAffinity: - description: Describes node affinity scheduling - rules for the pod. - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: 'The scheduler will prefer to schedule - pods to nodes that satisfy the affinity expressions - specified ' - items: - description: An empty preferred scheduling - term matches all objects with implicit weight - 0 (i.e. it's a no-op). - properties: - preference: - description: A node selector term, associated - with the corresponding weight. - properties: - matchExpressions: - description: A list of node selector - requirements by node's labels. - items: - description: 'A node selector requirement - is a selector that contains values, - a key, and an operator that relates ' - properties: - key: - description: The label key that - the selector applies to. - type: string - operator: - description: Represents a key's - relationship to a set of values. - type: string - values: - description: An array of string - values. If the operator is - In or NotIn, the values array - must be non-empty. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - description: A list of node selector - requirements by node's fields. - items: - description: 'A node selector requirement - is a selector that contains values, - a key, and an operator that relates ' - properties: - key: - description: The label key that - the selector applies to. - type: string - operator: - description: Represents a key's - relationship to a set of values. - type: string - values: - description: An array of string - values. If the operator is - In or NotIn, the values array - must be non-empty. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - weight: - description: Weight associated with matching - the corresponding nodeSelectorTerm, - in the range 1-100. - format: int32 - type: integer - required: - - preference - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements specified - by this field are not met at scheduling time, - the pod will no - properties: - nodeSelectorTerms: - description: Required. A list of node selector - terms. The terms are ORed. - items: - description: A null or empty node selector - term matches no objects. The requirements - of them are ANDed. - properties: - matchExpressions: - description: A list of node selector - requirements by node's labels. - items: - description: 'A node selector requirement - is a selector that contains values, - a key, and an operator that relates ' - properties: - key: - description: The label key that - the selector applies to. - type: string - operator: - description: Represents a key's - relationship to a set of values. - type: string - values: - description: An array of string - values. If the operator is - In or NotIn, the values array - must be non-empty. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - description: A list of node selector - requirements by node's fields. - items: - description: 'A node selector requirement - is a selector that contains values, - a key, and an operator that relates ' - properties: - key: - description: The label key that - the selector applies to. - type: string - operator: - description: Represents a key's - relationship to a set of values. - type: string - values: - description: An array of string - values. If the operator is - In or NotIn, the values array - must be non-empty. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - type: array - required: - - nodeSelectorTerms - type: object - type: object - podAffinity: - description: Describes pod affinity scheduling rules - (e.g. co-locate this pod in the same node, zone, - etc. - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: 'The scheduler will prefer to schedule - pods to nodes that satisfy the affinity expressions - specified ' - items: - description: The weights of all of the matched - WeightedPodAffinityTerm fields are added - per-node to find the most - properties: - podAffinityTerm: - description: Required. A pod affinity - term, associated with the corresponding - weight. - properties: - labelSelector: - description: A label query over a - set of resources, in this case pods. - properties: - matchExpressions: - description: matchExpressions - is a list of label selector - requirements. The requirements - are ANDed. - items: - description: A label selector - requirement is a selector - that contains values, a key, - and an operator that relates - properties: - key: - description: key is the - label key that the selector - applies to. - type: string - operator: - description: operator represents - a key's relationship to - a set of values. - type: string - values: - description: values is an - array of string values. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a - map of {key,value} pairs. - type: object - type: object - namespaceSelector: - description: A label query over the - set of namespaces that the term - applies to. - properties: - matchExpressions: - description: matchExpressions - is a list of label selector - requirements. The requirements - are ANDed. - items: - description: A label selector - requirement is a selector - that contains values, a key, - and an operator that relates - properties: - key: - description: key is the - label key that the selector - applies to. - type: string - operator: - description: operator represents - a key's relationship to - a set of values. - type: string - values: - description: values is an - array of string values. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a - map of {key,value} pairs. - type: object - type: object - namespaces: - description: namespaces specifies - a static list of namespace names - that the term applies to. - items: - type: string - type: array - topologyKey: - description: This pod should be co-located - (affinity) or not co-located (anti-affinity) - with the pods matching th - type: string - required: - - topologyKey - type: object - weight: - description: weight associated with matching - the corresponding podAffinityTerm, in - the range 1-100. - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements specified - by this field are not met at scheduling time, - the pod will no - items: - description: Defines a set of pods (namely - those matching the labelSelector relative - to the given namespace(s)) t - properties: - labelSelector: - description: A label query over a set - of resources, in this case pods. - properties: - matchExpressions: - description: matchExpressions is a - list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - properties: - key: - description: key is the label - key that the selector applies - to. - type: string - operator: - description: operator represents - a key's relationship to a - set of values. - type: string - values: - description: values is an array - of string values. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map - of {key,value} pairs. - type: object - type: object - namespaceSelector: - description: A label query over the set - of namespaces that the term applies - to. - properties: - matchExpressions: - description: matchExpressions is a - list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - properties: - key: - description: key is the label - key that the selector applies - to. - type: string - operator: - description: operator represents - a key's relationship to a - set of values. - type: string - values: - description: values is an array - of string values. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map - of {key,value} pairs. - type: object - type: object - namespaces: - description: namespaces specifies a static - list of namespace names that the term - applies to. - items: - type: string - type: array - topologyKey: - description: This pod should be co-located - (affinity) or not co-located (anti-affinity) - with the pods matching th - type: string - required: - - topologyKey - type: object - type: array - type: object - podAntiAffinity: - description: Describes pod anti-affinity scheduling - rules (e.g. - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule - pods to nodes that satisfy the anti-affinity - expressions speci - items: - description: The weights of all of the matched - WeightedPodAffinityTerm fields are added - per-node to find the most - properties: - podAffinityTerm: - description: Required. A pod affinity - term, associated with the corresponding - weight. - properties: - labelSelector: - description: A label query over a - set of resources, in this case pods. - properties: - matchExpressions: - description: matchExpressions - is a list of label selector - requirements. The requirements - are ANDed. - items: - description: A label selector - requirement is a selector - that contains values, a key, - and an operator that relates - properties: - key: - description: key is the - label key that the selector - applies to. - type: string - operator: - description: operator represents - a key's relationship to - a set of values. - type: string - values: - description: values is an - array of string values. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a - map of {key,value} pairs. - type: object - type: object - namespaceSelector: - description: A label query over the - set of namespaces that the term - applies to. - properties: - matchExpressions: - description: matchExpressions - is a list of label selector - requirements. The requirements - are ANDed. - items: - description: A label selector - requirement is a selector - that contains values, a key, - and an operator that relates - properties: - key: - description: key is the - label key that the selector - applies to. - type: string - operator: - description: operator represents - a key's relationship to - a set of values. - type: string - values: - description: values is an - array of string values. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a - map of {key,value} pairs. - type: object - type: object - namespaces: - description: namespaces specifies - a static list of namespace names - that the term applies to. - items: - type: string - type: array - topologyKey: - description: This pod should be co-located - (affinity) or not co-located (anti-affinity) - with the pods matching th - type: string - required: - - topologyKey - type: object - weight: - description: weight associated with matching - the corresponding podAffinityTerm, in - the range 1-100. - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: If the anti-affinity requirements - specified by this field are not met at scheduling - time, the pod wi - items: - description: Defines a set of pods (namely - those matching the labelSelector relative - to the given namespace(s)) t - properties: - labelSelector: - description: A label query over a set - of resources, in this case pods. - properties: - matchExpressions: - description: matchExpressions is a - list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - properties: - key: - description: key is the label - key that the selector applies - to. - type: string - operator: - description: operator represents - a key's relationship to a - set of values. - type: string - values: - description: values is an array - of string values. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map - of {key,value} pairs. - type: object - type: object - namespaceSelector: - description: A label query over the set - of namespaces that the term applies - to. - properties: - matchExpressions: - description: matchExpressions is a - list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - properties: - key: - description: key is the label - key that the selector applies - to. - type: string - operator: - description: operator represents - a key's relationship to a - set of values. - type: string - values: - description: values is an array - of string values. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map - of {key,value} pairs. - type: object - type: object - namespaces: - description: namespaces specifies a static - list of namespace names that the term - applies to. - items: - type: string - type: array - topologyKey: - description: This pod should be co-located - (affinity) or not co-located (anti-affinity) - with the pods matching th - type: string - required: - - topologyKey - type: object - type: array - type: object - type: object - automountServiceAccountToken: - description: AutomountServiceAccountToken indicates - whether a service account token should be automatically - mount - type: boolean - containers: - description: List of containers belonging to the pod. - Containers cannot currently be added or removed. - items: - description: A single application container that you - want to run within a pod. - properties: - args: - description: Arguments to the entrypoint. The - docker image's CMD is used if this is not provided. - items: - type: string - type: array - command: - description: Entrypoint array. Not executed within - a shell. - items: - type: string - type: array - env: - description: List of environment variables to - set in the container. Cannot be updated. - items: - description: EnvVar represents an environment - variable present in a Container. - properties: - name: - description: Name of the environment variable. - Must be a C_IDENTIFIER. - type: string - value: - description: Variable references $(VAR_NAME) - are expanded using the previously defined - environment variables in t - type: string - valueFrom: - description: Source for the environment - variable's value. Cannot be used if value - is not empty. - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether the - ConfigMap or its key must be defined - type: boolean - required: - - key - type: object - fieldRef: - description: 'Selects a field of the - pod: supports metadata.name, metadata.namespace, - `metadata.' - properties: - apiVersion: - description: Version of the schema - the FieldPath is written in terms - of, defaults to "v1". - type: string - fieldPath: - description: Path of the field to - select in the specified API version. - type: string - required: - - fieldPath - type: object - resourceFieldRef: - description: 'Selects a resource of - the container: only resources limits - and requests (limits.cpu, limits.' - properties: - containerName: - description: 'Container name: required - for volumes, optional for env - vars' - type: string - divisor: - anyOf: - - type: integer - - type: string - description: Specifies the output - format of the exposed resources, - defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: 'Required: resource - to select' - type: string - required: - - resource - type: object - secretKeyRef: - description: Selects a key of a secret - in the pod's namespace - properties: - key: - description: The key of the secret - to select from. Must be a valid - secret key. - type: string - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether the - Secret or its key must be defined - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - envFrom: - description: List of sources to populate environment - variables in the container. - items: - description: EnvFromSource represents the source - of a set of ConfigMaps - properties: - configMapRef: - description: The ConfigMap to select from - properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether the ConfigMap - must be defined - type: boolean - type: object - prefix: - description: An optional identifier to prepend - to each key in the ConfigMap. Must be - a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether the Secret - must be defined - type: boolean - type: object - type: object - type: array - image: - description: 'Docker image name. More info: https://kubernetes.' - type: string - imagePullPolicy: - description: Image pull policy. One of Always, - Never, IfNotPresent. - type: string - lifecycle: - description: Actions that the management system - should take in response to container lifecycle - events. - properties: - postStart: - description: PostStart is called immediately - after a container is created. - properties: - exec: - description: Exec specifies the action - to take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the command ' - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect - to, defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set - in the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in - HTTP probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the - HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the - port to access on the container. - Number must be in the range 1 to - 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - tcpSocket: - description: Deprecated. - properties: - host: - description: 'Optional: Host name - to connect to, defaults to the pod - IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the - port to access on the container. - Number must be in the range 1 to - 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - preStop: - description: PreStop is called immediately - before a container is terminated due to - an API request or management e - properties: - exec: - description: Exec specifies the action - to take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the command ' - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect - to, defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set - in the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in - HTTP probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the - HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the - port to access on the container. - Number must be in the range 1 to - 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - tcpSocket: - description: Deprecated. - properties: - host: - description: 'Optional: Host name - to connect to, defaults to the pod - IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the - port to access on the container. - Number must be in the range 1 to - 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - type: object - livenessProbe: - description: Periodic probe of container liveness. - Container will be restarted if the probe fails. - properties: - exec: - description: Exec specifies the action to - take. - properties: - command: - description: 'Command is the command line - to execute inside the container, the - working directory for the command ' - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures - for the probe to be considered failed after - having succeeded. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving - a GRPC port. - properties: - port: - description: Port number of the gRPC service. - Number must be in the range 1 to 65535. - format: int32 - type: integer - service: - description: Service is the name of the - service to place in the gRPC HealthCheckRequest - (see https://github. - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http request - to perform. - properties: - host: - description: Host name to connect to, - defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set in - the request. HTTP allows repeated headers. - items: - description: HTTPHeader describes a - custom header to be used in HTTP probes - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP - server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port - to access on the container. Number must - be in the range 1 to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: Number of seconds after the container - has started before liveness probes are initiated. - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform - the probe. Default to 10 seconds. Minimum - value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes - for the probe to be considered successful - after having failed. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action - involving a TCP port. - properties: - host: - description: 'Optional: Host name to connect - to, defaults to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port - to access on the container. Number must - be in the range 1 to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds - the pod needs to terminate gracefully upon - probe failure. - format: int64 - type: integer - timeoutSeconds: - description: Number of seconds after which - the probe times out. Defaults to 1 second. - Minimum value is 1. - format: int32 - type: integer - type: object - name: - description: Name of the container specified as - a DNS_LABEL. - type: string - ports: - description: List of ports to expose from the - container. - items: - description: ContainerPort represents a network - port in a single container. - properties: - containerPort: - description: Number of port to expose on - the pod's IP address. This must be a valid - port number, 0 < x < 65536. - format: int32 - type: integer - hostIP: - description: What host IP to bind the external - port to. - type: string - hostPort: - description: Number of port to expose on - the host. If specified, this must be a - valid port number, 0 < x < 65536. - format: int32 - type: integer - name: - description: If specified, this must be - an IANA_SVC_NAME and unique within the - pod. - type: string - protocol: - default: TCP - description: Protocol for port. Must be - UDP, TCP, or SCTP. Defaults to "TCP". - type: string - required: - - containerPort - type: object - type: array - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: Periodic probe of container service - readiness. - properties: - exec: - description: Exec specifies the action to - take. - properties: - command: - description: 'Command is the command line - to execute inside the container, the - working directory for the command ' - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures - for the probe to be considered failed after - having succeeded. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving - a GRPC port. - properties: - port: - description: Port number of the gRPC service. - Number must be in the range 1 to 65535. - format: int32 - type: integer - service: - description: Service is the name of the - service to place in the gRPC HealthCheckRequest - (see https://github. - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http request - to perform. - properties: - host: - description: Host name to connect to, - defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set in - the request. HTTP allows repeated headers. - items: - description: HTTPHeader describes a - custom header to be used in HTTP probes - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP - server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port - to access on the container. Number must - be in the range 1 to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: Number of seconds after the container - has started before liveness probes are initiated. - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform - the probe. Default to 10 seconds. Minimum - value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes - for the probe to be considered successful - after having failed. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action - involving a TCP port. - properties: - host: - description: 'Optional: Host name to connect - to, defaults to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port - to access on the container. Number must - be in the range 1 to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds - the pod needs to terminate gracefully upon - probe failure. - format: int64 - type: integer - timeoutSeconds: - description: Number of seconds after which - the probe times out. Defaults to 1 second. - Minimum value is 1. - format: int32 - type: integer - type: object - resources: - description: 'Compute Resources required by this - container. Cannot be updated. More info: https://kubernetes.' - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Limits describes the maximum - amount of compute resources allowed. More - info: https://kubernetes.' - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: Requests describes the minimum - amount of compute resources required. - type: object - type: object - securityContext: - description: SecurityContext defines the security - options the container should be run with. - properties: - allowPrivilegeEscalation: - description: AllowPrivilegeEscalation controls - whether a process can gain more privileges - than its parent process - type: boolean - capabilities: - description: The capabilities to add/drop - when running containers. - properties: - add: - description: Added capabilities - items: - description: Capability represent POSIX - capabilities type - type: string - type: array - drop: - description: Removed capabilities - items: - description: Capability represent POSIX - capabilities type - type: string - type: array - type: object - privileged: - description: Run container in privileged mode. - type: boolean - procMount: - description: procMount denotes the type of - proc mount to use for the containers. - type: string - readOnlyRootFilesystem: - description: Whether this container has a - read-only root filesystem. Default is false. - type: boolean - runAsGroup: - description: The GID to run the entrypoint - of the container process. Uses runtime default - if unset. - format: int64 - type: integer - runAsNonRoot: - description: Indicates that the container - must run as a non-root user. - type: boolean - runAsUser: - description: The UID to run the entrypoint - of the container process. - format: int64 - type: integer - seLinuxOptions: - description: The SELinux context to be applied - to the container. - properties: - level: - description: Level is SELinux level label - that applies to the container. - type: string - role: - description: Role is a SELinux role label - that applies to the container. - type: string - type: - description: Type is a SELinux type label - that applies to the container. - type: string - user: - description: User is a SELinux user label - that applies to the container. - type: string - type: object - seccompProfile: - description: The seccomp options to use by - this container. - properties: - localhostProfile: - description: localhostProfile indicates - a profile defined in a file on the node - should be used. - type: string - type: - description: type indicates which kind - of seccomp profile will be applied. - type: string - required: - - type - type: object - windowsOptions: - description: The Windows specific settings - applied to all containers. - properties: - gmsaCredentialSpec: - description: GMSACredentialSpec is where - the GMSA admission webhook (https://github. - type: string - gmsaCredentialSpecName: - description: GMSACredentialSpecName is - the name of the GMSA credential spec - to use. - type: string - hostProcess: - description: HostProcess determines if - a container should be run as a 'Host - Process' container. - type: boolean - runAsUserName: - description: The UserName in Windows to - run the entrypoint of the container - process. - type: string - type: object - type: object - startupProbe: - description: StartupProbe indicates that the Pod - has successfully initialized. - properties: - exec: - description: Exec specifies the action to - take. - properties: - command: - description: 'Command is the command line - to execute inside the container, the - working directory for the command ' - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures - for the probe to be considered failed after - having succeeded. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving - a GRPC port. - properties: - port: - description: Port number of the gRPC service. - Number must be in the range 1 to 65535. - format: int32 - type: integer - service: - description: Service is the name of the - service to place in the gRPC HealthCheckRequest - (see https://github. - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http request - to perform. - properties: - host: - description: Host name to connect to, - defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set in - the request. HTTP allows repeated headers. - items: - description: HTTPHeader describes a - custom header to be used in HTTP probes - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP - server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port - to access on the container. Number must - be in the range 1 to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: Number of seconds after the container - has started before liveness probes are initiated. - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform - the probe. Default to 10 seconds. Minimum - value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes - for the probe to be considered successful - after having failed. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action - involving a TCP port. - properties: - host: - description: 'Optional: Host name to connect - to, defaults to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port - to access on the container. Number must - be in the range 1 to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds - the pod needs to terminate gracefully upon - probe failure. - format: int64 - type: integer - timeoutSeconds: - description: Number of seconds after which - the probe times out. Defaults to 1 second. - Minimum value is 1. - format: int32 - type: integer - type: object - stdin: - description: Whether this container should allocate - a buffer for stdin in the container runtime. - type: boolean - stdinOnce: - description: Whether the container runtime should - close the stdin channel after it has been opened - by a single at - type: boolean - terminationMessagePath: - description: 'Optional: Path at which the file - to which the container''s termination message - will be written is mou' - type: string - terminationMessagePolicy: - description: Indicate how the termination message - should be populated. - type: string - tty: - description: Whether this container should allocate - a TTY for itself, also requires 'stdin' to be - true. - type: boolean - volumeDevices: - description: volumeDevices is the list of block - devices to be used by the container. - items: - description: volumeDevice describes a mapping - of a raw block device within a container. - properties: - devicePath: - description: devicePath is the path inside - of the container that the device will - be mapped to. - type: string - name: - description: name must match the name of - a persistentVolumeClaim in the pod - type: string - required: - - devicePath - - name - type: object - type: array - volumeMounts: - description: Pod volumes to mount into the container's - filesystem. Cannot be updated. - items: - description: VolumeMount describes a mounting - of a Volume within a container. - properties: - mountPath: - description: Path within the container at - which the volume should be mounted. Must - not contain ':'. - type: string - mountPropagation: - description: mountPropagation determines - how mounts are propagated from the host - to container and the other way a - type: string - name: - description: This must match the Name of - a Volume. - type: string - readOnly: - description: Mounted read-only if true, - read-write otherwise (false or unspecified). - Defaults to false. - type: boolean - subPath: - description: Path within the volume from - which the container's volume should be - mounted. - type: string - subPathExpr: - description: Expanded path within the volume - from which the container's volume should - be mounted. - type: string - required: - - mountPath - - name - type: object - type: array - workingDir: - description: Container's working directory. - type: string - required: - - name - type: object - type: array - dnsConfig: - description: Specifies the DNS parameters of a pod. - properties: - nameservers: - description: A list of DNS name server IP addresses. - items: - type: string - type: array - options: - description: A list of DNS resolver options. This - will be merged with the base options generated - from DNSPolicy. - items: - description: PodDNSConfigOption defines DNS resolver - options of a pod. - properties: - name: - description: Required. - type: string - value: - type: string - type: object - type: array - searches: - description: A list of DNS search domains for host-name - lookup. - items: - type: string - type: array - type: object - dnsPolicy: - description: Set DNS policy for the pod. Defaults to - "ClusterFirst". - type: string - enableServiceLinks: - description: EnableServiceLinks indicates whether information - about services should be injected into pod's enviro - type: boolean - ephemeralContainers: - description: List of ephemeral containers run in this - pod. - items: - description: An EphemeralContainer is a temporary - container that you may add to an existing Pod for - user-initiate - properties: - args: - description: Arguments to the entrypoint. The - docker image's CMD is used if this is not provided. - items: - type: string - type: array - command: - description: Entrypoint array. Not executed within - a shell. - items: - type: string - type: array - env: - description: List of environment variables to - set in the container. Cannot be updated. - items: - description: EnvVar represents an environment - variable present in a Container. - properties: - name: - description: Name of the environment variable. - Must be a C_IDENTIFIER. - type: string - value: - description: Variable references $(VAR_NAME) - are expanded using the previously defined - environment variables in t - type: string - valueFrom: - description: Source for the environment - variable's value. Cannot be used if value - is not empty. - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether the - ConfigMap or its key must be defined - type: boolean - required: - - key - type: object - fieldRef: - description: 'Selects a field of the - pod: supports metadata.name, metadata.namespace, - `metadata.' - properties: - apiVersion: - description: Version of the schema - the FieldPath is written in terms - of, defaults to "v1". - type: string - fieldPath: - description: Path of the field to - select in the specified API version. - type: string - required: - - fieldPath - type: object - resourceFieldRef: - description: 'Selects a resource of - the container: only resources limits - and requests (limits.cpu, limits.' - properties: - containerName: - description: 'Container name: required - for volumes, optional for env - vars' - type: string - divisor: - anyOf: - - type: integer - - type: string - description: Specifies the output - format of the exposed resources, - defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: 'Required: resource - to select' - type: string - required: - - resource - type: object - secretKeyRef: - description: Selects a key of a secret - in the pod's namespace - properties: - key: - description: The key of the secret - to select from. Must be a valid - secret key. - type: string - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether the - Secret or its key must be defined - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - envFrom: - description: List of sources to populate environment - variables in the container. - items: - description: EnvFromSource represents the source - of a set of ConfigMaps - properties: - configMapRef: - description: The ConfigMap to select from - properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether the ConfigMap - must be defined - type: boolean - type: object - prefix: - description: An optional identifier to prepend - to each key in the ConfigMap. Must be - a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether the Secret - must be defined - type: boolean - type: object - type: object - type: array - image: - description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images' - type: string - imagePullPolicy: - description: Image pull policy. One of Always, - Never, IfNotPresent. - type: string - lifecycle: - description: Lifecycle is not allowed for ephemeral - containers. - properties: - postStart: - description: PostStart is called immediately - after a container is created. - properties: - exec: - description: Exec specifies the action - to take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the command ' - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect - to, defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set - in the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in - HTTP probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the - HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the - port to access on the container. - Number must be in the range 1 to - 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - tcpSocket: - description: Deprecated. - properties: - host: - description: 'Optional: Host name - to connect to, defaults to the pod - IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the - port to access on the container. - Number must be in the range 1 to - 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - preStop: - description: PreStop is called immediately - before a container is terminated due to - an API request or management e - properties: - exec: - description: Exec specifies the action - to take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the command ' - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect - to, defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set - in the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in - HTTP probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the - HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the - port to access on the container. - Number must be in the range 1 to - 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - tcpSocket: - description: Deprecated. - properties: - host: - description: 'Optional: Host name - to connect to, defaults to the pod - IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the - port to access on the container. - Number must be in the range 1 to - 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - type: object - livenessProbe: - description: Probes are not allowed for ephemeral - containers. - properties: - exec: - description: Exec specifies the action to - take. - properties: - command: - description: 'Command is the command line - to execute inside the container, the - working directory for the command ' - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures - for the probe to be considered failed after - having succeeded. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving - a GRPC port. - properties: - port: - description: Port number of the gRPC service. - Number must be in the range 1 to 65535. - format: int32 - type: integer - service: - description: Service is the name of the - service to place in the gRPC HealthCheckRequest - (see https://github. - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http request - to perform. - properties: - host: - description: Host name to connect to, - defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set in - the request. HTTP allows repeated headers. - items: - description: HTTPHeader describes a - custom header to be used in HTTP probes - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP - server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port - to access on the container. Number must - be in the range 1 to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: Number of seconds after the container - has started before liveness probes are initiated. - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform - the probe. Default to 10 seconds. Minimum - value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes - for the probe to be considered successful - after having failed. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action - involving a TCP port. - properties: - host: - description: 'Optional: Host name to connect - to, defaults to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port - to access on the container. Number must - be in the range 1 to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds - the pod needs to terminate gracefully upon - probe failure. - format: int64 - type: integer - timeoutSeconds: - description: Number of seconds after which - the probe times out. Defaults to 1 second. - Minimum value is 1. - format: int32 - type: integer - type: object - name: - description: Name of the ephemeral container specified - as a DNS_LABEL. - type: string - ports: - description: Ports are not allowed for ephemeral - containers. - items: - description: ContainerPort represents a network - port in a single container. - properties: - containerPort: - description: Number of port to expose on - the pod's IP address. This must be a valid - port number, 0 < x < 65536. - format: int32 - type: integer - hostIP: - description: What host IP to bind the external - port to. - type: string - hostPort: - description: Number of port to expose on - the host. If specified, this must be a - valid port number, 0 < x < 65536. - format: int32 - type: integer - name: - description: If specified, this must be - an IANA_SVC_NAME and unique within the - pod. - type: string - protocol: - default: TCP - description: Protocol for port. Must be - UDP, TCP, or SCTP. Defaults to "TCP". - type: string - required: - - containerPort - type: object - type: array - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: Probes are not allowed for ephemeral - containers. - properties: - exec: - description: Exec specifies the action to - take. - properties: - command: - description: 'Command is the command line - to execute inside the container, the - working directory for the command ' - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures - for the probe to be considered failed after - having succeeded. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving - a GRPC port. - properties: - port: - description: Port number of the gRPC service. - Number must be in the range 1 to 65535. - format: int32 - type: integer - service: - description: Service is the name of the - service to place in the gRPC HealthCheckRequest - (see https://github. - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http request - to perform. - properties: - host: - description: Host name to connect to, - defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set in - the request. HTTP allows repeated headers. - items: - description: HTTPHeader describes a - custom header to be used in HTTP probes - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP - server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port - to access on the container. Number must - be in the range 1 to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: Number of seconds after the container - has started before liveness probes are initiated. - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform - the probe. Default to 10 seconds. Minimum - value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes - for the probe to be considered successful - after having failed. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action - involving a TCP port. - properties: - host: - description: 'Optional: Host name to connect - to, defaults to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port - to access on the container. Number must - be in the range 1 to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds - the pod needs to terminate gracefully upon - probe failure. - format: int64 - type: integer - timeoutSeconds: - description: Number of seconds after which - the probe times out. Defaults to 1 second. - Minimum value is 1. - format: int32 - type: integer - type: object - resources: - description: Resources are not allowed for ephemeral - containers. - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Limits describes the maximum - amount of compute resources allowed. More - info: https://kubernetes.' - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: Requests describes the minimum - amount of compute resources required. - type: object - type: object - securityContext: - description: 'Optional: SecurityContext defines - the security options the ephemeral container - should be run with.' - properties: - allowPrivilegeEscalation: - description: AllowPrivilegeEscalation controls - whether a process can gain more privileges - than its parent process - type: boolean - capabilities: - description: The capabilities to add/drop - when running containers. - properties: - add: - description: Added capabilities - items: - description: Capability represent POSIX - capabilities type - type: string - type: array - drop: - description: Removed capabilities - items: - description: Capability represent POSIX - capabilities type - type: string - type: array - type: object - privileged: - description: Run container in privileged mode. - type: boolean - procMount: - description: procMount denotes the type of - proc mount to use for the containers. - type: string - readOnlyRootFilesystem: - description: Whether this container has a - read-only root filesystem. Default is false. - type: boolean - runAsGroup: - description: The GID to run the entrypoint - of the container process. Uses runtime default - if unset. - format: int64 - type: integer - runAsNonRoot: - description: Indicates that the container - must run as a non-root user. - type: boolean - runAsUser: - description: The UID to run the entrypoint - of the container process. - format: int64 - type: integer - seLinuxOptions: - description: The SELinux context to be applied - to the container. - properties: - level: - description: Level is SELinux level label - that applies to the container. - type: string - role: - description: Role is a SELinux role label - that applies to the container. - type: string - type: - description: Type is a SELinux type label - that applies to the container. - type: string - user: - description: User is a SELinux user label - that applies to the container. - type: string - type: object - seccompProfile: - description: The seccomp options to use by - this container. - properties: - localhostProfile: - description: localhostProfile indicates - a profile defined in a file on the node - should be used. - type: string - type: - description: type indicates which kind - of seccomp profile will be applied. - type: string - required: - - type - type: object - windowsOptions: - description: The Windows specific settings - applied to all containers. - properties: - gmsaCredentialSpec: - description: GMSACredentialSpec is where - the GMSA admission webhook (https://github. - type: string - gmsaCredentialSpecName: - description: GMSACredentialSpecName is - the name of the GMSA credential spec - to use. - type: string - hostProcess: - description: HostProcess determines if - a container should be run as a 'Host - Process' container. - type: boolean - runAsUserName: - description: The UserName in Windows to - run the entrypoint of the container - process. - type: string - type: object - type: object - startupProbe: - description: Probes are not allowed for ephemeral - containers. - properties: - exec: - description: Exec specifies the action to - take. - properties: - command: - description: 'Command is the command line - to execute inside the container, the - working directory for the command ' - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures - for the probe to be considered failed after - having succeeded. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving - a GRPC port. - properties: - port: - description: Port number of the gRPC service. - Number must be in the range 1 to 65535. - format: int32 - type: integer - service: - description: Service is the name of the - service to place in the gRPC HealthCheckRequest - (see https://github. - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http request - to perform. - properties: - host: - description: Host name to connect to, - defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set in - the request. HTTP allows repeated headers. - items: - description: HTTPHeader describes a - custom header to be used in HTTP probes - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP - server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port - to access on the container. Number must - be in the range 1 to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: Number of seconds after the container - has started before liveness probes are initiated. - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform - the probe. Default to 10 seconds. Minimum - value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes - for the probe to be considered successful - after having failed. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action - involving a TCP port. - properties: - host: - description: 'Optional: Host name to connect - to, defaults to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port - to access on the container. Number must - be in the range 1 to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds - the pod needs to terminate gracefully upon - probe failure. - format: int64 - type: integer - timeoutSeconds: - description: Number of seconds after which - the probe times out. Defaults to 1 second. - Minimum value is 1. - format: int32 - type: integer - type: object - stdin: - description: Whether this container should allocate - a buffer for stdin in the container runtime. - type: boolean - stdinOnce: - description: Whether the container runtime should - close the stdin channel after it has been opened - by a single at - type: boolean - targetContainerName: - description: If set, the name of the container - from PodSpec that this ephemeral container targets. - type: string - terminationMessagePath: - description: 'Optional: Path at which the file - to which the container''s termination message - will be written is mou' - type: string - terminationMessagePolicy: - description: Indicate how the termination message - should be populated. - type: string - tty: - description: Whether this container should allocate - a TTY for itself, also requires 'stdin' to be - true. - type: boolean - volumeDevices: - description: volumeDevices is the list of block - devices to be used by the container. - items: - description: volumeDevice describes a mapping - of a raw block device within a container. - properties: - devicePath: - description: devicePath is the path inside - of the container that the device will - be mapped to. - type: string - name: - description: name must match the name of - a persistentVolumeClaim in the pod - type: string - required: - - devicePath - - name - type: object - type: array - volumeMounts: - description: Pod volumes to mount into the container's - filesystem. - items: - description: VolumeMount describes a mounting - of a Volume within a container. - properties: - mountPath: - description: Path within the container at - which the volume should be mounted. Must - not contain ':'. - type: string - mountPropagation: - description: mountPropagation determines - how mounts are propagated from the host - to container and the other way a - type: string - name: - description: This must match the Name of - a Volume. - type: string - readOnly: - description: Mounted read-only if true, - read-write otherwise (false or unspecified). - Defaults to false. - type: boolean - subPath: - description: Path within the volume from - which the container's volume should be - mounted. - type: string - subPathExpr: - description: Expanded path within the volume - from which the container's volume should - be mounted. - type: string - required: - - mountPath - - name - type: object - type: array - workingDir: - description: Container's working directory. - type: string - required: - - name - type: object - type: array - hostAliases: - description: 'HostAliases is an optional list of hosts - and IPs that will be injected into the pod''s hosts - file if ' - items: - description: 'HostAlias holds the mapping between - IP and hostnames that will be injected as an entry - in the pod''s ' - properties: - hostnames: - description: Hostnames for the above IP address. - items: - type: string - type: array - ip: - description: IP address of the host file entry. - type: string - type: object - type: array - hostIPC: - description: 'Use the host''s ipc namespace. Optional: - Default to false.' - type: boolean - hostNetwork: - description: Host networking requested for this pod. - Use the host's network namespace. - type: boolean - hostPID: - description: 'Use the host''s pid namespace. Optional: - Default to false.' - type: boolean - hostname: - description: Specifies the hostname of the Pod If not - specified, the pod's hostname will be set to a system-defin - type: string - imagePullSecrets: - description: ImagePullSecrets is an optional list of - references to secrets in the same namespace to use - for pulli - items: - description: 'LocalObjectReference contains enough - information to let you locate the referenced object - inside the ' - properties: - name: - description: 'Name of the referent. More info: - https://kubernetes.' - type: string - type: object - type: array - initContainers: - description: List of initialization containers belonging - to the pod. - items: - description: A single application container that you - want to run within a pod. - properties: - args: - description: Arguments to the entrypoint. The - docker image's CMD is used if this is not provided. - items: - type: string - type: array - command: - description: Entrypoint array. Not executed within - a shell. - items: - type: string - type: array - env: - description: List of environment variables to - set in the container. Cannot be updated. - items: - description: EnvVar represents an environment - variable present in a Container. - properties: - name: - description: Name of the environment variable. - Must be a C_IDENTIFIER. - type: string - value: - description: Variable references $(VAR_NAME) - are expanded using the previously defined - environment variables in t - type: string - valueFrom: - description: Source for the environment - variable's value. Cannot be used if value - is not empty. - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether the - ConfigMap or its key must be defined - type: boolean - required: - - key - type: object - fieldRef: - description: 'Selects a field of the - pod: supports metadata.name, metadata.namespace, - `metadata.' - properties: - apiVersion: - description: Version of the schema - the FieldPath is written in terms - of, defaults to "v1". - type: string - fieldPath: - description: Path of the field to - select in the specified API version. - type: string - required: - - fieldPath - type: object - resourceFieldRef: - description: 'Selects a resource of - the container: only resources limits - and requests (limits.cpu, limits.' - properties: - containerName: - description: 'Container name: required - for volumes, optional for env - vars' - type: string - divisor: - anyOf: - - type: integer - - type: string - description: Specifies the output - format of the exposed resources, - defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: 'Required: resource - to select' - type: string - required: - - resource - type: object - secretKeyRef: - description: Selects a key of a secret - in the pod's namespace - properties: - key: - description: The key of the secret - to select from. Must be a valid - secret key. - type: string - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether the - Secret or its key must be defined - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - envFrom: - description: List of sources to populate environment - variables in the container. - items: - description: EnvFromSource represents the source - of a set of ConfigMaps - properties: - configMapRef: - description: The ConfigMap to select from - properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether the ConfigMap - must be defined - type: boolean - type: object - prefix: - description: An optional identifier to prepend - to each key in the ConfigMap. Must be - a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether the Secret - must be defined - type: boolean - type: object - type: object - type: array - image: - description: 'Docker image name. More info: https://kubernetes.' - type: string - imagePullPolicy: - description: Image pull policy. One of Always, - Never, IfNotPresent. - type: string - lifecycle: - description: Actions that the management system - should take in response to container lifecycle - events. - properties: - postStart: - description: PostStart is called immediately - after a container is created. - properties: - exec: - description: Exec specifies the action - to take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the command ' - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect - to, defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set - in the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in - HTTP probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the - HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the - port to access on the container. - Number must be in the range 1 to - 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - tcpSocket: - description: Deprecated. - properties: - host: - description: 'Optional: Host name - to connect to, defaults to the pod - IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the - port to access on the container. - Number must be in the range 1 to - 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - preStop: - description: PreStop is called immediately - before a container is terminated due to - an API request or management e - properties: - exec: - description: Exec specifies the action - to take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the command ' - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect - to, defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set - in the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in - HTTP probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the - HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the - port to access on the container. - Number must be in the range 1 to - 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - tcpSocket: - description: Deprecated. - properties: - host: - description: 'Optional: Host name - to connect to, defaults to the pod - IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the - port to access on the container. - Number must be in the range 1 to - 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - type: object - livenessProbe: - description: Periodic probe of container liveness. - Container will be restarted if the probe fails. - properties: - exec: - description: Exec specifies the action to - take. - properties: - command: - description: 'Command is the command line - to execute inside the container, the - working directory for the command ' - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures - for the probe to be considered failed after - having succeeded. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving - a GRPC port. - properties: - port: - description: Port number of the gRPC service. - Number must be in the range 1 to 65535. - format: int32 - type: integer - service: - description: Service is the name of the - service to place in the gRPC HealthCheckRequest - (see https://github. - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http request - to perform. - properties: - host: - description: Host name to connect to, - defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set in - the request. HTTP allows repeated headers. - items: - description: HTTPHeader describes a - custom header to be used in HTTP probes - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP - server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port - to access on the container. Number must - be in the range 1 to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: Number of seconds after the container - has started before liveness probes are initiated. - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform - the probe. Default to 10 seconds. Minimum - value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes - for the probe to be considered successful - after having failed. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action - involving a TCP port. - properties: - host: - description: 'Optional: Host name to connect - to, defaults to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port - to access on the container. Number must - be in the range 1 to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds - the pod needs to terminate gracefully upon - probe failure. - format: int64 - type: integer - timeoutSeconds: - description: Number of seconds after which - the probe times out. Defaults to 1 second. - Minimum value is 1. - format: int32 - type: integer - type: object - name: - description: Name of the container specified as - a DNS_LABEL. - type: string - ports: - description: List of ports to expose from the - container. - items: - description: ContainerPort represents a network - port in a single container. - properties: - containerPort: - description: Number of port to expose on - the pod's IP address. This must be a valid - port number, 0 < x < 65536. - format: int32 - type: integer - hostIP: - description: What host IP to bind the external - port to. - type: string - hostPort: - description: Number of port to expose on - the host. If specified, this must be a - valid port number, 0 < x < 65536. - format: int32 - type: integer - name: - description: If specified, this must be - an IANA_SVC_NAME and unique within the - pod. - type: string - protocol: - default: TCP - description: Protocol for port. Must be - UDP, TCP, or SCTP. Defaults to "TCP". - type: string - required: - - containerPort - type: object - type: array - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: Periodic probe of container service - readiness. - properties: - exec: - description: Exec specifies the action to - take. - properties: - command: - description: 'Command is the command line - to execute inside the container, the - working directory for the command ' - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures - for the probe to be considered failed after - having succeeded. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving - a GRPC port. - properties: - port: - description: Port number of the gRPC service. - Number must be in the range 1 to 65535. - format: int32 - type: integer - service: - description: Service is the name of the - service to place in the gRPC HealthCheckRequest - (see https://github. - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http request - to perform. - properties: - host: - description: Host name to connect to, - defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set in - the request. HTTP allows repeated headers. - items: - description: HTTPHeader describes a - custom header to be used in HTTP probes - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP - server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port - to access on the container. Number must - be in the range 1 to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: Number of seconds after the container - has started before liveness probes are initiated. - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform - the probe. Default to 10 seconds. Minimum - value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes - for the probe to be considered successful - after having failed. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action - involving a TCP port. - properties: - host: - description: 'Optional: Host name to connect - to, defaults to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port - to access on the container. Number must - be in the range 1 to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds - the pod needs to terminate gracefully upon - probe failure. - format: int64 - type: integer - timeoutSeconds: - description: Number of seconds after which - the probe times out. Defaults to 1 second. - Minimum value is 1. - format: int32 - type: integer - type: object - resources: - description: 'Compute Resources required by this - container. Cannot be updated. More info: https://kubernetes.' - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Limits describes the maximum - amount of compute resources allowed. More - info: https://kubernetes.' - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: Requests describes the minimum - amount of compute resources required. - type: object - type: object - securityContext: - description: SecurityContext defines the security - options the container should be run with. - properties: - allowPrivilegeEscalation: - description: AllowPrivilegeEscalation controls - whether a process can gain more privileges - than its parent process - type: boolean - capabilities: - description: The capabilities to add/drop - when running containers. - properties: - add: - description: Added capabilities - items: - description: Capability represent POSIX - capabilities type - type: string - type: array - drop: - description: Removed capabilities - items: - description: Capability represent POSIX - capabilities type - type: string - type: array - type: object - privileged: - description: Run container in privileged mode. - type: boolean - procMount: - description: procMount denotes the type of - proc mount to use for the containers. - type: string - readOnlyRootFilesystem: - description: Whether this container has a - read-only root filesystem. Default is false. - type: boolean - runAsGroup: - description: The GID to run the entrypoint - of the container process. Uses runtime default - if unset. - format: int64 - type: integer - runAsNonRoot: - description: Indicates that the container - must run as a non-root user. - type: boolean - runAsUser: - description: The UID to run the entrypoint - of the container process. - format: int64 - type: integer - seLinuxOptions: - description: The SELinux context to be applied - to the container. - properties: - level: - description: Level is SELinux level label - that applies to the container. - type: string - role: - description: Role is a SELinux role label - that applies to the container. - type: string - type: - description: Type is a SELinux type label - that applies to the container. - type: string - user: - description: User is a SELinux user label - that applies to the container. - type: string - type: object - seccompProfile: - description: The seccomp options to use by - this container. - properties: - localhostProfile: - description: localhostProfile indicates - a profile defined in a file on the node - should be used. - type: string - type: - description: type indicates which kind - of seccomp profile will be applied. - type: string - required: - - type - type: object - windowsOptions: - description: The Windows specific settings - applied to all containers. - properties: - gmsaCredentialSpec: - description: GMSACredentialSpec is where - the GMSA admission webhook (https://github. - type: string - gmsaCredentialSpecName: - description: GMSACredentialSpecName is - the name of the GMSA credential spec - to use. - type: string - hostProcess: - description: HostProcess determines if - a container should be run as a 'Host - Process' container. - type: boolean - runAsUserName: - description: The UserName in Windows to - run the entrypoint of the container - process. - type: string - type: object - type: object - startupProbe: - description: StartupProbe indicates that the Pod - has successfully initialized. - properties: - exec: - description: Exec specifies the action to - take. - properties: - command: - description: 'Command is the command line - to execute inside the container, the - working directory for the command ' - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures - for the probe to be considered failed after - having succeeded. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving - a GRPC port. - properties: - port: - description: Port number of the gRPC service. - Number must be in the range 1 to 65535. - format: int32 - type: integer - service: - description: Service is the name of the - service to place in the gRPC HealthCheckRequest - (see https://github. - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http request - to perform. - properties: - host: - description: Host name to connect to, - defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set in - the request. HTTP allows repeated headers. - items: - description: HTTPHeader describes a - custom header to be used in HTTP probes - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP - server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port - to access on the container. Number must - be in the range 1 to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: Number of seconds after the container - has started before liveness probes are initiated. - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform - the probe. Default to 10 seconds. Minimum - value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes - for the probe to be considered successful - after having failed. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action - involving a TCP port. - properties: - host: - description: 'Optional: Host name to connect - to, defaults to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port - to access on the container. Number must - be in the range 1 to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds - the pod needs to terminate gracefully upon - probe failure. - format: int64 - type: integer - timeoutSeconds: - description: Number of seconds after which - the probe times out. Defaults to 1 second. - Minimum value is 1. - format: int32 - type: integer - type: object - stdin: - description: Whether this container should allocate - a buffer for stdin in the container runtime. - type: boolean - stdinOnce: - description: Whether the container runtime should - close the stdin channel after it has been opened - by a single at - type: boolean - terminationMessagePath: - description: 'Optional: Path at which the file - to which the container''s termination message - will be written is mou' - type: string - terminationMessagePolicy: - description: Indicate how the termination message - should be populated. - type: string - tty: - description: Whether this container should allocate - a TTY for itself, also requires 'stdin' to be - true. - type: boolean - volumeDevices: - description: volumeDevices is the list of block - devices to be used by the container. - items: - description: volumeDevice describes a mapping - of a raw block device within a container. - properties: - devicePath: - description: devicePath is the path inside - of the container that the device will - be mapped to. - type: string - name: - description: name must match the name of - a persistentVolumeClaim in the pod - type: string - required: - - devicePath - - name - type: object - type: array - volumeMounts: - description: Pod volumes to mount into the container's - filesystem. Cannot be updated. - items: - description: VolumeMount describes a mounting - of a Volume within a container. - properties: - mountPath: - description: Path within the container at - which the volume should be mounted. Must - not contain ':'. - type: string - mountPropagation: - description: mountPropagation determines - how mounts are propagated from the host - to container and the other way a - type: string - name: - description: This must match the Name of - a Volume. - type: string - readOnly: - description: Mounted read-only if true, - read-write otherwise (false or unspecified). - Defaults to false. - type: boolean - subPath: - description: Path within the volume from - which the container's volume should be - mounted. - type: string - subPathExpr: - description: Expanded path within the volume - from which the container's volume should - be mounted. - type: string - required: - - mountPath - - name - type: object - type: array - workingDir: - description: Container's working directory. - type: string - required: - - name - type: object - type: array - nodeName: - description: NodeName is a request to schedule this - pod onto a specific node. - type: string - nodeSelector: - additionalProperties: - type: string - description: NodeSelector is a selector which must be - true for the pod to fit on a node. - type: object - x-kubernetes-map-type: atomic - os: - description: Specifies the OS of the containers in the - pod. - properties: - name: - description: Name is the name of the operating system. - The currently supported values are linux and windows. - type: string - required: - - name - type: object - overhead: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: Overhead represents the resource overhead - associated with running a pod for a given RuntimeClass. - type: object - preemptionPolicy: - description: PreemptionPolicy is the Policy for preempting - pods with lower priority. - type: string - priority: - description: The priority value. Various system components - use this field to find the priority of the pod. - format: int32 - type: integer - priorityClassName: - description: If specified, indicates the pod's priority. - type: string - readinessGates: - description: If specified, all readiness gates will - be evaluated for pod readiness. - items: - description: PodReadinessGate contains the reference - to a pod condition - properties: - conditionType: - description: ConditionType refers to a condition - in the pod's condition list with matching type. - type: string - required: - - conditionType - type: object - type: array - restartPolicy: - description: Restart policy for all containers within - the pod. One of Always, OnFailure, Never. - type: string - runtimeClassName: - description: RuntimeClassName refers to a RuntimeClass - object in the node.k8s. - type: string - schedulerName: - description: If specified, the pod will be dispatched - by specified scheduler. - type: string - securityContext: - description: SecurityContext holds pod-level security - attributes and common container settings. - properties: - fsGroup: - description: A special supplemental group that applies - to all containers in a pod. - format: int64 - type: integer - fsGroupChangePolicy: - description: fsGroupChangePolicy defines behavior - of changing ownership and permission of the volume - before being - type: string - runAsGroup: - description: The GID to run the entrypoint of the - container process. Uses runtime default if unset. - format: int64 - type: integer - runAsNonRoot: - description: Indicates that the container must run - as a non-root user. - type: boolean - runAsUser: - description: The UID to run the entrypoint of the - container process. - format: int64 - type: integer - seLinuxOptions: - description: The SELinux context to be applied to - all containers. - properties: - level: - description: Level is SELinux level label that - applies to the container. - type: string - role: - description: Role is a SELinux role label that - applies to the container. - type: string - type: - description: Type is a SELinux type label that - applies to the container. - type: string - user: - description: User is a SELinux user label that - applies to the container. - type: string - type: object - seccompProfile: - description: The seccomp options to use by the containers - in this pod. - properties: - localhostProfile: - description: localhostProfile indicates a profile - defined in a file on the node should be used. - type: string - type: - description: type indicates which kind of seccomp - profile will be applied. - type: string - required: - - type - type: object - supplementalGroups: - description: 'A list of groups applied to the first - process run in each container, in addition to - the container''s ' - items: - format: int64 - type: integer - type: array - sysctls: - description: Sysctls hold a list of namespaced sysctls - used for the pod. - items: - description: Sysctl defines a kernel parameter - to be set - properties: - name: - description: Name of a property to set - type: string - value: - description: Value of a property to set - type: string - required: - - name - - value - type: object - type: array - windowsOptions: - description: The Windows specific settings applied - to all containers. - properties: - gmsaCredentialSpec: - description: GMSACredentialSpec is where the - GMSA admission webhook (https://github. - type: string - gmsaCredentialSpecName: - description: GMSACredentialSpecName is the name - of the GMSA credential spec to use. - type: string - hostProcess: - description: HostProcess determines if a container - should be run as a 'Host Process' container. - type: boolean - runAsUserName: - description: The UserName in Windows to run - the entrypoint of the container process. - type: string - type: object - type: object - serviceAccount: - description: DeprecatedServiceAccount is a depreciated - alias for ServiceAccountName. - type: string - serviceAccountName: - description: ServiceAccountName is the name of the ServiceAccount - to use to run this pod. - type: string - setHostnameAsFQDN: - description: If true the pod's hostname will be configured - as the pod's FQDN, rather than the leaf name (the - defa - type: boolean - shareProcessNamespace: - description: Share a single process namespace between - all of the containers in a pod. - type: boolean - subdomain: - description: If specified, the fully qualified Pod hostname - will be "...svc. - type: string - terminationGracePeriodSeconds: - description: Optional duration in seconds the pod needs - to terminate gracefully. - format: int64 - type: integer - tolerations: - description: If specified, the pod's tolerations. - items: - description: The pod this Toleration is attached to - tolerates any taint that matches the triple name on the dataset for Flocker - should be considered as de - type: string - datasetUUID: - description: UUID of the dataset. This is - unique identifier of a Flocker dataset - type: string - type: object - gcePersistentDisk: - description: GCEPersistentDisk represents a GCE - Disk resource that is attached to a kubelet's - host machine and th - properties: - fsType: - description: Filesystem type of the volume - that you want to mount. - type: string - partition: - description: The partition in the volume that - you want to mount. - format: int32 - type: integer - pdName: - description: Unique name of the PD resource - in GCE. Used to identify the disk in GCE. - type: string - readOnly: - description: ReadOnly here will force the - ReadOnly setting in VolumeMounts. Defaults - to false. - type: boolean - required: - - pdName - type: object - gitRepo: - description: 'GitRepo represents a git repository - at a particular revision. DEPRECATED: GitRepo - is deprecated.' - properties: - directory: - description: Target directory name. Must not - contain or start with '..'. If '. - type: string - repository: - description: Repository URL - type: string - revision: - description: Commit hash for the specified - revision. - type: string - required: - - repository - type: object - glusterfs: - description: Glusterfs represents a Glusterfs - mount on the host that shares a pod's lifetime. - properties: - endpoints: - description: 'EndpointsName is the endpoint - name that details Glusterfs topology. More - info: https://examples.k8s.' - type: string - path: - description: 'Path is the Glusterfs volume - path. More info: https://examples.k8s.io/volumes/glusterfs/README.' - type: string - readOnly: - description: ReadOnly here will force the - Glusterfs volume to be mounted with read-only - permissions. - type: boolean - required: - - endpoints - - path - type: object - hostPath: - description: HostPath represents a pre-existing - file or directory on the host machine that is - directly exposed to - properties: - path: - description: Path of the directory on the - host. - type: string - type: - description: 'Type for HostPath Volume Defaults - to "" More info: https://kubernetes.' - type: string - required: - - path - type: object - iscsi: - description: ISCSI represents an ISCSI Disk resource - that is attached to a kubelet's host machine - and then expose - properties: - chapAuthDiscovery: - description: whether support iSCSI Discovery - CHAP authentication - type: boolean - chapAuthSession: - description: whether support iSCSI Session - CHAP authentication - type: boolean - fsType: - description: Filesystem type of the volume - that you want to mount. - type: string - initiatorName: - description: Custom iSCSI Initiator Name. - type: string - iqn: - description: Target iSCSI Qualified Name. - type: string - iscsiInterface: - description: iSCSI Interface Name that uses - an iSCSI transport. Defaults to 'default' - (tcp). - type: string - lun: - description: iSCSI Target Lun number. - format: int32 - type: integer - portals: - description: iSCSI Target Portal List. - items: - type: string - type: array - readOnly: - description: ReadOnly here will force the - ReadOnly setting in VolumeMounts. Defaults - to false. - type: boolean - secretRef: - description: CHAP Secret for iSCSI target - and initiator authentication - properties: - name: - description: 'Name of the referent. More - info: https://kubernetes.' - type: string - type: object - targetPortal: - description: iSCSI Target Portal. - type: string - required: - - iqn - - lun - - targetPortal - type: object - name: - description: 'Volume''s name. Must be a DNS_LABEL - and unique within the pod. More info: https://kubernetes.' - type: string - nfs: - description: 'NFS represents an NFS mount on the - host that shares a pod''s lifetime More info: - https://kubernetes.' - properties: - path: - description: 'Path that is exported by the - NFS server. More info: https://kubernetes.' - type: string - readOnly: - description: ReadOnly here will force the - NFS export to be mounted with read-only - permissions. Defaults to false. - type: boolean - server: - description: 'Server is the hostname or IP - address of the NFS server. More info: https://kubernetes.' - type: string - required: - - path - - server - type: object - persistentVolumeClaim: - description: PersistentVolumeClaimVolumeSource - represents a reference to a PersistentVolumeClaim - in the same name - properties: - claimName: - description: ClaimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this - volume. - type: string - readOnly: - description: Will force the ReadOnly setting - in VolumeMounts. Default false. - type: boolean - required: - - claimName - type: object - photonPersistentDisk: - description: 'PhotonPersistentDisk represents - a PhotonController persistent disk attached - and mounted on kubelets ' - properties: - fsType: - description: Filesystem type to mount. Must - be a filesystem type supported by the host - operating system. Ex. - type: string - pdID: - description: ID that identifies Photon Controller - persistent disk - type: string - required: - - pdID - type: object - portworxVolume: - description: PortworxVolume represents a portworx - volume attached and mounted on kubelets host - machine - properties: - fsType: - description: FSType represents the filesystem - type to mount Must be a filesystem type - supported by the host opera - type: string - readOnly: - description: Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. - type: boolean - volumeID: - description: VolumeID uniquely identifies - a Portworx volume - type: string - required: - - volumeID - type: object - projected: - description: Items for all in one resources secrets, - configmaps, and downward API - properties: - defaultMode: - description: Mode bits used to set permissions - on created files by default. - format: int32 - type: integer - sources: - description: list of volume projections - items: - description: Projection that may be projected - along with other supported volume types - properties: - configMap: - description: information about the configMap - data to project - properties: - items: - description: 'If unspecified, each - key-value pair in the Data field - of the referenced ConfigMap will - be projected ' - items: - description: Maps a string key - to a path within a volume. - properties: - key: - description: The key to project. - type: string - mode: - description: 'Optional: mode - bits used to set permissions - on this file.' - format: int32 - type: integer - path: - description: The relative - path of the file to map - the key to. May not be an - absolute path. - type: string - required: - - key - - path - type: object - type: array - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether the - ConfigMap or its keys must be - defined - type: boolean - type: object - downwardAPI: - description: information about the downwardAPI - data to project - properties: - items: - description: Items is a list of - DownwardAPIVolume file - items: - description: DownwardAPIVolumeFile - represents information to create - the file containing the pod - field - properties: - fieldRef: - description: 'Required: Selects - a field of the pod: only - annotations, labels, name - and namespace are supported.' - properties: - apiVersion: - description: Version of - the schema the FieldPath - is written in terms - of, defaults to "v1". - type: string - fieldPath: - description: Path of the - field to select in the - specified API version. - type: string - required: - - fieldPath - type: object - mode: - description: 'Optional: mode - bits used to set permissions - on this file, must be an - octal value between 0000 - and 07' - format: int32 - type: integer - path: - description: 'Required: Path - is the relative path name - of the file to be created.' - type: string - resourceFieldRef: - description: 'Selects a resource - of the container: only resources - limits and requests (limits.cpu, - limits.' - properties: - containerName: - description: 'Container - name: required for volumes, - optional for env vars' - type: string - divisor: - anyOf: - - type: integer - - type: string - description: Specifies - the output format of - the exposed resources, - defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: 'Required: - resource to select' - type: string - required: - - resource - type: object - required: - - path - type: object - type: array - type: object - secret: - description: information about the secret - data to project - properties: - items: - description: If unspecified, each - key-value pair in the Data field - of the referenced Secret will - be projected int - items: - description: Maps a string key - to a path within a volume. - properties: - key: - description: The key to project. - type: string - mode: - description: 'Optional: mode - bits used to set permissions - on this file.' - format: int32 - type: integer - path: - description: The relative - path of the file to map - the key to. May not be an - absolute path. - type: string - required: - - key - - path - type: object - type: array - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether the - Secret or its key must be defined - type: boolean - type: object - serviceAccountToken: - description: information about the serviceAccountToken - data to project - properties: - audience: - description: Audience is the intended - audience of the token. - type: string - expirationSeconds: - description: ExpirationSeconds is - the requested duration of validity - of the service account token. - format: int64 - type: integer - path: - description: Path is the path relative - to the mount point of the file - to project the token into. - type: string - required: - - path - type: object - type: object - type: array - type: object - quobyte: - description: Quobyte represents a Quobyte mount - on the host that shares a pod's lifetime - properties: - group: - description: Group to map volume access to - Default is no group - type: string - readOnly: - description: ReadOnly here will force the - Quobyte volume to be mounted with read-only - permissions. - type: boolean - registry: - description: Registry represents a single - or multiple Quobyte Registry services specified - as a string as host:por - type: string - tenant: - description: Tenant owning the given Quobyte - volume in the Backend Used with dynamically - provisioned Quobyte volu - type: string - user: - description: User to map volume access to - Defaults to serivceaccount user - type: string - volume: - description: Volume is a string that references - an already created Quobyte volume by name. - type: string - required: - - registry - - volume - type: object - rbd: - description: RBD represents a Rados Block Device - mount on the host that shares a pod's lifetime. - properties: - fsType: - description: Filesystem type of the volume - that you want to mount. - type: string - image: - description: 'The rados image name. More info: - https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: string - keyring: - description: Keyring is the path to key ring - for RBDUser. Default is /etc/ceph/keyring. - type: string - monitors: - description: 'A collection of Ceph monitors. - More info: https://examples.k8s.io/volumes/rbd/README.' - items: - type: string - type: array - pool: - description: 'The rados pool name. Default - is rbd. More info: https://examples.k8s.io/volumes/rbd/README.' - type: string - readOnly: - description: ReadOnly here will force the - ReadOnly setting in VolumeMounts. Defaults - to false. - type: boolean - secretRef: - description: SecretRef is name of the authentication - secret for RBDUser. If provided overrides - keyring. - properties: - name: - description: 'Name of the referent. More - info: https://kubernetes.' - type: string - type: object - user: - description: 'The rados user name. Default - is admin. More info: https://examples.k8s.io/volumes/rbd/README.' - type: string - required: - - image - - monitors - type: object - scaleIO: - description: ScaleIO represents a ScaleIO persistent - volume attached and mounted on Kubernetes nodes. - properties: - fsType: - description: Filesystem type to mount. Must - be a filesystem type supported by the host - operating system. Ex. - type: string - gateway: - description: The host address of the ScaleIO - API Gateway. - type: string - protectionDomain: - description: The name of the ScaleIO Protection - Domain for the configured storage. - type: string - readOnly: - description: Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. - type: boolean - secretRef: - description: SecretRef references to the secret - for ScaleIO user and other sensitive information. - properties: - name: - description: 'Name of the referent. More - info: https://kubernetes.' - type: string - type: object - sslEnabled: - description: Flag to enable/disable SSL communication - with Gateway, default false - type: boolean - storageMode: - description: Indicates whether the storage - for a volume should be ThickProvisioned - or ThinProvisioned. - type: string - storagePool: - description: The ScaleIO Storage Pool associated - with the protection domain. - type: string - system: - description: The name of the storage system - as configured in ScaleIO. - type: string - volumeName: - description: The name of a volume already - created in the ScaleIO system that is associated - with this volume sourc - type: string - required: - - gateway - - secretRef - - system - type: object - secret: - description: 'Secret represents a secret that - should populate this volume. More info: https://kubernetes.' - properties: - defaultMode: - description: 'Optional: mode bits used to - set permissions on created files by default.' - format: int32 - type: integer - items: - description: If unspecified, each key-value - pair in the Data field of the referenced - Secret will be projected int - items: - description: Maps a string key to a path - within a volume. - properties: - key: - description: The key to project. - type: string - mode: - description: 'Optional: mode bits used - to set permissions on this file.' - format: int32 - type: integer - path: - description: The relative path of the - file to map the key to. May not be - an absolute path. - type: string - required: - - key - - path - type: object - type: array - optional: - description: Specify whether the Secret or - its keys must be defined - type: boolean - secretName: - description: 'Name of the secret in the pod''s - namespace to use. More info: https://kubernetes.' - type: string - type: object - storageos: - description: StorageOS represents a StorageOS - volume attached and mounted on Kubernetes nodes. - properties: - fsType: - description: Filesystem type to mount. Must - be a filesystem type supported by the host - operating system. Ex. - type: string - readOnly: - description: Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. - type: boolean - secretRef: - description: SecretRef specifies the secret - to use for obtaining the StorageOS API credentials. - properties: - name: - description: 'Name of the referent. More - info: https://kubernetes.' - type: string - type: object - volumeName: - description: VolumeName is the human-readable - name of the StorageOS volume. - type: string - volumeNamespace: - description: VolumeNamespace specifies the - scope of the volume within StorageOS. - type: string - type: object - vsphereVolume: - description: VsphereVolume represents a vSphere - volume attached and mounted on kubelets host - machine - properties: - fsType: - description: Filesystem type to mount. Must - be a filesystem type supported by the host - operating system. Ex. - type: string - storagePolicyID: - description: Storage Policy Based Management - (SPBM) profile ID associated with the StoragePolicyName. - type: string - storagePolicyName: - description: Storage Policy Based Management - (SPBM) profile name. - type: string - volumePath: - description: Path that identifies vSphere - volume vmdk - type: string - required: - - volumePath - type: object - required: - - name - type: object - type: array - required: - - containers - type: object - type: object - required: - - groupName - - maxReplicas - - minReplicas - - rayStartParams - - replicas - - template - type: object - type: array - required: - - headGroupSpec - type: object - status: - description: RayClusterStatus defines the observed state of RayCluster - properties: - availableWorkerReplicas: - description: AvailableWorkerReplicas indicates how many replicas are - available in the cluster - format: int32 - type: integer - desiredWorkerReplicas: - description: DesiredWorkerReplicas indicates overall desired replicas - claimed by the user at the cluster level. - format: int32 - type: integer - endpoints: - additionalProperties: - type: string - description: Service Endpoints - type: object - lastUpdateTime: - description: LastUpdateTime indicates last update timestamp for this - cluster status. - format: date-time - nullable: true - type: string - maxWorkerReplicas: - description: MaxWorkerReplicas indicates sum of maximum replicas of - each node group. - format: int32 - type: integer - minWorkerReplicas: - description: MinWorkerReplicas indicates sum of minimum replicas of - each node group. - format: int32 - type: integer - state: - description: 'INSERT ADDITIONAL STATUS FIELD - define observed state - of cluster Important: Run "make" to regenerat' - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/infrastructure/helm/quantumserverless/charts/operator/crds/ray.io_rayjobs.yaml b/infrastructure/helm/quantumserverless/charts/operator/crds/ray.io_rayjobs.yaml deleted file mode 100644 index 5b19903d1..000000000 --- a/infrastructure/helm/quantumserverless/charts/operator/crds/ray.io_rayjobs.yaml +++ /dev/null @@ -1,11720 +0,0 @@ - ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.6.0 - creationTimestamp: null - name: rayjobs.ray.io -spec: - group: ray.io - names: - kind: RayJob - listKind: RayJobList - plural: rayjobs - singular: rayjob - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: RayJob is the Schema for the rayjobs API - properties: - apiVersion: - description: APIVersion defines the versioned schema of this representation - of an object. - type: string - kind: - description: Kind is a string value representing the REST resource this - object represents. - type: string - metadata: - type: object - spec: - description: RayJobSpec defines the desired state of RayJob - properties: - clusterSelector: - additionalProperties: - type: string - description: clusterSelector is used to select running rayclusters - by labels - type: object - entrypoint: - description: 'INSERT ADDITIONAL SPEC FIELDS - desired state of cluster - Important: Run "make" to regenerate code af' - type: string - jobId: - description: If jobId is not set, a new jobId will be auto-generated. - type: string - metadata: - additionalProperties: - type: string - description: Metadata is data to store along with this job. - type: object - rayClusterSpec: - description: RayClusterSpec is the cluster template to run the job - properties: - autoscalerOptions: - description: AutoscalerOptions specifies optional configuration - for the Ray autoscaler. - properties: - env: - description: Optional list of environment variables to set - in the autoscaler container. - items: - description: EnvVar represents an environment variable present - in a Container. - properties: - name: - description: Name of the environment variable. Must - be a C_IDENTIFIER. - type: string - value: - description: Variable references $(VAR_NAME) are expanded - using the previously defined environment variables - in t - type: string - valueFrom: - description: Source for the environment variable's value. - Cannot be used if value is not empty. - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.' - type: string - optional: - description: Specify whether the ConfigMap or - its key must be defined - type: boolean - required: - - key - type: object - fieldRef: - description: 'Selects a field of the pod: supports - metadata.name, metadata.namespace, `metadata.' - properties: - apiVersion: - description: Version of the schema the FieldPath - is written in terms of, defaults to "v1". - type: string - fieldPath: - description: Path of the field to select in - the specified API version. - type: string - required: - - fieldPath - type: object - resourceFieldRef: - description: 'Selects a resource of the container: - only resources limits and requests (limits.cpu, - limits.' - properties: - containerName: - description: 'Container name: required for volumes, - optional for env vars' - type: string - divisor: - anyOf: - - type: integer - - type: string - description: Specifies the output format of - the exposed resources, defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: 'Required: resource to select' - type: string - required: - - resource - type: object - secretKeyRef: - description: Selects a key of a secret in the pod's - namespace - properties: - key: - description: The key of the secret to select - from. Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.' - type: string - optional: - description: Specify whether the Secret or its - key must be defined - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - envFrom: - description: Optional list of sources to populate environment - variables in the autoscaler container. - items: - description: EnvFromSource represents the source of a set - of ConfigMaps - properties: - configMapRef: - description: The ConfigMap to select from - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.' - type: string - optional: - description: Specify whether the ConfigMap must - be defined - type: boolean - type: object - prefix: - description: An optional identifier to prepend to each - key in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.' - type: string - optional: - description: Specify whether the Secret must be - defined - type: boolean - type: object - type: object - type: array - idleTimeoutSeconds: - description: IdleTimeoutSeconds is the number of seconds to - wait before scaling down a worker pod which is not us - format: int32 - type: integer - image: - description: Image optionally overrides the autoscaler's container - image. - type: string - imagePullPolicy: - description: ImagePullPolicy optionally overrides the autoscaler - container's image pull policy. - type: string - resources: - description: Resources specifies optional resource request - and limit overrides for the autoscaler container. - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.' - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: Requests describes the minimum amount of - compute resources required. - type: object - type: object - upscalingMode: - description: UpscalingMode is "Conservative", "Default", or - "Aggressive. - enum: - - Default - - Aggressive - - Conservative - type: string - type: object - enableInTreeAutoscaling: - description: EnableInTreeAutoscaling indicates whether operator - should create in tree autoscaling configs - type: boolean - headGroupSpec: - description: 'INSERT ADDITIONAL SPEC FIELDS - desired state of - cluster Important: Run "make" to regenerate code af' - properties: - enableIngress: - description: EnableIngress indicates whether operator should - create ingress object for head service or not. - type: boolean - rayStartParams: - additionalProperties: - type: string - description: 'RayStartParams are the params of the start command: - node-manager-port, object-store-memory, ...' - type: object - replicas: - description: HeadGroupSpec.Replicas is deprecated and ignored; - there can only be one head pod per Ray cluster. - format: int32 - type: integer - serviceType: - description: ServiceType is Kubernetes service type of the - head service. - type: string - template: - description: Template is the eaxct pod template used in K8s - depoyments, statefulsets, etc. - properties: - metadata: - description: 'Standard object''s metadata. More info: - https://git.k8s.' - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - description: 'Specification of the desired behavior of - the pod. More info: https://git.k8s.' - properties: - activeDeadlineSeconds: - description: Optional duration in seconds the pod - may be active on the node relative to StartTime - before the syst - format: int64 - type: integer - affinity: - description: If specified, the pod's scheduling constraints - properties: - nodeAffinity: - description: Describes node affinity scheduling - rules for the pod. - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: 'The scheduler will prefer to - schedule pods to nodes that satisfy the - affinity expressions specified ' - items: - description: An empty preferred scheduling - term matches all objects with implicit - weight 0 (i.e. it's a no-op). - properties: - preference: - description: A node selector term, associated - with the corresponding weight. - properties: - matchExpressions: - description: A list of node selector - requirements by node's labels. - items: - description: 'A node selector - requirement is a selector that - contains values, a key, and - an operator that relates ' - properties: - key: - description: The label key - that the selector applies - to. - type: string - operator: - description: Represents a - key's relationship to a - set of values. - type: string - values: - description: An array of string - values. If the operator - is In or NotIn, the values - array must be non-empty. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - description: A list of node selector - requirements by node's fields. - items: - description: 'A node selector - requirement is a selector that - contains values, a key, and - an operator that relates ' - properties: - key: - description: The label key - that the selector applies - to. - type: string - operator: - description: Represents a - key's relationship to a - set of values. - type: string - values: - description: An array of string - values. If the operator - is In or NotIn, the values - array must be non-empty. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - weight: - description: Weight associated with - matching the corresponding nodeSelectorTerm, - in the range 1-100. - format: int32 - type: integer - required: - - preference - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements - specified by this field are not met at scheduling - time, the pod will no - properties: - nodeSelectorTerms: - description: Required. A list of node - selector terms. The terms are ORed. - items: - description: A null or empty node selector - term matches no objects. The requirements - of them are ANDed. - properties: - matchExpressions: - description: A list of node selector - requirements by node's labels. - items: - description: 'A node selector - requirement is a selector that - contains values, a key, and - an operator that relates ' - properties: - key: - description: The label key - that the selector applies - to. - type: string - operator: - description: Represents a - key's relationship to a - set of values. - type: string - values: - description: An array of string - values. If the operator - is In or NotIn, the values - array must be non-empty. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - description: A list of node selector - requirements by node's fields. - items: - description: 'A node selector - requirement is a selector that - contains values, a key, and - an operator that relates ' - properties: - key: - description: The label key - that the selector applies - to. - type: string - operator: - description: Represents a - key's relationship to a - set of values. - type: string - values: - description: An array of string - values. If the operator - is In or NotIn, the values - array must be non-empty. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - type: array - required: - - nodeSelectorTerms - type: object - type: object - podAffinity: - description: Describes pod affinity scheduling - rules (e.g. co-locate this pod in the same node, - zone, etc. - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: 'The scheduler will prefer to - schedule pods to nodes that satisfy the - affinity expressions specified ' - items: - description: The weights of all of the matched - WeightedPodAffinityTerm fields are added - per-node to find the most - properties: - podAffinityTerm: - description: Required. A pod affinity - term, associated with the corresponding - weight. - properties: - labelSelector: - description: A label query over - a set of resources, in this case - pods. - properties: - matchExpressions: - description: matchExpressions - is a list of label selector - requirements. The requirements - are ANDed. - items: - description: A label selector - requirement is a selector - that contains values, a - key, and an operator that - relates - properties: - key: - description: key is the - label key that the selector - applies to. - type: string - operator: - description: operator - represents a key's relationship - to a set of values. - type: string - values: - description: values is - an array of string values. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is - a map of {key,value} pairs. - type: object - type: object - namespaceSelector: - description: A label query over - the set of namespaces that the - term applies to. - properties: - matchExpressions: - description: matchExpressions - is a list of label selector - requirements. The requirements - are ANDed. - items: - description: A label selector - requirement is a selector - that contains values, a - key, and an operator that - relates - properties: - key: - description: key is the - label key that the selector - applies to. - type: string - operator: - description: operator - represents a key's relationship - to a set of values. - type: string - values: - description: values is - an array of string values. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is - a map of {key,value} pairs. - type: object - type: object - namespaces: - description: namespaces specifies - a static list of namespace names - that the term applies to. - items: - type: string - type: array - topologyKey: - description: This pod should be - co-located (affinity) or not co-located - (anti-affinity) with the pods - matching th - type: string - required: - - topologyKey - type: object - weight: - description: weight associated with - matching the corresponding podAffinityTerm, - in the range 1-100. - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements - specified by this field are not met at scheduling - time, the pod will no - items: - description: Defines a set of pods (namely - those matching the labelSelector relative - to the given namespace(s)) t - properties: - labelSelector: - description: A label query over a set - of resources, in this case pods. - properties: - matchExpressions: - description: matchExpressions is - a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector - requirement is a selector that - contains values, a key, and - an operator that relates - properties: - key: - description: key is the label - key that the selector applies - to. - type: string - operator: - description: operator represents - a key's relationship to - a set of values. - type: string - values: - description: values is an - array of string values. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map - of {key,value} pairs. - type: object - type: object - namespaceSelector: - description: A label query over the - set of namespaces that the term applies - to. - properties: - matchExpressions: - description: matchExpressions is - a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector - requirement is a selector that - contains values, a key, and - an operator that relates - properties: - key: - description: key is the label - key that the selector applies - to. - type: string - operator: - description: operator represents - a key's relationship to - a set of values. - type: string - values: - description: values is an - array of string values. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map - of {key,value} pairs. - type: object - type: object - namespaces: - description: namespaces specifies a - static list of namespace names that - the term applies to. - items: - type: string - type: array - topologyKey: - description: This pod should be co-located - (affinity) or not co-located (anti-affinity) - with the pods matching th - type: string - required: - - topologyKey - type: object - type: array - type: object - podAntiAffinity: - description: Describes pod anti-affinity scheduling - rules (e.g. - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to - schedule pods to nodes that satisfy the - anti-affinity expressions speci - items: - description: The weights of all of the matched - WeightedPodAffinityTerm fields are added - per-node to find the most - properties: - podAffinityTerm: - description: Required. A pod affinity - term, associated with the corresponding - weight. - properties: - labelSelector: - description: A label query over - a set of resources, in this case - pods. - properties: - matchExpressions: - description: matchExpressions - is a list of label selector - requirements. The requirements - are ANDed. - items: - description: A label selector - requirement is a selector - that contains values, a - key, and an operator that - relates - properties: - key: - description: key is the - label key that the selector - applies to. - type: string - operator: - description: operator - represents a key's relationship - to a set of values. - type: string - values: - description: values is - an array of string values. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is - a map of {key,value} pairs. - type: object - type: object - namespaceSelector: - description: A label query over - the set of namespaces that the - term applies to. - properties: - matchExpressions: - description: matchExpressions - is a list of label selector - requirements. The requirements - are ANDed. - items: - description: A label selector - requirement is a selector - that contains values, a - key, and an operator that - relates - properties: - key: - description: key is the - label key that the selector - applies to. - type: string - operator: - description: operator - represents a key's relationship - to a set of values. - type: string - values: - description: values is - an array of string values. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is - a map of {key,value} pairs. - type: object - type: object - namespaces: - description: namespaces specifies - a static list of namespace names - that the term applies to. - items: - type: string - type: array - topologyKey: - description: This pod should be - co-located (affinity) or not co-located - (anti-affinity) with the pods - matching th - type: string - required: - - topologyKey - type: object - weight: - description: weight associated with - matching the corresponding podAffinityTerm, - in the range 1-100. - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: If the anti-affinity requirements - specified by this field are not met at scheduling - time, the pod wi - items: - description: Defines a set of pods (namely - those matching the labelSelector relative - to the given namespace(s)) t - properties: - labelSelector: - description: A label query over a set - of resources, in this case pods. - properties: - matchExpressions: - description: matchExpressions is - a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector - requirement is a selector that - contains values, a key, and - an operator that relates - properties: - key: - description: key is the label - key that the selector applies - to. - type: string - operator: - description: operator represents - a key's relationship to - a set of values. - type: string - values: - description: values is an - array of string values. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map - of {key,value} pairs. - type: object - type: object - namespaceSelector: - description: A label query over the - set of namespaces that the term applies - to. - properties: - matchExpressions: - description: matchExpressions is - a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector - requirement is a selector that - contains values, a key, and - an operator that relates - properties: - key: - description: key is the label - key that the selector applies - to. - type: string - operator: - description: operator represents - a key's relationship to - a set of values. - type: string - values: - description: values is an - array of string values. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map - of {key,value} pairs. - type: object - type: object - namespaces: - description: namespaces specifies a - static list of namespace names that - the term applies to. - items: - type: string - type: array - topologyKey: - description: This pod should be co-located - (affinity) or not co-located (anti-affinity) - with the pods matching th - type: string - required: - - topologyKey - type: object - type: array - type: object - type: object - automountServiceAccountToken: - description: AutomountServiceAccountToken indicates - whether a service account token should be automatically - mount - type: boolean - containers: - description: List of containers belonging to the pod. - Containers cannot currently be added or removed. - items: - description: A single application container that - you want to run within a pod. - properties: - args: - description: Arguments to the entrypoint. The - docker image's CMD is used if this is not - provided. - items: - type: string - type: array - command: - description: Entrypoint array. Not executed - within a shell. - items: - type: string - type: array - env: - description: List of environment variables to - set in the container. Cannot be updated. - items: - description: EnvVar represents an environment - variable present in a Container. - properties: - name: - description: Name of the environment variable. - Must be a C_IDENTIFIER. - type: string - value: - description: Variable references $(VAR_NAME) - are expanded using the previously defined - environment variables in t - type: string - valueFrom: - description: Source for the environment - variable's value. Cannot be used if - value is not empty. - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether the - ConfigMap or its key must be - defined - type: boolean - required: - - key - type: object - fieldRef: - description: 'Selects a field of the - pod: supports metadata.name, metadata.namespace, - `metadata.' - properties: - apiVersion: - description: Version of the schema - the FieldPath is written in - terms of, defaults to "v1". - type: string - fieldPath: - description: Path of the field - to select in the specified API - version. - type: string - required: - - fieldPath - type: object - resourceFieldRef: - description: 'Selects a resource of - the container: only resources limits - and requests (limits.cpu, limits.' - properties: - containerName: - description: 'Container name: - required for volumes, optional - for env vars' - type: string - divisor: - anyOf: - - type: integer - - type: string - description: Specifies the output - format of the exposed resources, - defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: 'Required: resource - to select' - type: string - required: - - resource - type: object - secretKeyRef: - description: Selects a key of a secret - in the pod's namespace - properties: - key: - description: The key of the secret - to select from. Must be a valid - secret key. - type: string - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether the - Secret or its key must be defined - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - envFrom: - description: List of sources to populate environment - variables in the container. - items: - description: EnvFromSource represents the - source of a set of ConfigMaps - properties: - configMapRef: - description: The ConfigMap to select from - properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether the ConfigMap - must be defined - type: boolean - type: object - prefix: - description: An optional identifier to - prepend to each key in the ConfigMap. - Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether the Secret - must be defined - type: boolean - type: object - type: object - type: array - image: - description: 'Docker image name. More info: - https://kubernetes.' - type: string - imagePullPolicy: - description: Image pull policy. One of Always, - Never, IfNotPresent. - type: string - lifecycle: - description: Actions that the management system - should take in response to container lifecycle - events. - properties: - postStart: - description: PostStart is called immediately - after a container is created. - properties: - exec: - description: Exec specifies the action - to take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the - command ' - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect - to, defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set - in the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in - HTTP probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the - HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the - port to access on the container. - Number must be in the range 1 - to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - tcpSocket: - description: Deprecated. - properties: - host: - description: 'Optional: Host name - to connect to, defaults to the - pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the - port to access on the container. - Number must be in the range 1 - to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - preStop: - description: PreStop is called immediately - before a container is terminated due to - an API request or management e - properties: - exec: - description: Exec specifies the action - to take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the - command ' - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect - to, defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set - in the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in - HTTP probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the - HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the - port to access on the container. - Number must be in the range 1 - to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - tcpSocket: - description: Deprecated. - properties: - host: - description: 'Optional: Host name - to connect to, defaults to the - pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the - port to access on the container. - Number must be in the range 1 - to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - type: object - livenessProbe: - description: Periodic probe of container liveness. - Container will be restarted if the probe fails. - properties: - exec: - description: Exec specifies the action to - take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the command ' - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures - for the probe to be considered failed - after having succeeded. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving - a GRPC port. - properties: - port: - description: Port number of the gRPC - service. Number must be in the range - 1 to 65535. - format: int32 - type: integer - service: - description: Service is the name of - the service to place in the gRPC HealthCheckRequest - (see https://github. - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect to, - defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set in - the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in HTTP - probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP - server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port - to access on the container. Number - must be in the range 1 to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: Number of seconds after the - container has started before liveness - probes are initiated. - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform - the probe. Default to 10 seconds. Minimum - value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes - for the probe to be considered successful - after having failed. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action - involving a TCP port. - properties: - host: - description: 'Optional: Host name to - connect to, defaults to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port - to access on the container. Number - must be in the range 1 to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds - the pod needs to terminate gracefully - upon probe failure. - format: int64 - type: integer - timeoutSeconds: - description: Number of seconds after which - the probe times out. Defaults to 1 second. - Minimum value is 1. - format: int32 - type: integer - type: object - name: - description: Name of the container specified - as a DNS_LABEL. - type: string - ports: - description: List of ports to expose from the - container. - items: - description: ContainerPort represents a network - port in a single container. - properties: - containerPort: - description: Number of port to expose - on the pod's IP address. This must be - a valid port number, 0 < x < 65536. - format: int32 - type: integer - hostIP: - description: What host IP to bind the - external port to. - type: string - hostPort: - description: Number of port to expose - on the host. If specified, this must - be a valid port number, 0 < x < 65536. - format: int32 - type: integer - name: - description: If specified, this must be - an IANA_SVC_NAME and unique within the - pod. - type: string - protocol: - default: TCP - description: Protocol for port. Must be - UDP, TCP, or SCTP. Defaults to "TCP". - type: string - required: - - containerPort - type: object - type: array - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: Periodic probe of container service - readiness. - properties: - exec: - description: Exec specifies the action to - take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the command ' - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures - for the probe to be considered failed - after having succeeded. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving - a GRPC port. - properties: - port: - description: Port number of the gRPC - service. Number must be in the range - 1 to 65535. - format: int32 - type: integer - service: - description: Service is the name of - the service to place in the gRPC HealthCheckRequest - (see https://github. - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect to, - defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set in - the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in HTTP - probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP - server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port - to access on the container. Number - must be in the range 1 to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: Number of seconds after the - container has started before liveness - probes are initiated. - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform - the probe. Default to 10 seconds. Minimum - value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes - for the probe to be considered successful - after having failed. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action - involving a TCP port. - properties: - host: - description: 'Optional: Host name to - connect to, defaults to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port - to access on the container. Number - must be in the range 1 to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds - the pod needs to terminate gracefully - upon probe failure. - format: int64 - type: integer - timeoutSeconds: - description: Number of seconds after which - the probe times out. Defaults to 1 second. - Minimum value is 1. - format: int32 - type: integer - type: object - resources: - description: 'Compute Resources required by - this container. Cannot be updated. More info: - https://kubernetes.' - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Limits describes the maximum - amount of compute resources allowed. More - info: https://kubernetes.' - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: Requests describes the minimum - amount of compute resources required. - type: object - type: object - securityContext: - description: SecurityContext defines the security - options the container should be run with. - properties: - allowPrivilegeEscalation: - description: AllowPrivilegeEscalation controls - whether a process can gain more privileges - than its parent process - type: boolean - capabilities: - description: The capabilities to add/drop - when running containers. - properties: - add: - description: Added capabilities - items: - description: Capability represent - POSIX capabilities type - type: string - type: array - drop: - description: Removed capabilities - items: - description: Capability represent - POSIX capabilities type - type: string - type: array - type: object - privileged: - description: Run container in privileged - mode. - type: boolean - procMount: - description: procMount denotes the type - of proc mount to use for the containers. - type: string - readOnlyRootFilesystem: - description: Whether this container has - a read-only root filesystem. Default is - false. - type: boolean - runAsGroup: - description: The GID to run the entrypoint - of the container process. Uses runtime - default if unset. - format: int64 - type: integer - runAsNonRoot: - description: Indicates that the container - must run as a non-root user. - type: boolean - runAsUser: - description: The UID to run the entrypoint - of the container process. - format: int64 - type: integer - seLinuxOptions: - description: The SELinux context to be applied - to the container. - properties: - level: - description: Level is SELinux level - label that applies to the container. - type: string - role: - description: Role is a SELinux role - label that applies to the container. - type: string - type: - description: Type is a SELinux type - label that applies to the container. - type: string - user: - description: User is a SELinux user - label that applies to the container. - type: string - type: object - seccompProfile: - description: The seccomp options to use - by this container. - properties: - localhostProfile: - description: localhostProfile indicates - a profile defined in a file on the - node should be used. - type: string - type: - description: type indicates which kind - of seccomp profile will be applied. - type: string - required: - - type - type: object - windowsOptions: - description: The Windows specific settings - applied to all containers. - properties: - gmsaCredentialSpec: - description: GMSACredentialSpec is where - the GMSA admission webhook (https://github. - type: string - gmsaCredentialSpecName: - description: GMSACredentialSpecName - is the name of the GMSA credential - spec to use. - type: string - hostProcess: - description: HostProcess determines - if a container should be run as a - 'Host Process' container. - type: boolean - runAsUserName: - description: The UserName in Windows - to run the entrypoint of the container - process. - type: string - type: object - type: object - startupProbe: - description: StartupProbe indicates that the - Pod has successfully initialized. - properties: - exec: - description: Exec specifies the action to - take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the command ' - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures - for the probe to be considered failed - after having succeeded. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving - a GRPC port. - properties: - port: - description: Port number of the gRPC - service. Number must be in the range - 1 to 65535. - format: int32 - type: integer - service: - description: Service is the name of - the service to place in the gRPC HealthCheckRequest - (see https://github. - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect to, - defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set in - the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in HTTP - probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP - server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port - to access on the container. Number - must be in the range 1 to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: Number of seconds after the - container has started before liveness - probes are initiated. - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform - the probe. Default to 10 seconds. Minimum - value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes - for the probe to be considered successful - after having failed. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action - involving a TCP port. - properties: - host: - description: 'Optional: Host name to - connect to, defaults to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port - to access on the container. Number - must be in the range 1 to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds - the pod needs to terminate gracefully - upon probe failure. - format: int64 - type: integer - timeoutSeconds: - description: Number of seconds after which - the probe times out. Defaults to 1 second. - Minimum value is 1. - format: int32 - type: integer - type: object - stdin: - description: Whether this container should allocate - a buffer for stdin in the container runtime. - type: boolean - stdinOnce: - description: Whether the container runtime should - close the stdin channel after it has been - opened by a single at - type: boolean - terminationMessagePath: - description: 'Optional: Path at which the file - to which the container''s termination message - will be written is mou' - type: string - terminationMessagePolicy: - description: Indicate how the termination message - should be populated. - type: string - tty: - description: Whether this container should allocate - a TTY for itself, also requires 'stdin' to - be true. - type: boolean - volumeDevices: - description: volumeDevices is the list of block - devices to be used by the container. - items: - description: volumeDevice describes a mapping - of a raw block device within a container. - properties: - devicePath: - description: devicePath is the path inside - of the container that the device will - be mapped to. - type: string - name: - description: name must match the name - of a persistentVolumeClaim in the pod - type: string - required: - - devicePath - - name - type: object - type: array - volumeMounts: - description: Pod volumes to mount into the container's - filesystem. Cannot be updated. - items: - description: VolumeMount describes a mounting - of a Volume within a container. - properties: - mountPath: - description: Path within the container - at which the volume should be mounted. Must - not contain ':'. - type: string - mountPropagation: - description: mountPropagation determines - how mounts are propagated from the host - to container and the other way a - type: string - name: - description: This must match the Name - of a Volume. - type: string - readOnly: - description: Mounted read-only if true, - read-write otherwise (false or unspecified). - Defaults to false. - type: boolean - subPath: - description: Path within the volume from - which the container's volume should - be mounted. - type: string - subPathExpr: - description: Expanded path within the - volume from which the container's volume - should be mounted. - type: string - required: - - mountPath - - name - type: object - type: array - workingDir: - description: Container's working directory. - type: string - required: - - name - type: object - type: array - dnsConfig: - description: Specifies the DNS parameters of a pod. - properties: - nameservers: - description: A list of DNS name server IP addresses. - items: - type: string - type: array - options: - description: A list of DNS resolver options. This - will be merged with the base options generated - from DNSPolicy. - items: - description: PodDNSConfigOption defines DNS - resolver options of a pod. - properties: - name: - description: Required. - type: string - value: - type: string - type: object - type: array - searches: - description: A list of DNS search domains for - host-name lookup. - items: - type: string - type: array - type: object - dnsPolicy: - description: Set DNS policy for the pod. Defaults - to "ClusterFirst". - type: string - enableServiceLinks: - description: EnableServiceLinks indicates whether - information about services should be injected into - pod's enviro - type: boolean - ephemeralContainers: - description: List of ephemeral containers run in this - pod. - items: - description: An EphemeralContainer is a temporary - container that you may add to an existing Pod - for user-initiate - properties: - args: - description: Arguments to the entrypoint. The - docker image's CMD is used if this is not - provided. - items: - type: string - type: array - command: - description: Entrypoint array. Not executed - within a shell. - items: - type: string - type: array - env: - description: List of environment variables to - set in the container. Cannot be updated. - items: - description: EnvVar represents an environment - variable present in a Container. - properties: - name: - description: Name of the environment variable. - Must be a C_IDENTIFIER. - type: string - value: - description: Variable references $(VAR_NAME) - are expanded using the previously defined - environment variables in t - type: string - valueFrom: - description: Source for the environment - variable's value. Cannot be used if - value is not empty. - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether the - ConfigMap or its key must be - defined - type: boolean - required: - - key - type: object - fieldRef: - description: 'Selects a field of the - pod: supports metadata.name, metadata.namespace, - `metadata.' - properties: - apiVersion: - description: Version of the schema - the FieldPath is written in - terms of, defaults to "v1". - type: string - fieldPath: - description: Path of the field - to select in the specified API - version. - type: string - required: - - fieldPath - type: object - resourceFieldRef: - description: 'Selects a resource of - the container: only resources limits - and requests (limits.cpu, limits.' - properties: - containerName: - description: 'Container name: - required for volumes, optional - for env vars' - type: string - divisor: - anyOf: - - type: integer - - type: string - description: Specifies the output - format of the exposed resources, - defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: 'Required: resource - to select' - type: string - required: - - resource - type: object - secretKeyRef: - description: Selects a key of a secret - in the pod's namespace - properties: - key: - description: The key of the secret - to select from. Must be a valid - secret key. - type: string - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether the - Secret or its key must be defined - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - envFrom: - description: List of sources to populate environment - variables in the container. - items: - description: EnvFromSource represents the - source of a set of ConfigMaps - properties: - configMapRef: - description: The ConfigMap to select from - properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether the ConfigMap - must be defined - type: boolean - type: object - prefix: - description: An optional identifier to - prepend to each key in the ConfigMap. - Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether the Secret - must be defined - type: boolean - type: object - type: object - type: array - image: - description: 'Docker image name. More info: - https://kubernetes.io/docs/concepts/containers/images' - type: string - imagePullPolicy: - description: Image pull policy. One of Always, - Never, IfNotPresent. - type: string - lifecycle: - description: Lifecycle is not allowed for ephemeral - containers. - properties: - postStart: - description: PostStart is called immediately - after a container is created. - properties: - exec: - description: Exec specifies the action - to take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the - command ' - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect - to, defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set - in the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in - HTTP probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the - HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the - port to access on the container. - Number must be in the range 1 - to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - tcpSocket: - description: Deprecated. - properties: - host: - description: 'Optional: Host name - to connect to, defaults to the - pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the - port to access on the container. - Number must be in the range 1 - to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - preStop: - description: PreStop is called immediately - before a container is terminated due to - an API request or management e - properties: - exec: - description: Exec specifies the action - to take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the - command ' - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect - to, defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set - in the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in - HTTP probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the - HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the - port to access on the container. - Number must be in the range 1 - to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - tcpSocket: - description: Deprecated. - properties: - host: - description: 'Optional: Host name - to connect to, defaults to the - pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the - port to access on the container. - Number must be in the range 1 - to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - type: object - livenessProbe: - description: Probes are not allowed for ephemeral - containers. - properties: - exec: - description: Exec specifies the action to - take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the command ' - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures - for the probe to be considered failed - after having succeeded. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving - a GRPC port. - properties: - port: - description: Port number of the gRPC - service. Number must be in the range - 1 to 65535. - format: int32 - type: integer - service: - description: Service is the name of - the service to place in the gRPC HealthCheckRequest - (see https://github. - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect to, - defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set in - the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in HTTP - probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP - server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port - to access on the container. Number - must be in the range 1 to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: Number of seconds after the - container has started before liveness - probes are initiated. - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform - the probe. Default to 10 seconds. Minimum - value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes - for the probe to be considered successful - after having failed. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action - involving a TCP port. - properties: - host: - description: 'Optional: Host name to - connect to, defaults to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port - to access on the container. Number - must be in the range 1 to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds - the pod needs to terminate gracefully - upon probe failure. - format: int64 - type: integer - timeoutSeconds: - description: Number of seconds after which - the probe times out. Defaults to 1 second. - Minimum value is 1. - format: int32 - type: integer - type: object - name: - description: Name of the ephemeral container - specified as a DNS_LABEL. - type: string - ports: - description: Ports are not allowed for ephemeral - containers. - items: - description: ContainerPort represents a network - port in a single container. - properties: - containerPort: - description: Number of port to expose - on the pod's IP address. This must be - a valid port number, 0 < x < 65536. - format: int32 - type: integer - hostIP: - description: What host IP to bind the - external port to. - type: string - hostPort: - description: Number of port to expose - on the host. If specified, this must - be a valid port number, 0 < x < 65536. - format: int32 - type: integer - name: - description: If specified, this must be - an IANA_SVC_NAME and unique within the - pod. - type: string - protocol: - default: TCP - description: Protocol for port. Must be - UDP, TCP, or SCTP. Defaults to "TCP". - type: string - required: - - containerPort - type: object - type: array - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: Probes are not allowed for ephemeral - containers. - properties: - exec: - description: Exec specifies the action to - take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the command ' - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures - for the probe to be considered failed - after having succeeded. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving - a GRPC port. - properties: - port: - description: Port number of the gRPC - service. Number must be in the range - 1 to 65535. - format: int32 - type: integer - service: - description: Service is the name of - the service to place in the gRPC HealthCheckRequest - (see https://github. - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect to, - defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set in - the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in HTTP - probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP - server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port - to access on the container. Number - must be in the range 1 to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: Number of seconds after the - container has started before liveness - probes are initiated. - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform - the probe. Default to 10 seconds. Minimum - value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes - for the probe to be considered successful - after having failed. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action - involving a TCP port. - properties: - host: - description: 'Optional: Host name to - connect to, defaults to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port - to access on the container. Number - must be in the range 1 to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds - the pod needs to terminate gracefully - upon probe failure. - format: int64 - type: integer - timeoutSeconds: - description: Number of seconds after which - the probe times out. Defaults to 1 second. - Minimum value is 1. - format: int32 - type: integer - type: object - resources: - description: Resources are not allowed for ephemeral - containers. - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Limits describes the maximum - amount of compute resources allowed. More - info: https://kubernetes.' - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: Requests describes the minimum - amount of compute resources required. - type: object - type: object - securityContext: - description: 'Optional: SecurityContext defines - the security options the ephemeral container - should be run with.' - properties: - allowPrivilegeEscalation: - description: AllowPrivilegeEscalation controls - whether a process can gain more privileges - than its parent process - type: boolean - capabilities: - description: The capabilities to add/drop - when running containers. - properties: - add: - description: Added capabilities - items: - description: Capability represent - POSIX capabilities type - type: string - type: array - drop: - description: Removed capabilities - items: - description: Capability represent - POSIX capabilities type - type: string - type: array - type: object - privileged: - description: Run container in privileged - mode. - type: boolean - procMount: - description: procMount denotes the type - of proc mount to use for the containers. - type: string - readOnlyRootFilesystem: - description: Whether this container has - a read-only root filesystem. Default is - false. - type: boolean - runAsGroup: - description: The GID to run the entrypoint - of the container process. Uses runtime - default if unset. - format: int64 - type: integer - runAsNonRoot: - description: Indicates that the container - must run as a non-root user. - type: boolean - runAsUser: - description: The UID to run the entrypoint - of the container process. - format: int64 - type: integer - seLinuxOptions: - description: The SELinux context to be applied - to the container. - properties: - level: - description: Level is SELinux level - label that applies to the container. - type: string - role: - description: Role is a SELinux role - label that applies to the container. - type: string - type: - description: Type is a SELinux type - label that applies to the container. - type: string - user: - description: User is a SELinux user - label that applies to the container. - type: string - type: object - seccompProfile: - description: The seccomp options to use - by this container. - properties: - localhostProfile: - description: localhostProfile indicates - a profile defined in a file on the - node should be used. - type: string - type: - description: type indicates which kind - of seccomp profile will be applied. - type: string - required: - - type - type: object - windowsOptions: - description: The Windows specific settings - applied to all containers. - properties: - gmsaCredentialSpec: - description: GMSACredentialSpec is where - the GMSA admission webhook (https://github. - type: string - gmsaCredentialSpecName: - description: GMSACredentialSpecName - is the name of the GMSA credential - spec to use. - type: string - hostProcess: - description: HostProcess determines - if a container should be run as a - 'Host Process' container. - type: boolean - runAsUserName: - description: The UserName in Windows - to run the entrypoint of the container - process. - type: string - type: object - type: object - startupProbe: - description: Probes are not allowed for ephemeral - containers. - properties: - exec: - description: Exec specifies the action to - take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the command ' - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures - for the probe to be considered failed - after having succeeded. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving - a GRPC port. - properties: - port: - description: Port number of the gRPC - service. Number must be in the range - 1 to 65535. - format: int32 - type: integer - service: - description: Service is the name of - the service to place in the gRPC HealthCheckRequest - (see https://github. - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect to, - defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set in - the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in HTTP - probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP - server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port - to access on the container. Number - must be in the range 1 to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: Number of seconds after the - container has started before liveness - probes are initiated. - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform - the probe. Default to 10 seconds. Minimum - value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes - for the probe to be considered successful - after having failed. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action - involving a TCP port. - properties: - host: - description: 'Optional: Host name to - connect to, defaults to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port - to access on the container. Number - must be in the range 1 to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds - the pod needs to terminate gracefully - upon probe failure. - format: int64 - type: integer - timeoutSeconds: - description: Number of seconds after which - the probe times out. Defaults to 1 second. - Minimum value is 1. - format: int32 - type: integer - type: object - stdin: - description: Whether this container should allocate - a buffer for stdin in the container runtime. - type: boolean - stdinOnce: - description: Whether the container runtime should - close the stdin channel after it has been - opened by a single at - type: boolean - targetContainerName: - description: If set, the name of the container - from PodSpec that this ephemeral container - targets. - type: string - terminationMessagePath: - description: 'Optional: Path at which the file - to which the container''s termination message - will be written is mou' - type: string - terminationMessagePolicy: - description: Indicate how the termination message - should be populated. - type: string - tty: - description: Whether this container should allocate - a TTY for itself, also requires 'stdin' to - be true. - type: boolean - volumeDevices: - description: volumeDevices is the list of block - devices to be used by the container. - items: - description: volumeDevice describes a mapping - of a raw block device within a container. - properties: - devicePath: - description: devicePath is the path inside - of the container that the device will - be mapped to. - type: string - name: - description: name must match the name - of a persistentVolumeClaim in the pod - type: string - required: - - devicePath - - name - type: object - type: array - volumeMounts: - description: Pod volumes to mount into the container's - filesystem. - items: - description: VolumeMount describes a mounting - of a Volume within a container. - properties: - mountPath: - description: Path within the container - at which the volume should be mounted. Must - not contain ':'. - type: string - mountPropagation: - description: mountPropagation determines - how mounts are propagated from the host - to container and the other way a - type: string - name: - description: This must match the Name - of a Volume. - type: string - readOnly: - description: Mounted read-only if true, - read-write otherwise (false or unspecified). - Defaults to false. - type: boolean - subPath: - description: Path within the volume from - which the container's volume should - be mounted. - type: string - subPathExpr: - description: Expanded path within the - volume from which the container's volume - should be mounted. - type: string - required: - - mountPath - - name - type: object - type: array - workingDir: - description: Container's working directory. - type: string - required: - - name - type: object - type: array - hostAliases: - description: 'HostAliases is an optional list of hosts - and IPs that will be injected into the pod''s hosts - file if ' - items: - description: 'HostAlias holds the mapping between - IP and hostnames that will be injected as an entry - in the pod''s ' - properties: - hostnames: - description: Hostnames for the above IP address. - items: - type: string - type: array - ip: - description: IP address of the host file entry. - type: string - type: object - type: array - hostIPC: - description: 'Use the host''s ipc namespace. Optional: - Default to false.' - type: boolean - hostNetwork: - description: Host networking requested for this pod. - Use the host's network namespace. - type: boolean - hostPID: - description: 'Use the host''s pid namespace. Optional: - Default to false.' - type: boolean - hostname: - description: Specifies the hostname of the Pod If - not specified, the pod's hostname will be set to - a system-defin - type: string - imagePullSecrets: - description: ImagePullSecrets is an optional list - of references to secrets in the same namespace to - use for pulli - items: - description: 'LocalObjectReference contains enough - information to let you locate the referenced object - inside the ' - properties: - name: - description: 'Name of the referent. More info: - https://kubernetes.' - type: string - type: object - type: array - initContainers: - description: List of initialization containers belonging - to the pod. - items: - description: A single application container that - you want to run within a pod. - properties: - args: - description: Arguments to the entrypoint. The - docker image's CMD is used if this is not - provided. - items: - type: string - type: array - command: - description: Entrypoint array. Not executed - within a shell. - items: - type: string - type: array - env: - description: List of environment variables to - set in the container. Cannot be updated. - items: - description: EnvVar represents an environment - variable present in a Container. - properties: - name: - description: Name of the environment variable. - Must be a C_IDENTIFIER. - type: string - value: - description: Variable references $(VAR_NAME) - are expanded using the previously defined - environment variables in t - type: string - valueFrom: - description: Source for the environment - variable's value. Cannot be used if - value is not empty. - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether the - ConfigMap or its key must be - defined - type: boolean - required: - - key - type: object - fieldRef: - description: 'Selects a field of the - pod: supports metadata.name, metadata.namespace, - `metadata.' - properties: - apiVersion: - description: Version of the schema - the FieldPath is written in - terms of, defaults to "v1". - type: string - fieldPath: - description: Path of the field - to select in the specified API - version. - type: string - required: - - fieldPath - type: object - resourceFieldRef: - description: 'Selects a resource of - the container: only resources limits - and requests (limits.cpu, limits.' - properties: - containerName: - description: 'Container name: - required for volumes, optional - for env vars' - type: string - divisor: - anyOf: - - type: integer - - type: string - description: Specifies the output - format of the exposed resources, - defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: 'Required: resource - to select' - type: string - required: - - resource - type: object - secretKeyRef: - description: Selects a key of a secret - in the pod's namespace - properties: - key: - description: The key of the secret - to select from. Must be a valid - secret key. - type: string - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether the - Secret or its key must be defined - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - envFrom: - description: List of sources to populate environment - variables in the container. - items: - description: EnvFromSource represents the - source of a set of ConfigMaps - properties: - configMapRef: - description: The ConfigMap to select from - properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether the ConfigMap - must be defined - type: boolean - type: object - prefix: - description: An optional identifier to - prepend to each key in the ConfigMap. - Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether the Secret - must be defined - type: boolean - type: object - type: object - type: array - image: - description: 'Docker image name. More info: - https://kubernetes.' - type: string - imagePullPolicy: - description: Image pull policy. One of Always, - Never, IfNotPresent. - type: string - lifecycle: - description: Actions that the management system - should take in response to container lifecycle - events. - properties: - postStart: - description: PostStart is called immediately - after a container is created. - properties: - exec: - description: Exec specifies the action - to take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the - command ' - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect - to, defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set - in the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in - HTTP probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the - HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the - port to access on the container. - Number must be in the range 1 - to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - tcpSocket: - description: Deprecated. - properties: - host: - description: 'Optional: Host name - to connect to, defaults to the - pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the - port to access on the container. - Number must be in the range 1 - to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - preStop: - description: PreStop is called immediately - before a container is terminated due to - an API request or management e - properties: - exec: - description: Exec specifies the action - to take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the - command ' - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect - to, defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set - in the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in - HTTP probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the - HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the - port to access on the container. - Number must be in the range 1 - to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - tcpSocket: - description: Deprecated. - properties: - host: - description: 'Optional: Host name - to connect to, defaults to the - pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the - port to access on the container. - Number must be in the range 1 - to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - type: object - livenessProbe: - description: Periodic probe of container liveness. - Container will be restarted if the probe fails. - properties: - exec: - description: Exec specifies the action to - take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the command ' - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures - for the probe to be considered failed - after having succeeded. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving - a GRPC port. - properties: - port: - description: Port number of the gRPC - service. Number must be in the range - 1 to 65535. - format: int32 - type: integer - service: - description: Service is the name of - the service to place in the gRPC HealthCheckRequest - (see https://github. - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect to, - defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set in - the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in HTTP - probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP - server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port - to access on the container. Number - must be in the range 1 to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: Number of seconds after the - container has started before liveness - probes are initiated. - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform - the probe. Default to 10 seconds. Minimum - value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes - for the probe to be considered successful - after having failed. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action - involving a TCP port. - properties: - host: - description: 'Optional: Host name to - connect to, defaults to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port - to access on the container. Number - must be in the range 1 to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds - the pod needs to terminate gracefully - upon probe failure. - format: int64 - type: integer - timeoutSeconds: - description: Number of seconds after which - the probe times out. Defaults to 1 second. - Minimum value is 1. - format: int32 - type: integer - type: object - name: - description: Name of the container specified - as a DNS_LABEL. - type: string - ports: - description: List of ports to expose from the - container. - items: - description: ContainerPort represents a network - port in a single container. - properties: - containerPort: - description: Number of port to expose - on the pod's IP address. This must be - a valid port number, 0 < x < 65536. - format: int32 - type: integer - hostIP: - description: What host IP to bind the - external port to. - type: string - hostPort: - description: Number of port to expose - on the host. If specified, this must - be a valid port number, 0 < x < 65536. - format: int32 - type: integer - name: - description: If specified, this must be - an IANA_SVC_NAME and unique within the - pod. - type: string - protocol: - default: TCP - description: Protocol for port. Must be - UDP, TCP, or SCTP. Defaults to "TCP". - type: string - required: - - containerPort - type: object - type: array - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: Periodic probe of container service - readiness. - properties: - exec: - description: Exec specifies the action to - take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the command ' - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures - for the probe to be considered failed - after having succeeded. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving - a GRPC port. - properties: - port: - description: Port number of the gRPC - service. Number must be in the range - 1 to 65535. - format: int32 - type: integer - service: - description: Service is the name of - the service to place in the gRPC HealthCheckRequest - (see https://github. - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect to, - defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set in - the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in HTTP - probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP - server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port - to access on the container. Number - must be in the range 1 to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: Number of seconds after the - container has started before liveness - probes are initiated. - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform - the probe. Default to 10 seconds. Minimum - value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes - for the probe to be considered successful - after having failed. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action - involving a TCP port. - properties: - host: - description: 'Optional: Host name to - connect to, defaults to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port - to access on the container. Number - must be in the range 1 to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds - the pod needs to terminate gracefully - upon probe failure. - format: int64 - type: integer - timeoutSeconds: - description: Number of seconds after which - the probe times out. Defaults to 1 second. - Minimum value is 1. - format: int32 - type: integer - type: object - resources: - description: 'Compute Resources required by - this container. Cannot be updated. More info: - https://kubernetes.' - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Limits describes the maximum - amount of compute resources allowed. More - info: https://kubernetes.' - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: Requests describes the minimum - amount of compute resources required. - type: object - type: object - securityContext: - description: SecurityContext defines the security - options the container should be run with. - properties: - allowPrivilegeEscalation: - description: AllowPrivilegeEscalation controls - whether a process can gain more privileges - than its parent process - type: boolean - capabilities: - description: The capabilities to add/drop - when running containers. - properties: - add: - description: Added capabilities - items: - description: Capability represent - POSIX capabilities type - type: string - type: array - drop: - description: Removed capabilities - items: - description: Capability represent - POSIX capabilities type - type: string - type: array - type: object - privileged: - description: Run container in privileged - mode. - type: boolean - procMount: - description: procMount denotes the type - of proc mount to use for the containers. - type: string - readOnlyRootFilesystem: - description: Whether this container has - a read-only root filesystem. Default is - false. - type: boolean - runAsGroup: - description: The GID to run the entrypoint - of the container process. Uses runtime - default if unset. - format: int64 - type: integer - runAsNonRoot: - description: Indicates that the container - must run as a non-root user. - type: boolean - runAsUser: - description: The UID to run the entrypoint - of the container process. - format: int64 - type: integer - seLinuxOptions: - description: The SELinux context to be applied - to the container. - properties: - level: - description: Level is SELinux level - label that applies to the container. - type: string - role: - description: Role is a SELinux role - label that applies to the container. - type: string - type: - description: Type is a SELinux type - label that applies to the container. - type: string - user: - description: User is a SELinux user - label that applies to the container. - type: string - type: object - seccompProfile: - description: The seccomp options to use - by this container. - properties: - localhostProfile: - description: localhostProfile indicates - a profile defined in a file on the - node should be used. - type: string - type: - description: type indicates which kind - of seccomp profile will be applied. - type: string - required: - - type - type: object - windowsOptions: - description: The Windows specific settings - applied to all containers. - properties: - gmsaCredentialSpec: - description: GMSACredentialSpec is where - the GMSA admission webhook (https://github. - type: string - gmsaCredentialSpecName: - description: GMSACredentialSpecName - is the name of the GMSA credential - spec to use. - type: string - hostProcess: - description: HostProcess determines - if a container should be run as a - 'Host Process' container. - type: boolean - runAsUserName: - description: The UserName in Windows - to run the entrypoint of the container - process. - type: string - type: object - type: object - startupProbe: - description: StartupProbe indicates that the - Pod has successfully initialized. - properties: - exec: - description: Exec specifies the action to - take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the command ' - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures - for the probe to be considered failed - after having succeeded. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving - a GRPC port. - properties: - port: - description: Port number of the gRPC - service. Number must be in the range - 1 to 65535. - format: int32 - type: integer - service: - description: Service is the name of - the service to place in the gRPC HealthCheckRequest - (see https://github. - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect to, - defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set in - the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in HTTP - probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP - server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port - to access on the container. Number - must be in the range 1 to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: Number of seconds after the - container has started before liveness - probes are initiated. - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform - the probe. Default to 10 seconds. Minimum - value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes - for the probe to be considered successful - after having failed. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action - involving a TCP port. - properties: - host: - description: 'Optional: Host name to - connect to, defaults to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port - to access on the container. Number - must be in the range 1 to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds - the pod needs to terminate gracefully - upon probe failure. - format: int64 - type: integer - timeoutSeconds: - description: Number of seconds after which - the probe times out. Defaults to 1 second. - Minimum value is 1. - format: int32 - type: integer - type: object - stdin: - description: Whether this container should allocate - a buffer for stdin in the container runtime. - type: boolean - stdinOnce: - description: Whether the container runtime should - close the stdin channel after it has been - opened by a single at - type: boolean - terminationMessagePath: - description: 'Optional: Path at which the file - to which the container''s termination message - will be written is mou' - type: string - terminationMessagePolicy: - description: Indicate how the termination message - should be populated. - type: string - tty: - description: Whether this container should allocate - a TTY for itself, also requires 'stdin' to - be true. - type: boolean - volumeDevices: - description: volumeDevices is the list of block - devices to be used by the container. - items: - description: volumeDevice describes a mapping - of a raw block device within a container. - properties: - devicePath: - description: devicePath is the path inside - of the container that the device will - be mapped to. - type: string - name: - description: name must match the name - of a persistentVolumeClaim in the pod - type: string - required: - - devicePath - - name - type: object - type: array - volumeMounts: - description: Pod volumes to mount into the container's - filesystem. Cannot be updated. - items: - description: VolumeMount describes a mounting - of a Volume within a container. - properties: - mountPath: - description: Path within the container - at which the volume should be mounted. Must - not contain ':'. - type: string - mountPropagation: - description: mountPropagation determines - how mounts are propagated from the host - to container and the other way a - type: string - name: - description: This must match the Name - of a Volume. - type: string - readOnly: - description: Mounted read-only if true, - read-write otherwise (false or unspecified). - Defaults to false. - type: boolean - subPath: - description: Path within the volume from - which the container's volume should - be mounted. - type: string - subPathExpr: - description: Expanded path within the - volume from which the container's volume - should be mounted. - type: string - required: - - mountPath - - name - type: object - type: array - workingDir: - description: Container's working directory. - type: string - required: - - name - type: object - type: array - nodeName: - description: NodeName is a request to schedule this - pod onto a specific node. - type: string - nodeSelector: - additionalProperties: - type: string - description: NodeSelector is a selector which must - be true for the pod to fit on a node. - type: object - x-kubernetes-map-type: atomic - os: - description: Specifies the OS of the containers in - the pod. - properties: - name: - description: Name is the name of the operating - system. The currently supported values are linux - and windows. - type: string - required: - - name - type: object - overhead: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: Overhead represents the resource overhead - associated with running a pod for a given RuntimeClass. - type: object - preemptionPolicy: - description: PreemptionPolicy is the Policy for preempting - pods with lower priority. - type: string - priority: - description: The priority value. Various system components - use this field to find the priority of the pod. - format: int32 - type: integer - priorityClassName: - description: If specified, indicates the pod's priority. - type: string - readinessGates: - description: If specified, all readiness gates will - be evaluated for pod readiness. - items: - description: PodReadinessGate contains the reference - to a pod condition - properties: - conditionType: - description: ConditionType refers to a condition - in the pod's condition list with matching - type. - type: string - required: - - conditionType - type: object - type: array - restartPolicy: - description: Restart policy for all containers within - the pod. One of Always, OnFailure, Never. - type: string - runtimeClassName: - description: RuntimeClassName refers to a RuntimeClass - object in the node.k8s. - type: string - schedulerName: - description: If specified, the pod will be dispatched - by specified scheduler. - type: string - securityContext: - description: SecurityContext holds pod-level security - attributes and common container settings. - properties: - fsGroup: - description: A special supplemental group that - applies to all containers in a pod. - format: int64 - type: integer - fsGroupChangePolicy: - description: fsGroupChangePolicy defines behavior - of changing ownership and permission of the - volume before being - type: string - runAsGroup: - description: The GID to run the entrypoint of - the container process. Uses runtime default - if unset. - format: int64 - type: integer - runAsNonRoot: - description: Indicates that the container must - run as a non-root user. - type: boolean - runAsUser: - description: The UID to run the entrypoint of - the container process. - format: int64 - type: integer - seLinuxOptions: - description: The SELinux context to be applied - to all containers. - properties: - level: - description: Level is SELinux level label - that applies to the container. - type: string - role: - description: Role is a SELinux role label - that applies to the container. - type: string - type: - description: Type is a SELinux type label - that applies to the container. - type: string - user: - description: User is a SELinux user label - that applies to the container. - type: string - type: object - seccompProfile: - description: The seccomp options to use by the - containers in this pod. - properties: - localhostProfile: - description: localhostProfile indicates a - profile defined in a file on the node should - be used. - type: string - type: - description: type indicates which kind of - seccomp profile will be applied. - type: string - required: - - type - type: object - supplementalGroups: - description: 'A list of groups applied to the - first process run in each container, in addition - to the container''s ' - items: - format: int64 - type: integer - type: array - sysctls: - description: Sysctls hold a list of namespaced - sysctls used for the pod. - items: - description: Sysctl defines a kernel parameter - to be set - properties: - name: - description: Name of a property to set - type: string - value: - description: Value of a property to set - type: string - required: - - name - - value - type: object - type: array - windowsOptions: - description: The Windows specific settings applied - to all containers. - properties: - gmsaCredentialSpec: - description: GMSACredentialSpec is where the - GMSA admission webhook (https://github. - type: string - gmsaCredentialSpecName: - description: GMSACredentialSpecName is the - name of the GMSA credential spec to use. - type: string - hostProcess: - description: HostProcess determines if a container - should be run as a 'Host Process' container. - type: boolean - runAsUserName: - description: The UserName in Windows to run - the entrypoint of the container process. - type: string - type: object - type: object - serviceAccount: - description: DeprecatedServiceAccount is a depreciated - alias for ServiceAccountName. - type: string - serviceAccountName: - description: ServiceAccountName is the name of the - ServiceAccount to use to run this pod. - type: string - setHostnameAsFQDN: - description: If true the pod's hostname will be configured - as the pod's FQDN, rather than the leaf name (the - defa - type: boolean - shareProcessNamespace: - description: Share a single process namespace between - all of the containers in a pod. - type: boolean - subdomain: - description: If specified, the fully qualified Pod - hostname will be "...svc. - type: string - terminationGracePeriodSeconds: - description: Optional duration in seconds the pod - needs to terminate gracefully. - format: int64 - type: integer - tolerations: - description: If specified, the pod's tolerations. - items: - description: The pod this Toleration is attached - to tolerates any taint that matches the triple - name on the dataset for - Flocker should be considered as de - type: string - datasetUUID: - description: UUID of the dataset. This is - unique identifier of a Flocker dataset - type: string - type: object - gcePersistentDisk: - description: GCEPersistentDisk represents a - GCE Disk resource that is attached to a kubelet's - host machine and th - properties: - fsType: - description: Filesystem type of the volume - that you want to mount. - type: string - partition: - description: The partition in the volume - that you want to mount. - format: int32 - type: integer - pdName: - description: Unique name of the PD resource - in GCE. Used to identify the disk in GCE. - type: string - readOnly: - description: ReadOnly here will force the - ReadOnly setting in VolumeMounts. Defaults - to false. - type: boolean - required: - - pdName - type: object - gitRepo: - description: 'GitRepo represents a git repository - at a particular revision. DEPRECATED: GitRepo - is deprecated.' - properties: - directory: - description: Target directory name. Must - not contain or start with '..'. If '. - type: string - repository: - description: Repository URL - type: string - revision: - description: Commit hash for the specified - revision. - type: string - required: - - repository - type: object - glusterfs: - description: Glusterfs represents a Glusterfs - mount on the host that shares a pod's lifetime. - properties: - endpoints: - description: 'EndpointsName is the endpoint - name that details Glusterfs topology. - More info: https://examples.k8s.' - type: string - path: - description: 'Path is the Glusterfs volume - path. More info: https://examples.k8s.io/volumes/glusterfs/README.' - type: string - readOnly: - description: ReadOnly here will force the - Glusterfs volume to be mounted with read-only - permissions. - type: boolean - required: - - endpoints - - path - type: object - hostPath: - description: HostPath represents a pre-existing - file or directory on the host machine that - is directly exposed to - properties: - path: - description: Path of the directory on the - host. - type: string - type: - description: 'Type for HostPath Volume Defaults - to "" More info: https://kubernetes.' - type: string - required: - - path - type: object - iscsi: - description: ISCSI represents an ISCSI Disk - resource that is attached to a kubelet's host - machine and then expose - properties: - chapAuthDiscovery: - description: whether support iSCSI Discovery - CHAP authentication - type: boolean - chapAuthSession: - description: whether support iSCSI Session - CHAP authentication - type: boolean - fsType: - description: Filesystem type of the volume - that you want to mount. - type: string - initiatorName: - description: Custom iSCSI Initiator Name. - type: string - iqn: - description: Target iSCSI Qualified Name. - type: string - iscsiInterface: - description: iSCSI Interface Name that uses - an iSCSI transport. Defaults to 'default' - (tcp). - type: string - lun: - description: iSCSI Target Lun number. - format: int32 - type: integer - portals: - description: iSCSI Target Portal List. - items: - type: string - type: array - readOnly: - description: ReadOnly here will force the - ReadOnly setting in VolumeMounts. Defaults - to false. - type: boolean - secretRef: - description: CHAP Secret for iSCSI target - and initiator authentication - properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - type: object - targetPortal: - description: iSCSI Target Portal. - type: string - required: - - iqn - - lun - - targetPortal - type: object - name: - description: 'Volume''s name. Must be a DNS_LABEL - and unique within the pod. More info: https://kubernetes.' - type: string - nfs: - description: 'NFS represents an NFS mount on - the host that shares a pod''s lifetime More - info: https://kubernetes.' - properties: - path: - description: 'Path that is exported by the - NFS server. More info: https://kubernetes.' - type: string - readOnly: - description: ReadOnly here will force the - NFS export to be mounted with read-only - permissions. Defaults to false. - type: boolean - server: - description: 'Server is the hostname or - IP address of the NFS server. More info: - https://kubernetes.' - type: string - required: - - path - - server - type: object - persistentVolumeClaim: - description: PersistentVolumeClaimVolumeSource - represents a reference to a PersistentVolumeClaim - in the same name - properties: - claimName: - description: ClaimName is the name of a - PersistentVolumeClaim in the same namespace - as the pod using this volume. - type: string - readOnly: - description: Will force the ReadOnly setting - in VolumeMounts. Default false. - type: boolean - required: - - claimName - type: object - photonPersistentDisk: - description: 'PhotonPersistentDisk represents - a PhotonController persistent disk attached - and mounted on kubelets ' - properties: - fsType: - description: Filesystem type to mount. Must - be a filesystem type supported by the - host operating system. Ex. - type: string - pdID: - description: ID that identifies Photon Controller - persistent disk - type: string - required: - - pdID - type: object - portworxVolume: - description: PortworxVolume represents a portworx - volume attached and mounted on kubelets host - machine - properties: - fsType: - description: FSType represents the filesystem - type to mount Must be a filesystem type - supported by the host opera - type: string - readOnly: - description: Defaults to false (read/write). - ReadOnly here will force the ReadOnly - setting in VolumeMounts. - type: boolean - volumeID: - description: VolumeID uniquely identifies - a Portworx volume - type: string - required: - - volumeID - type: object - projected: - description: Items for all in one resources - secrets, configmaps, and downward API - properties: - defaultMode: - description: Mode bits used to set permissions - on created files by default. - format: int32 - type: integer - sources: - description: list of volume projections - items: - description: Projection that may be projected - along with other supported volume types - properties: - configMap: - description: information about the - configMap data to project - properties: - items: - description: 'If unspecified, - each key-value pair in the Data - field of the referenced ConfigMap - will be projected ' - items: - description: Maps a string key - to a path within a volume. - properties: - key: - description: The key to - project. - type: string - mode: - description: 'Optional: - mode bits used to set - permissions on this file.' - format: int32 - type: integer - path: - description: The relative - path of the file to map - the key to. May not be - an absolute path. - type: string - required: - - key - - path - type: object - type: array - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether the - ConfigMap or its keys must be - defined - type: boolean - type: object - downwardAPI: - description: information about the - downwardAPI data to project - properties: - items: - description: Items is a list of - DownwardAPIVolume file - items: - description: DownwardAPIVolumeFile - represents information to - create the file containing - the pod field - properties: - fieldRef: - description: 'Required: - Selects a field of the - pod: only annotations, - labels, name and namespace - are supported.' - properties: - apiVersion: - description: Version - of the schema the - FieldPath is written - in terms of, defaults - to "v1". - type: string - fieldPath: - description: Path of - the field to select - in the specified API - version. - type: string - required: - - fieldPath - type: object - mode: - description: 'Optional: - mode bits used to set - permissions on this file, - must be an octal value - between 0000 and 07' - format: int32 - type: integer - path: - description: 'Required: - Path is the relative - path name of the file - to be created.' - type: string - resourceFieldRef: - description: 'Selects a - resource of the container: - only resources limits - and requests (limits.cpu, - limits.' - properties: - containerName: - description: 'Container - name: required for - volumes, optional - for env vars' - type: string - divisor: - anyOf: - - type: integer - - type: string - description: Specifies - the output format - of the exposed resources, - defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: 'Required: - resource to select' - type: string - required: - - resource - type: object - required: - - path - type: object - type: array - type: object - secret: - description: information about the - secret data to project - properties: - items: - description: If unspecified, each - key-value pair in the Data field - of the referenced Secret will - be projected int - items: - description: Maps a string key - to a path within a volume. - properties: - key: - description: The key to - project. - type: string - mode: - description: 'Optional: - mode bits used to set - permissions on this file.' - format: int32 - type: integer - path: - description: The relative - path of the file to map - the key to. May not be - an absolute path. - type: string - required: - - key - - path - type: object - type: array - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether the - Secret or its key must be defined - type: boolean - type: object - serviceAccountToken: - description: information about the - serviceAccountToken data to project - properties: - audience: - description: Audience is the intended - audience of the token. - type: string - expirationSeconds: - description: ExpirationSeconds - is the requested duration of - validity of the service account - token. - format: int64 - type: integer - path: - description: Path is the path - relative to the mount point - of the file to project the token - into. - type: string - required: - - path - type: object - type: object - type: array - type: object - quobyte: - description: Quobyte represents a Quobyte mount - on the host that shares a pod's lifetime - properties: - group: - description: Group to map volume access - to Default is no group - type: string - readOnly: - description: ReadOnly here will force the - Quobyte volume to be mounted with read-only - permissions. - type: boolean - registry: - description: Registry represents a single - or multiple Quobyte Registry services - specified as a string as host:por - type: string - tenant: - description: Tenant owning the given Quobyte - volume in the Backend Used with dynamically - provisioned Quobyte volu - type: string - user: - description: User to map volume access to - Defaults to serivceaccount user - type: string - volume: - description: Volume is a string that references - an already created Quobyte volume by name. - type: string - required: - - registry - - volume - type: object - rbd: - description: RBD represents a Rados Block Device - mount on the host that shares a pod's lifetime. - properties: - fsType: - description: Filesystem type of the volume - that you want to mount. - type: string - image: - description: 'The rados image name. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: string - keyring: - description: Keyring is the path to key - ring for RBDUser. Default is /etc/ceph/keyring. - type: string - monitors: - description: 'A collection of Ceph monitors. - More info: https://examples.k8s.io/volumes/rbd/README.' - items: - type: string - type: array - pool: - description: 'The rados pool name. Default - is rbd. More info: https://examples.k8s.io/volumes/rbd/README.' - type: string - readOnly: - description: ReadOnly here will force the - ReadOnly setting in VolumeMounts. Defaults - to false. - type: boolean - secretRef: - description: SecretRef is name of the authentication - secret for RBDUser. If provided overrides - keyring. - properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - type: object - user: - description: 'The rados user name. Default - is admin. More info: https://examples.k8s.io/volumes/rbd/README.' - type: string - required: - - image - - monitors - type: object - scaleIO: - description: ScaleIO represents a ScaleIO persistent - volume attached and mounted on Kubernetes - nodes. - properties: - fsType: - description: Filesystem type to mount. Must - be a filesystem type supported by the - host operating system. Ex. - type: string - gateway: - description: The host address of the ScaleIO - API Gateway. - type: string - protectionDomain: - description: The name of the ScaleIO Protection - Domain for the configured storage. - type: string - readOnly: - description: Defaults to false (read/write). - ReadOnly here will force the ReadOnly - setting in VolumeMounts. - type: boolean - secretRef: - description: SecretRef references to the - secret for ScaleIO user and other sensitive - information. - properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - type: object - sslEnabled: - description: Flag to enable/disable SSL - communication with Gateway, default false - type: boolean - storageMode: - description: Indicates whether the storage - for a volume should be ThickProvisioned - or ThinProvisioned. - type: string - storagePool: - description: The ScaleIO Storage Pool associated - with the protection domain. - type: string - system: - description: The name of the storage system - as configured in ScaleIO. - type: string - volumeName: - description: The name of a volume already - created in the ScaleIO system that is - associated with this volume sourc - type: string - required: - - gateway - - secretRef - - system - type: object - secret: - description: 'Secret represents a secret that - should populate this volume. More info: https://kubernetes.' - properties: - defaultMode: - description: 'Optional: mode bits used to - set permissions on created files by default.' - format: int32 - type: integer - items: - description: If unspecified, each key-value - pair in the Data field of the referenced - Secret will be projected int - items: - description: Maps a string key to a path - within a volume. - properties: - key: - description: The key to project. - type: string - mode: - description: 'Optional: mode bits - used to set permissions on this - file.' - format: int32 - type: integer - path: - description: The relative path of - the file to map the key to. May - not be an absolute path. - type: string - required: - - key - - path - type: object - type: array - optional: - description: Specify whether the Secret - or its keys must be defined - type: boolean - secretName: - description: 'Name of the secret in the - pod''s namespace to use. More info: https://kubernetes.' - type: string - type: object - storageos: - description: StorageOS represents a StorageOS - volume attached and mounted on Kubernetes - nodes. - properties: - fsType: - description: Filesystem type to mount. Must - be a filesystem type supported by the - host operating system. Ex. - type: string - readOnly: - description: Defaults to false (read/write). - ReadOnly here will force the ReadOnly - setting in VolumeMounts. - type: boolean - secretRef: - description: SecretRef specifies the secret - to use for obtaining the StorageOS API - credentials. - properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - type: object - volumeName: - description: VolumeName is the human-readable - name of the StorageOS volume. - type: string - volumeNamespace: - description: VolumeNamespace specifies the - scope of the volume within StorageOS. - type: string - type: object - vsphereVolume: - description: VsphereVolume represents a vSphere - volume attached and mounted on kubelets host - machine - properties: - fsType: - description: Filesystem type to mount. Must - be a filesystem type supported by the - host operating system. Ex. - type: string - storagePolicyID: - description: Storage Policy Based Management - (SPBM) profile ID associated with the - StoragePolicyName. - type: string - storagePolicyName: - description: Storage Policy Based Management - (SPBM) profile name. - type: string - volumePath: - description: Path that identifies vSphere - volume vmdk - type: string - required: - - volumePath - type: object - required: - - name - type: object - type: array - required: - - containers - type: object - type: object - required: - - rayStartParams - - serviceType - - template - type: object - rayVersion: - description: RayVersion is the version of ray being used. this - affects the command used to start ray - type: string - workerGroupSpecs: - description: WorkerGroupSpecs are the specs for the worker pods - items: - description: WorkerGroupSpec are the specs for the worker pods - properties: - groupName: - description: we can have multiple worker groups, we distinguish - them by name - type: string - maxReplicas: - description: MaxReplicas defaults to maxInt32 - format: int32 - type: integer - minReplicas: - description: MinReplicas defaults to 1 - format: int32 - type: integer - rayStartParams: - additionalProperties: - type: string - description: 'RayStartParams are the params of the start - command: address, object-store-memory, ...' - type: object - replicas: - description: Replicas Number of desired pods in this pod - group. - format: int32 - type: integer - scaleStrategy: - description: ScaleStrategy defines which pods to remove - properties: - workersToDelete: - description: WorkersToDelete workers to be deleted - items: - type: string - type: array - type: object - template: - description: Template is a pod template for the worker - properties: - metadata: - description: 'Standard object''s metadata. More info: - https://git.k8s.' - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - description: 'Specification of the desired behavior - of the pod. More info: https://git.k8s.' - properties: - activeDeadlineSeconds: - description: Optional duration in seconds the pod - may be active on the node relative to StartTime - before the syst - format: int64 - type: integer - affinity: - description: If specified, the pod's scheduling - constraints - properties: - nodeAffinity: - description: Describes node affinity scheduling - rules for the pod. - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: 'The scheduler will prefer - to schedule pods to nodes that satisfy - the affinity expressions specified ' - items: - description: An empty preferred scheduling - term matches all objects with implicit - weight 0 (i.e. it's a no-op). - properties: - preference: - description: A node selector term, - associated with the corresponding - weight. - properties: - matchExpressions: - description: A list of node selector - requirements by node's labels. - items: - description: 'A node selector - requirement is a selector - that contains values, a key, - and an operator that relates ' - properties: - key: - description: The label key - that the selector applies - to. - type: string - operator: - description: Represents - a key's relationship to - a set of values. - type: string - values: - description: An array of - string values. If the - operator is In or NotIn, - the values array must - be non-empty. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - description: A list of node selector - requirements by node's fields. - items: - description: 'A node selector - requirement is a selector - that contains values, a key, - and an operator that relates ' - properties: - key: - description: The label key - that the selector applies - to. - type: string - operator: - description: Represents - a key's relationship to - a set of values. - type: string - values: - description: An array of - string values. If the - operator is In or NotIn, - the values array must - be non-empty. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - weight: - description: Weight associated with - matching the corresponding nodeSelectorTerm, - in the range 1-100. - format: int32 - type: integer - required: - - preference - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements - specified by this field are not met at - scheduling time, the pod will no - properties: - nodeSelectorTerms: - description: Required. A list of node - selector terms. The terms are ORed. - items: - description: A null or empty node - selector term matches no objects. - The requirements of them are ANDed. - properties: - matchExpressions: - description: A list of node selector - requirements by node's labels. - items: - description: 'A node selector - requirement is a selector - that contains values, a key, - and an operator that relates ' - properties: - key: - description: The label key - that the selector applies - to. - type: string - operator: - description: Represents - a key's relationship to - a set of values. - type: string - values: - description: An array of - string values. If the - operator is In or NotIn, - the values array must - be non-empty. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - description: A list of node selector - requirements by node's fields. - items: - description: 'A node selector - requirement is a selector - that contains values, a key, - and an operator that relates ' - properties: - key: - description: The label key - that the selector applies - to. - type: string - operator: - description: Represents - a key's relationship to - a set of values. - type: string - values: - description: An array of - string values. If the - operator is In or NotIn, - the values array must - be non-empty. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - type: array - required: - - nodeSelectorTerms - type: object - type: object - podAffinity: - description: Describes pod affinity scheduling - rules (e.g. co-locate this pod in the same - node, zone, etc. - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: 'The scheduler will prefer - to schedule pods to nodes that satisfy - the affinity expressions specified ' - items: - description: The weights of all of the - matched WeightedPodAffinityTerm fields - are added per-node to find the most - properties: - podAffinityTerm: - description: Required. A pod affinity - term, associated with the corresponding - weight. - properties: - labelSelector: - description: A label query over - a set of resources, in this - case pods. - properties: - matchExpressions: - description: matchExpressions - is a list of label selector - requirements. The requirements - are ANDed. - items: - description: A label selector - requirement is a selector - that contains values, - a key, and an operator - that relates - properties: - key: - description: key is - the label key that - the selector applies - to. - type: string - operator: - description: operator - represents a key's - relationship to a - set of values. - type: string - values: - description: values - is an array of string - values. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is - a map of {key,value} pairs. - type: object - type: object - namespaceSelector: - description: A label query over - the set of namespaces that the - term applies to. - properties: - matchExpressions: - description: matchExpressions - is a list of label selector - requirements. The requirements - are ANDed. - items: - description: A label selector - requirement is a selector - that contains values, - a key, and an operator - that relates - properties: - key: - description: key is - the label key that - the selector applies - to. - type: string - operator: - description: operator - represents a key's - relationship to a - set of values. - type: string - values: - description: values - is an array of string - values. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is - a map of {key,value} pairs. - type: object - type: object - namespaces: - description: namespaces specifies - a static list of namespace names - that the term applies to. - items: - type: string - type: array - topologyKey: - description: This pod should be - co-located (affinity) or not - co-located (anti-affinity) with - the pods matching th - type: string - required: - - topologyKey - type: object - weight: - description: weight associated with - matching the corresponding podAffinityTerm, - in the range 1-100. - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements - specified by this field are not met at - scheduling time, the pod will no - items: - description: Defines a set of pods (namely - those matching the labelSelector relative - to the given namespace(s)) t - properties: - labelSelector: - description: A label query over a - set of resources, in this case pods. - properties: - matchExpressions: - description: matchExpressions - is a list of label selector - requirements. The requirements - are ANDed. - items: - description: A label selector - requirement is a selector - that contains values, a key, - and an operator that relates - properties: - key: - description: key is the - label key that the selector - applies to. - type: string - operator: - description: operator represents - a key's relationship to - a set of values. - type: string - values: - description: values is an - array of string values. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a - map of {key,value} pairs. - type: object - type: object - namespaceSelector: - description: A label query over the - set of namespaces that the term - applies to. - properties: - matchExpressions: - description: matchExpressions - is a list of label selector - requirements. The requirements - are ANDed. - items: - description: A label selector - requirement is a selector - that contains values, a key, - and an operator that relates - properties: - key: - description: key is the - label key that the selector - applies to. - type: string - operator: - description: operator represents - a key's relationship to - a set of values. - type: string - values: - description: values is an - array of string values. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a - map of {key,value} pairs. - type: object - type: object - namespaces: - description: namespaces specifies - a static list of namespace names - that the term applies to. - items: - type: string - type: array - topologyKey: - description: This pod should be co-located - (affinity) or not co-located (anti-affinity) - with the pods matching th - type: string - required: - - topologyKey - type: object - type: array - type: object - podAntiAffinity: - description: Describes pod anti-affinity scheduling - rules (e.g. - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to - schedule pods to nodes that satisfy the - anti-affinity expressions speci - items: - description: The weights of all of the - matched WeightedPodAffinityTerm fields - are added per-node to find the most - properties: - podAffinityTerm: - description: Required. A pod affinity - term, associated with the corresponding - weight. - properties: - labelSelector: - description: A label query over - a set of resources, in this - case pods. - properties: - matchExpressions: - description: matchExpressions - is a list of label selector - requirements. The requirements - are ANDed. - items: - description: A label selector - requirement is a selector - that contains values, - a key, and an operator - that relates - properties: - key: - description: key is - the label key that - the selector applies - to. - type: string - operator: - description: operator - represents a key's - relationship to a - set of values. - type: string - values: - description: values - is an array of string - values. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is - a map of {key,value} pairs. - type: object - type: object - namespaceSelector: - description: A label query over - the set of namespaces that the - term applies to. - properties: - matchExpressions: - description: matchExpressions - is a list of label selector - requirements. The requirements - are ANDed. - items: - description: A label selector - requirement is a selector - that contains values, - a key, and an operator - that relates - properties: - key: - description: key is - the label key that - the selector applies - to. - type: string - operator: - description: operator - represents a key's - relationship to a - set of values. - type: string - values: - description: values - is an array of string - values. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is - a map of {key,value} pairs. - type: object - type: object - namespaces: - description: namespaces specifies - a static list of namespace names - that the term applies to. - items: - type: string - type: array - topologyKey: - description: This pod should be - co-located (affinity) or not - co-located (anti-affinity) with - the pods matching th - type: string - required: - - topologyKey - type: object - weight: - description: weight associated with - matching the corresponding podAffinityTerm, - in the range 1-100. - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: If the anti-affinity requirements - specified by this field are not met at - scheduling time, the pod wi - items: - description: Defines a set of pods (namely - those matching the labelSelector relative - to the given namespace(s)) t - properties: - labelSelector: - description: A label query over a - set of resources, in this case pods. - properties: - matchExpressions: - description: matchExpressions - is a list of label selector - requirements. The requirements - are ANDed. - items: - description: A label selector - requirement is a selector - that contains values, a key, - and an operator that relates - properties: - key: - description: key is the - label key that the selector - applies to. - type: string - operator: - description: operator represents - a key's relationship to - a set of values. - type: string - values: - description: values is an - array of string values. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a - map of {key,value} pairs. - type: object - type: object - namespaceSelector: - description: A label query over the - set of namespaces that the term - applies to. - properties: - matchExpressions: - description: matchExpressions - is a list of label selector - requirements. The requirements - are ANDed. - items: - description: A label selector - requirement is a selector - that contains values, a key, - and an operator that relates - properties: - key: - description: key is the - label key that the selector - applies to. - type: string - operator: - description: operator represents - a key's relationship to - a set of values. - type: string - values: - description: values is an - array of string values. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a - map of {key,value} pairs. - type: object - type: object - namespaces: - description: namespaces specifies - a static list of namespace names - that the term applies to. - items: - type: string - type: array - topologyKey: - description: This pod should be co-located - (affinity) or not co-located (anti-affinity) - with the pods matching th - type: string - required: - - topologyKey - type: object - type: array - type: object - type: object - automountServiceAccountToken: - description: AutomountServiceAccountToken indicates - whether a service account token should be automatically - mount - type: boolean - containers: - description: List of containers belonging to the - pod. Containers cannot currently be added or removed. - items: - description: A single application container that - you want to run within a pod. - properties: - args: - description: Arguments to the entrypoint. - The docker image's CMD is used if this is - not provided. - items: - type: string - type: array - command: - description: Entrypoint array. Not executed - within a shell. - items: - type: string - type: array - env: - description: List of environment variables - to set in the container. Cannot be updated. - items: - description: EnvVar represents an environment - variable present in a Container. - properties: - name: - description: Name of the environment - variable. Must be a C_IDENTIFIER. - type: string - value: - description: Variable references $(VAR_NAME) - are expanded using the previously - defined environment variables in t - type: string - valueFrom: - description: Source for the environment - variable's value. Cannot be used if - value is not empty. - properties: - configMapKeyRef: - description: Selects a key of a - ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether - the ConfigMap or its key must - be defined - type: boolean - required: - - key - type: object - fieldRef: - description: 'Selects a field of - the pod: supports metadata.name, - metadata.namespace, `metadata.' - properties: - apiVersion: - description: Version of the - schema the FieldPath is written - in terms of, defaults to "v1". - type: string - fieldPath: - description: Path of the field - to select in the specified - API version. - type: string - required: - - fieldPath - type: object - resourceFieldRef: - description: 'Selects a resource - of the container: only resources - limits and requests (limits.cpu, - limits.' - properties: - containerName: - description: 'Container name: - required for volumes, optional - for env vars' - type: string - divisor: - anyOf: - - type: integer - - type: string - description: Specifies the output - format of the exposed resources, - defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: 'Required: resource - to select' - type: string - required: - - resource - type: object - secretKeyRef: - description: Selects a key of a - secret in the pod's namespace - properties: - key: - description: The key of the - secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether - the Secret or its key must - be defined - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - envFrom: - description: List of sources to populate environment - variables in the container. - items: - description: EnvFromSource represents the - source of a set of ConfigMaps - properties: - configMapRef: - description: The ConfigMap to select - from - properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether the - ConfigMap must be defined - type: boolean - type: object - prefix: - description: An optional identifier - to prepend to each key in the ConfigMap. - Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether the - Secret must be defined - type: boolean - type: object - type: object - type: array - image: - description: 'Docker image name. More info: - https://kubernetes.' - type: string - imagePullPolicy: - description: Image pull policy. One of Always, - Never, IfNotPresent. - type: string - lifecycle: - description: Actions that the management system - should take in response to container lifecycle - events. - properties: - postStart: - description: PostStart is called immediately - after a container is created. - properties: - exec: - description: Exec specifies the action - to take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the - command ' - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the - http request to perform. - properties: - host: - description: Host name to connect - to, defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to - set in the request. HTTP allows - repeated headers. - items: - description: HTTPHeader describes - a custom header to be used - in HTTP probes - properties: - name: - description: The header - field name - type: string - value: - description: The header - field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on - the HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of - the port to access on the container. - Number must be in the range - 1 to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for - connecting to the host. Defaults - to HTTP. - type: string - required: - - port - type: object - tcpSocket: - description: Deprecated. - properties: - host: - description: 'Optional: Host name - to connect to, defaults to the - pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of - the port to access on the container. - Number must be in the range - 1 to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - preStop: - description: PreStop is called immediately - before a container is terminated due - to an API request or management e - properties: - exec: - description: Exec specifies the action - to take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the - command ' - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the - http request to perform. - properties: - host: - description: Host name to connect - to, defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to - set in the request. HTTP allows - repeated headers. - items: - description: HTTPHeader describes - a custom header to be used - in HTTP probes - properties: - name: - description: The header - field name - type: string - value: - description: The header - field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on - the HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of - the port to access on the container. - Number must be in the range - 1 to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for - connecting to the host. Defaults - to HTTP. - type: string - required: - - port - type: object - tcpSocket: - description: Deprecated. - properties: - host: - description: 'Optional: Host name - to connect to, defaults to the - pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of - the port to access on the container. - Number must be in the range - 1 to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - type: object - livenessProbe: - description: Periodic probe of container liveness. - Container will be restarted if the probe - fails. - properties: - exec: - description: Exec specifies the action - to take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the command ' - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures - for the probe to be considered failed - after having succeeded. - format: int32 - type: integer - grpc: - description: GRPC specifies an action - involving a GRPC port. - properties: - port: - description: Port number of the gRPC - service. Number must be in the range - 1 to 65535. - format: int32 - type: integer - service: - description: Service is the name of - the service to place in the gRPC - HealthCheckRequest (see https://github. - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect - to, defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set - in the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in - HTTP probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the - HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the - port to access on the container. - Number must be in the range 1 to - 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: Number of seconds after the - container has started before liveness - probes are initiated. - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to - perform the probe. Default to 10 seconds. - Minimum value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes - for the probe to be considered successful - after having failed. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action - involving a TCP port. - properties: - host: - description: 'Optional: Host name - to connect to, defaults to the pod - IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the - port to access on the container. - Number must be in the range 1 to - 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds - the pod needs to terminate gracefully - upon probe failure. - format: int64 - type: integer - timeoutSeconds: - description: Number of seconds after which - the probe times out. Defaults to 1 second. - Minimum value is 1. - format: int32 - type: integer - type: object - name: - description: Name of the container specified - as a DNS_LABEL. - type: string - ports: - description: List of ports to expose from - the container. - items: - description: ContainerPort represents a - network port in a single container. - properties: - containerPort: - description: Number of port to expose - on the pod's IP address. This must - be a valid port number, 0 < x < 65536. - format: int32 - type: integer - hostIP: - description: What host IP to bind the - external port to. - type: string - hostPort: - description: Number of port to expose - on the host. If specified, this must - be a valid port number, 0 < x < 65536. - format: int32 - type: integer - name: - description: If specified, this must - be an IANA_SVC_NAME and unique within - the pod. - type: string - protocol: - default: TCP - description: Protocol for port. Must - be UDP, TCP, or SCTP. Defaults to - "TCP". - type: string - required: - - containerPort - type: object - type: array - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: Periodic probe of container service - readiness. - properties: - exec: - description: Exec specifies the action - to take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the command ' - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures - for the probe to be considered failed - after having succeeded. - format: int32 - type: integer - grpc: - description: GRPC specifies an action - involving a GRPC port. - properties: - port: - description: Port number of the gRPC - service. Number must be in the range - 1 to 65535. - format: int32 - type: integer - service: - description: Service is the name of - the service to place in the gRPC - HealthCheckRequest (see https://github. - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect - to, defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set - in the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in - HTTP probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the - HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the - port to access on the container. - Number must be in the range 1 to - 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: Number of seconds after the - container has started before liveness - probes are initiated. - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to - perform the probe. Default to 10 seconds. - Minimum value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes - for the probe to be considered successful - after having failed. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action - involving a TCP port. - properties: - host: - description: 'Optional: Host name - to connect to, defaults to the pod - IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the - port to access on the container. - Number must be in the range 1 to - 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds - the pod needs to terminate gracefully - upon probe failure. - format: int64 - type: integer - timeoutSeconds: - description: Number of seconds after which - the probe times out. Defaults to 1 second. - Minimum value is 1. - format: int32 - type: integer - type: object - resources: - description: 'Compute Resources required by - this container. Cannot be updated. More - info: https://kubernetes.' - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Limits describes the maximum - amount of compute resources allowed. - More info: https://kubernetes.' - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: Requests describes the minimum - amount of compute resources required. - type: object - type: object - securityContext: - description: SecurityContext defines the security - options the container should be run with. - properties: - allowPrivilegeEscalation: - description: AllowPrivilegeEscalation - controls whether a process can gain - more privileges than its parent process - type: boolean - capabilities: - description: The capabilities to add/drop - when running containers. - properties: - add: - description: Added capabilities - items: - description: Capability represent - POSIX capabilities type - type: string - type: array - drop: - description: Removed capabilities - items: - description: Capability represent - POSIX capabilities type - type: string - type: array - type: object - privileged: - description: Run container in privileged - mode. - type: boolean - procMount: - description: procMount denotes the type - of proc mount to use for the containers. - type: string - readOnlyRootFilesystem: - description: Whether this container has - a read-only root filesystem. Default - is false. - type: boolean - runAsGroup: - description: The GID to run the entrypoint - of the container process. Uses runtime - default if unset. - format: int64 - type: integer - runAsNonRoot: - description: Indicates that the container - must run as a non-root user. - type: boolean - runAsUser: - description: The UID to run the entrypoint - of the container process. - format: int64 - type: integer - seLinuxOptions: - description: The SELinux context to be - applied to the container. - properties: - level: - description: Level is SELinux level - label that applies to the container. - type: string - role: - description: Role is a SELinux role - label that applies to the container. - type: string - type: - description: Type is a SELinux type - label that applies to the container. - type: string - user: - description: User is a SELinux user - label that applies to the container. - type: string - type: object - seccompProfile: - description: The seccomp options to use - by this container. - properties: - localhostProfile: - description: localhostProfile indicates - a profile defined in a file on the - node should be used. - type: string - type: - description: type indicates which - kind of seccomp profile will be - applied. - type: string - required: - - type - type: object - windowsOptions: - description: The Windows specific settings - applied to all containers. - properties: - gmsaCredentialSpec: - description: GMSACredentialSpec is - where the GMSA admission webhook - (https://github. - type: string - gmsaCredentialSpecName: - description: GMSACredentialSpecName - is the name of the GMSA credential - spec to use. - type: string - hostProcess: - description: HostProcess determines - if a container should be run as - a 'Host Process' container. - type: boolean - runAsUserName: - description: The UserName in Windows - to run the entrypoint of the container - process. - type: string - type: object - type: object - startupProbe: - description: StartupProbe indicates that the - Pod has successfully initialized. - properties: - exec: - description: Exec specifies the action - to take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the command ' - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures - for the probe to be considered failed - after having succeeded. - format: int32 - type: integer - grpc: - description: GRPC specifies an action - involving a GRPC port. - properties: - port: - description: Port number of the gRPC - service. Number must be in the range - 1 to 65535. - format: int32 - type: integer - service: - description: Service is the name of - the service to place in the gRPC - HealthCheckRequest (see https://github. - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect - to, defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set - in the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in - HTTP probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the - HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the - port to access on the container. - Number must be in the range 1 to - 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: Number of seconds after the - container has started before liveness - probes are initiated. - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to - perform the probe. Default to 10 seconds. - Minimum value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes - for the probe to be considered successful - after having failed. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action - involving a TCP port. - properties: - host: - description: 'Optional: Host name - to connect to, defaults to the pod - IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the - port to access on the container. - Number must be in the range 1 to - 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds - the pod needs to terminate gracefully - upon probe failure. - format: int64 - type: integer - timeoutSeconds: - description: Number of seconds after which - the probe times out. Defaults to 1 second. - Minimum value is 1. - format: int32 - type: integer - type: object - stdin: - description: Whether this container should - allocate a buffer for stdin in the container - runtime. - type: boolean - stdinOnce: - description: Whether the container runtime - should close the stdin channel after it - has been opened by a single at - type: boolean - terminationMessagePath: - description: 'Optional: Path at which the - file to which the container''s termination - message will be written is mou' - type: string - terminationMessagePolicy: - description: Indicate how the termination - message should be populated. - type: string - tty: - description: Whether this container should - allocate a TTY for itself, also requires - 'stdin' to be true. - type: boolean - volumeDevices: - description: volumeDevices is the list of - block devices to be used by the container. - items: - description: volumeDevice describes a mapping - of a raw block device within a container. - properties: - devicePath: - description: devicePath is the path - inside of the container that the device - will be mapped to. - type: string - name: - description: name must match the name - of a persistentVolumeClaim in the - pod - type: string - required: - - devicePath - - name - type: object - type: array - volumeMounts: - description: Pod volumes to mount into the - container's filesystem. Cannot be updated. - items: - description: VolumeMount describes a mounting - of a Volume within a container. - properties: - mountPath: - description: Path within the container - at which the volume should be mounted. Must - not contain ':'. - type: string - mountPropagation: - description: mountPropagation determines - how mounts are propagated from the - host to container and the other way - a - type: string - name: - description: This must match the Name - of a Volume. - type: string - readOnly: - description: Mounted read-only if true, - read-write otherwise (false or unspecified). - Defaults to false. - type: boolean - subPath: - description: Path within the volume - from which the container's volume - should be mounted. - type: string - subPathExpr: - description: Expanded path within the - volume from which the container's - volume should be mounted. - type: string - required: - - mountPath - - name - type: object - type: array - workingDir: - description: Container's working directory. - type: string - required: - - name - type: object - type: array - dnsConfig: - description: Specifies the DNS parameters of a pod. - properties: - nameservers: - description: A list of DNS name server IP addresses. - items: - type: string - type: array - options: - description: A list of DNS resolver options. - This will be merged with the base options - generated from DNSPolicy. - items: - description: PodDNSConfigOption defines DNS - resolver options of a pod. - properties: - name: - description: Required. - type: string - value: - type: string - type: object - type: array - searches: - description: A list of DNS search domains for - host-name lookup. - items: - type: string - type: array - type: object - dnsPolicy: - description: Set DNS policy for the pod. Defaults - to "ClusterFirst". - type: string - enableServiceLinks: - description: EnableServiceLinks indicates whether - information about services should be injected - into pod's enviro - type: boolean - ephemeralContainers: - description: List of ephemeral containers run in - this pod. - items: - description: An EphemeralContainer is a temporary - container that you may add to an existing Pod - for user-initiate - properties: - args: - description: Arguments to the entrypoint. - The docker image's CMD is used if this is - not provided. - items: - type: string - type: array - command: - description: Entrypoint array. Not executed - within a shell. - items: - type: string - type: array - env: - description: List of environment variables - to set in the container. Cannot be updated. - items: - description: EnvVar represents an environment - variable present in a Container. - properties: - name: - description: Name of the environment - variable. Must be a C_IDENTIFIER. - type: string - value: - description: Variable references $(VAR_NAME) - are expanded using the previously - defined environment variables in t - type: string - valueFrom: - description: Source for the environment - variable's value. Cannot be used if - value is not empty. - properties: - configMapKeyRef: - description: Selects a key of a - ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether - the ConfigMap or its key must - be defined - type: boolean - required: - - key - type: object - fieldRef: - description: 'Selects a field of - the pod: supports metadata.name, - metadata.namespace, `metadata.' - properties: - apiVersion: - description: Version of the - schema the FieldPath is written - in terms of, defaults to "v1". - type: string - fieldPath: - description: Path of the field - to select in the specified - API version. - type: string - required: - - fieldPath - type: object - resourceFieldRef: - description: 'Selects a resource - of the container: only resources - limits and requests (limits.cpu, - limits.' - properties: - containerName: - description: 'Container name: - required for volumes, optional - for env vars' - type: string - divisor: - anyOf: - - type: integer - - type: string - description: Specifies the output - format of the exposed resources, - defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: 'Required: resource - to select' - type: string - required: - - resource - type: object - secretKeyRef: - description: Selects a key of a - secret in the pod's namespace - properties: - key: - description: The key of the - secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether - the Secret or its key must - be defined - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - envFrom: - description: List of sources to populate environment - variables in the container. - items: - description: EnvFromSource represents the - source of a set of ConfigMaps - properties: - configMapRef: - description: The ConfigMap to select - from - properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether the - ConfigMap must be defined - type: boolean - type: object - prefix: - description: An optional identifier - to prepend to each key in the ConfigMap. - Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether the - Secret must be defined - type: boolean - type: object - type: object - type: array - image: - description: 'Docker image name. More info: - https://kubernetes.io/docs/concepts/containers/images' - type: string - imagePullPolicy: - description: Image pull policy. One of Always, - Never, IfNotPresent. - type: string - lifecycle: - description: Lifecycle is not allowed for - ephemeral containers. - properties: - postStart: - description: PostStart is called immediately - after a container is created. - properties: - exec: - description: Exec specifies the action - to take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the - command ' - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the - http request to perform. - properties: - host: - description: Host name to connect - to, defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to - set in the request. HTTP allows - repeated headers. - items: - description: HTTPHeader describes - a custom header to be used - in HTTP probes - properties: - name: - description: The header - field name - type: string - value: - description: The header - field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on - the HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of - the port to access on the container. - Number must be in the range - 1 to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for - connecting to the host. Defaults - to HTTP. - type: string - required: - - port - type: object - tcpSocket: - description: Deprecated. - properties: - host: - description: 'Optional: Host name - to connect to, defaults to the - pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of - the port to access on the container. - Number must be in the range - 1 to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - preStop: - description: PreStop is called immediately - before a container is terminated due - to an API request or management e - properties: - exec: - description: Exec specifies the action - to take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the - command ' - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the - http request to perform. - properties: - host: - description: Host name to connect - to, defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to - set in the request. HTTP allows - repeated headers. - items: - description: HTTPHeader describes - a custom header to be used - in HTTP probes - properties: - name: - description: The header - field name - type: string - value: - description: The header - field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on - the HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of - the port to access on the container. - Number must be in the range - 1 to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for - connecting to the host. Defaults - to HTTP. - type: string - required: - - port - type: object - tcpSocket: - description: Deprecated. - properties: - host: - description: 'Optional: Host name - to connect to, defaults to the - pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of - the port to access on the container. - Number must be in the range - 1 to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - type: object - livenessProbe: - description: Probes are not allowed for ephemeral - containers. - properties: - exec: - description: Exec specifies the action - to take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the command ' - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures - for the probe to be considered failed - after having succeeded. - format: int32 - type: integer - grpc: - description: GRPC specifies an action - involving a GRPC port. - properties: - port: - description: Port number of the gRPC - service. Number must be in the range - 1 to 65535. - format: int32 - type: integer - service: - description: Service is the name of - the service to place in the gRPC - HealthCheckRequest (see https://github. - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect - to, defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set - in the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in - HTTP probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the - HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the - port to access on the container. - Number must be in the range 1 to - 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: Number of seconds after the - container has started before liveness - probes are initiated. - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to - perform the probe. Default to 10 seconds. - Minimum value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes - for the probe to be considered successful - after having failed. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action - involving a TCP port. - properties: - host: - description: 'Optional: Host name - to connect to, defaults to the pod - IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the - port to access on the container. - Number must be in the range 1 to - 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds - the pod needs to terminate gracefully - upon probe failure. - format: int64 - type: integer - timeoutSeconds: - description: Number of seconds after which - the probe times out. Defaults to 1 second. - Minimum value is 1. - format: int32 - type: integer - type: object - name: - description: Name of the ephemeral container - specified as a DNS_LABEL. - type: string - ports: - description: Ports are not allowed for ephemeral - containers. - items: - description: ContainerPort represents a - network port in a single container. - properties: - containerPort: - description: Number of port to expose - on the pod's IP address. This must - be a valid port number, 0 < x < 65536. - format: int32 - type: integer - hostIP: - description: What host IP to bind the - external port to. - type: string - hostPort: - description: Number of port to expose - on the host. If specified, this must - be a valid port number, 0 < x < 65536. - format: int32 - type: integer - name: - description: If specified, this must - be an IANA_SVC_NAME and unique within - the pod. - type: string - protocol: - default: TCP - description: Protocol for port. Must - be UDP, TCP, or SCTP. Defaults to - "TCP". - type: string - required: - - containerPort - type: object - type: array - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: Probes are not allowed for ephemeral - containers. - properties: - exec: - description: Exec specifies the action - to take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the command ' - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures - for the probe to be considered failed - after having succeeded. - format: int32 - type: integer - grpc: - description: GRPC specifies an action - involving a GRPC port. - properties: - port: - description: Port number of the gRPC - service. Number must be in the range - 1 to 65535. - format: int32 - type: integer - service: - description: Service is the name of - the service to place in the gRPC - HealthCheckRequest (see https://github. - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect - to, defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set - in the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in - HTTP probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the - HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the - port to access on the container. - Number must be in the range 1 to - 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: Number of seconds after the - container has started before liveness - probes are initiated. - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to - perform the probe. Default to 10 seconds. - Minimum value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes - for the probe to be considered successful - after having failed. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action - involving a TCP port. - properties: - host: - description: 'Optional: Host name - to connect to, defaults to the pod - IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the - port to access on the container. - Number must be in the range 1 to - 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds - the pod needs to terminate gracefully - upon probe failure. - format: int64 - type: integer - timeoutSeconds: - description: Number of seconds after which - the probe times out. Defaults to 1 second. - Minimum value is 1. - format: int32 - type: integer - type: object - resources: - description: Resources are not allowed for - ephemeral containers. - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Limits describes the maximum - amount of compute resources allowed. - More info: https://kubernetes.' - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: Requests describes the minimum - amount of compute resources required. - type: object - type: object - securityContext: - description: 'Optional: SecurityContext defines - the security options the ephemeral container - should be run with.' - properties: - allowPrivilegeEscalation: - description: AllowPrivilegeEscalation - controls whether a process can gain - more privileges than its parent process - type: boolean - capabilities: - description: The capabilities to add/drop - when running containers. - properties: - add: - description: Added capabilities - items: - description: Capability represent - POSIX capabilities type - type: string - type: array - drop: - description: Removed capabilities - items: - description: Capability represent - POSIX capabilities type - type: string - type: array - type: object - privileged: - description: Run container in privileged - mode. - type: boolean - procMount: - description: procMount denotes the type - of proc mount to use for the containers. - type: string - readOnlyRootFilesystem: - description: Whether this container has - a read-only root filesystem. Default - is false. - type: boolean - runAsGroup: - description: The GID to run the entrypoint - of the container process. Uses runtime - default if unset. - format: int64 - type: integer - runAsNonRoot: - description: Indicates that the container - must run as a non-root user. - type: boolean - runAsUser: - description: The UID to run the entrypoint - of the container process. - format: int64 - type: integer - seLinuxOptions: - description: The SELinux context to be - applied to the container. - properties: - level: - description: Level is SELinux level - label that applies to the container. - type: string - role: - description: Role is a SELinux role - label that applies to the container. - type: string - type: - description: Type is a SELinux type - label that applies to the container. - type: string - user: - description: User is a SELinux user - label that applies to the container. - type: string - type: object - seccompProfile: - description: The seccomp options to use - by this container. - properties: - localhostProfile: - description: localhostProfile indicates - a profile defined in a file on the - node should be used. - type: string - type: - description: type indicates which - kind of seccomp profile will be - applied. - type: string - required: - - type - type: object - windowsOptions: - description: The Windows specific settings - applied to all containers. - properties: - gmsaCredentialSpec: - description: GMSACredentialSpec is - where the GMSA admission webhook - (https://github. - type: string - gmsaCredentialSpecName: - description: GMSACredentialSpecName - is the name of the GMSA credential - spec to use. - type: string - hostProcess: - description: HostProcess determines - if a container should be run as - a 'Host Process' container. - type: boolean - runAsUserName: - description: The UserName in Windows - to run the entrypoint of the container - process. - type: string - type: object - type: object - startupProbe: - description: Probes are not allowed for ephemeral - containers. - properties: - exec: - description: Exec specifies the action - to take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the command ' - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures - for the probe to be considered failed - after having succeeded. - format: int32 - type: integer - grpc: - description: GRPC specifies an action - involving a GRPC port. - properties: - port: - description: Port number of the gRPC - service. Number must be in the range - 1 to 65535. - format: int32 - type: integer - service: - description: Service is the name of - the service to place in the gRPC - HealthCheckRequest (see https://github. - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect - to, defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set - in the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in - HTTP probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the - HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the - port to access on the container. - Number must be in the range 1 to - 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: Number of seconds after the - container has started before liveness - probes are initiated. - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to - perform the probe. Default to 10 seconds. - Minimum value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes - for the probe to be considered successful - after having failed. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action - involving a TCP port. - properties: - host: - description: 'Optional: Host name - to connect to, defaults to the pod - IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the - port to access on the container. - Number must be in the range 1 to - 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds - the pod needs to terminate gracefully - upon probe failure. - format: int64 - type: integer - timeoutSeconds: - description: Number of seconds after which - the probe times out. Defaults to 1 second. - Minimum value is 1. - format: int32 - type: integer - type: object - stdin: - description: Whether this container should - allocate a buffer for stdin in the container - runtime. - type: boolean - stdinOnce: - description: Whether the container runtime - should close the stdin channel after it - has been opened by a single at - type: boolean - targetContainerName: - description: If set, the name of the container - from PodSpec that this ephemeral container - targets. - type: string - terminationMessagePath: - description: 'Optional: Path at which the - file to which the container''s termination - message will be written is mou' - type: string - terminationMessagePolicy: - description: Indicate how the termination - message should be populated. - type: string - tty: - description: Whether this container should - allocate a TTY for itself, also requires - 'stdin' to be true. - type: boolean - volumeDevices: - description: volumeDevices is the list of - block devices to be used by the container. - items: - description: volumeDevice describes a mapping - of a raw block device within a container. - properties: - devicePath: - description: devicePath is the path - inside of the container that the device - will be mapped to. - type: string - name: - description: name must match the name - of a persistentVolumeClaim in the - pod - type: string - required: - - devicePath - - name - type: object - type: array - volumeMounts: - description: Pod volumes to mount into the - container's filesystem. - items: - description: VolumeMount describes a mounting - of a Volume within a container. - properties: - mountPath: - description: Path within the container - at which the volume should be mounted. Must - not contain ':'. - type: string - mountPropagation: - description: mountPropagation determines - how mounts are propagated from the - host to container and the other way - a - type: string - name: - description: This must match the Name - of a Volume. - type: string - readOnly: - description: Mounted read-only if true, - read-write otherwise (false or unspecified). - Defaults to false. - type: boolean - subPath: - description: Path within the volume - from which the container's volume - should be mounted. - type: string - subPathExpr: - description: Expanded path within the - volume from which the container's - volume should be mounted. - type: string - required: - - mountPath - - name - type: object - type: array - workingDir: - description: Container's working directory. - type: string - required: - - name - type: object - type: array - hostAliases: - description: 'HostAliases is an optional list of - hosts and IPs that will be injected into the pod''s - hosts file if ' - items: - description: 'HostAlias holds the mapping between - IP and hostnames that will be injected as an - entry in the pod''s ' - properties: - hostnames: - description: Hostnames for the above IP address. - items: - type: string - type: array - ip: - description: IP address of the host file entry. - type: string - type: object - type: array - hostIPC: - description: 'Use the host''s ipc namespace. Optional: - Default to false.' - type: boolean - hostNetwork: - description: Host networking requested for this - pod. Use the host's network namespace. - type: boolean - hostPID: - description: 'Use the host''s pid namespace. Optional: - Default to false.' - type: boolean - hostname: - description: Specifies the hostname of the Pod If - not specified, the pod's hostname will be set - to a system-defin - type: string - imagePullSecrets: - description: ImagePullSecrets is an optional list - of references to secrets in the same namespace - to use for pulli - items: - description: 'LocalObjectReference contains enough - information to let you locate the referenced - object inside the ' - properties: - name: - description: 'Name of the referent. More info: - https://kubernetes.' - type: string - type: object - type: array - initContainers: - description: List of initialization containers belonging - to the pod. - items: - description: A single application container that - you want to run within a pod. - properties: - args: - description: Arguments to the entrypoint. - The docker image's CMD is used if this is - not provided. - items: - type: string - type: array - command: - description: Entrypoint array. Not executed - within a shell. - items: - type: string - type: array - env: - description: List of environment variables - to set in the container. Cannot be updated. - items: - description: EnvVar represents an environment - variable present in a Container. - properties: - name: - description: Name of the environment - variable. Must be a C_IDENTIFIER. - type: string - value: - description: Variable references $(VAR_NAME) - are expanded using the previously - defined environment variables in t - type: string - valueFrom: - description: Source for the environment - variable's value. Cannot be used if - value is not empty. - properties: - configMapKeyRef: - description: Selects a key of a - ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether - the ConfigMap or its key must - be defined - type: boolean - required: - - key - type: object - fieldRef: - description: 'Selects a field of - the pod: supports metadata.name, - metadata.namespace, `metadata.' - properties: - apiVersion: - description: Version of the - schema the FieldPath is written - in terms of, defaults to "v1". - type: string - fieldPath: - description: Path of the field - to select in the specified - API version. - type: string - required: - - fieldPath - type: object - resourceFieldRef: - description: 'Selects a resource - of the container: only resources - limits and requests (limits.cpu, - limits.' - properties: - containerName: - description: 'Container name: - required for volumes, optional - for env vars' - type: string - divisor: - anyOf: - - type: integer - - type: string - description: Specifies the output - format of the exposed resources, - defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: 'Required: resource - to select' - type: string - required: - - resource - type: object - secretKeyRef: - description: Selects a key of a - secret in the pod's namespace - properties: - key: - description: The key of the - secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether - the Secret or its key must - be defined - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - envFrom: - description: List of sources to populate environment - variables in the container. - items: - description: EnvFromSource represents the - source of a set of ConfigMaps - properties: - configMapRef: - description: The ConfigMap to select - from - properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether the - ConfigMap must be defined - type: boolean - type: object - prefix: - description: An optional identifier - to prepend to each key in the ConfigMap. - Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether the - Secret must be defined - type: boolean - type: object - type: object - type: array - image: - description: 'Docker image name. More info: - https://kubernetes.' - type: string - imagePullPolicy: - description: Image pull policy. One of Always, - Never, IfNotPresent. - type: string - lifecycle: - description: Actions that the management system - should take in response to container lifecycle - events. - properties: - postStart: - description: PostStart is called immediately - after a container is created. - properties: - exec: - description: Exec specifies the action - to take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the - command ' - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the - http request to perform. - properties: - host: - description: Host name to connect - to, defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to - set in the request. HTTP allows - repeated headers. - items: - description: HTTPHeader describes - a custom header to be used - in HTTP probes - properties: - name: - description: The header - field name - type: string - value: - description: The header - field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on - the HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of - the port to access on the container. - Number must be in the range - 1 to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for - connecting to the host. Defaults - to HTTP. - type: string - required: - - port - type: object - tcpSocket: - description: Deprecated. - properties: - host: - description: 'Optional: Host name - to connect to, defaults to the - pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of - the port to access on the container. - Number must be in the range - 1 to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - preStop: - description: PreStop is called immediately - before a container is terminated due - to an API request or management e - properties: - exec: - description: Exec specifies the action - to take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the - command ' - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the - http request to perform. - properties: - host: - description: Host name to connect - to, defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to - set in the request. HTTP allows - repeated headers. - items: - description: HTTPHeader describes - a custom header to be used - in HTTP probes - properties: - name: - description: The header - field name - type: string - value: - description: The header - field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on - the HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of - the port to access on the container. - Number must be in the range - 1 to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for - connecting to the host. Defaults - to HTTP. - type: string - required: - - port - type: object - tcpSocket: - description: Deprecated. - properties: - host: - description: 'Optional: Host name - to connect to, defaults to the - pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of - the port to access on the container. - Number must be in the range - 1 to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - type: object - livenessProbe: - description: Periodic probe of container liveness. - Container will be restarted if the probe - fails. - properties: - exec: - description: Exec specifies the action - to take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the command ' - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures - for the probe to be considered failed - after having succeeded. - format: int32 - type: integer - grpc: - description: GRPC specifies an action - involving a GRPC port. - properties: - port: - description: Port number of the gRPC - service. Number must be in the range - 1 to 65535. - format: int32 - type: integer - service: - description: Service is the name of - the service to place in the gRPC - HealthCheckRequest (see https://github. - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect - to, defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set - in the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in - HTTP probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the - HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the - port to access on the container. - Number must be in the range 1 to - 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: Number of seconds after the - container has started before liveness - probes are initiated. - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to - perform the probe. Default to 10 seconds. - Minimum value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes - for the probe to be considered successful - after having failed. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action - involving a TCP port. - properties: - host: - description: 'Optional: Host name - to connect to, defaults to the pod - IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the - port to access on the container. - Number must be in the range 1 to - 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds - the pod needs to terminate gracefully - upon probe failure. - format: int64 - type: integer - timeoutSeconds: - description: Number of seconds after which - the probe times out. Defaults to 1 second. - Minimum value is 1. - format: int32 - type: integer - type: object - name: - description: Name of the container specified - as a DNS_LABEL. - type: string - ports: - description: List of ports to expose from - the container. - items: - description: ContainerPort represents a - network port in a single container. - properties: - containerPort: - description: Number of port to expose - on the pod's IP address. This must - be a valid port number, 0 < x < 65536. - format: int32 - type: integer - hostIP: - description: What host IP to bind the - external port to. - type: string - hostPort: - description: Number of port to expose - on the host. If specified, this must - be a valid port number, 0 < x < 65536. - format: int32 - type: integer - name: - description: If specified, this must - be an IANA_SVC_NAME and unique within - the pod. - type: string - protocol: - default: TCP - description: Protocol for port. Must - be UDP, TCP, or SCTP. Defaults to - "TCP". - type: string - required: - - containerPort - type: object - type: array - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: Periodic probe of container service - readiness. - properties: - exec: - description: Exec specifies the action - to take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the command ' - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures - for the probe to be considered failed - after having succeeded. - format: int32 - type: integer - grpc: - description: GRPC specifies an action - involving a GRPC port. - properties: - port: - description: Port number of the gRPC - service. Number must be in the range - 1 to 65535. - format: int32 - type: integer - service: - description: Service is the name of - the service to place in the gRPC - HealthCheckRequest (see https://github. - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect - to, defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set - in the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in - HTTP probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the - HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the - port to access on the container. - Number must be in the range 1 to - 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: Number of seconds after the - container has started before liveness - probes are initiated. - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to - perform the probe. Default to 10 seconds. - Minimum value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes - for the probe to be considered successful - after having failed. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action - involving a TCP port. - properties: - host: - description: 'Optional: Host name - to connect to, defaults to the pod - IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the - port to access on the container. - Number must be in the range 1 to - 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds - the pod needs to terminate gracefully - upon probe failure. - format: int64 - type: integer - timeoutSeconds: - description: Number of seconds after which - the probe times out. Defaults to 1 second. - Minimum value is 1. - format: int32 - type: integer - type: object - resources: - description: 'Compute Resources required by - this container. Cannot be updated. More - info: https://kubernetes.' - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Limits describes the maximum - amount of compute resources allowed. - More info: https://kubernetes.' - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: Requests describes the minimum - amount of compute resources required. - type: object - type: object - securityContext: - description: SecurityContext defines the security - options the container should be run with. - properties: - allowPrivilegeEscalation: - description: AllowPrivilegeEscalation - controls whether a process can gain - more privileges than its parent process - type: boolean - capabilities: - description: The capabilities to add/drop - when running containers. - properties: - add: - description: Added capabilities - items: - description: Capability represent - POSIX capabilities type - type: string - type: array - drop: - description: Removed capabilities - items: - description: Capability represent - POSIX capabilities type - type: string - type: array - type: object - privileged: - description: Run container in privileged - mode. - type: boolean - procMount: - description: procMount denotes the type - of proc mount to use for the containers. - type: string - readOnlyRootFilesystem: - description: Whether this container has - a read-only root filesystem. Default - is false. - type: boolean - runAsGroup: - description: The GID to run the entrypoint - of the container process. Uses runtime - default if unset. - format: int64 - type: integer - runAsNonRoot: - description: Indicates that the container - must run as a non-root user. - type: boolean - runAsUser: - description: The UID to run the entrypoint - of the container process. - format: int64 - type: integer - seLinuxOptions: - description: The SELinux context to be - applied to the container. - properties: - level: - description: Level is SELinux level - label that applies to the container. - type: string - role: - description: Role is a SELinux role - label that applies to the container. - type: string - type: - description: Type is a SELinux type - label that applies to the container. - type: string - user: - description: User is a SELinux user - label that applies to the container. - type: string - type: object - seccompProfile: - description: The seccomp options to use - by this container. - properties: - localhostProfile: - description: localhostProfile indicates - a profile defined in a file on the - node should be used. - type: string - type: - description: type indicates which - kind of seccomp profile will be - applied. - type: string - required: - - type - type: object - windowsOptions: - description: The Windows specific settings - applied to all containers. - properties: - gmsaCredentialSpec: - description: GMSACredentialSpec is - where the GMSA admission webhook - (https://github. - type: string - gmsaCredentialSpecName: - description: GMSACredentialSpecName - is the name of the GMSA credential - spec to use. - type: string - hostProcess: - description: HostProcess determines - if a container should be run as - a 'Host Process' container. - type: boolean - runAsUserName: - description: The UserName in Windows - to run the entrypoint of the container - process. - type: string - type: object - type: object - startupProbe: - description: StartupProbe indicates that the - Pod has successfully initialized. - properties: - exec: - description: Exec specifies the action - to take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the command ' - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures - for the probe to be considered failed - after having succeeded. - format: int32 - type: integer - grpc: - description: GRPC specifies an action - involving a GRPC port. - properties: - port: - description: Port number of the gRPC - service. Number must be in the range - 1 to 65535. - format: int32 - type: integer - service: - description: Service is the name of - the service to place in the gRPC - HealthCheckRequest (see https://github. - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect - to, defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set - in the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in - HTTP probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the - HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the - port to access on the container. - Number must be in the range 1 to - 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: Number of seconds after the - container has started before liveness - probes are initiated. - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to - perform the probe. Default to 10 seconds. - Minimum value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes - for the probe to be considered successful - after having failed. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action - involving a TCP port. - properties: - host: - description: 'Optional: Host name - to connect to, defaults to the pod - IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the - port to access on the container. - Number must be in the range 1 to - 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds - the pod needs to terminate gracefully - upon probe failure. - format: int64 - type: integer - timeoutSeconds: - description: Number of seconds after which - the probe times out. Defaults to 1 second. - Minimum value is 1. - format: int32 - type: integer - type: object - stdin: - description: Whether this container should - allocate a buffer for stdin in the container - runtime. - type: boolean - stdinOnce: - description: Whether the container runtime - should close the stdin channel after it - has been opened by a single at - type: boolean - terminationMessagePath: - description: 'Optional: Path at which the - file to which the container''s termination - message will be written is mou' - type: string - terminationMessagePolicy: - description: Indicate how the termination - message should be populated. - type: string - tty: - description: Whether this container should - allocate a TTY for itself, also requires - 'stdin' to be true. - type: boolean - volumeDevices: - description: volumeDevices is the list of - block devices to be used by the container. - items: - description: volumeDevice describes a mapping - of a raw block device within a container. - properties: - devicePath: - description: devicePath is the path - inside of the container that the device - will be mapped to. - type: string - name: - description: name must match the name - of a persistentVolumeClaim in the - pod - type: string - required: - - devicePath - - name - type: object - type: array - volumeMounts: - description: Pod volumes to mount into the - container's filesystem. Cannot be updated. - items: - description: VolumeMount describes a mounting - of a Volume within a container. - properties: - mountPath: - description: Path within the container - at which the volume should be mounted. Must - not contain ':'. - type: string - mountPropagation: - description: mountPropagation determines - how mounts are propagated from the - host to container and the other way - a - type: string - name: - description: This must match the Name - of a Volume. - type: string - readOnly: - description: Mounted read-only if true, - read-write otherwise (false or unspecified). - Defaults to false. - type: boolean - subPath: - description: Path within the volume - from which the container's volume - should be mounted. - type: string - subPathExpr: - description: Expanded path within the - volume from which the container's - volume should be mounted. - type: string - required: - - mountPath - - name - type: object - type: array - workingDir: - description: Container's working directory. - type: string - required: - - name - type: object - type: array - nodeName: - description: NodeName is a request to schedule this - pod onto a specific node. - type: string - nodeSelector: - additionalProperties: - type: string - description: NodeSelector is a selector which must - be true for the pod to fit on a node. - type: object - x-kubernetes-map-type: atomic - os: - description: Specifies the OS of the containers - in the pod. - properties: - name: - description: Name is the name of the operating - system. The currently supported values are - linux and windows. - type: string - required: - - name - type: object - overhead: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: Overhead represents the resource overhead - associated with running a pod for a given RuntimeClass. - type: object - preemptionPolicy: - description: PreemptionPolicy is the Policy for - preempting pods with lower priority. - type: string - priority: - description: The priority value. Various system - components use this field to find the priority - of the pod. - format: int32 - type: integer - priorityClassName: - description: If specified, indicates the pod's priority. - type: string - readinessGates: - description: If specified, all readiness gates will - be evaluated for pod readiness. - items: - description: PodReadinessGate contains the reference - to a pod condition - properties: - conditionType: - description: ConditionType refers to a condition - in the pod's condition list with matching - type. - type: string - required: - - conditionType - type: object - type: array - restartPolicy: - description: Restart policy for all containers within - the pod. One of Always, OnFailure, Never. - type: string - runtimeClassName: - description: RuntimeClassName refers to a RuntimeClass - object in the node.k8s. - type: string - schedulerName: - description: If specified, the pod will be dispatched - by specified scheduler. - type: string - securityContext: - description: SecurityContext holds pod-level security - attributes and common container settings. - properties: - fsGroup: - description: A special supplemental group that - applies to all containers in a pod. - format: int64 - type: integer - fsGroupChangePolicy: - description: fsGroupChangePolicy defines behavior - of changing ownership and permission of the - volume before being - type: string - runAsGroup: - description: The GID to run the entrypoint of - the container process. Uses runtime default - if unset. - format: int64 - type: integer - runAsNonRoot: - description: Indicates that the container must - run as a non-root user. - type: boolean - runAsUser: - description: The UID to run the entrypoint of - the container process. - format: int64 - type: integer - seLinuxOptions: - description: The SELinux context to be applied - to all containers. - properties: - level: - description: Level is SELinux level label - that applies to the container. - type: string - role: - description: Role is a SELinux role label - that applies to the container. - type: string - type: - description: Type is a SELinux type label - that applies to the container. - type: string - user: - description: User is a SELinux user label - that applies to the container. - type: string - type: object - seccompProfile: - description: The seccomp options to use by the - containers in this pod. - properties: - localhostProfile: - description: localhostProfile indicates - a profile defined in a file on the node - should be used. - type: string - type: - description: type indicates which kind of - seccomp profile will be applied. - type: string - required: - - type - type: object - supplementalGroups: - description: 'A list of groups applied to the - first process run in each container, in addition - to the container''s ' - items: - format: int64 - type: integer - type: array - sysctls: - description: Sysctls hold a list of namespaced - sysctls used for the pod. - items: - description: Sysctl defines a kernel parameter - to be set - properties: - name: - description: Name of a property to set - type: string - value: - description: Value of a property to set - type: string - required: - - name - - value - type: object - type: array - windowsOptions: - description: The Windows specific settings applied - to all containers. - properties: - gmsaCredentialSpec: - description: GMSACredentialSpec is where - the GMSA admission webhook (https://github. - type: string - gmsaCredentialSpecName: - description: GMSACredentialSpecName is the - name of the GMSA credential spec to use. - type: string - hostProcess: - description: HostProcess determines if a - container should be run as a 'Host Process' - container. - type: boolean - runAsUserName: - description: The UserName in Windows to - run the entrypoint of the container process. - type: string - type: object - type: object - serviceAccount: - description: DeprecatedServiceAccount is a depreciated - alias for ServiceAccountName. - type: string - serviceAccountName: - description: ServiceAccountName is the name of the - ServiceAccount to use to run this pod. - type: string - setHostnameAsFQDN: - description: If true the pod's hostname will be - configured as the pod's FQDN, rather than the - leaf name (the defa - type: boolean - shareProcessNamespace: - description: Share a single process namespace between - all of the containers in a pod. - type: boolean - subdomain: - description: If specified, the fully qualified Pod - hostname will be "...svc. - type: string - terminationGracePeriodSeconds: - description: Optional duration in seconds the pod - needs to terminate gracefully. - format: int64 - type: integer - tolerations: - description: If specified, the pod's tolerations. - items: - description: The pod this Toleration is attached - to tolerates any taint that matches the triple - name on the dataset for - Flocker should be considered as de - type: string - datasetUUID: - description: UUID of the dataset. This - is unique identifier of a Flocker dataset - type: string - type: object - gcePersistentDisk: - description: GCEPersistentDisk represents - a GCE Disk resource that is attached to - a kubelet's host machine and th - properties: - fsType: - description: Filesystem type of the volume - that you want to mount. - type: string - partition: - description: The partition in the volume - that you want to mount. - format: int32 - type: integer - pdName: - description: Unique name of the PD resource - in GCE. Used to identify the disk in - GCE. - type: string - readOnly: - description: ReadOnly here will force - the ReadOnly setting in VolumeMounts. - Defaults to false. - type: boolean - required: - - pdName - type: object - gitRepo: - description: 'GitRepo represents a git repository - at a particular revision. DEPRECATED: GitRepo - is deprecated.' - properties: - directory: - description: Target directory name. Must - not contain or start with '..'. If - '. - type: string - repository: - description: Repository URL - type: string - revision: - description: Commit hash for the specified - revision. - type: string - required: - - repository - type: object - glusterfs: - description: Glusterfs represents a Glusterfs - mount on the host that shares a pod's lifetime. - properties: - endpoints: - description: 'EndpointsName is the endpoint - name that details Glusterfs topology. - More info: https://examples.k8s.' - type: string - path: - description: 'Path is the Glusterfs volume - path. More info: https://examples.k8s.io/volumes/glusterfs/README.' - type: string - readOnly: - description: ReadOnly here will force - the Glusterfs volume to be mounted with - read-only permissions. - type: boolean - required: - - endpoints - - path - type: object - hostPath: - description: HostPath represents a pre-existing - file or directory on the host machine that - is directly exposed to - properties: - path: - description: Path of the directory on - the host. - type: string - type: - description: 'Type for HostPath Volume - Defaults to "" More info: https://kubernetes.' - type: string - required: - - path - type: object - iscsi: - description: ISCSI represents an ISCSI Disk - resource that is attached to a kubelet's - host machine and then expose - properties: - chapAuthDiscovery: - description: whether support iSCSI Discovery - CHAP authentication - type: boolean - chapAuthSession: - description: whether support iSCSI Session - CHAP authentication - type: boolean - fsType: - description: Filesystem type of the volume - that you want to mount. - type: string - initiatorName: - description: Custom iSCSI Initiator Name. - type: string - iqn: - description: Target iSCSI Qualified Name. - type: string - iscsiInterface: - description: iSCSI Interface Name that - uses an iSCSI transport. Defaults to - 'default' (tcp). - type: string - lun: - description: iSCSI Target Lun number. - format: int32 - type: integer - portals: - description: iSCSI Target Portal List. - items: - type: string - type: array - readOnly: - description: ReadOnly here will force - the ReadOnly setting in VolumeMounts. - Defaults to false. - type: boolean - secretRef: - description: CHAP Secret for iSCSI target - and initiator authentication - properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - type: object - targetPortal: - description: iSCSI Target Portal. - type: string - required: - - iqn - - lun - - targetPortal - type: object - name: - description: 'Volume''s name. Must be a DNS_LABEL - and unique within the pod. More info: https://kubernetes.' - type: string - nfs: - description: 'NFS represents an NFS mount - on the host that shares a pod''s lifetime - More info: https://kubernetes.' - properties: - path: - description: 'Path that is exported by - the NFS server. More info: https://kubernetes.' - type: string - readOnly: - description: ReadOnly here will force - the NFS export to be mounted with read-only - permissions. Defaults to false. - type: boolean - server: - description: 'Server is the hostname or - IP address of the NFS server. More info: - https://kubernetes.' - type: string - required: - - path - - server - type: object - persistentVolumeClaim: - description: PersistentVolumeClaimVolumeSource - represents a reference to a PersistentVolumeClaim - in the same name - properties: - claimName: - description: ClaimName is the name of - a PersistentVolumeClaim in the same - namespace as the pod using this volume. - type: string - readOnly: - description: Will force the ReadOnly setting - in VolumeMounts. Default false. - type: boolean - required: - - claimName - type: object - photonPersistentDisk: - description: 'PhotonPersistentDisk represents - a PhotonController persistent disk attached - and mounted on kubelets ' - properties: - fsType: - description: Filesystem type to mount. - Must be a filesystem type supported - by the host operating system. Ex. - type: string - pdID: - description: ID that identifies Photon - Controller persistent disk - type: string - required: - - pdID - type: object - portworxVolume: - description: PortworxVolume represents a portworx - volume attached and mounted on kubelets - host machine - properties: - fsType: - description: FSType represents the filesystem - type to mount Must be a filesystem type - supported by the host opera - type: string - readOnly: - description: Defaults to false (read/write). - ReadOnly here will force the ReadOnly - setting in VolumeMounts. - type: boolean - volumeID: - description: VolumeID uniquely identifies - a Portworx volume - type: string - required: - - volumeID - type: object - projected: - description: Items for all in one resources - secrets, configmaps, and downward API - properties: - defaultMode: - description: Mode bits used to set permissions - on created files by default. - format: int32 - type: integer - sources: - description: list of volume projections - items: - description: Projection that may be - projected along with other supported - volume types - properties: - configMap: - description: information about the - configMap data to project - properties: - items: - description: 'If unspecified, - each key-value pair in the - Data field of the referenced - ConfigMap will be projected ' - items: - description: Maps a string - key to a path within a volume. - properties: - key: - description: The key to - project. - type: string - mode: - description: 'Optional: - mode bits used to set - permissions on this - file.' - format: int32 - type: integer - path: - description: The relative - path of the file to - map the key to. May - not be an absolute path. - type: string - required: - - key - - path - type: object - type: array - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether - the ConfigMap or its keys - must be defined - type: boolean - type: object - downwardAPI: - description: information about the - downwardAPI data to project - properties: - items: - description: Items is a list - of DownwardAPIVolume file - items: - description: DownwardAPIVolumeFile - represents information to - create the file containing - the pod field - properties: - fieldRef: - description: 'Required: - Selects a field of the - pod: only annotations, - labels, name and namespace - are supported.' - properties: - apiVersion: - description: Version - of the schema the - FieldPath is written - in terms of, defaults - to "v1". - type: string - fieldPath: - description: Path - of the field to - select in the specified - API version. - type: string - required: - - fieldPath - type: object - mode: - description: 'Optional: - mode bits used to set - permissions on this - file, must be an octal - value between 0000 and - 07' - format: int32 - type: integer - path: - description: 'Required: - Path is the relative - path name of the file - to be created.' - type: string - resourceFieldRef: - description: 'Selects - a resource of the container: - only resources limits - and requests (limits.cpu, - limits.' - properties: - containerName: - description: 'Container - name: required for - volumes, optional - for env vars' - type: string - divisor: - anyOf: - - type: integer - - type: string - description: Specifies - the output format - of the exposed resources, - defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: 'Required: - resource to select' - type: string - required: - - resource - type: object - required: - - path - type: object - type: array - type: object - secret: - description: information about the - secret data to project - properties: - items: - description: If unspecified, - each key-value pair in the - Data field of the referenced - Secret will be projected int - items: - description: Maps a string - key to a path within a volume. - properties: - key: - description: The key to - project. - type: string - mode: - description: 'Optional: - mode bits used to set - permissions on this - file.' - format: int32 - type: integer - path: - description: The relative - path of the file to - map the key to. May - not be an absolute path. - type: string - required: - - key - - path - type: object - type: array - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether - the Secret or its key must - be defined - type: boolean - type: object - serviceAccountToken: - description: information about the - serviceAccountToken data to project - properties: - audience: - description: Audience is the - intended audience of the token. - type: string - expirationSeconds: - description: ExpirationSeconds - is the requested duration - of validity of the service - account token. - format: int64 - type: integer - path: - description: Path is the path - relative to the mount point - of the file to project the - token into. - type: string - required: - - path - type: object - type: object - type: array - type: object - quobyte: - description: Quobyte represents a Quobyte - mount on the host that shares a pod's lifetime - properties: - group: - description: Group to map volume access - to Default is no group - type: string - readOnly: - description: ReadOnly here will force - the Quobyte volume to be mounted with - read-only permissions. - type: boolean - registry: - description: Registry represents a single - or multiple Quobyte Registry services - specified as a string as host:por - type: string - tenant: - description: Tenant owning the given Quobyte - volume in the Backend Used with dynamically - provisioned Quobyte volu - type: string - user: - description: User to map volume access - to Defaults to serivceaccount user - type: string - volume: - description: Volume is a string that references - an already created Quobyte volume by - name. - type: string - required: - - registry - - volume - type: object - rbd: - description: RBD represents a Rados Block - Device mount on the host that shares a pod's - lifetime. - properties: - fsType: - description: Filesystem type of the volume - that you want to mount. - type: string - image: - description: 'The rados image name. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: string - keyring: - description: Keyring is the path to key - ring for RBDUser. Default is /etc/ceph/keyring. - type: string - monitors: - description: 'A collection of Ceph monitors. - More info: https://examples.k8s.io/volumes/rbd/README.' - items: - type: string - type: array - pool: - description: 'The rados pool name. Default - is rbd. More info: https://examples.k8s.io/volumes/rbd/README.' - type: string - readOnly: - description: ReadOnly here will force - the ReadOnly setting in VolumeMounts. - Defaults to false. - type: boolean - secretRef: - description: SecretRef is name of the - authentication secret for RBDUser. If - provided overrides keyring. - properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - type: object - user: - description: 'The rados user name. Default - is admin. More info: https://examples.k8s.io/volumes/rbd/README.' - type: string - required: - - image - - monitors - type: object - scaleIO: - description: ScaleIO represents a ScaleIO - persistent volume attached and mounted on - Kubernetes nodes. - properties: - fsType: - description: Filesystem type to mount. - Must be a filesystem type supported - by the host operating system. Ex. - type: string - gateway: - description: The host address of the ScaleIO - API Gateway. - type: string - protectionDomain: - description: The name of the ScaleIO Protection - Domain for the configured storage. - type: string - readOnly: - description: Defaults to false (read/write). - ReadOnly here will force the ReadOnly - setting in VolumeMounts. - type: boolean - secretRef: - description: SecretRef references to the - secret for ScaleIO user and other sensitive - information. - properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - type: object - sslEnabled: - description: Flag to enable/disable SSL - communication with Gateway, default - false - type: boolean - storageMode: - description: Indicates whether the storage - for a volume should be ThickProvisioned - or ThinProvisioned. - type: string - storagePool: - description: The ScaleIO Storage Pool - associated with the protection domain. - type: string - system: - description: The name of the storage system - as configured in ScaleIO. - type: string - volumeName: - description: The name of a volume already - created in the ScaleIO system that is - associated with this volume sourc - type: string - required: - - gateway - - secretRef - - system - type: object - secret: - description: 'Secret represents a secret that - should populate this volume. More info: - https://kubernetes.' - properties: - defaultMode: - description: 'Optional: mode bits used - to set permissions on created files - by default.' - format: int32 - type: integer - items: - description: If unspecified, each key-value - pair in the Data field of the referenced - Secret will be projected int - items: - description: Maps a string key to a - path within a volume. - properties: - key: - description: The key to project. - type: string - mode: - description: 'Optional: mode bits - used to set permissions on this - file.' - format: int32 - type: integer - path: - description: The relative path of - the file to map the key to. May - not be an absolute path. - type: string - required: - - key - - path - type: object - type: array - optional: - description: Specify whether the Secret - or its keys must be defined - type: boolean - secretName: - description: 'Name of the secret in the - pod''s namespace to use. More info: - https://kubernetes.' - type: string - type: object - storageos: - description: StorageOS represents a StorageOS - volume attached and mounted on Kubernetes - nodes. - properties: - fsType: - description: Filesystem type to mount. - Must be a filesystem type supported - by the host operating system. Ex. - type: string - readOnly: - description: Defaults to false (read/write). - ReadOnly here will force the ReadOnly - setting in VolumeMounts. - type: boolean - secretRef: - description: SecretRef specifies the secret - to use for obtaining the StorageOS API - credentials. - properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - type: object - volumeName: - description: VolumeName is the human-readable - name of the StorageOS volume. - type: string - volumeNamespace: - description: VolumeNamespace specifies - the scope of the volume within StorageOS. - type: string - type: object - vsphereVolume: - description: VsphereVolume represents a vSphere - volume attached and mounted on kubelets - host machine - properties: - fsType: - description: Filesystem type to mount. - Must be a filesystem type supported - by the host operating system. Ex. - type: string - storagePolicyID: - description: Storage Policy Based Management - (SPBM) profile ID associated with the - StoragePolicyName. - type: string - storagePolicyName: - description: Storage Policy Based Management - (SPBM) profile name. - type: string - volumePath: - description: Path that identifies vSphere - volume vmdk - type: string - required: - - volumePath - type: object - required: - - name - type: object - type: array - required: - - containers - type: object - type: object - required: - - groupName - - maxReplicas - - minReplicas - - rayStartParams - - replicas - - template - type: object - type: array - required: - - headGroupSpec - type: object - runtimeEnv: - description: RuntimeEnv is base64 encoded. - type: string - shutdownAfterJobFinishes: - description: ShutdownAfterJobFinishes will determine whether to delete - the ray cluster once rayJob succeed or fai - type: boolean - ttlSecondsAfterFinished: - description: TTLSecondsAfterFinished is the TTL to clean up RayCluster. - format: int32 - type: integer - required: - - entrypoint - type: object - status: - description: RayJobStatus defines the observed state of RayJob - properties: - dashboardURL: - type: string - endTime: - description: Represents time when the job was ended. - format: date-time - type: string - jobDeploymentStatus: - description: JobDeploymentStatus indicates RayJob status including - RayCluster lifecycle management and Job submis - type: string - jobId: - description: 'INSERT ADDITIONAL STATUS FIELD - define observed state - of cluster Important: Run "make" to regenerat' - type: string - jobStatus: - description: JobStatus is the Ray Job Status. https://docs.ray.io/en/latest/cluster/jobs-package-ref. - type: string - message: - type: string - rayClusterName: - type: string - rayClusterStatus: - description: RayClusterStatus defines the observed state of RayCluster - properties: - availableWorkerReplicas: - description: AvailableWorkerReplicas indicates how many replicas - are available in the cluster - format: int32 - type: integer - desiredWorkerReplicas: - description: DesiredWorkerReplicas indicates overall desired replicas - claimed by the user at the cluster level. - format: int32 - type: integer - endpoints: - additionalProperties: - type: string - description: Service Endpoints - type: object - lastUpdateTime: - description: LastUpdateTime indicates last update timestamp for - this cluster status. - format: date-time - nullable: true - type: string - maxWorkerReplicas: - description: MaxWorkerReplicas indicates sum of maximum replicas - of each node group. - format: int32 - type: integer - minWorkerReplicas: - description: MinWorkerReplicas indicates sum of minimum replicas - of each node group. - format: int32 - type: integer - state: - description: 'INSERT ADDITIONAL STATUS FIELD - define observed - state of cluster Important: Run "make" to regenerat' - type: string - type: object - startTime: - description: Represents time when the job was acknowledged by the - Ray cluster. - format: date-time - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/infrastructure/helm/quantumserverless/charts/operator/crds/ray.io_rayservices.yaml b/infrastructure/helm/quantumserverless/charts/operator/crds/ray.io_rayservices.yaml deleted file mode 100644 index b51c8017b..000000000 --- a/infrastructure/helm/quantumserverless/charts/operator/crds/ray.io_rayservices.yaml +++ /dev/null @@ -1,11897 +0,0 @@ - ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.6.0 - creationTimestamp: null - name: rayservices.ray.io -spec: - group: ray.io - names: - kind: RayService - listKind: RayServiceList - plural: rayservices - singular: rayservice - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: RayService is the Schema for the rayservices API - properties: - apiVersion: - description: APIVersion defines the versioned schema of this representation - of an object. - type: string - kind: - description: Kind is a string value representing the REST resource this - object represents. - type: string - metadata: - type: object - spec: - description: RayServiceSpec defines the desired state of RayService - properties: - deploymentUnhealthySecondThreshold: - format: int32 - type: integer - rayClusterConfig: - description: 'EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN! - NOTE: json tags are required.' - properties: - autoscalerOptions: - description: AutoscalerOptions specifies optional configuration - for the Ray autoscaler. - properties: - env: - description: Optional list of environment variables to set - in the autoscaler container. - items: - description: EnvVar represents an environment variable present - in a Container. - properties: - name: - description: Name of the environment variable. Must - be a C_IDENTIFIER. - type: string - value: - description: Variable references $(VAR_NAME) are expanded - using the previously defined environment variables - in t - type: string - valueFrom: - description: Source for the environment variable's value. - Cannot be used if value is not empty. - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.' - type: string - optional: - description: Specify whether the ConfigMap or - its key must be defined - type: boolean - required: - - key - type: object - fieldRef: - description: 'Selects a field of the pod: supports - metadata.name, metadata.namespace, `metadata.' - properties: - apiVersion: - description: Version of the schema the FieldPath - is written in terms of, defaults to "v1". - type: string - fieldPath: - description: Path of the field to select in - the specified API version. - type: string - required: - - fieldPath - type: object - resourceFieldRef: - description: 'Selects a resource of the container: - only resources limits and requests (limits.cpu, - limits.' - properties: - containerName: - description: 'Container name: required for volumes, - optional for env vars' - type: string - divisor: - anyOf: - - type: integer - - type: string - description: Specifies the output format of - the exposed resources, defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: 'Required: resource to select' - type: string - required: - - resource - type: object - secretKeyRef: - description: Selects a key of a secret in the pod's - namespace - properties: - key: - description: The key of the secret to select - from. Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.' - type: string - optional: - description: Specify whether the Secret or its - key must be defined - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - envFrom: - description: Optional list of sources to populate environment - variables in the autoscaler container. - items: - description: EnvFromSource represents the source of a set - of ConfigMaps - properties: - configMapRef: - description: The ConfigMap to select from - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.' - type: string - optional: - description: Specify whether the ConfigMap must - be defined - type: boolean - type: object - prefix: - description: An optional identifier to prepend to each - key in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.' - type: string - optional: - description: Specify whether the Secret must be - defined - type: boolean - type: object - type: object - type: array - idleTimeoutSeconds: - description: IdleTimeoutSeconds is the number of seconds to - wait before scaling down a worker pod which is not us - format: int32 - type: integer - image: - description: Image optionally overrides the autoscaler's container - image. - type: string - imagePullPolicy: - description: ImagePullPolicy optionally overrides the autoscaler - container's image pull policy. - type: string - resources: - description: Resources specifies optional resource request - and limit overrides for the autoscaler container. - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.' - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: Requests describes the minimum amount of - compute resources required. - type: object - type: object - upscalingMode: - description: UpscalingMode is "Conservative", "Default", or - "Aggressive. - enum: - - Default - - Aggressive - - Conservative - type: string - type: object - enableInTreeAutoscaling: - description: EnableInTreeAutoscaling indicates whether operator - should create in tree autoscaling configs - type: boolean - headGroupSpec: - description: 'INSERT ADDITIONAL SPEC FIELDS - desired state of - cluster Important: Run "make" to regenerate code af' - properties: - enableIngress: - description: EnableIngress indicates whether operator should - create ingress object for head service or not. - type: boolean - rayStartParams: - additionalProperties: - type: string - description: 'RayStartParams are the params of the start command: - node-manager-port, object-store-memory, ...' - type: object - replicas: - description: HeadGroupSpec.Replicas is deprecated and ignored; - there can only be one head pod per Ray cluster. - format: int32 - type: integer - serviceType: - description: ServiceType is Kubernetes service type of the - head service. - type: string - template: - description: Template is the eaxct pod template used in K8s - depoyments, statefulsets, etc. - properties: - metadata: - description: 'Standard object''s metadata. More info: - https://git.k8s.' - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - description: 'Specification of the desired behavior of - the pod. More info: https://git.k8s.' - properties: - activeDeadlineSeconds: - description: Optional duration in seconds the pod - may be active on the node relative to StartTime - before the syst - format: int64 - type: integer - affinity: - description: If specified, the pod's scheduling constraints - properties: - nodeAffinity: - description: Describes node affinity scheduling - rules for the pod. - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: 'The scheduler will prefer to - schedule pods to nodes that satisfy the - affinity expressions specified ' - items: - description: An empty preferred scheduling - term matches all objects with implicit - weight 0 (i.e. it's a no-op). - properties: - preference: - description: A node selector term, associated - with the corresponding weight. - properties: - matchExpressions: - description: A list of node selector - requirements by node's labels. - items: - description: 'A node selector - requirement is a selector that - contains values, a key, and - an operator that relates ' - properties: - key: - description: The label key - that the selector applies - to. - type: string - operator: - description: Represents a - key's relationship to a - set of values. - type: string - values: - description: An array of string - values. If the operator - is In or NotIn, the values - array must be non-empty. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - description: A list of node selector - requirements by node's fields. - items: - description: 'A node selector - requirement is a selector that - contains values, a key, and - an operator that relates ' - properties: - key: - description: The label key - that the selector applies - to. - type: string - operator: - description: Represents a - key's relationship to a - set of values. - type: string - values: - description: An array of string - values. If the operator - is In or NotIn, the values - array must be non-empty. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - weight: - description: Weight associated with - matching the corresponding nodeSelectorTerm, - in the range 1-100. - format: int32 - type: integer - required: - - preference - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements - specified by this field are not met at scheduling - time, the pod will no - properties: - nodeSelectorTerms: - description: Required. A list of node - selector terms. The terms are ORed. - items: - description: A null or empty node selector - term matches no objects. The requirements - of them are ANDed. - properties: - matchExpressions: - description: A list of node selector - requirements by node's labels. - items: - description: 'A node selector - requirement is a selector that - contains values, a key, and - an operator that relates ' - properties: - key: - description: The label key - that the selector applies - to. - type: string - operator: - description: Represents a - key's relationship to a - set of values. - type: string - values: - description: An array of string - values. If the operator - is In or NotIn, the values - array must be non-empty. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - description: A list of node selector - requirements by node's fields. - items: - description: 'A node selector - requirement is a selector that - contains values, a key, and - an operator that relates ' - properties: - key: - description: The label key - that the selector applies - to. - type: string - operator: - description: Represents a - key's relationship to a - set of values. - type: string - values: - description: An array of string - values. If the operator - is In or NotIn, the values - array must be non-empty. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - type: array - required: - - nodeSelectorTerms - type: object - type: object - podAffinity: - description: Describes pod affinity scheduling - rules (e.g. co-locate this pod in the same node, - zone, etc. - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: 'The scheduler will prefer to - schedule pods to nodes that satisfy the - affinity expressions specified ' - items: - description: The weights of all of the matched - WeightedPodAffinityTerm fields are added - per-node to find the most - properties: - podAffinityTerm: - description: Required. A pod affinity - term, associated with the corresponding - weight. - properties: - labelSelector: - description: A label query over - a set of resources, in this case - pods. - properties: - matchExpressions: - description: matchExpressions - is a list of label selector - requirements. The requirements - are ANDed. - items: - description: A label selector - requirement is a selector - that contains values, a - key, and an operator that - relates - properties: - key: - description: key is the - label key that the selector - applies to. - type: string - operator: - description: operator - represents a key's relationship - to a set of values. - type: string - values: - description: values is - an array of string values. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is - a map of {key,value} pairs. - type: object - type: object - namespaceSelector: - description: A label query over - the set of namespaces that the - term applies to. - properties: - matchExpressions: - description: matchExpressions - is a list of label selector - requirements. The requirements - are ANDed. - items: - description: A label selector - requirement is a selector - that contains values, a - key, and an operator that - relates - properties: - key: - description: key is the - label key that the selector - applies to. - type: string - operator: - description: operator - represents a key's relationship - to a set of values. - type: string - values: - description: values is - an array of string values. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is - a map of {key,value} pairs. - type: object - type: object - namespaces: - description: namespaces specifies - a static list of namespace names - that the term applies to. - items: - type: string - type: array - topologyKey: - description: This pod should be - co-located (affinity) or not co-located - (anti-affinity) with the pods - matching th - type: string - required: - - topologyKey - type: object - weight: - description: weight associated with - matching the corresponding podAffinityTerm, - in the range 1-100. - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements - specified by this field are not met at scheduling - time, the pod will no - items: - description: Defines a set of pods (namely - those matching the labelSelector relative - to the given namespace(s)) t - properties: - labelSelector: - description: A label query over a set - of resources, in this case pods. - properties: - matchExpressions: - description: matchExpressions is - a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector - requirement is a selector that - contains values, a key, and - an operator that relates - properties: - key: - description: key is the label - key that the selector applies - to. - type: string - operator: - description: operator represents - a key's relationship to - a set of values. - type: string - values: - description: values is an - array of string values. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map - of {key,value} pairs. - type: object - type: object - namespaceSelector: - description: A label query over the - set of namespaces that the term applies - to. - properties: - matchExpressions: - description: matchExpressions is - a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector - requirement is a selector that - contains values, a key, and - an operator that relates - properties: - key: - description: key is the label - key that the selector applies - to. - type: string - operator: - description: operator represents - a key's relationship to - a set of values. - type: string - values: - description: values is an - array of string values. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map - of {key,value} pairs. - type: object - type: object - namespaces: - description: namespaces specifies a - static list of namespace names that - the term applies to. - items: - type: string - type: array - topologyKey: - description: This pod should be co-located - (affinity) or not co-located (anti-affinity) - with the pods matching th - type: string - required: - - topologyKey - type: object - type: array - type: object - podAntiAffinity: - description: Describes pod anti-affinity scheduling - rules (e.g. - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to - schedule pods to nodes that satisfy the - anti-affinity expressions speci - items: - description: The weights of all of the matched - WeightedPodAffinityTerm fields are added - per-node to find the most - properties: - podAffinityTerm: - description: Required. A pod affinity - term, associated with the corresponding - weight. - properties: - labelSelector: - description: A label query over - a set of resources, in this case - pods. - properties: - matchExpressions: - description: matchExpressions - is a list of label selector - requirements. The requirements - are ANDed. - items: - description: A label selector - requirement is a selector - that contains values, a - key, and an operator that - relates - properties: - key: - description: key is the - label key that the selector - applies to. - type: string - operator: - description: operator - represents a key's relationship - to a set of values. - type: string - values: - description: values is - an array of string values. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is - a map of {key,value} pairs. - type: object - type: object - namespaceSelector: - description: A label query over - the set of namespaces that the - term applies to. - properties: - matchExpressions: - description: matchExpressions - is a list of label selector - requirements. The requirements - are ANDed. - items: - description: A label selector - requirement is a selector - that contains values, a - key, and an operator that - relates - properties: - key: - description: key is the - label key that the selector - applies to. - type: string - operator: - description: operator - represents a key's relationship - to a set of values. - type: string - values: - description: values is - an array of string values. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is - a map of {key,value} pairs. - type: object - type: object - namespaces: - description: namespaces specifies - a static list of namespace names - that the term applies to. - items: - type: string - type: array - topologyKey: - description: This pod should be - co-located (affinity) or not co-located - (anti-affinity) with the pods - matching th - type: string - required: - - topologyKey - type: object - weight: - description: weight associated with - matching the corresponding podAffinityTerm, - in the range 1-100. - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: If the anti-affinity requirements - specified by this field are not met at scheduling - time, the pod wi - items: - description: Defines a set of pods (namely - those matching the labelSelector relative - to the given namespace(s)) t - properties: - labelSelector: - description: A label query over a set - of resources, in this case pods. - properties: - matchExpressions: - description: matchExpressions is - a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector - requirement is a selector that - contains values, a key, and - an operator that relates - properties: - key: - description: key is the label - key that the selector applies - to. - type: string - operator: - description: operator represents - a key's relationship to - a set of values. - type: string - values: - description: values is an - array of string values. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map - of {key,value} pairs. - type: object - type: object - namespaceSelector: - description: A label query over the - set of namespaces that the term applies - to. - properties: - matchExpressions: - description: matchExpressions is - a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector - requirement is a selector that - contains values, a key, and - an operator that relates - properties: - key: - description: key is the label - key that the selector applies - to. - type: string - operator: - description: operator represents - a key's relationship to - a set of values. - type: string - values: - description: values is an - array of string values. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map - of {key,value} pairs. - type: object - type: object - namespaces: - description: namespaces specifies a - static list of namespace names that - the term applies to. - items: - type: string - type: array - topologyKey: - description: This pod should be co-located - (affinity) or not co-located (anti-affinity) - with the pods matching th - type: string - required: - - topologyKey - type: object - type: array - type: object - type: object - automountServiceAccountToken: - description: AutomountServiceAccountToken indicates - whether a service account token should be automatically - mount - type: boolean - containers: - description: List of containers belonging to the pod. - Containers cannot currently be added or removed. - items: - description: A single application container that - you want to run within a pod. - properties: - args: - description: Arguments to the entrypoint. The - docker image's CMD is used if this is not - provided. - items: - type: string - type: array - command: - description: Entrypoint array. Not executed - within a shell. - items: - type: string - type: array - env: - description: List of environment variables to - set in the container. Cannot be updated. - items: - description: EnvVar represents an environment - variable present in a Container. - properties: - name: - description: Name of the environment variable. - Must be a C_IDENTIFIER. - type: string - value: - description: Variable references $(VAR_NAME) - are expanded using the previously defined - environment variables in t - type: string - valueFrom: - description: Source for the environment - variable's value. Cannot be used if - value is not empty. - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether the - ConfigMap or its key must be - defined - type: boolean - required: - - key - type: object - fieldRef: - description: 'Selects a field of the - pod: supports metadata.name, metadata.namespace, - `metadata.' - properties: - apiVersion: - description: Version of the schema - the FieldPath is written in - terms of, defaults to "v1". - type: string - fieldPath: - description: Path of the field - to select in the specified API - version. - type: string - required: - - fieldPath - type: object - resourceFieldRef: - description: 'Selects a resource of - the container: only resources limits - and requests (limits.cpu, limits.' - properties: - containerName: - description: 'Container name: - required for volumes, optional - for env vars' - type: string - divisor: - anyOf: - - type: integer - - type: string - description: Specifies the output - format of the exposed resources, - defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: 'Required: resource - to select' - type: string - required: - - resource - type: object - secretKeyRef: - description: Selects a key of a secret - in the pod's namespace - properties: - key: - description: The key of the secret - to select from. Must be a valid - secret key. - type: string - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether the - Secret or its key must be defined - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - envFrom: - description: List of sources to populate environment - variables in the container. - items: - description: EnvFromSource represents the - source of a set of ConfigMaps - properties: - configMapRef: - description: The ConfigMap to select from - properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether the ConfigMap - must be defined - type: boolean - type: object - prefix: - description: An optional identifier to - prepend to each key in the ConfigMap. - Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether the Secret - must be defined - type: boolean - type: object - type: object - type: array - image: - description: 'Docker image name. More info: - https://kubernetes.' - type: string - imagePullPolicy: - description: Image pull policy. One of Always, - Never, IfNotPresent. - type: string - lifecycle: - description: Actions that the management system - should take in response to container lifecycle - events. - properties: - postStart: - description: PostStart is called immediately - after a container is created. - properties: - exec: - description: Exec specifies the action - to take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the - command ' - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect - to, defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set - in the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in - HTTP probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the - HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the - port to access on the container. - Number must be in the range 1 - to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - tcpSocket: - description: Deprecated. - properties: - host: - description: 'Optional: Host name - to connect to, defaults to the - pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the - port to access on the container. - Number must be in the range 1 - to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - preStop: - description: PreStop is called immediately - before a container is terminated due to - an API request or management e - properties: - exec: - description: Exec specifies the action - to take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the - command ' - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect - to, defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set - in the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in - HTTP probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the - HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the - port to access on the container. - Number must be in the range 1 - to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - tcpSocket: - description: Deprecated. - properties: - host: - description: 'Optional: Host name - to connect to, defaults to the - pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the - port to access on the container. - Number must be in the range 1 - to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - type: object - livenessProbe: - description: Periodic probe of container liveness. - Container will be restarted if the probe fails. - properties: - exec: - description: Exec specifies the action to - take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the command ' - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures - for the probe to be considered failed - after having succeeded. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving - a GRPC port. - properties: - port: - description: Port number of the gRPC - service. Number must be in the range - 1 to 65535. - format: int32 - type: integer - service: - description: Service is the name of - the service to place in the gRPC HealthCheckRequest - (see https://github. - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect to, - defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set in - the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in HTTP - probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP - server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port - to access on the container. Number - must be in the range 1 to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: Number of seconds after the - container has started before liveness - probes are initiated. - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform - the probe. Default to 10 seconds. Minimum - value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes - for the probe to be considered successful - after having failed. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action - involving a TCP port. - properties: - host: - description: 'Optional: Host name to - connect to, defaults to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port - to access on the container. Number - must be in the range 1 to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds - the pod needs to terminate gracefully - upon probe failure. - format: int64 - type: integer - timeoutSeconds: - description: Number of seconds after which - the probe times out. Defaults to 1 second. - Minimum value is 1. - format: int32 - type: integer - type: object - name: - description: Name of the container specified - as a DNS_LABEL. - type: string - ports: - description: List of ports to expose from the - container. - items: - description: ContainerPort represents a network - port in a single container. - properties: - containerPort: - description: Number of port to expose - on the pod's IP address. This must be - a valid port number, 0 < x < 65536. - format: int32 - type: integer - hostIP: - description: What host IP to bind the - external port to. - type: string - hostPort: - description: Number of port to expose - on the host. If specified, this must - be a valid port number, 0 < x < 65536. - format: int32 - type: integer - name: - description: If specified, this must be - an IANA_SVC_NAME and unique within the - pod. - type: string - protocol: - default: TCP - description: Protocol for port. Must be - UDP, TCP, or SCTP. Defaults to "TCP". - type: string - required: - - containerPort - type: object - type: array - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: Periodic probe of container service - readiness. - properties: - exec: - description: Exec specifies the action to - take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the command ' - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures - for the probe to be considered failed - after having succeeded. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving - a GRPC port. - properties: - port: - description: Port number of the gRPC - service. Number must be in the range - 1 to 65535. - format: int32 - type: integer - service: - description: Service is the name of - the service to place in the gRPC HealthCheckRequest - (see https://github. - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect to, - defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set in - the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in HTTP - probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP - server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port - to access on the container. Number - must be in the range 1 to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: Number of seconds after the - container has started before liveness - probes are initiated. - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform - the probe. Default to 10 seconds. Minimum - value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes - for the probe to be considered successful - after having failed. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action - involving a TCP port. - properties: - host: - description: 'Optional: Host name to - connect to, defaults to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port - to access on the container. Number - must be in the range 1 to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds - the pod needs to terminate gracefully - upon probe failure. - format: int64 - type: integer - timeoutSeconds: - description: Number of seconds after which - the probe times out. Defaults to 1 second. - Minimum value is 1. - format: int32 - type: integer - type: object - resources: - description: 'Compute Resources required by - this container. Cannot be updated. More info: - https://kubernetes.' - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Limits describes the maximum - amount of compute resources allowed. More - info: https://kubernetes.' - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: Requests describes the minimum - amount of compute resources required. - type: object - type: object - securityContext: - description: SecurityContext defines the security - options the container should be run with. - properties: - allowPrivilegeEscalation: - description: AllowPrivilegeEscalation controls - whether a process can gain more privileges - than its parent process - type: boolean - capabilities: - description: The capabilities to add/drop - when running containers. - properties: - add: - description: Added capabilities - items: - description: Capability represent - POSIX capabilities type - type: string - type: array - drop: - description: Removed capabilities - items: - description: Capability represent - POSIX capabilities type - type: string - type: array - type: object - privileged: - description: Run container in privileged - mode. - type: boolean - procMount: - description: procMount denotes the type - of proc mount to use for the containers. - type: string - readOnlyRootFilesystem: - description: Whether this container has - a read-only root filesystem. Default is - false. - type: boolean - runAsGroup: - description: The GID to run the entrypoint - of the container process. Uses runtime - default if unset. - format: int64 - type: integer - runAsNonRoot: - description: Indicates that the container - must run as a non-root user. - type: boolean - runAsUser: - description: The UID to run the entrypoint - of the container process. - format: int64 - type: integer - seLinuxOptions: - description: The SELinux context to be applied - to the container. - properties: - level: - description: Level is SELinux level - label that applies to the container. - type: string - role: - description: Role is a SELinux role - label that applies to the container. - type: string - type: - description: Type is a SELinux type - label that applies to the container. - type: string - user: - description: User is a SELinux user - label that applies to the container. - type: string - type: object - seccompProfile: - description: The seccomp options to use - by this container. - properties: - localhostProfile: - description: localhostProfile indicates - a profile defined in a file on the - node should be used. - type: string - type: - description: type indicates which kind - of seccomp profile will be applied. - type: string - required: - - type - type: object - windowsOptions: - description: The Windows specific settings - applied to all containers. - properties: - gmsaCredentialSpec: - description: GMSACredentialSpec is where - the GMSA admission webhook (https://github. - type: string - gmsaCredentialSpecName: - description: GMSACredentialSpecName - is the name of the GMSA credential - spec to use. - type: string - hostProcess: - description: HostProcess determines - if a container should be run as a - 'Host Process' container. - type: boolean - runAsUserName: - description: The UserName in Windows - to run the entrypoint of the container - process. - type: string - type: object - type: object - startupProbe: - description: StartupProbe indicates that the - Pod has successfully initialized. - properties: - exec: - description: Exec specifies the action to - take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the command ' - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures - for the probe to be considered failed - after having succeeded. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving - a GRPC port. - properties: - port: - description: Port number of the gRPC - service. Number must be in the range - 1 to 65535. - format: int32 - type: integer - service: - description: Service is the name of - the service to place in the gRPC HealthCheckRequest - (see https://github. - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect to, - defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set in - the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in HTTP - probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP - server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port - to access on the container. Number - must be in the range 1 to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: Number of seconds after the - container has started before liveness - probes are initiated. - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform - the probe. Default to 10 seconds. Minimum - value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes - for the probe to be considered successful - after having failed. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action - involving a TCP port. - properties: - host: - description: 'Optional: Host name to - connect to, defaults to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port - to access on the container. Number - must be in the range 1 to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds - the pod needs to terminate gracefully - upon probe failure. - format: int64 - type: integer - timeoutSeconds: - description: Number of seconds after which - the probe times out. Defaults to 1 second. - Minimum value is 1. - format: int32 - type: integer - type: object - stdin: - description: Whether this container should allocate - a buffer for stdin in the container runtime. - type: boolean - stdinOnce: - description: Whether the container runtime should - close the stdin channel after it has been - opened by a single at - type: boolean - terminationMessagePath: - description: 'Optional: Path at which the file - to which the container''s termination message - will be written is mou' - type: string - terminationMessagePolicy: - description: Indicate how the termination message - should be populated. - type: string - tty: - description: Whether this container should allocate - a TTY for itself, also requires 'stdin' to - be true. - type: boolean - volumeDevices: - description: volumeDevices is the list of block - devices to be used by the container. - items: - description: volumeDevice describes a mapping - of a raw block device within a container. - properties: - devicePath: - description: devicePath is the path inside - of the container that the device will - be mapped to. - type: string - name: - description: name must match the name - of a persistentVolumeClaim in the pod - type: string - required: - - devicePath - - name - type: object - type: array - volumeMounts: - description: Pod volumes to mount into the container's - filesystem. Cannot be updated. - items: - description: VolumeMount describes a mounting - of a Volume within a container. - properties: - mountPath: - description: Path within the container - at which the volume should be mounted. Must - not contain ':'. - type: string - mountPropagation: - description: mountPropagation determines - how mounts are propagated from the host - to container and the other way a - type: string - name: - description: This must match the Name - of a Volume. - type: string - readOnly: - description: Mounted read-only if true, - read-write otherwise (false or unspecified). - Defaults to false. - type: boolean - subPath: - description: Path within the volume from - which the container's volume should - be mounted. - type: string - subPathExpr: - description: Expanded path within the - volume from which the container's volume - should be mounted. - type: string - required: - - mountPath - - name - type: object - type: array - workingDir: - description: Container's working directory. - type: string - required: - - name - type: object - type: array - dnsConfig: - description: Specifies the DNS parameters of a pod. - properties: - nameservers: - description: A list of DNS name server IP addresses. - items: - type: string - type: array - options: - description: A list of DNS resolver options. This - will be merged with the base options generated - from DNSPolicy. - items: - description: PodDNSConfigOption defines DNS - resolver options of a pod. - properties: - name: - description: Required. - type: string - value: - type: string - type: object - type: array - searches: - description: A list of DNS search domains for - host-name lookup. - items: - type: string - type: array - type: object - dnsPolicy: - description: Set DNS policy for the pod. Defaults - to "ClusterFirst". - type: string - enableServiceLinks: - description: EnableServiceLinks indicates whether - information about services should be injected into - pod's enviro - type: boolean - ephemeralContainers: - description: List of ephemeral containers run in this - pod. - items: - description: An EphemeralContainer is a temporary - container that you may add to an existing Pod - for user-initiate - properties: - args: - description: Arguments to the entrypoint. The - docker image's CMD is used if this is not - provided. - items: - type: string - type: array - command: - description: Entrypoint array. Not executed - within a shell. - items: - type: string - type: array - env: - description: List of environment variables to - set in the container. Cannot be updated. - items: - description: EnvVar represents an environment - variable present in a Container. - properties: - name: - description: Name of the environment variable. - Must be a C_IDENTIFIER. - type: string - value: - description: Variable references $(VAR_NAME) - are expanded using the previously defined - environment variables in t - type: string - valueFrom: - description: Source for the environment - variable's value. Cannot be used if - value is not empty. - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether the - ConfigMap or its key must be - defined - type: boolean - required: - - key - type: object - fieldRef: - description: 'Selects a field of the - pod: supports metadata.name, metadata.namespace, - `metadata.' - properties: - apiVersion: - description: Version of the schema - the FieldPath is written in - terms of, defaults to "v1". - type: string - fieldPath: - description: Path of the field - to select in the specified API - version. - type: string - required: - - fieldPath - type: object - resourceFieldRef: - description: 'Selects a resource of - the container: only resources limits - and requests (limits.cpu, limits.' - properties: - containerName: - description: 'Container name: - required for volumes, optional - for env vars' - type: string - divisor: - anyOf: - - type: integer - - type: string - description: Specifies the output - format of the exposed resources, - defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: 'Required: resource - to select' - type: string - required: - - resource - type: object - secretKeyRef: - description: Selects a key of a secret - in the pod's namespace - properties: - key: - description: The key of the secret - to select from. Must be a valid - secret key. - type: string - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether the - Secret or its key must be defined - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - envFrom: - description: List of sources to populate environment - variables in the container. - items: - description: EnvFromSource represents the - source of a set of ConfigMaps - properties: - configMapRef: - description: The ConfigMap to select from - properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether the ConfigMap - must be defined - type: boolean - type: object - prefix: - description: An optional identifier to - prepend to each key in the ConfigMap. - Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether the Secret - must be defined - type: boolean - type: object - type: object - type: array - image: - description: 'Docker image name. More info: - https://kubernetes.io/docs/concepts/containers/images' - type: string - imagePullPolicy: - description: Image pull policy. One of Always, - Never, IfNotPresent. - type: string - lifecycle: - description: Lifecycle is not allowed for ephemeral - containers. - properties: - postStart: - description: PostStart is called immediately - after a container is created. - properties: - exec: - description: Exec specifies the action - to take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the - command ' - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect - to, defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set - in the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in - HTTP probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the - HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the - port to access on the container. - Number must be in the range 1 - to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - tcpSocket: - description: Deprecated. - properties: - host: - description: 'Optional: Host name - to connect to, defaults to the - pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the - port to access on the container. - Number must be in the range 1 - to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - preStop: - description: PreStop is called immediately - before a container is terminated due to - an API request or management e - properties: - exec: - description: Exec specifies the action - to take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the - command ' - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect - to, defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set - in the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in - HTTP probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the - HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the - port to access on the container. - Number must be in the range 1 - to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - tcpSocket: - description: Deprecated. - properties: - host: - description: 'Optional: Host name - to connect to, defaults to the - pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the - port to access on the container. - Number must be in the range 1 - to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - type: object - livenessProbe: - description: Probes are not allowed for ephemeral - containers. - properties: - exec: - description: Exec specifies the action to - take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the command ' - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures - for the probe to be considered failed - after having succeeded. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving - a GRPC port. - properties: - port: - description: Port number of the gRPC - service. Number must be in the range - 1 to 65535. - format: int32 - type: integer - service: - description: Service is the name of - the service to place in the gRPC HealthCheckRequest - (see https://github. - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect to, - defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set in - the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in HTTP - probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP - server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port - to access on the container. Number - must be in the range 1 to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: Number of seconds after the - container has started before liveness - probes are initiated. - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform - the probe. Default to 10 seconds. Minimum - value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes - for the probe to be considered successful - after having failed. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action - involving a TCP port. - properties: - host: - description: 'Optional: Host name to - connect to, defaults to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port - to access on the container. Number - must be in the range 1 to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds - the pod needs to terminate gracefully - upon probe failure. - format: int64 - type: integer - timeoutSeconds: - description: Number of seconds after which - the probe times out. Defaults to 1 second. - Minimum value is 1. - format: int32 - type: integer - type: object - name: - description: Name of the ephemeral container - specified as a DNS_LABEL. - type: string - ports: - description: Ports are not allowed for ephemeral - containers. - items: - description: ContainerPort represents a network - port in a single container. - properties: - containerPort: - description: Number of port to expose - on the pod's IP address. This must be - a valid port number, 0 < x < 65536. - format: int32 - type: integer - hostIP: - description: What host IP to bind the - external port to. - type: string - hostPort: - description: Number of port to expose - on the host. If specified, this must - be a valid port number, 0 < x < 65536. - format: int32 - type: integer - name: - description: If specified, this must be - an IANA_SVC_NAME and unique within the - pod. - type: string - protocol: - default: TCP - description: Protocol for port. Must be - UDP, TCP, or SCTP. Defaults to "TCP". - type: string - required: - - containerPort - type: object - type: array - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: Probes are not allowed for ephemeral - containers. - properties: - exec: - description: Exec specifies the action to - take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the command ' - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures - for the probe to be considered failed - after having succeeded. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving - a GRPC port. - properties: - port: - description: Port number of the gRPC - service. Number must be in the range - 1 to 65535. - format: int32 - type: integer - service: - description: Service is the name of - the service to place in the gRPC HealthCheckRequest - (see https://github. - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect to, - defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set in - the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in HTTP - probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP - server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port - to access on the container. Number - must be in the range 1 to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: Number of seconds after the - container has started before liveness - probes are initiated. - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform - the probe. Default to 10 seconds. Minimum - value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes - for the probe to be considered successful - after having failed. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action - involving a TCP port. - properties: - host: - description: 'Optional: Host name to - connect to, defaults to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port - to access on the container. Number - must be in the range 1 to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds - the pod needs to terminate gracefully - upon probe failure. - format: int64 - type: integer - timeoutSeconds: - description: Number of seconds after which - the probe times out. Defaults to 1 second. - Minimum value is 1. - format: int32 - type: integer - type: object - resources: - description: Resources are not allowed for ephemeral - containers. - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Limits describes the maximum - amount of compute resources allowed. More - info: https://kubernetes.' - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: Requests describes the minimum - amount of compute resources required. - type: object - type: object - securityContext: - description: 'Optional: SecurityContext defines - the security options the ephemeral container - should be run with.' - properties: - allowPrivilegeEscalation: - description: AllowPrivilegeEscalation controls - whether a process can gain more privileges - than its parent process - type: boolean - capabilities: - description: The capabilities to add/drop - when running containers. - properties: - add: - description: Added capabilities - items: - description: Capability represent - POSIX capabilities type - type: string - type: array - drop: - description: Removed capabilities - items: - description: Capability represent - POSIX capabilities type - type: string - type: array - type: object - privileged: - description: Run container in privileged - mode. - type: boolean - procMount: - description: procMount denotes the type - of proc mount to use for the containers. - type: string - readOnlyRootFilesystem: - description: Whether this container has - a read-only root filesystem. Default is - false. - type: boolean - runAsGroup: - description: The GID to run the entrypoint - of the container process. Uses runtime - default if unset. - format: int64 - type: integer - runAsNonRoot: - description: Indicates that the container - must run as a non-root user. - type: boolean - runAsUser: - description: The UID to run the entrypoint - of the container process. - format: int64 - type: integer - seLinuxOptions: - description: The SELinux context to be applied - to the container. - properties: - level: - description: Level is SELinux level - label that applies to the container. - type: string - role: - description: Role is a SELinux role - label that applies to the container. - type: string - type: - description: Type is a SELinux type - label that applies to the container. - type: string - user: - description: User is a SELinux user - label that applies to the container. - type: string - type: object - seccompProfile: - description: The seccomp options to use - by this container. - properties: - localhostProfile: - description: localhostProfile indicates - a profile defined in a file on the - node should be used. - type: string - type: - description: type indicates which kind - of seccomp profile will be applied. - type: string - required: - - type - type: object - windowsOptions: - description: The Windows specific settings - applied to all containers. - properties: - gmsaCredentialSpec: - description: GMSACredentialSpec is where - the GMSA admission webhook (https://github. - type: string - gmsaCredentialSpecName: - description: GMSACredentialSpecName - is the name of the GMSA credential - spec to use. - type: string - hostProcess: - description: HostProcess determines - if a container should be run as a - 'Host Process' container. - type: boolean - runAsUserName: - description: The UserName in Windows - to run the entrypoint of the container - process. - type: string - type: object - type: object - startupProbe: - description: Probes are not allowed for ephemeral - containers. - properties: - exec: - description: Exec specifies the action to - take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the command ' - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures - for the probe to be considered failed - after having succeeded. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving - a GRPC port. - properties: - port: - description: Port number of the gRPC - service. Number must be in the range - 1 to 65535. - format: int32 - type: integer - service: - description: Service is the name of - the service to place in the gRPC HealthCheckRequest - (see https://github. - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect to, - defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set in - the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in HTTP - probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP - server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port - to access on the container. Number - must be in the range 1 to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: Number of seconds after the - container has started before liveness - probes are initiated. - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform - the probe. Default to 10 seconds. Minimum - value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes - for the probe to be considered successful - after having failed. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action - involving a TCP port. - properties: - host: - description: 'Optional: Host name to - connect to, defaults to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port - to access on the container. Number - must be in the range 1 to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds - the pod needs to terminate gracefully - upon probe failure. - format: int64 - type: integer - timeoutSeconds: - description: Number of seconds after which - the probe times out. Defaults to 1 second. - Minimum value is 1. - format: int32 - type: integer - type: object - stdin: - description: Whether this container should allocate - a buffer for stdin in the container runtime. - type: boolean - stdinOnce: - description: Whether the container runtime should - close the stdin channel after it has been - opened by a single at - type: boolean - targetContainerName: - description: If set, the name of the container - from PodSpec that this ephemeral container - targets. - type: string - terminationMessagePath: - description: 'Optional: Path at which the file - to which the container''s termination message - will be written is mou' - type: string - terminationMessagePolicy: - description: Indicate how the termination message - should be populated. - type: string - tty: - description: Whether this container should allocate - a TTY for itself, also requires 'stdin' to - be true. - type: boolean - volumeDevices: - description: volumeDevices is the list of block - devices to be used by the container. - items: - description: volumeDevice describes a mapping - of a raw block device within a container. - properties: - devicePath: - description: devicePath is the path inside - of the container that the device will - be mapped to. - type: string - name: - description: name must match the name - of a persistentVolumeClaim in the pod - type: string - required: - - devicePath - - name - type: object - type: array - volumeMounts: - description: Pod volumes to mount into the container's - filesystem. - items: - description: VolumeMount describes a mounting - of a Volume within a container. - properties: - mountPath: - description: Path within the container - at which the volume should be mounted. Must - not contain ':'. - type: string - mountPropagation: - description: mountPropagation determines - how mounts are propagated from the host - to container and the other way a - type: string - name: - description: This must match the Name - of a Volume. - type: string - readOnly: - description: Mounted read-only if true, - read-write otherwise (false or unspecified). - Defaults to false. - type: boolean - subPath: - description: Path within the volume from - which the container's volume should - be mounted. - type: string - subPathExpr: - description: Expanded path within the - volume from which the container's volume - should be mounted. - type: string - required: - - mountPath - - name - type: object - type: array - workingDir: - description: Container's working directory. - type: string - required: - - name - type: object - type: array - hostAliases: - description: 'HostAliases is an optional list of hosts - and IPs that will be injected into the pod''s hosts - file if ' - items: - description: 'HostAlias holds the mapping between - IP and hostnames that will be injected as an entry - in the pod''s ' - properties: - hostnames: - description: Hostnames for the above IP address. - items: - type: string - type: array - ip: - description: IP address of the host file entry. - type: string - type: object - type: array - hostIPC: - description: 'Use the host''s ipc namespace. Optional: - Default to false.' - type: boolean - hostNetwork: - description: Host networking requested for this pod. - Use the host's network namespace. - type: boolean - hostPID: - description: 'Use the host''s pid namespace. Optional: - Default to false.' - type: boolean - hostname: - description: Specifies the hostname of the Pod If - not specified, the pod's hostname will be set to - a system-defin - type: string - imagePullSecrets: - description: ImagePullSecrets is an optional list - of references to secrets in the same namespace to - use for pulli - items: - description: 'LocalObjectReference contains enough - information to let you locate the referenced object - inside the ' - properties: - name: - description: 'Name of the referent. More info: - https://kubernetes.' - type: string - type: object - type: array - initContainers: - description: List of initialization containers belonging - to the pod. - items: - description: A single application container that - you want to run within a pod. - properties: - args: - description: Arguments to the entrypoint. The - docker image's CMD is used if this is not - provided. - items: - type: string - type: array - command: - description: Entrypoint array. Not executed - within a shell. - items: - type: string - type: array - env: - description: List of environment variables to - set in the container. Cannot be updated. - items: - description: EnvVar represents an environment - variable present in a Container. - properties: - name: - description: Name of the environment variable. - Must be a C_IDENTIFIER. - type: string - value: - description: Variable references $(VAR_NAME) - are expanded using the previously defined - environment variables in t - type: string - valueFrom: - description: Source for the environment - variable's value. Cannot be used if - value is not empty. - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether the - ConfigMap or its key must be - defined - type: boolean - required: - - key - type: object - fieldRef: - description: 'Selects a field of the - pod: supports metadata.name, metadata.namespace, - `metadata.' - properties: - apiVersion: - description: Version of the schema - the FieldPath is written in - terms of, defaults to "v1". - type: string - fieldPath: - description: Path of the field - to select in the specified API - version. - type: string - required: - - fieldPath - type: object - resourceFieldRef: - description: 'Selects a resource of - the container: only resources limits - and requests (limits.cpu, limits.' - properties: - containerName: - description: 'Container name: - required for volumes, optional - for env vars' - type: string - divisor: - anyOf: - - type: integer - - type: string - description: Specifies the output - format of the exposed resources, - defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: 'Required: resource - to select' - type: string - required: - - resource - type: object - secretKeyRef: - description: Selects a key of a secret - in the pod's namespace - properties: - key: - description: The key of the secret - to select from. Must be a valid - secret key. - type: string - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether the - Secret or its key must be defined - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - envFrom: - description: List of sources to populate environment - variables in the container. - items: - description: EnvFromSource represents the - source of a set of ConfigMaps - properties: - configMapRef: - description: The ConfigMap to select from - properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether the ConfigMap - must be defined - type: boolean - type: object - prefix: - description: An optional identifier to - prepend to each key in the ConfigMap. - Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether the Secret - must be defined - type: boolean - type: object - type: object - type: array - image: - description: 'Docker image name. More info: - https://kubernetes.' - type: string - imagePullPolicy: - description: Image pull policy. One of Always, - Never, IfNotPresent. - type: string - lifecycle: - description: Actions that the management system - should take in response to container lifecycle - events. - properties: - postStart: - description: PostStart is called immediately - after a container is created. - properties: - exec: - description: Exec specifies the action - to take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the - command ' - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect - to, defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set - in the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in - HTTP probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the - HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the - port to access on the container. - Number must be in the range 1 - to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - tcpSocket: - description: Deprecated. - properties: - host: - description: 'Optional: Host name - to connect to, defaults to the - pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the - port to access on the container. - Number must be in the range 1 - to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - preStop: - description: PreStop is called immediately - before a container is terminated due to - an API request or management e - properties: - exec: - description: Exec specifies the action - to take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the - command ' - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect - to, defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set - in the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in - HTTP probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the - HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the - port to access on the container. - Number must be in the range 1 - to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - tcpSocket: - description: Deprecated. - properties: - host: - description: 'Optional: Host name - to connect to, defaults to the - pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the - port to access on the container. - Number must be in the range 1 - to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - type: object - livenessProbe: - description: Periodic probe of container liveness. - Container will be restarted if the probe fails. - properties: - exec: - description: Exec specifies the action to - take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the command ' - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures - for the probe to be considered failed - after having succeeded. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving - a GRPC port. - properties: - port: - description: Port number of the gRPC - service. Number must be in the range - 1 to 65535. - format: int32 - type: integer - service: - description: Service is the name of - the service to place in the gRPC HealthCheckRequest - (see https://github. - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect to, - defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set in - the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in HTTP - probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP - server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port - to access on the container. Number - must be in the range 1 to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: Number of seconds after the - container has started before liveness - probes are initiated. - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform - the probe. Default to 10 seconds. Minimum - value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes - for the probe to be considered successful - after having failed. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action - involving a TCP port. - properties: - host: - description: 'Optional: Host name to - connect to, defaults to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port - to access on the container. Number - must be in the range 1 to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds - the pod needs to terminate gracefully - upon probe failure. - format: int64 - type: integer - timeoutSeconds: - description: Number of seconds after which - the probe times out. Defaults to 1 second. - Minimum value is 1. - format: int32 - type: integer - type: object - name: - description: Name of the container specified - as a DNS_LABEL. - type: string - ports: - description: List of ports to expose from the - container. - items: - description: ContainerPort represents a network - port in a single container. - properties: - containerPort: - description: Number of port to expose - on the pod's IP address. This must be - a valid port number, 0 < x < 65536. - format: int32 - type: integer - hostIP: - description: What host IP to bind the - external port to. - type: string - hostPort: - description: Number of port to expose - on the host. If specified, this must - be a valid port number, 0 < x < 65536. - format: int32 - type: integer - name: - description: If specified, this must be - an IANA_SVC_NAME and unique within the - pod. - type: string - protocol: - default: TCP - description: Protocol for port. Must be - UDP, TCP, or SCTP. Defaults to "TCP". - type: string - required: - - containerPort - type: object - type: array - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: Periodic probe of container service - readiness. - properties: - exec: - description: Exec specifies the action to - take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the command ' - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures - for the probe to be considered failed - after having succeeded. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving - a GRPC port. - properties: - port: - description: Port number of the gRPC - service. Number must be in the range - 1 to 65535. - format: int32 - type: integer - service: - description: Service is the name of - the service to place in the gRPC HealthCheckRequest - (see https://github. - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect to, - defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set in - the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in HTTP - probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP - server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port - to access on the container. Number - must be in the range 1 to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: Number of seconds after the - container has started before liveness - probes are initiated. - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform - the probe. Default to 10 seconds. Minimum - value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes - for the probe to be considered successful - after having failed. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action - involving a TCP port. - properties: - host: - description: 'Optional: Host name to - connect to, defaults to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port - to access on the container. Number - must be in the range 1 to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds - the pod needs to terminate gracefully - upon probe failure. - format: int64 - type: integer - timeoutSeconds: - description: Number of seconds after which - the probe times out. Defaults to 1 second. - Minimum value is 1. - format: int32 - type: integer - type: object - resources: - description: 'Compute Resources required by - this container. Cannot be updated. More info: - https://kubernetes.' - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Limits describes the maximum - amount of compute resources allowed. More - info: https://kubernetes.' - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: Requests describes the minimum - amount of compute resources required. - type: object - type: object - securityContext: - description: SecurityContext defines the security - options the container should be run with. - properties: - allowPrivilegeEscalation: - description: AllowPrivilegeEscalation controls - whether a process can gain more privileges - than its parent process - type: boolean - capabilities: - description: The capabilities to add/drop - when running containers. - properties: - add: - description: Added capabilities - items: - description: Capability represent - POSIX capabilities type - type: string - type: array - drop: - description: Removed capabilities - items: - description: Capability represent - POSIX capabilities type - type: string - type: array - type: object - privileged: - description: Run container in privileged - mode. - type: boolean - procMount: - description: procMount denotes the type - of proc mount to use for the containers. - type: string - readOnlyRootFilesystem: - description: Whether this container has - a read-only root filesystem. Default is - false. - type: boolean - runAsGroup: - description: The GID to run the entrypoint - of the container process. Uses runtime - default if unset. - format: int64 - type: integer - runAsNonRoot: - description: Indicates that the container - must run as a non-root user. - type: boolean - runAsUser: - description: The UID to run the entrypoint - of the container process. - format: int64 - type: integer - seLinuxOptions: - description: The SELinux context to be applied - to the container. - properties: - level: - description: Level is SELinux level - label that applies to the container. - type: string - role: - description: Role is a SELinux role - label that applies to the container. - type: string - type: - description: Type is a SELinux type - label that applies to the container. - type: string - user: - description: User is a SELinux user - label that applies to the container. - type: string - type: object - seccompProfile: - description: The seccomp options to use - by this container. - properties: - localhostProfile: - description: localhostProfile indicates - a profile defined in a file on the - node should be used. - type: string - type: - description: type indicates which kind - of seccomp profile will be applied. - type: string - required: - - type - type: object - windowsOptions: - description: The Windows specific settings - applied to all containers. - properties: - gmsaCredentialSpec: - description: GMSACredentialSpec is where - the GMSA admission webhook (https://github. - type: string - gmsaCredentialSpecName: - description: GMSACredentialSpecName - is the name of the GMSA credential - spec to use. - type: string - hostProcess: - description: HostProcess determines - if a container should be run as a - 'Host Process' container. - type: boolean - runAsUserName: - description: The UserName in Windows - to run the entrypoint of the container - process. - type: string - type: object - type: object - startupProbe: - description: StartupProbe indicates that the - Pod has successfully initialized. - properties: - exec: - description: Exec specifies the action to - take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the command ' - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures - for the probe to be considered failed - after having succeeded. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving - a GRPC port. - properties: - port: - description: Port number of the gRPC - service. Number must be in the range - 1 to 65535. - format: int32 - type: integer - service: - description: Service is the name of - the service to place in the gRPC HealthCheckRequest - (see https://github. - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect to, - defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set in - the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in HTTP - probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP - server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port - to access on the container. Number - must be in the range 1 to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: Number of seconds after the - container has started before liveness - probes are initiated. - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform - the probe. Default to 10 seconds. Minimum - value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes - for the probe to be considered successful - after having failed. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action - involving a TCP port. - properties: - host: - description: 'Optional: Host name to - connect to, defaults to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port - to access on the container. Number - must be in the range 1 to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds - the pod needs to terminate gracefully - upon probe failure. - format: int64 - type: integer - timeoutSeconds: - description: Number of seconds after which - the probe times out. Defaults to 1 second. - Minimum value is 1. - format: int32 - type: integer - type: object - stdin: - description: Whether this container should allocate - a buffer for stdin in the container runtime. - type: boolean - stdinOnce: - description: Whether the container runtime should - close the stdin channel after it has been - opened by a single at - type: boolean - terminationMessagePath: - description: 'Optional: Path at which the file - to which the container''s termination message - will be written is mou' - type: string - terminationMessagePolicy: - description: Indicate how the termination message - should be populated. - type: string - tty: - description: Whether this container should allocate - a TTY for itself, also requires 'stdin' to - be true. - type: boolean - volumeDevices: - description: volumeDevices is the list of block - devices to be used by the container. - items: - description: volumeDevice describes a mapping - of a raw block device within a container. - properties: - devicePath: - description: devicePath is the path inside - of the container that the device will - be mapped to. - type: string - name: - description: name must match the name - of a persistentVolumeClaim in the pod - type: string - required: - - devicePath - - name - type: object - type: array - volumeMounts: - description: Pod volumes to mount into the container's - filesystem. Cannot be updated. - items: - description: VolumeMount describes a mounting - of a Volume within a container. - properties: - mountPath: - description: Path within the container - at which the volume should be mounted. Must - not contain ':'. - type: string - mountPropagation: - description: mountPropagation determines - how mounts are propagated from the host - to container and the other way a - type: string - name: - description: This must match the Name - of a Volume. - type: string - readOnly: - description: Mounted read-only if true, - read-write otherwise (false or unspecified). - Defaults to false. - type: boolean - subPath: - description: Path within the volume from - which the container's volume should - be mounted. - type: string - subPathExpr: - description: Expanded path within the - volume from which the container's volume - should be mounted. - type: string - required: - - mountPath - - name - type: object - type: array - workingDir: - description: Container's working directory. - type: string - required: - - name - type: object - type: array - nodeName: - description: NodeName is a request to schedule this - pod onto a specific node. - type: string - nodeSelector: - additionalProperties: - type: string - description: NodeSelector is a selector which must - be true for the pod to fit on a node. - type: object - x-kubernetes-map-type: atomic - os: - description: Specifies the OS of the containers in - the pod. - properties: - name: - description: Name is the name of the operating - system. The currently supported values are linux - and windows. - type: string - required: - - name - type: object - overhead: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: Overhead represents the resource overhead - associated with running a pod for a given RuntimeClass. - type: object - preemptionPolicy: - description: PreemptionPolicy is the Policy for preempting - pods with lower priority. - type: string - priority: - description: The priority value. Various system components - use this field to find the priority of the pod. - format: int32 - type: integer - priorityClassName: - description: If specified, indicates the pod's priority. - type: string - readinessGates: - description: If specified, all readiness gates will - be evaluated for pod readiness. - items: - description: PodReadinessGate contains the reference - to a pod condition - properties: - conditionType: - description: ConditionType refers to a condition - in the pod's condition list with matching - type. - type: string - required: - - conditionType - type: object - type: array - restartPolicy: - description: Restart policy for all containers within - the pod. One of Always, OnFailure, Never. - type: string - runtimeClassName: - description: RuntimeClassName refers to a RuntimeClass - object in the node.k8s. - type: string - schedulerName: - description: If specified, the pod will be dispatched - by specified scheduler. - type: string - securityContext: - description: SecurityContext holds pod-level security - attributes and common container settings. - properties: - fsGroup: - description: A special supplemental group that - applies to all containers in a pod. - format: int64 - type: integer - fsGroupChangePolicy: - description: fsGroupChangePolicy defines behavior - of changing ownership and permission of the - volume before being - type: string - runAsGroup: - description: The GID to run the entrypoint of - the container process. Uses runtime default - if unset. - format: int64 - type: integer - runAsNonRoot: - description: Indicates that the container must - run as a non-root user. - type: boolean - runAsUser: - description: The UID to run the entrypoint of - the container process. - format: int64 - type: integer - seLinuxOptions: - description: The SELinux context to be applied - to all containers. - properties: - level: - description: Level is SELinux level label - that applies to the container. - type: string - role: - description: Role is a SELinux role label - that applies to the container. - type: string - type: - description: Type is a SELinux type label - that applies to the container. - type: string - user: - description: User is a SELinux user label - that applies to the container. - type: string - type: object - seccompProfile: - description: The seccomp options to use by the - containers in this pod. - properties: - localhostProfile: - description: localhostProfile indicates a - profile defined in a file on the node should - be used. - type: string - type: - description: type indicates which kind of - seccomp profile will be applied. - type: string - required: - - type - type: object - supplementalGroups: - description: 'A list of groups applied to the - first process run in each container, in addition - to the container''s ' - items: - format: int64 - type: integer - type: array - sysctls: - description: Sysctls hold a list of namespaced - sysctls used for the pod. - items: - description: Sysctl defines a kernel parameter - to be set - properties: - name: - description: Name of a property to set - type: string - value: - description: Value of a property to set - type: string - required: - - name - - value - type: object - type: array - windowsOptions: - description: The Windows specific settings applied - to all containers. - properties: - gmsaCredentialSpec: - description: GMSACredentialSpec is where the - GMSA admission webhook (https://github. - type: string - gmsaCredentialSpecName: - description: GMSACredentialSpecName is the - name of the GMSA credential spec to use. - type: string - hostProcess: - description: HostProcess determines if a container - should be run as a 'Host Process' container. - type: boolean - runAsUserName: - description: The UserName in Windows to run - the entrypoint of the container process. - type: string - type: object - type: object - serviceAccount: - description: DeprecatedServiceAccount is a depreciated - alias for ServiceAccountName. - type: string - serviceAccountName: - description: ServiceAccountName is the name of the - ServiceAccount to use to run this pod. - type: string - setHostnameAsFQDN: - description: If true the pod's hostname will be configured - as the pod's FQDN, rather than the leaf name (the - defa - type: boolean - shareProcessNamespace: - description: Share a single process namespace between - all of the containers in a pod. - type: boolean - subdomain: - description: If specified, the fully qualified Pod - hostname will be "...svc. - type: string - terminationGracePeriodSeconds: - description: Optional duration in seconds the pod - needs to terminate gracefully. - format: int64 - type: integer - tolerations: - description: If specified, the pod's tolerations. - items: - description: The pod this Toleration is attached - to tolerates any taint that matches the triple - name on the dataset for - Flocker should be considered as de - type: string - datasetUUID: - description: UUID of the dataset. This is - unique identifier of a Flocker dataset - type: string - type: object - gcePersistentDisk: - description: GCEPersistentDisk represents a - GCE Disk resource that is attached to a kubelet's - host machine and th - properties: - fsType: - description: Filesystem type of the volume - that you want to mount. - type: string - partition: - description: The partition in the volume - that you want to mount. - format: int32 - type: integer - pdName: - description: Unique name of the PD resource - in GCE. Used to identify the disk in GCE. - type: string - readOnly: - description: ReadOnly here will force the - ReadOnly setting in VolumeMounts. Defaults - to false. - type: boolean - required: - - pdName - type: object - gitRepo: - description: 'GitRepo represents a git repository - at a particular revision. DEPRECATED: GitRepo - is deprecated.' - properties: - directory: - description: Target directory name. Must - not contain or start with '..'. If '. - type: string - repository: - description: Repository URL - type: string - revision: - description: Commit hash for the specified - revision. - type: string - required: - - repository - type: object - glusterfs: - description: Glusterfs represents a Glusterfs - mount on the host that shares a pod's lifetime. - properties: - endpoints: - description: 'EndpointsName is the endpoint - name that details Glusterfs topology. - More info: https://examples.k8s.' - type: string - path: - description: 'Path is the Glusterfs volume - path. More info: https://examples.k8s.io/volumes/glusterfs/README.' - type: string - readOnly: - description: ReadOnly here will force the - Glusterfs volume to be mounted with read-only - permissions. - type: boolean - required: - - endpoints - - path - type: object - hostPath: - description: HostPath represents a pre-existing - file or directory on the host machine that - is directly exposed to - properties: - path: - description: Path of the directory on the - host. - type: string - type: - description: 'Type for HostPath Volume Defaults - to "" More info: https://kubernetes.' - type: string - required: - - path - type: object - iscsi: - description: ISCSI represents an ISCSI Disk - resource that is attached to a kubelet's host - machine and then expose - properties: - chapAuthDiscovery: - description: whether support iSCSI Discovery - CHAP authentication - type: boolean - chapAuthSession: - description: whether support iSCSI Session - CHAP authentication - type: boolean - fsType: - description: Filesystem type of the volume - that you want to mount. - type: string - initiatorName: - description: Custom iSCSI Initiator Name. - type: string - iqn: - description: Target iSCSI Qualified Name. - type: string - iscsiInterface: - description: iSCSI Interface Name that uses - an iSCSI transport. Defaults to 'default' - (tcp). - type: string - lun: - description: iSCSI Target Lun number. - format: int32 - type: integer - portals: - description: iSCSI Target Portal List. - items: - type: string - type: array - readOnly: - description: ReadOnly here will force the - ReadOnly setting in VolumeMounts. Defaults - to false. - type: boolean - secretRef: - description: CHAP Secret for iSCSI target - and initiator authentication - properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - type: object - targetPortal: - description: iSCSI Target Portal. - type: string - required: - - iqn - - lun - - targetPortal - type: object - name: - description: 'Volume''s name. Must be a DNS_LABEL - and unique within the pod. More info: https://kubernetes.' - type: string - nfs: - description: 'NFS represents an NFS mount on - the host that shares a pod''s lifetime More - info: https://kubernetes.' - properties: - path: - description: 'Path that is exported by the - NFS server. More info: https://kubernetes.' - type: string - readOnly: - description: ReadOnly here will force the - NFS export to be mounted with read-only - permissions. Defaults to false. - type: boolean - server: - description: 'Server is the hostname or - IP address of the NFS server. More info: - https://kubernetes.' - type: string - required: - - path - - server - type: object - persistentVolumeClaim: - description: PersistentVolumeClaimVolumeSource - represents a reference to a PersistentVolumeClaim - in the same name - properties: - claimName: - description: ClaimName is the name of a - PersistentVolumeClaim in the same namespace - as the pod using this volume. - type: string - readOnly: - description: Will force the ReadOnly setting - in VolumeMounts. Default false. - type: boolean - required: - - claimName - type: object - photonPersistentDisk: - description: 'PhotonPersistentDisk represents - a PhotonController persistent disk attached - and mounted on kubelets ' - properties: - fsType: - description: Filesystem type to mount. Must - be a filesystem type supported by the - host operating system. Ex. - type: string - pdID: - description: ID that identifies Photon Controller - persistent disk - type: string - required: - - pdID - type: object - portworxVolume: - description: PortworxVolume represents a portworx - volume attached and mounted on kubelets host - machine - properties: - fsType: - description: FSType represents the filesystem - type to mount Must be a filesystem type - supported by the host opera - type: string - readOnly: - description: Defaults to false (read/write). - ReadOnly here will force the ReadOnly - setting in VolumeMounts. - type: boolean - volumeID: - description: VolumeID uniquely identifies - a Portworx volume - type: string - required: - - volumeID - type: object - projected: - description: Items for all in one resources - secrets, configmaps, and downward API - properties: - defaultMode: - description: Mode bits used to set permissions - on created files by default. - format: int32 - type: integer - sources: - description: list of volume projections - items: - description: Projection that may be projected - along with other supported volume types - properties: - configMap: - description: information about the - configMap data to project - properties: - items: - description: 'If unspecified, - each key-value pair in the Data - field of the referenced ConfigMap - will be projected ' - items: - description: Maps a string key - to a path within a volume. - properties: - key: - description: The key to - project. - type: string - mode: - description: 'Optional: - mode bits used to set - permissions on this file.' - format: int32 - type: integer - path: - description: The relative - path of the file to map - the key to. May not be - an absolute path. - type: string - required: - - key - - path - type: object - type: array - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether the - ConfigMap or its keys must be - defined - type: boolean - type: object - downwardAPI: - description: information about the - downwardAPI data to project - properties: - items: - description: Items is a list of - DownwardAPIVolume file - items: - description: DownwardAPIVolumeFile - represents information to - create the file containing - the pod field - properties: - fieldRef: - description: 'Required: - Selects a field of the - pod: only annotations, - labels, name and namespace - are supported.' - properties: - apiVersion: - description: Version - of the schema the - FieldPath is written - in terms of, defaults - to "v1". - type: string - fieldPath: - description: Path of - the field to select - in the specified API - version. - type: string - required: - - fieldPath - type: object - mode: - description: 'Optional: - mode bits used to set - permissions on this file, - must be an octal value - between 0000 and 07' - format: int32 - type: integer - path: - description: 'Required: - Path is the relative - path name of the file - to be created.' - type: string - resourceFieldRef: - description: 'Selects a - resource of the container: - only resources limits - and requests (limits.cpu, - limits.' - properties: - containerName: - description: 'Container - name: required for - volumes, optional - for env vars' - type: string - divisor: - anyOf: - - type: integer - - type: string - description: Specifies - the output format - of the exposed resources, - defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: 'Required: - resource to select' - type: string - required: - - resource - type: object - required: - - path - type: object - type: array - type: object - secret: - description: information about the - secret data to project - properties: - items: - description: If unspecified, each - key-value pair in the Data field - of the referenced Secret will - be projected int - items: - description: Maps a string key - to a path within a volume. - properties: - key: - description: The key to - project. - type: string - mode: - description: 'Optional: - mode bits used to set - permissions on this file.' - format: int32 - type: integer - path: - description: The relative - path of the file to map - the key to. May not be - an absolute path. - type: string - required: - - key - - path - type: object - type: array - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether the - Secret or its key must be defined - type: boolean - type: object - serviceAccountToken: - description: information about the - serviceAccountToken data to project - properties: - audience: - description: Audience is the intended - audience of the token. - type: string - expirationSeconds: - description: ExpirationSeconds - is the requested duration of - validity of the service account - token. - format: int64 - type: integer - path: - description: Path is the path - relative to the mount point - of the file to project the token - into. - type: string - required: - - path - type: object - type: object - type: array - type: object - quobyte: - description: Quobyte represents a Quobyte mount - on the host that shares a pod's lifetime - properties: - group: - description: Group to map volume access - to Default is no group - type: string - readOnly: - description: ReadOnly here will force the - Quobyte volume to be mounted with read-only - permissions. - type: boolean - registry: - description: Registry represents a single - or multiple Quobyte Registry services - specified as a string as host:por - type: string - tenant: - description: Tenant owning the given Quobyte - volume in the Backend Used with dynamically - provisioned Quobyte volu - type: string - user: - description: User to map volume access to - Defaults to serivceaccount user - type: string - volume: - description: Volume is a string that references - an already created Quobyte volume by name. - type: string - required: - - registry - - volume - type: object - rbd: - description: RBD represents a Rados Block Device - mount on the host that shares a pod's lifetime. - properties: - fsType: - description: Filesystem type of the volume - that you want to mount. - type: string - image: - description: 'The rados image name. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: string - keyring: - description: Keyring is the path to key - ring for RBDUser. Default is /etc/ceph/keyring. - type: string - monitors: - description: 'A collection of Ceph monitors. - More info: https://examples.k8s.io/volumes/rbd/README.' - items: - type: string - type: array - pool: - description: 'The rados pool name. Default - is rbd. More info: https://examples.k8s.io/volumes/rbd/README.' - type: string - readOnly: - description: ReadOnly here will force the - ReadOnly setting in VolumeMounts. Defaults - to false. - type: boolean - secretRef: - description: SecretRef is name of the authentication - secret for RBDUser. If provided overrides - keyring. - properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - type: object - user: - description: 'The rados user name. Default - is admin. More info: https://examples.k8s.io/volumes/rbd/README.' - type: string - required: - - image - - monitors - type: object - scaleIO: - description: ScaleIO represents a ScaleIO persistent - volume attached and mounted on Kubernetes - nodes. - properties: - fsType: - description: Filesystem type to mount. Must - be a filesystem type supported by the - host operating system. Ex. - type: string - gateway: - description: The host address of the ScaleIO - API Gateway. - type: string - protectionDomain: - description: The name of the ScaleIO Protection - Domain for the configured storage. - type: string - readOnly: - description: Defaults to false (read/write). - ReadOnly here will force the ReadOnly - setting in VolumeMounts. - type: boolean - secretRef: - description: SecretRef references to the - secret for ScaleIO user and other sensitive - information. - properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - type: object - sslEnabled: - description: Flag to enable/disable SSL - communication with Gateway, default false - type: boolean - storageMode: - description: Indicates whether the storage - for a volume should be ThickProvisioned - or ThinProvisioned. - type: string - storagePool: - description: The ScaleIO Storage Pool associated - with the protection domain. - type: string - system: - description: The name of the storage system - as configured in ScaleIO. - type: string - volumeName: - description: The name of a volume already - created in the ScaleIO system that is - associated with this volume sourc - type: string - required: - - gateway - - secretRef - - system - type: object - secret: - description: 'Secret represents a secret that - should populate this volume. More info: https://kubernetes.' - properties: - defaultMode: - description: 'Optional: mode bits used to - set permissions on created files by default.' - format: int32 - type: integer - items: - description: If unspecified, each key-value - pair in the Data field of the referenced - Secret will be projected int - items: - description: Maps a string key to a path - within a volume. - properties: - key: - description: The key to project. - type: string - mode: - description: 'Optional: mode bits - used to set permissions on this - file.' - format: int32 - type: integer - path: - description: The relative path of - the file to map the key to. May - not be an absolute path. - type: string - required: - - key - - path - type: object - type: array - optional: - description: Specify whether the Secret - or its keys must be defined - type: boolean - secretName: - description: 'Name of the secret in the - pod''s namespace to use. More info: https://kubernetes.' - type: string - type: object - storageos: - description: StorageOS represents a StorageOS - volume attached and mounted on Kubernetes - nodes. - properties: - fsType: - description: Filesystem type to mount. Must - be a filesystem type supported by the - host operating system. Ex. - type: string - readOnly: - description: Defaults to false (read/write). - ReadOnly here will force the ReadOnly - setting in VolumeMounts. - type: boolean - secretRef: - description: SecretRef specifies the secret - to use for obtaining the StorageOS API - credentials. - properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - type: object - volumeName: - description: VolumeName is the human-readable - name of the StorageOS volume. - type: string - volumeNamespace: - description: VolumeNamespace specifies the - scope of the volume within StorageOS. - type: string - type: object - vsphereVolume: - description: VsphereVolume represents a vSphere - volume attached and mounted on kubelets host - machine - properties: - fsType: - description: Filesystem type to mount. Must - be a filesystem type supported by the - host operating system. Ex. - type: string - storagePolicyID: - description: Storage Policy Based Management - (SPBM) profile ID associated with the - StoragePolicyName. - type: string - storagePolicyName: - description: Storage Policy Based Management - (SPBM) profile name. - type: string - volumePath: - description: Path that identifies vSphere - volume vmdk - type: string - required: - - volumePath - type: object - required: - - name - type: object - type: array - required: - - containers - type: object - type: object - required: - - rayStartParams - - serviceType - - template - type: object - rayVersion: - description: RayVersion is the version of ray being used. this - affects the command used to start ray - type: string - workerGroupSpecs: - description: WorkerGroupSpecs are the specs for the worker pods - items: - description: WorkerGroupSpec are the specs for the worker pods - properties: - groupName: - description: we can have multiple worker groups, we distinguish - them by name - type: string - maxReplicas: - description: MaxReplicas defaults to maxInt32 - format: int32 - type: integer - minReplicas: - description: MinReplicas defaults to 1 - format: int32 - type: integer - rayStartParams: - additionalProperties: - type: string - description: 'RayStartParams are the params of the start - command: address, object-store-memory, ...' - type: object - replicas: - description: Replicas Number of desired pods in this pod - group. - format: int32 - type: integer - scaleStrategy: - description: ScaleStrategy defines which pods to remove - properties: - workersToDelete: - description: WorkersToDelete workers to be deleted - items: - type: string - type: array - type: object - template: - description: Template is a pod template for the worker - properties: - metadata: - description: 'Standard object''s metadata. More info: - https://git.k8s.' - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - description: 'Specification of the desired behavior - of the pod. More info: https://git.k8s.' - properties: - activeDeadlineSeconds: - description: Optional duration in seconds the pod - may be active on the node relative to StartTime - before the syst - format: int64 - type: integer - affinity: - description: If specified, the pod's scheduling - constraints - properties: - nodeAffinity: - description: Describes node affinity scheduling - rules for the pod. - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: 'The scheduler will prefer - to schedule pods to nodes that satisfy - the affinity expressions specified ' - items: - description: An empty preferred scheduling - term matches all objects with implicit - weight 0 (i.e. it's a no-op). - properties: - preference: - description: A node selector term, - associated with the corresponding - weight. - properties: - matchExpressions: - description: A list of node selector - requirements by node's labels. - items: - description: 'A node selector - requirement is a selector - that contains values, a key, - and an operator that relates ' - properties: - key: - description: The label key - that the selector applies - to. - type: string - operator: - description: Represents - a key's relationship to - a set of values. - type: string - values: - description: An array of - string values. If the - operator is In or NotIn, - the values array must - be non-empty. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - description: A list of node selector - requirements by node's fields. - items: - description: 'A node selector - requirement is a selector - that contains values, a key, - and an operator that relates ' - properties: - key: - description: The label key - that the selector applies - to. - type: string - operator: - description: Represents - a key's relationship to - a set of values. - type: string - values: - description: An array of - string values. If the - operator is In or NotIn, - the values array must - be non-empty. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - weight: - description: Weight associated with - matching the corresponding nodeSelectorTerm, - in the range 1-100. - format: int32 - type: integer - required: - - preference - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements - specified by this field are not met at - scheduling time, the pod will no - properties: - nodeSelectorTerms: - description: Required. A list of node - selector terms. The terms are ORed. - items: - description: A null or empty node - selector term matches no objects. - The requirements of them are ANDed. - properties: - matchExpressions: - description: A list of node selector - requirements by node's labels. - items: - description: 'A node selector - requirement is a selector - that contains values, a key, - and an operator that relates ' - properties: - key: - description: The label key - that the selector applies - to. - type: string - operator: - description: Represents - a key's relationship to - a set of values. - type: string - values: - description: An array of - string values. If the - operator is In or NotIn, - the values array must - be non-empty. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - description: A list of node selector - requirements by node's fields. - items: - description: 'A node selector - requirement is a selector - that contains values, a key, - and an operator that relates ' - properties: - key: - description: The label key - that the selector applies - to. - type: string - operator: - description: Represents - a key's relationship to - a set of values. - type: string - values: - description: An array of - string values. If the - operator is In or NotIn, - the values array must - be non-empty. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - type: array - required: - - nodeSelectorTerms - type: object - type: object - podAffinity: - description: Describes pod affinity scheduling - rules (e.g. co-locate this pod in the same - node, zone, etc. - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: 'The scheduler will prefer - to schedule pods to nodes that satisfy - the affinity expressions specified ' - items: - description: The weights of all of the - matched WeightedPodAffinityTerm fields - are added per-node to find the most - properties: - podAffinityTerm: - description: Required. A pod affinity - term, associated with the corresponding - weight. - properties: - labelSelector: - description: A label query over - a set of resources, in this - case pods. - properties: - matchExpressions: - description: matchExpressions - is a list of label selector - requirements. The requirements - are ANDed. - items: - description: A label selector - requirement is a selector - that contains values, - a key, and an operator - that relates - properties: - key: - description: key is - the label key that - the selector applies - to. - type: string - operator: - description: operator - represents a key's - relationship to a - set of values. - type: string - values: - description: values - is an array of string - values. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is - a map of {key,value} pairs. - type: object - type: object - namespaceSelector: - description: A label query over - the set of namespaces that the - term applies to. - properties: - matchExpressions: - description: matchExpressions - is a list of label selector - requirements. The requirements - are ANDed. - items: - description: A label selector - requirement is a selector - that contains values, - a key, and an operator - that relates - properties: - key: - description: key is - the label key that - the selector applies - to. - type: string - operator: - description: operator - represents a key's - relationship to a - set of values. - type: string - values: - description: values - is an array of string - values. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is - a map of {key,value} pairs. - type: object - type: object - namespaces: - description: namespaces specifies - a static list of namespace names - that the term applies to. - items: - type: string - type: array - topologyKey: - description: This pod should be - co-located (affinity) or not - co-located (anti-affinity) with - the pods matching th - type: string - required: - - topologyKey - type: object - weight: - description: weight associated with - matching the corresponding podAffinityTerm, - in the range 1-100. - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements - specified by this field are not met at - scheduling time, the pod will no - items: - description: Defines a set of pods (namely - those matching the labelSelector relative - to the given namespace(s)) t - properties: - labelSelector: - description: A label query over a - set of resources, in this case pods. - properties: - matchExpressions: - description: matchExpressions - is a list of label selector - requirements. The requirements - are ANDed. - items: - description: A label selector - requirement is a selector - that contains values, a key, - and an operator that relates - properties: - key: - description: key is the - label key that the selector - applies to. - type: string - operator: - description: operator represents - a key's relationship to - a set of values. - type: string - values: - description: values is an - array of string values. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a - map of {key,value} pairs. - type: object - type: object - namespaceSelector: - description: A label query over the - set of namespaces that the term - applies to. - properties: - matchExpressions: - description: matchExpressions - is a list of label selector - requirements. The requirements - are ANDed. - items: - description: A label selector - requirement is a selector - that contains values, a key, - and an operator that relates - properties: - key: - description: key is the - label key that the selector - applies to. - type: string - operator: - description: operator represents - a key's relationship to - a set of values. - type: string - values: - description: values is an - array of string values. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a - map of {key,value} pairs. - type: object - type: object - namespaces: - description: namespaces specifies - a static list of namespace names - that the term applies to. - items: - type: string - type: array - topologyKey: - description: This pod should be co-located - (affinity) or not co-located (anti-affinity) - with the pods matching th - type: string - required: - - topologyKey - type: object - type: array - type: object - podAntiAffinity: - description: Describes pod anti-affinity scheduling - rules (e.g. - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to - schedule pods to nodes that satisfy the - anti-affinity expressions speci - items: - description: The weights of all of the - matched WeightedPodAffinityTerm fields - are added per-node to find the most - properties: - podAffinityTerm: - description: Required. A pod affinity - term, associated with the corresponding - weight. - properties: - labelSelector: - description: A label query over - a set of resources, in this - case pods. - properties: - matchExpressions: - description: matchExpressions - is a list of label selector - requirements. The requirements - are ANDed. - items: - description: A label selector - requirement is a selector - that contains values, - a key, and an operator - that relates - properties: - key: - description: key is - the label key that - the selector applies - to. - type: string - operator: - description: operator - represents a key's - relationship to a - set of values. - type: string - values: - description: values - is an array of string - values. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is - a map of {key,value} pairs. - type: object - type: object - namespaceSelector: - description: A label query over - the set of namespaces that the - term applies to. - properties: - matchExpressions: - description: matchExpressions - is a list of label selector - requirements. The requirements - are ANDed. - items: - description: A label selector - requirement is a selector - that contains values, - a key, and an operator - that relates - properties: - key: - description: key is - the label key that - the selector applies - to. - type: string - operator: - description: operator - represents a key's - relationship to a - set of values. - type: string - values: - description: values - is an array of string - values. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is - a map of {key,value} pairs. - type: object - type: object - namespaces: - description: namespaces specifies - a static list of namespace names - that the term applies to. - items: - type: string - type: array - topologyKey: - description: This pod should be - co-located (affinity) or not - co-located (anti-affinity) with - the pods matching th - type: string - required: - - topologyKey - type: object - weight: - description: weight associated with - matching the corresponding podAffinityTerm, - in the range 1-100. - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: If the anti-affinity requirements - specified by this field are not met at - scheduling time, the pod wi - items: - description: Defines a set of pods (namely - those matching the labelSelector relative - to the given namespace(s)) t - properties: - labelSelector: - description: A label query over a - set of resources, in this case pods. - properties: - matchExpressions: - description: matchExpressions - is a list of label selector - requirements. The requirements - are ANDed. - items: - description: A label selector - requirement is a selector - that contains values, a key, - and an operator that relates - properties: - key: - description: key is the - label key that the selector - applies to. - type: string - operator: - description: operator represents - a key's relationship to - a set of values. - type: string - values: - description: values is an - array of string values. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a - map of {key,value} pairs. - type: object - type: object - namespaceSelector: - description: A label query over the - set of namespaces that the term - applies to. - properties: - matchExpressions: - description: matchExpressions - is a list of label selector - requirements. The requirements - are ANDed. - items: - description: A label selector - requirement is a selector - that contains values, a key, - and an operator that relates - properties: - key: - description: key is the - label key that the selector - applies to. - type: string - operator: - description: operator represents - a key's relationship to - a set of values. - type: string - values: - description: values is an - array of string values. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a - map of {key,value} pairs. - type: object - type: object - namespaces: - description: namespaces specifies - a static list of namespace names - that the term applies to. - items: - type: string - type: array - topologyKey: - description: This pod should be co-located - (affinity) or not co-located (anti-affinity) - with the pods matching th - type: string - required: - - topologyKey - type: object - type: array - type: object - type: object - automountServiceAccountToken: - description: AutomountServiceAccountToken indicates - whether a service account token should be automatically - mount - type: boolean - containers: - description: List of containers belonging to the - pod. Containers cannot currently be added or removed. - items: - description: A single application container that - you want to run within a pod. - properties: - args: - description: Arguments to the entrypoint. - The docker image's CMD is used if this is - not provided. - items: - type: string - type: array - command: - description: Entrypoint array. Not executed - within a shell. - items: - type: string - type: array - env: - description: List of environment variables - to set in the container. Cannot be updated. - items: - description: EnvVar represents an environment - variable present in a Container. - properties: - name: - description: Name of the environment - variable. Must be a C_IDENTIFIER. - type: string - value: - description: Variable references $(VAR_NAME) - are expanded using the previously - defined environment variables in t - type: string - valueFrom: - description: Source for the environment - variable's value. Cannot be used if - value is not empty. - properties: - configMapKeyRef: - description: Selects a key of a - ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether - the ConfigMap or its key must - be defined - type: boolean - required: - - key - type: object - fieldRef: - description: 'Selects a field of - the pod: supports metadata.name, - metadata.namespace, `metadata.' - properties: - apiVersion: - description: Version of the - schema the FieldPath is written - in terms of, defaults to "v1". - type: string - fieldPath: - description: Path of the field - to select in the specified - API version. - type: string - required: - - fieldPath - type: object - resourceFieldRef: - description: 'Selects a resource - of the container: only resources - limits and requests (limits.cpu, - limits.' - properties: - containerName: - description: 'Container name: - required for volumes, optional - for env vars' - type: string - divisor: - anyOf: - - type: integer - - type: string - description: Specifies the output - format of the exposed resources, - defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: 'Required: resource - to select' - type: string - required: - - resource - type: object - secretKeyRef: - description: Selects a key of a - secret in the pod's namespace - properties: - key: - description: The key of the - secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether - the Secret or its key must - be defined - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - envFrom: - description: List of sources to populate environment - variables in the container. - items: - description: EnvFromSource represents the - source of a set of ConfigMaps - properties: - configMapRef: - description: The ConfigMap to select - from - properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether the - ConfigMap must be defined - type: boolean - type: object - prefix: - description: An optional identifier - to prepend to each key in the ConfigMap. - Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether the - Secret must be defined - type: boolean - type: object - type: object - type: array - image: - description: 'Docker image name. More info: - https://kubernetes.' - type: string - imagePullPolicy: - description: Image pull policy. One of Always, - Never, IfNotPresent. - type: string - lifecycle: - description: Actions that the management system - should take in response to container lifecycle - events. - properties: - postStart: - description: PostStart is called immediately - after a container is created. - properties: - exec: - description: Exec specifies the action - to take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the - command ' - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the - http request to perform. - properties: - host: - description: Host name to connect - to, defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to - set in the request. HTTP allows - repeated headers. - items: - description: HTTPHeader describes - a custom header to be used - in HTTP probes - properties: - name: - description: The header - field name - type: string - value: - description: The header - field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on - the HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of - the port to access on the container. - Number must be in the range - 1 to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for - connecting to the host. Defaults - to HTTP. - type: string - required: - - port - type: object - tcpSocket: - description: Deprecated. - properties: - host: - description: 'Optional: Host name - to connect to, defaults to the - pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of - the port to access on the container. - Number must be in the range - 1 to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - preStop: - description: PreStop is called immediately - before a container is terminated due - to an API request or management e - properties: - exec: - description: Exec specifies the action - to take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the - command ' - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the - http request to perform. - properties: - host: - description: Host name to connect - to, defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to - set in the request. HTTP allows - repeated headers. - items: - description: HTTPHeader describes - a custom header to be used - in HTTP probes - properties: - name: - description: The header - field name - type: string - value: - description: The header - field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on - the HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of - the port to access on the container. - Number must be in the range - 1 to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for - connecting to the host. Defaults - to HTTP. - type: string - required: - - port - type: object - tcpSocket: - description: Deprecated. - properties: - host: - description: 'Optional: Host name - to connect to, defaults to the - pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of - the port to access on the container. - Number must be in the range - 1 to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - type: object - livenessProbe: - description: Periodic probe of container liveness. - Container will be restarted if the probe - fails. - properties: - exec: - description: Exec specifies the action - to take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the command ' - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures - for the probe to be considered failed - after having succeeded. - format: int32 - type: integer - grpc: - description: GRPC specifies an action - involving a GRPC port. - properties: - port: - description: Port number of the gRPC - service. Number must be in the range - 1 to 65535. - format: int32 - type: integer - service: - description: Service is the name of - the service to place in the gRPC - HealthCheckRequest (see https://github. - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect - to, defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set - in the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in - HTTP probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the - HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the - port to access on the container. - Number must be in the range 1 to - 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: Number of seconds after the - container has started before liveness - probes are initiated. - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to - perform the probe. Default to 10 seconds. - Minimum value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes - for the probe to be considered successful - after having failed. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action - involving a TCP port. - properties: - host: - description: 'Optional: Host name - to connect to, defaults to the pod - IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the - port to access on the container. - Number must be in the range 1 to - 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds - the pod needs to terminate gracefully - upon probe failure. - format: int64 - type: integer - timeoutSeconds: - description: Number of seconds after which - the probe times out. Defaults to 1 second. - Minimum value is 1. - format: int32 - type: integer - type: object - name: - description: Name of the container specified - as a DNS_LABEL. - type: string - ports: - description: List of ports to expose from - the container. - items: - description: ContainerPort represents a - network port in a single container. - properties: - containerPort: - description: Number of port to expose - on the pod's IP address. This must - be a valid port number, 0 < x < 65536. - format: int32 - type: integer - hostIP: - description: What host IP to bind the - external port to. - type: string - hostPort: - description: Number of port to expose - on the host. If specified, this must - be a valid port number, 0 < x < 65536. - format: int32 - type: integer - name: - description: If specified, this must - be an IANA_SVC_NAME and unique within - the pod. - type: string - protocol: - default: TCP - description: Protocol for port. Must - be UDP, TCP, or SCTP. Defaults to - "TCP". - type: string - required: - - containerPort - type: object - type: array - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: Periodic probe of container service - readiness. - properties: - exec: - description: Exec specifies the action - to take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the command ' - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures - for the probe to be considered failed - after having succeeded. - format: int32 - type: integer - grpc: - description: GRPC specifies an action - involving a GRPC port. - properties: - port: - description: Port number of the gRPC - service. Number must be in the range - 1 to 65535. - format: int32 - type: integer - service: - description: Service is the name of - the service to place in the gRPC - HealthCheckRequest (see https://github. - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect - to, defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set - in the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in - HTTP probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the - HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the - port to access on the container. - Number must be in the range 1 to - 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: Number of seconds after the - container has started before liveness - probes are initiated. - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to - perform the probe. Default to 10 seconds. - Minimum value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes - for the probe to be considered successful - after having failed. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action - involving a TCP port. - properties: - host: - description: 'Optional: Host name - to connect to, defaults to the pod - IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the - port to access on the container. - Number must be in the range 1 to - 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds - the pod needs to terminate gracefully - upon probe failure. - format: int64 - type: integer - timeoutSeconds: - description: Number of seconds after which - the probe times out. Defaults to 1 second. - Minimum value is 1. - format: int32 - type: integer - type: object - resources: - description: 'Compute Resources required by - this container. Cannot be updated. More - info: https://kubernetes.' - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Limits describes the maximum - amount of compute resources allowed. - More info: https://kubernetes.' - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: Requests describes the minimum - amount of compute resources required. - type: object - type: object - securityContext: - description: SecurityContext defines the security - options the container should be run with. - properties: - allowPrivilegeEscalation: - description: AllowPrivilegeEscalation - controls whether a process can gain - more privileges than its parent process - type: boolean - capabilities: - description: The capabilities to add/drop - when running containers. - properties: - add: - description: Added capabilities - items: - description: Capability represent - POSIX capabilities type - type: string - type: array - drop: - description: Removed capabilities - items: - description: Capability represent - POSIX capabilities type - type: string - type: array - type: object - privileged: - description: Run container in privileged - mode. - type: boolean - procMount: - description: procMount denotes the type - of proc mount to use for the containers. - type: string - readOnlyRootFilesystem: - description: Whether this container has - a read-only root filesystem. Default - is false. - type: boolean - runAsGroup: - description: The GID to run the entrypoint - of the container process. Uses runtime - default if unset. - format: int64 - type: integer - runAsNonRoot: - description: Indicates that the container - must run as a non-root user. - type: boolean - runAsUser: - description: The UID to run the entrypoint - of the container process. - format: int64 - type: integer - seLinuxOptions: - description: The SELinux context to be - applied to the container. - properties: - level: - description: Level is SELinux level - label that applies to the container. - type: string - role: - description: Role is a SELinux role - label that applies to the container. - type: string - type: - description: Type is a SELinux type - label that applies to the container. - type: string - user: - description: User is a SELinux user - label that applies to the container. - type: string - type: object - seccompProfile: - description: The seccomp options to use - by this container. - properties: - localhostProfile: - description: localhostProfile indicates - a profile defined in a file on the - node should be used. - type: string - type: - description: type indicates which - kind of seccomp profile will be - applied. - type: string - required: - - type - type: object - windowsOptions: - description: The Windows specific settings - applied to all containers. - properties: - gmsaCredentialSpec: - description: GMSACredentialSpec is - where the GMSA admission webhook - (https://github. - type: string - gmsaCredentialSpecName: - description: GMSACredentialSpecName - is the name of the GMSA credential - spec to use. - type: string - hostProcess: - description: HostProcess determines - if a container should be run as - a 'Host Process' container. - type: boolean - runAsUserName: - description: The UserName in Windows - to run the entrypoint of the container - process. - type: string - type: object - type: object - startupProbe: - description: StartupProbe indicates that the - Pod has successfully initialized. - properties: - exec: - description: Exec specifies the action - to take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the command ' - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures - for the probe to be considered failed - after having succeeded. - format: int32 - type: integer - grpc: - description: GRPC specifies an action - involving a GRPC port. - properties: - port: - description: Port number of the gRPC - service. Number must be in the range - 1 to 65535. - format: int32 - type: integer - service: - description: Service is the name of - the service to place in the gRPC - HealthCheckRequest (see https://github. - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect - to, defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set - in the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in - HTTP probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the - HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the - port to access on the container. - Number must be in the range 1 to - 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: Number of seconds after the - container has started before liveness - probes are initiated. - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to - perform the probe. Default to 10 seconds. - Minimum value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes - for the probe to be considered successful - after having failed. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action - involving a TCP port. - properties: - host: - description: 'Optional: Host name - to connect to, defaults to the pod - IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the - port to access on the container. - Number must be in the range 1 to - 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds - the pod needs to terminate gracefully - upon probe failure. - format: int64 - type: integer - timeoutSeconds: - description: Number of seconds after which - the probe times out. Defaults to 1 second. - Minimum value is 1. - format: int32 - type: integer - type: object - stdin: - description: Whether this container should - allocate a buffer for stdin in the container - runtime. - type: boolean - stdinOnce: - description: Whether the container runtime - should close the stdin channel after it - has been opened by a single at - type: boolean - terminationMessagePath: - description: 'Optional: Path at which the - file to which the container''s termination - message will be written is mou' - type: string - terminationMessagePolicy: - description: Indicate how the termination - message should be populated. - type: string - tty: - description: Whether this container should - allocate a TTY for itself, also requires - 'stdin' to be true. - type: boolean - volumeDevices: - description: volumeDevices is the list of - block devices to be used by the container. - items: - description: volumeDevice describes a mapping - of a raw block device within a container. - properties: - devicePath: - description: devicePath is the path - inside of the container that the device - will be mapped to. - type: string - name: - description: name must match the name - of a persistentVolumeClaim in the - pod - type: string - required: - - devicePath - - name - type: object - type: array - volumeMounts: - description: Pod volumes to mount into the - container's filesystem. Cannot be updated. - items: - description: VolumeMount describes a mounting - of a Volume within a container. - properties: - mountPath: - description: Path within the container - at which the volume should be mounted. Must - not contain ':'. - type: string - mountPropagation: - description: mountPropagation determines - how mounts are propagated from the - host to container and the other way - a - type: string - name: - description: This must match the Name - of a Volume. - type: string - readOnly: - description: Mounted read-only if true, - read-write otherwise (false or unspecified). - Defaults to false. - type: boolean - subPath: - description: Path within the volume - from which the container's volume - should be mounted. - type: string - subPathExpr: - description: Expanded path within the - volume from which the container's - volume should be mounted. - type: string - required: - - mountPath - - name - type: object - type: array - workingDir: - description: Container's working directory. - type: string - required: - - name - type: object - type: array - dnsConfig: - description: Specifies the DNS parameters of a pod. - properties: - nameservers: - description: A list of DNS name server IP addresses. - items: - type: string - type: array - options: - description: A list of DNS resolver options. - This will be merged with the base options - generated from DNSPolicy. - items: - description: PodDNSConfigOption defines DNS - resolver options of a pod. - properties: - name: - description: Required. - type: string - value: - type: string - type: object - type: array - searches: - description: A list of DNS search domains for - host-name lookup. - items: - type: string - type: array - type: object - dnsPolicy: - description: Set DNS policy for the pod. Defaults - to "ClusterFirst". - type: string - enableServiceLinks: - description: EnableServiceLinks indicates whether - information about services should be injected - into pod's enviro - type: boolean - ephemeralContainers: - description: List of ephemeral containers run in - this pod. - items: - description: An EphemeralContainer is a temporary - container that you may add to an existing Pod - for user-initiate - properties: - args: - description: Arguments to the entrypoint. - The docker image's CMD is used if this is - not provided. - items: - type: string - type: array - command: - description: Entrypoint array. Not executed - within a shell. - items: - type: string - type: array - env: - description: List of environment variables - to set in the container. Cannot be updated. - items: - description: EnvVar represents an environment - variable present in a Container. - properties: - name: - description: Name of the environment - variable. Must be a C_IDENTIFIER. - type: string - value: - description: Variable references $(VAR_NAME) - are expanded using the previously - defined environment variables in t - type: string - valueFrom: - description: Source for the environment - variable's value. Cannot be used if - value is not empty. - properties: - configMapKeyRef: - description: Selects a key of a - ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether - the ConfigMap or its key must - be defined - type: boolean - required: - - key - type: object - fieldRef: - description: 'Selects a field of - the pod: supports metadata.name, - metadata.namespace, `metadata.' - properties: - apiVersion: - description: Version of the - schema the FieldPath is written - in terms of, defaults to "v1". - type: string - fieldPath: - description: Path of the field - to select in the specified - API version. - type: string - required: - - fieldPath - type: object - resourceFieldRef: - description: 'Selects a resource - of the container: only resources - limits and requests (limits.cpu, - limits.' - properties: - containerName: - description: 'Container name: - required for volumes, optional - for env vars' - type: string - divisor: - anyOf: - - type: integer - - type: string - description: Specifies the output - format of the exposed resources, - defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: 'Required: resource - to select' - type: string - required: - - resource - type: object - secretKeyRef: - description: Selects a key of a - secret in the pod's namespace - properties: - key: - description: The key of the - secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether - the Secret or its key must - be defined - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - envFrom: - description: List of sources to populate environment - variables in the container. - items: - description: EnvFromSource represents the - source of a set of ConfigMaps - properties: - configMapRef: - description: The ConfigMap to select - from - properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether the - ConfigMap must be defined - type: boolean - type: object - prefix: - description: An optional identifier - to prepend to each key in the ConfigMap. - Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether the - Secret must be defined - type: boolean - type: object - type: object - type: array - image: - description: 'Docker image name. More info: - https://kubernetes.io/docs/concepts/containers/images' - type: string - imagePullPolicy: - description: Image pull policy. One of Always, - Never, IfNotPresent. - type: string - lifecycle: - description: Lifecycle is not allowed for - ephemeral containers. - properties: - postStart: - description: PostStart is called immediately - after a container is created. - properties: - exec: - description: Exec specifies the action - to take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the - command ' - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the - http request to perform. - properties: - host: - description: Host name to connect - to, defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to - set in the request. HTTP allows - repeated headers. - items: - description: HTTPHeader describes - a custom header to be used - in HTTP probes - properties: - name: - description: The header - field name - type: string - value: - description: The header - field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on - the HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of - the port to access on the container. - Number must be in the range - 1 to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for - connecting to the host. Defaults - to HTTP. - type: string - required: - - port - type: object - tcpSocket: - description: Deprecated. - properties: - host: - description: 'Optional: Host name - to connect to, defaults to the - pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of - the port to access on the container. - Number must be in the range - 1 to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - preStop: - description: PreStop is called immediately - before a container is terminated due - to an API request or management e - properties: - exec: - description: Exec specifies the action - to take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the - command ' - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the - http request to perform. - properties: - host: - description: Host name to connect - to, defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to - set in the request. HTTP allows - repeated headers. - items: - description: HTTPHeader describes - a custom header to be used - in HTTP probes - properties: - name: - description: The header - field name - type: string - value: - description: The header - field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on - the HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of - the port to access on the container. - Number must be in the range - 1 to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for - connecting to the host. Defaults - to HTTP. - type: string - required: - - port - type: object - tcpSocket: - description: Deprecated. - properties: - host: - description: 'Optional: Host name - to connect to, defaults to the - pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of - the port to access on the container. - Number must be in the range - 1 to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - type: object - livenessProbe: - description: Probes are not allowed for ephemeral - containers. - properties: - exec: - description: Exec specifies the action - to take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the command ' - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures - for the probe to be considered failed - after having succeeded. - format: int32 - type: integer - grpc: - description: GRPC specifies an action - involving a GRPC port. - properties: - port: - description: Port number of the gRPC - service. Number must be in the range - 1 to 65535. - format: int32 - type: integer - service: - description: Service is the name of - the service to place in the gRPC - HealthCheckRequest (see https://github. - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect - to, defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set - in the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in - HTTP probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the - HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the - port to access on the container. - Number must be in the range 1 to - 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: Number of seconds after the - container has started before liveness - probes are initiated. - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to - perform the probe. Default to 10 seconds. - Minimum value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes - for the probe to be considered successful - after having failed. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action - involving a TCP port. - properties: - host: - description: 'Optional: Host name - to connect to, defaults to the pod - IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the - port to access on the container. - Number must be in the range 1 to - 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds - the pod needs to terminate gracefully - upon probe failure. - format: int64 - type: integer - timeoutSeconds: - description: Number of seconds after which - the probe times out. Defaults to 1 second. - Minimum value is 1. - format: int32 - type: integer - type: object - name: - description: Name of the ephemeral container - specified as a DNS_LABEL. - type: string - ports: - description: Ports are not allowed for ephemeral - containers. - items: - description: ContainerPort represents a - network port in a single container. - properties: - containerPort: - description: Number of port to expose - on the pod's IP address. This must - be a valid port number, 0 < x < 65536. - format: int32 - type: integer - hostIP: - description: What host IP to bind the - external port to. - type: string - hostPort: - description: Number of port to expose - on the host. If specified, this must - be a valid port number, 0 < x < 65536. - format: int32 - type: integer - name: - description: If specified, this must - be an IANA_SVC_NAME and unique within - the pod. - type: string - protocol: - default: TCP - description: Protocol for port. Must - be UDP, TCP, or SCTP. Defaults to - "TCP". - type: string - required: - - containerPort - type: object - type: array - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: Probes are not allowed for ephemeral - containers. - properties: - exec: - description: Exec specifies the action - to take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the command ' - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures - for the probe to be considered failed - after having succeeded. - format: int32 - type: integer - grpc: - description: GRPC specifies an action - involving a GRPC port. - properties: - port: - description: Port number of the gRPC - service. Number must be in the range - 1 to 65535. - format: int32 - type: integer - service: - description: Service is the name of - the service to place in the gRPC - HealthCheckRequest (see https://github. - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect - to, defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set - in the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in - HTTP probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the - HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the - port to access on the container. - Number must be in the range 1 to - 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: Number of seconds after the - container has started before liveness - probes are initiated. - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to - perform the probe. Default to 10 seconds. - Minimum value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes - for the probe to be considered successful - after having failed. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action - involving a TCP port. - properties: - host: - description: 'Optional: Host name - to connect to, defaults to the pod - IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the - port to access on the container. - Number must be in the range 1 to - 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds - the pod needs to terminate gracefully - upon probe failure. - format: int64 - type: integer - timeoutSeconds: - description: Number of seconds after which - the probe times out. Defaults to 1 second. - Minimum value is 1. - format: int32 - type: integer - type: object - resources: - description: Resources are not allowed for - ephemeral containers. - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Limits describes the maximum - amount of compute resources allowed. - More info: https://kubernetes.' - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: Requests describes the minimum - amount of compute resources required. - type: object - type: object - securityContext: - description: 'Optional: SecurityContext defines - the security options the ephemeral container - should be run with.' - properties: - allowPrivilegeEscalation: - description: AllowPrivilegeEscalation - controls whether a process can gain - more privileges than its parent process - type: boolean - capabilities: - description: The capabilities to add/drop - when running containers. - properties: - add: - description: Added capabilities - items: - description: Capability represent - POSIX capabilities type - type: string - type: array - drop: - description: Removed capabilities - items: - description: Capability represent - POSIX capabilities type - type: string - type: array - type: object - privileged: - description: Run container in privileged - mode. - type: boolean - procMount: - description: procMount denotes the type - of proc mount to use for the containers. - type: string - readOnlyRootFilesystem: - description: Whether this container has - a read-only root filesystem. Default - is false. - type: boolean - runAsGroup: - description: The GID to run the entrypoint - of the container process. Uses runtime - default if unset. - format: int64 - type: integer - runAsNonRoot: - description: Indicates that the container - must run as a non-root user. - type: boolean - runAsUser: - description: The UID to run the entrypoint - of the container process. - format: int64 - type: integer - seLinuxOptions: - description: The SELinux context to be - applied to the container. - properties: - level: - description: Level is SELinux level - label that applies to the container. - type: string - role: - description: Role is a SELinux role - label that applies to the container. - type: string - type: - description: Type is a SELinux type - label that applies to the container. - type: string - user: - description: User is a SELinux user - label that applies to the container. - type: string - type: object - seccompProfile: - description: The seccomp options to use - by this container. - properties: - localhostProfile: - description: localhostProfile indicates - a profile defined in a file on the - node should be used. - type: string - type: - description: type indicates which - kind of seccomp profile will be - applied. - type: string - required: - - type - type: object - windowsOptions: - description: The Windows specific settings - applied to all containers. - properties: - gmsaCredentialSpec: - description: GMSACredentialSpec is - where the GMSA admission webhook - (https://github. - type: string - gmsaCredentialSpecName: - description: GMSACredentialSpecName - is the name of the GMSA credential - spec to use. - type: string - hostProcess: - description: HostProcess determines - if a container should be run as - a 'Host Process' container. - type: boolean - runAsUserName: - description: The UserName in Windows - to run the entrypoint of the container - process. - type: string - type: object - type: object - startupProbe: - description: Probes are not allowed for ephemeral - containers. - properties: - exec: - description: Exec specifies the action - to take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the command ' - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures - for the probe to be considered failed - after having succeeded. - format: int32 - type: integer - grpc: - description: GRPC specifies an action - involving a GRPC port. - properties: - port: - description: Port number of the gRPC - service. Number must be in the range - 1 to 65535. - format: int32 - type: integer - service: - description: Service is the name of - the service to place in the gRPC - HealthCheckRequest (see https://github. - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect - to, defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set - in the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in - HTTP probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the - HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the - port to access on the container. - Number must be in the range 1 to - 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: Number of seconds after the - container has started before liveness - probes are initiated. - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to - perform the probe. Default to 10 seconds. - Minimum value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes - for the probe to be considered successful - after having failed. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action - involving a TCP port. - properties: - host: - description: 'Optional: Host name - to connect to, defaults to the pod - IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the - port to access on the container. - Number must be in the range 1 to - 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds - the pod needs to terminate gracefully - upon probe failure. - format: int64 - type: integer - timeoutSeconds: - description: Number of seconds after which - the probe times out. Defaults to 1 second. - Minimum value is 1. - format: int32 - type: integer - type: object - stdin: - description: Whether this container should - allocate a buffer for stdin in the container - runtime. - type: boolean - stdinOnce: - description: Whether the container runtime - should close the stdin channel after it - has been opened by a single at - type: boolean - targetContainerName: - description: If set, the name of the container - from PodSpec that this ephemeral container - targets. - type: string - terminationMessagePath: - description: 'Optional: Path at which the - file to which the container''s termination - message will be written is mou' - type: string - terminationMessagePolicy: - description: Indicate how the termination - message should be populated. - type: string - tty: - description: Whether this container should - allocate a TTY for itself, also requires - 'stdin' to be true. - type: boolean - volumeDevices: - description: volumeDevices is the list of - block devices to be used by the container. - items: - description: volumeDevice describes a mapping - of a raw block device within a container. - properties: - devicePath: - description: devicePath is the path - inside of the container that the device - will be mapped to. - type: string - name: - description: name must match the name - of a persistentVolumeClaim in the - pod - type: string - required: - - devicePath - - name - type: object - type: array - volumeMounts: - description: Pod volumes to mount into the - container's filesystem. - items: - description: VolumeMount describes a mounting - of a Volume within a container. - properties: - mountPath: - description: Path within the container - at which the volume should be mounted. Must - not contain ':'. - type: string - mountPropagation: - description: mountPropagation determines - how mounts are propagated from the - host to container and the other way - a - type: string - name: - description: This must match the Name - of a Volume. - type: string - readOnly: - description: Mounted read-only if true, - read-write otherwise (false or unspecified). - Defaults to false. - type: boolean - subPath: - description: Path within the volume - from which the container's volume - should be mounted. - type: string - subPathExpr: - description: Expanded path within the - volume from which the container's - volume should be mounted. - type: string - required: - - mountPath - - name - type: object - type: array - workingDir: - description: Container's working directory. - type: string - required: - - name - type: object - type: array - hostAliases: - description: 'HostAliases is an optional list of - hosts and IPs that will be injected into the pod''s - hosts file if ' - items: - description: 'HostAlias holds the mapping between - IP and hostnames that will be injected as an - entry in the pod''s ' - properties: - hostnames: - description: Hostnames for the above IP address. - items: - type: string - type: array - ip: - description: IP address of the host file entry. - type: string - type: object - type: array - hostIPC: - description: 'Use the host''s ipc namespace. Optional: - Default to false.' - type: boolean - hostNetwork: - description: Host networking requested for this - pod. Use the host's network namespace. - type: boolean - hostPID: - description: 'Use the host''s pid namespace. Optional: - Default to false.' - type: boolean - hostname: - description: Specifies the hostname of the Pod If - not specified, the pod's hostname will be set - to a system-defin - type: string - imagePullSecrets: - description: ImagePullSecrets is an optional list - of references to secrets in the same namespace - to use for pulli - items: - description: 'LocalObjectReference contains enough - information to let you locate the referenced - object inside the ' - properties: - name: - description: 'Name of the referent. More info: - https://kubernetes.' - type: string - type: object - type: array - initContainers: - description: List of initialization containers belonging - to the pod. - items: - description: A single application container that - you want to run within a pod. - properties: - args: - description: Arguments to the entrypoint. - The docker image's CMD is used if this is - not provided. - items: - type: string - type: array - command: - description: Entrypoint array. Not executed - within a shell. - items: - type: string - type: array - env: - description: List of environment variables - to set in the container. Cannot be updated. - items: - description: EnvVar represents an environment - variable present in a Container. - properties: - name: - description: Name of the environment - variable. Must be a C_IDENTIFIER. - type: string - value: - description: Variable references $(VAR_NAME) - are expanded using the previously - defined environment variables in t - type: string - valueFrom: - description: Source for the environment - variable's value. Cannot be used if - value is not empty. - properties: - configMapKeyRef: - description: Selects a key of a - ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether - the ConfigMap or its key must - be defined - type: boolean - required: - - key - type: object - fieldRef: - description: 'Selects a field of - the pod: supports metadata.name, - metadata.namespace, `metadata.' - properties: - apiVersion: - description: Version of the - schema the FieldPath is written - in terms of, defaults to "v1". - type: string - fieldPath: - description: Path of the field - to select in the specified - API version. - type: string - required: - - fieldPath - type: object - resourceFieldRef: - description: 'Selects a resource - of the container: only resources - limits and requests (limits.cpu, - limits.' - properties: - containerName: - description: 'Container name: - required for volumes, optional - for env vars' - type: string - divisor: - anyOf: - - type: integer - - type: string - description: Specifies the output - format of the exposed resources, - defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: 'Required: resource - to select' - type: string - required: - - resource - type: object - secretKeyRef: - description: Selects a key of a - secret in the pod's namespace - properties: - key: - description: The key of the - secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether - the Secret or its key must - be defined - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - envFrom: - description: List of sources to populate environment - variables in the container. - items: - description: EnvFromSource represents the - source of a set of ConfigMaps - properties: - configMapRef: - description: The ConfigMap to select - from - properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether the - ConfigMap must be defined - type: boolean - type: object - prefix: - description: An optional identifier - to prepend to each key in the ConfigMap. - Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether the - Secret must be defined - type: boolean - type: object - type: object - type: array - image: - description: 'Docker image name. More info: - https://kubernetes.' - type: string - imagePullPolicy: - description: Image pull policy. One of Always, - Never, IfNotPresent. - type: string - lifecycle: - description: Actions that the management system - should take in response to container lifecycle - events. - properties: - postStart: - description: PostStart is called immediately - after a container is created. - properties: - exec: - description: Exec specifies the action - to take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the - command ' - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the - http request to perform. - properties: - host: - description: Host name to connect - to, defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to - set in the request. HTTP allows - repeated headers. - items: - description: HTTPHeader describes - a custom header to be used - in HTTP probes - properties: - name: - description: The header - field name - type: string - value: - description: The header - field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on - the HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of - the port to access on the container. - Number must be in the range - 1 to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for - connecting to the host. Defaults - to HTTP. - type: string - required: - - port - type: object - tcpSocket: - description: Deprecated. - properties: - host: - description: 'Optional: Host name - to connect to, defaults to the - pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of - the port to access on the container. - Number must be in the range - 1 to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - preStop: - description: PreStop is called immediately - before a container is terminated due - to an API request or management e - properties: - exec: - description: Exec specifies the action - to take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the - command ' - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the - http request to perform. - properties: - host: - description: Host name to connect - to, defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to - set in the request. HTTP allows - repeated headers. - items: - description: HTTPHeader describes - a custom header to be used - in HTTP probes - properties: - name: - description: The header - field name - type: string - value: - description: The header - field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on - the HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of - the port to access on the container. - Number must be in the range - 1 to 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for - connecting to the host. Defaults - to HTTP. - type: string - required: - - port - type: object - tcpSocket: - description: Deprecated. - properties: - host: - description: 'Optional: Host name - to connect to, defaults to the - pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of - the port to access on the container. - Number must be in the range - 1 to 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - type: object - livenessProbe: - description: Periodic probe of container liveness. - Container will be restarted if the probe - fails. - properties: - exec: - description: Exec specifies the action - to take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the command ' - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures - for the probe to be considered failed - after having succeeded. - format: int32 - type: integer - grpc: - description: GRPC specifies an action - involving a GRPC port. - properties: - port: - description: Port number of the gRPC - service. Number must be in the range - 1 to 65535. - format: int32 - type: integer - service: - description: Service is the name of - the service to place in the gRPC - HealthCheckRequest (see https://github. - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect - to, defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set - in the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in - HTTP probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the - HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the - port to access on the container. - Number must be in the range 1 to - 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: Number of seconds after the - container has started before liveness - probes are initiated. - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to - perform the probe. Default to 10 seconds. - Minimum value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes - for the probe to be considered successful - after having failed. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action - involving a TCP port. - properties: - host: - description: 'Optional: Host name - to connect to, defaults to the pod - IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the - port to access on the container. - Number must be in the range 1 to - 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds - the pod needs to terminate gracefully - upon probe failure. - format: int64 - type: integer - timeoutSeconds: - description: Number of seconds after which - the probe times out. Defaults to 1 second. - Minimum value is 1. - format: int32 - type: integer - type: object - name: - description: Name of the container specified - as a DNS_LABEL. - type: string - ports: - description: List of ports to expose from - the container. - items: - description: ContainerPort represents a - network port in a single container. - properties: - containerPort: - description: Number of port to expose - on the pod's IP address. This must - be a valid port number, 0 < x < 65536. - format: int32 - type: integer - hostIP: - description: What host IP to bind the - external port to. - type: string - hostPort: - description: Number of port to expose - on the host. If specified, this must - be a valid port number, 0 < x < 65536. - format: int32 - type: integer - name: - description: If specified, this must - be an IANA_SVC_NAME and unique within - the pod. - type: string - protocol: - default: TCP - description: Protocol for port. Must - be UDP, TCP, or SCTP. Defaults to - "TCP". - type: string - required: - - containerPort - type: object - type: array - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: Periodic probe of container service - readiness. - properties: - exec: - description: Exec specifies the action - to take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the command ' - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures - for the probe to be considered failed - after having succeeded. - format: int32 - type: integer - grpc: - description: GRPC specifies an action - involving a GRPC port. - properties: - port: - description: Port number of the gRPC - service. Number must be in the range - 1 to 65535. - format: int32 - type: integer - service: - description: Service is the name of - the service to place in the gRPC - HealthCheckRequest (see https://github. - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect - to, defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set - in the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in - HTTP probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the - HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the - port to access on the container. - Number must be in the range 1 to - 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: Number of seconds after the - container has started before liveness - probes are initiated. - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to - perform the probe. Default to 10 seconds. - Minimum value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes - for the probe to be considered successful - after having failed. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action - involving a TCP port. - properties: - host: - description: 'Optional: Host name - to connect to, defaults to the pod - IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the - port to access on the container. - Number must be in the range 1 to - 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds - the pod needs to terminate gracefully - upon probe failure. - format: int64 - type: integer - timeoutSeconds: - description: Number of seconds after which - the probe times out. Defaults to 1 second. - Minimum value is 1. - format: int32 - type: integer - type: object - resources: - description: 'Compute Resources required by - this container. Cannot be updated. More - info: https://kubernetes.' - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Limits describes the maximum - amount of compute resources allowed. - More info: https://kubernetes.' - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: Requests describes the minimum - amount of compute resources required. - type: object - type: object - securityContext: - description: SecurityContext defines the security - options the container should be run with. - properties: - allowPrivilegeEscalation: - description: AllowPrivilegeEscalation - controls whether a process can gain - more privileges than its parent process - type: boolean - capabilities: - description: The capabilities to add/drop - when running containers. - properties: - add: - description: Added capabilities - items: - description: Capability represent - POSIX capabilities type - type: string - type: array - drop: - description: Removed capabilities - items: - description: Capability represent - POSIX capabilities type - type: string - type: array - type: object - privileged: - description: Run container in privileged - mode. - type: boolean - procMount: - description: procMount denotes the type - of proc mount to use for the containers. - type: string - readOnlyRootFilesystem: - description: Whether this container has - a read-only root filesystem. Default - is false. - type: boolean - runAsGroup: - description: The GID to run the entrypoint - of the container process. Uses runtime - default if unset. - format: int64 - type: integer - runAsNonRoot: - description: Indicates that the container - must run as a non-root user. - type: boolean - runAsUser: - description: The UID to run the entrypoint - of the container process. - format: int64 - type: integer - seLinuxOptions: - description: The SELinux context to be - applied to the container. - properties: - level: - description: Level is SELinux level - label that applies to the container. - type: string - role: - description: Role is a SELinux role - label that applies to the container. - type: string - type: - description: Type is a SELinux type - label that applies to the container. - type: string - user: - description: User is a SELinux user - label that applies to the container. - type: string - type: object - seccompProfile: - description: The seccomp options to use - by this container. - properties: - localhostProfile: - description: localhostProfile indicates - a profile defined in a file on the - node should be used. - type: string - type: - description: type indicates which - kind of seccomp profile will be - applied. - type: string - required: - - type - type: object - windowsOptions: - description: The Windows specific settings - applied to all containers. - properties: - gmsaCredentialSpec: - description: GMSACredentialSpec is - where the GMSA admission webhook - (https://github. - type: string - gmsaCredentialSpecName: - description: GMSACredentialSpecName - is the name of the GMSA credential - spec to use. - type: string - hostProcess: - description: HostProcess determines - if a container should be run as - a 'Host Process' container. - type: boolean - runAsUserName: - description: The UserName in Windows - to run the entrypoint of the container - process. - type: string - type: object - type: object - startupProbe: - description: StartupProbe indicates that the - Pod has successfully initialized. - properties: - exec: - description: Exec specifies the action - to take. - properties: - command: - description: 'Command is the command - line to execute inside the container, - the working directory for the command ' - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures - for the probe to be considered failed - after having succeeded. - format: int32 - type: integer - grpc: - description: GRPC specifies an action - involving a GRPC port. - properties: - port: - description: Port number of the gRPC - service. Number must be in the range - 1 to 65535. - format: int32 - type: integer - service: - description: Service is the name of - the service to place in the gRPC - HealthCheckRequest (see https://github. - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http - request to perform. - properties: - host: - description: Host name to connect - to, defaults to the pod IP. - type: string - httpHeaders: - description: Custom headers to set - in the request. HTTP allows repeated - headers. - items: - description: HTTPHeader describes - a custom header to be used in - HTTP probes - properties: - name: - description: The header field - name - type: string - value: - description: The header field - value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the - HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the - port to access on the container. - Number must be in the range 1 to - 65535. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: Number of seconds after the - container has started before liveness - probes are initiated. - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to - perform the probe. Default to 10 seconds. - Minimum value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes - for the probe to be considered successful - after having failed. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action - involving a TCP port. - properties: - host: - description: 'Optional: Host name - to connect to, defaults to the pod - IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the - port to access on the container. - Number must be in the range 1 to - 65535. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds - the pod needs to terminate gracefully - upon probe failure. - format: int64 - type: integer - timeoutSeconds: - description: Number of seconds after which - the probe times out. Defaults to 1 second. - Minimum value is 1. - format: int32 - type: integer - type: object - stdin: - description: Whether this container should - allocate a buffer for stdin in the container - runtime. - type: boolean - stdinOnce: - description: Whether the container runtime - should close the stdin channel after it - has been opened by a single at - type: boolean - terminationMessagePath: - description: 'Optional: Path at which the - file to which the container''s termination - message will be written is mou' - type: string - terminationMessagePolicy: - description: Indicate how the termination - message should be populated. - type: string - tty: - description: Whether this container should - allocate a TTY for itself, also requires - 'stdin' to be true. - type: boolean - volumeDevices: - description: volumeDevices is the list of - block devices to be used by the container. - items: - description: volumeDevice describes a mapping - of a raw block device within a container. - properties: - devicePath: - description: devicePath is the path - inside of the container that the device - will be mapped to. - type: string - name: - description: name must match the name - of a persistentVolumeClaim in the - pod - type: string - required: - - devicePath - - name - type: object - type: array - volumeMounts: - description: Pod volumes to mount into the - container's filesystem. Cannot be updated. - items: - description: VolumeMount describes a mounting - of a Volume within a container. - properties: - mountPath: - description: Path within the container - at which the volume should be mounted. Must - not contain ':'. - type: string - mountPropagation: - description: mountPropagation determines - how mounts are propagated from the - host to container and the other way - a - type: string - name: - description: This must match the Name - of a Volume. - type: string - readOnly: - description: Mounted read-only if true, - read-write otherwise (false or unspecified). - Defaults to false. - type: boolean - subPath: - description: Path within the volume - from which the container's volume - should be mounted. - type: string - subPathExpr: - description: Expanded path within the - volume from which the container's - volume should be mounted. - type: string - required: - - mountPath - - name - type: object - type: array - workingDir: - description: Container's working directory. - type: string - required: - - name - type: object - type: array - nodeName: - description: NodeName is a request to schedule this - pod onto a specific node. - type: string - nodeSelector: - additionalProperties: - type: string - description: NodeSelector is a selector which must - be true for the pod to fit on a node. - type: object - x-kubernetes-map-type: atomic - os: - description: Specifies the OS of the containers - in the pod. - properties: - name: - description: Name is the name of the operating - system. The currently supported values are - linux and windows. - type: string - required: - - name - type: object - overhead: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: Overhead represents the resource overhead - associated with running a pod for a given RuntimeClass. - type: object - preemptionPolicy: - description: PreemptionPolicy is the Policy for - preempting pods with lower priority. - type: string - priority: - description: The priority value. Various system - components use this field to find the priority - of the pod. - format: int32 - type: integer - priorityClassName: - description: If specified, indicates the pod's priority. - type: string - readinessGates: - description: If specified, all readiness gates will - be evaluated for pod readiness. - items: - description: PodReadinessGate contains the reference - to a pod condition - properties: - conditionType: - description: ConditionType refers to a condition - in the pod's condition list with matching - type. - type: string - required: - - conditionType - type: object - type: array - restartPolicy: - description: Restart policy for all containers within - the pod. One of Always, OnFailure, Never. - type: string - runtimeClassName: - description: RuntimeClassName refers to a RuntimeClass - object in the node.k8s. - type: string - schedulerName: - description: If specified, the pod will be dispatched - by specified scheduler. - type: string - securityContext: - description: SecurityContext holds pod-level security - attributes and common container settings. - properties: - fsGroup: - description: A special supplemental group that - applies to all containers in a pod. - format: int64 - type: integer - fsGroupChangePolicy: - description: fsGroupChangePolicy defines behavior - of changing ownership and permission of the - volume before being - type: string - runAsGroup: - description: The GID to run the entrypoint of - the container process. Uses runtime default - if unset. - format: int64 - type: integer - runAsNonRoot: - description: Indicates that the container must - run as a non-root user. - type: boolean - runAsUser: - description: The UID to run the entrypoint of - the container process. - format: int64 - type: integer - seLinuxOptions: - description: The SELinux context to be applied - to all containers. - properties: - level: - description: Level is SELinux level label - that applies to the container. - type: string - role: - description: Role is a SELinux role label - that applies to the container. - type: string - type: - description: Type is a SELinux type label - that applies to the container. - type: string - user: - description: User is a SELinux user label - that applies to the container. - type: string - type: object - seccompProfile: - description: The seccomp options to use by the - containers in this pod. - properties: - localhostProfile: - description: localhostProfile indicates - a profile defined in a file on the node - should be used. - type: string - type: - description: type indicates which kind of - seccomp profile will be applied. - type: string - required: - - type - type: object - supplementalGroups: - description: 'A list of groups applied to the - first process run in each container, in addition - to the container''s ' - items: - format: int64 - type: integer - type: array - sysctls: - description: Sysctls hold a list of namespaced - sysctls used for the pod. - items: - description: Sysctl defines a kernel parameter - to be set - properties: - name: - description: Name of a property to set - type: string - value: - description: Value of a property to set - type: string - required: - - name - - value - type: object - type: array - windowsOptions: - description: The Windows specific settings applied - to all containers. - properties: - gmsaCredentialSpec: - description: GMSACredentialSpec is where - the GMSA admission webhook (https://github. - type: string - gmsaCredentialSpecName: - description: GMSACredentialSpecName is the - name of the GMSA credential spec to use. - type: string - hostProcess: - description: HostProcess determines if a - container should be run as a 'Host Process' - container. - type: boolean - runAsUserName: - description: The UserName in Windows to - run the entrypoint of the container process. - type: string - type: object - type: object - serviceAccount: - description: DeprecatedServiceAccount is a depreciated - alias for ServiceAccountName. - type: string - serviceAccountName: - description: ServiceAccountName is the name of the - ServiceAccount to use to run this pod. - type: string - setHostnameAsFQDN: - description: If true the pod's hostname will be - configured as the pod's FQDN, rather than the - leaf name (the defa - type: boolean - shareProcessNamespace: - description: Share a single process namespace between - all of the containers in a pod. - type: boolean - subdomain: - description: If specified, the fully qualified Pod - hostname will be "...svc. - type: string - terminationGracePeriodSeconds: - description: Optional duration in seconds the pod - needs to terminate gracefully. - format: int64 - type: integer - tolerations: - description: If specified, the pod's tolerations. - items: - description: The pod this Toleration is attached - to tolerates any taint that matches the triple - name on the dataset for - Flocker should be considered as de - type: string - datasetUUID: - description: UUID of the dataset. This - is unique identifier of a Flocker dataset - type: string - type: object - gcePersistentDisk: - description: GCEPersistentDisk represents - a GCE Disk resource that is attached to - a kubelet's host machine and th - properties: - fsType: - description: Filesystem type of the volume - that you want to mount. - type: string - partition: - description: The partition in the volume - that you want to mount. - format: int32 - type: integer - pdName: - description: Unique name of the PD resource - in GCE. Used to identify the disk in - GCE. - type: string - readOnly: - description: ReadOnly here will force - the ReadOnly setting in VolumeMounts. - Defaults to false. - type: boolean - required: - - pdName - type: object - gitRepo: - description: 'GitRepo represents a git repository - at a particular revision. DEPRECATED: GitRepo - is deprecated.' - properties: - directory: - description: Target directory name. Must - not contain or start with '..'. If - '. - type: string - repository: - description: Repository URL - type: string - revision: - description: Commit hash for the specified - revision. - type: string - required: - - repository - type: object - glusterfs: - description: Glusterfs represents a Glusterfs - mount on the host that shares a pod's lifetime. - properties: - endpoints: - description: 'EndpointsName is the endpoint - name that details Glusterfs topology. - More info: https://examples.k8s.' - type: string - path: - description: 'Path is the Glusterfs volume - path. More info: https://examples.k8s.io/volumes/glusterfs/README.' - type: string - readOnly: - description: ReadOnly here will force - the Glusterfs volume to be mounted with - read-only permissions. - type: boolean - required: - - endpoints - - path - type: object - hostPath: - description: HostPath represents a pre-existing - file or directory on the host machine that - is directly exposed to - properties: - path: - description: Path of the directory on - the host. - type: string - type: - description: 'Type for HostPath Volume - Defaults to "" More info: https://kubernetes.' - type: string - required: - - path - type: object - iscsi: - description: ISCSI represents an ISCSI Disk - resource that is attached to a kubelet's - host machine and then expose - properties: - chapAuthDiscovery: - description: whether support iSCSI Discovery - CHAP authentication - type: boolean - chapAuthSession: - description: whether support iSCSI Session - CHAP authentication - type: boolean - fsType: - description: Filesystem type of the volume - that you want to mount. - type: string - initiatorName: - description: Custom iSCSI Initiator Name. - type: string - iqn: - description: Target iSCSI Qualified Name. - type: string - iscsiInterface: - description: iSCSI Interface Name that - uses an iSCSI transport. Defaults to - 'default' (tcp). - type: string - lun: - description: iSCSI Target Lun number. - format: int32 - type: integer - portals: - description: iSCSI Target Portal List. - items: - type: string - type: array - readOnly: - description: ReadOnly here will force - the ReadOnly setting in VolumeMounts. - Defaults to false. - type: boolean - secretRef: - description: CHAP Secret for iSCSI target - and initiator authentication - properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - type: object - targetPortal: - description: iSCSI Target Portal. - type: string - required: - - iqn - - lun - - targetPortal - type: object - name: - description: 'Volume''s name. Must be a DNS_LABEL - and unique within the pod. More info: https://kubernetes.' - type: string - nfs: - description: 'NFS represents an NFS mount - on the host that shares a pod''s lifetime - More info: https://kubernetes.' - properties: - path: - description: 'Path that is exported by - the NFS server. More info: https://kubernetes.' - type: string - readOnly: - description: ReadOnly here will force - the NFS export to be mounted with read-only - permissions. Defaults to false. - type: boolean - server: - description: 'Server is the hostname or - IP address of the NFS server. More info: - https://kubernetes.' - type: string - required: - - path - - server - type: object - persistentVolumeClaim: - description: PersistentVolumeClaimVolumeSource - represents a reference to a PersistentVolumeClaim - in the same name - properties: - claimName: - description: ClaimName is the name of - a PersistentVolumeClaim in the same - namespace as the pod using this volume. - type: string - readOnly: - description: Will force the ReadOnly setting - in VolumeMounts. Default false. - type: boolean - required: - - claimName - type: object - photonPersistentDisk: - description: 'PhotonPersistentDisk represents - a PhotonController persistent disk attached - and mounted on kubelets ' - properties: - fsType: - description: Filesystem type to mount. - Must be a filesystem type supported - by the host operating system. Ex. - type: string - pdID: - description: ID that identifies Photon - Controller persistent disk - type: string - required: - - pdID - type: object - portworxVolume: - description: PortworxVolume represents a portworx - volume attached and mounted on kubelets - host machine - properties: - fsType: - description: FSType represents the filesystem - type to mount Must be a filesystem type - supported by the host opera - type: string - readOnly: - description: Defaults to false (read/write). - ReadOnly here will force the ReadOnly - setting in VolumeMounts. - type: boolean - volumeID: - description: VolumeID uniquely identifies - a Portworx volume - type: string - required: - - volumeID - type: object - projected: - description: Items for all in one resources - secrets, configmaps, and downward API - properties: - defaultMode: - description: Mode bits used to set permissions - on created files by default. - format: int32 - type: integer - sources: - description: list of volume projections - items: - description: Projection that may be - projected along with other supported - volume types - properties: - configMap: - description: information about the - configMap data to project - properties: - items: - description: 'If unspecified, - each key-value pair in the - Data field of the referenced - ConfigMap will be projected ' - items: - description: Maps a string - key to a path within a volume. - properties: - key: - description: The key to - project. - type: string - mode: - description: 'Optional: - mode bits used to set - permissions on this - file.' - format: int32 - type: integer - path: - description: The relative - path of the file to - map the key to. May - not be an absolute path. - type: string - required: - - key - - path - type: object - type: array - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether - the ConfigMap or its keys - must be defined - type: boolean - type: object - downwardAPI: - description: information about the - downwardAPI data to project - properties: - items: - description: Items is a list - of DownwardAPIVolume file - items: - description: DownwardAPIVolumeFile - represents information to - create the file containing - the pod field - properties: - fieldRef: - description: 'Required: - Selects a field of the - pod: only annotations, - labels, name and namespace - are supported.' - properties: - apiVersion: - description: Version - of the schema the - FieldPath is written - in terms of, defaults - to "v1". - type: string - fieldPath: - description: Path - of the field to - select in the specified - API version. - type: string - required: - - fieldPath - type: object - mode: - description: 'Optional: - mode bits used to set - permissions on this - file, must be an octal - value between 0000 and - 07' - format: int32 - type: integer - path: - description: 'Required: - Path is the relative - path name of the file - to be created.' - type: string - resourceFieldRef: - description: 'Selects - a resource of the container: - only resources limits - and requests (limits.cpu, - limits.' - properties: - containerName: - description: 'Container - name: required for - volumes, optional - for env vars' - type: string - divisor: - anyOf: - - type: integer - - type: string - description: Specifies - the output format - of the exposed resources, - defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: 'Required: - resource to select' - type: string - required: - - resource - type: object - required: - - path - type: object - type: array - type: object - secret: - description: information about the - secret data to project - properties: - items: - description: If unspecified, - each key-value pair in the - Data field of the referenced - Secret will be projected int - items: - description: Maps a string - key to a path within a volume. - properties: - key: - description: The key to - project. - type: string - mode: - description: 'Optional: - mode bits used to set - permissions on this - file.' - format: int32 - type: integer - path: - description: The relative - path of the file to - map the key to. May - not be an absolute path. - type: string - required: - - key - - path - type: object - type: array - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - optional: - description: Specify whether - the Secret or its key must - be defined - type: boolean - type: object - serviceAccountToken: - description: information about the - serviceAccountToken data to project - properties: - audience: - description: Audience is the - intended audience of the token. - type: string - expirationSeconds: - description: ExpirationSeconds - is the requested duration - of validity of the service - account token. - format: int64 - type: integer - path: - description: Path is the path - relative to the mount point - of the file to project the - token into. - type: string - required: - - path - type: object - type: object - type: array - type: object - quobyte: - description: Quobyte represents a Quobyte - mount on the host that shares a pod's lifetime - properties: - group: - description: Group to map volume access - to Default is no group - type: string - readOnly: - description: ReadOnly here will force - the Quobyte volume to be mounted with - read-only permissions. - type: boolean - registry: - description: Registry represents a single - or multiple Quobyte Registry services - specified as a string as host:por - type: string - tenant: - description: Tenant owning the given Quobyte - volume in the Backend Used with dynamically - provisioned Quobyte volu - type: string - user: - description: User to map volume access - to Defaults to serivceaccount user - type: string - volume: - description: Volume is a string that references - an already created Quobyte volume by - name. - type: string - required: - - registry - - volume - type: object - rbd: - description: RBD represents a Rados Block - Device mount on the host that shares a pod's - lifetime. - properties: - fsType: - description: Filesystem type of the volume - that you want to mount. - type: string - image: - description: 'The rados image name. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: string - keyring: - description: Keyring is the path to key - ring for RBDUser. Default is /etc/ceph/keyring. - type: string - monitors: - description: 'A collection of Ceph monitors. - More info: https://examples.k8s.io/volumes/rbd/README.' - items: - type: string - type: array - pool: - description: 'The rados pool name. Default - is rbd. More info: https://examples.k8s.io/volumes/rbd/README.' - type: string - readOnly: - description: ReadOnly here will force - the ReadOnly setting in VolumeMounts. - Defaults to false. - type: boolean - secretRef: - description: SecretRef is name of the - authentication secret for RBDUser. If - provided overrides keyring. - properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - type: object - user: - description: 'The rados user name. Default - is admin. More info: https://examples.k8s.io/volumes/rbd/README.' - type: string - required: - - image - - monitors - type: object - scaleIO: - description: ScaleIO represents a ScaleIO - persistent volume attached and mounted on - Kubernetes nodes. - properties: - fsType: - description: Filesystem type to mount. - Must be a filesystem type supported - by the host operating system. Ex. - type: string - gateway: - description: The host address of the ScaleIO - API Gateway. - type: string - protectionDomain: - description: The name of the ScaleIO Protection - Domain for the configured storage. - type: string - readOnly: - description: Defaults to false (read/write). - ReadOnly here will force the ReadOnly - setting in VolumeMounts. - type: boolean - secretRef: - description: SecretRef references to the - secret for ScaleIO user and other sensitive - information. - properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - type: object - sslEnabled: - description: Flag to enable/disable SSL - communication with Gateway, default - false - type: boolean - storageMode: - description: Indicates whether the storage - for a volume should be ThickProvisioned - or ThinProvisioned. - type: string - storagePool: - description: The ScaleIO Storage Pool - associated with the protection domain. - type: string - system: - description: The name of the storage system - as configured in ScaleIO. - type: string - volumeName: - description: The name of a volume already - created in the ScaleIO system that is - associated with this volume sourc - type: string - required: - - gateway - - secretRef - - system - type: object - secret: - description: 'Secret represents a secret that - should populate this volume. More info: - https://kubernetes.' - properties: - defaultMode: - description: 'Optional: mode bits used - to set permissions on created files - by default.' - format: int32 - type: integer - items: - description: If unspecified, each key-value - pair in the Data field of the referenced - Secret will be projected int - items: - description: Maps a string key to a - path within a volume. - properties: - key: - description: The key to project. - type: string - mode: - description: 'Optional: mode bits - used to set permissions on this - file.' - format: int32 - type: integer - path: - description: The relative path of - the file to map the key to. May - not be an absolute path. - type: string - required: - - key - - path - type: object - type: array - optional: - description: Specify whether the Secret - or its keys must be defined - type: boolean - secretName: - description: 'Name of the secret in the - pod''s namespace to use. More info: - https://kubernetes.' - type: string - type: object - storageos: - description: StorageOS represents a StorageOS - volume attached and mounted on Kubernetes - nodes. - properties: - fsType: - description: Filesystem type to mount. - Must be a filesystem type supported - by the host operating system. Ex. - type: string - readOnly: - description: Defaults to false (read/write). - ReadOnly here will force the ReadOnly - setting in VolumeMounts. - type: boolean - secretRef: - description: SecretRef specifies the secret - to use for obtaining the StorageOS API - credentials. - properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.' - type: string - type: object - volumeName: - description: VolumeName is the human-readable - name of the StorageOS volume. - type: string - volumeNamespace: - description: VolumeNamespace specifies - the scope of the volume within StorageOS. - type: string - type: object - vsphereVolume: - description: VsphereVolume represents a vSphere - volume attached and mounted on kubelets - host machine - properties: - fsType: - description: Filesystem type to mount. - Must be a filesystem type supported - by the host operating system. Ex. - type: string - storagePolicyID: - description: Storage Policy Based Management - (SPBM) profile ID associated with the - StoragePolicyName. - type: string - storagePolicyName: - description: Storage Policy Based Management - (SPBM) profile name. - type: string - volumePath: - description: Path that identifies vSphere - volume vmdk - type: string - required: - - volumePath - type: object - required: - - name - type: object - type: array - required: - - containers - type: object - type: object - required: - - groupName - - maxReplicas - - minReplicas - - rayStartParams - - replicas - - template - type: object - type: array - required: - - headGroupSpec - type: object - serveConfig: - description: 'Important: Run "make" to regenerate code after modifying - this file' - properties: - deployments: - items: - description: ServeConfigSpec defines the desired state of RayService - Reference to http://rayserve.org - properties: - autoscalingConfig: - type: string - gracefulShutdownTimeoutS: - format: int32 - type: integer - gracefulShutdownWaitLoopS: - format: int32 - type: integer - healthCheckPeriodS: - format: int32 - type: integer - healthCheckTimeoutS: - format: int32 - type: integer - maxConcurrentQueries: - format: int32 - type: integer - name: - type: string - numReplicas: - format: int32 - type: integer - rayActorOptions: - description: RayActorOptionSpec defines the desired state - of RayActor - properties: - acceleratorType: - type: string - memory: - format: int32 - type: integer - numCpus: - type: number - numGpus: - type: number - objectStoreMemory: - format: int32 - type: integer - resources: - type: string - runtimeEnv: - type: string - type: object - routePrefix: - type: string - userConfig: - type: string - required: - - name - type: object - type: array - importPath: - type: string - runtimeEnv: - type: string - required: - - importPath - type: object - serviceUnhealthySecondThreshold: - format: int32 - type: integer - type: object - status: - description: RayServiceStatuses defines the observed state of RayService - properties: - activeServiceStatus: - properties: - appStatus: - description: 'Important: Run "make" to regenerate code after modifying - this file' - properties: - healthLastUpdateTime: - description: Keep track of how long the service is healthy. - format: date-time - type: string - lastUpdateTime: - format: date-time - type: string - message: - type: string - status: - type: string - type: object - dashboardStatus: - description: DashboardStatus defines the current states of Ray - Dashboard - properties: - healthLastUpdateTime: - description: Keep track of how long the dashboard is healthy. - format: date-time - type: string - isHealthy: - type: boolean - lastUpdateTime: - format: date-time - type: string - type: object - rayClusterName: - type: string - rayClusterStatus: - description: RayClusterStatus defines the observed state of RayCluster - properties: - availableWorkerReplicas: - description: AvailableWorkerReplicas indicates how many replicas - are available in the cluster - format: int32 - type: integer - desiredWorkerReplicas: - description: DesiredWorkerReplicas indicates overall desired - replicas claimed by the user at the cluster level. - format: int32 - type: integer - endpoints: - additionalProperties: - type: string - description: Service Endpoints - type: object - lastUpdateTime: - description: LastUpdateTime indicates last update timestamp - for this cluster status. - format: date-time - nullable: true - type: string - maxWorkerReplicas: - description: MaxWorkerReplicas indicates sum of maximum replicas - of each node group. - format: int32 - type: integer - minWorkerReplicas: - description: MinWorkerReplicas indicates sum of minimum replicas - of each node group. - format: int32 - type: integer - state: - description: 'INSERT ADDITIONAL STATUS FIELD - define observed - state of cluster Important: Run "make" to regenerat' - type: string - type: object - serveDeploymentStatuses: - items: - description: ServeDeploymentStatus defines the current state - of Serve Deployment - properties: - healthLastUpdateTime: - description: Keep track of how long the service is healthy. - format: date-time - type: string - lastUpdateTime: - format: date-time - type: string - message: - type: string - name: - description: Name, Status, Message are from Ray Dashboard - to represent the state of a serve deployment. - type: string - status: - description: 'TODO: change status type to enum' - type: string - type: object - type: array - type: object - pendingServiceStatus: - description: Pending Service Status indicates a RayCluster will be - created or is being created. - properties: - appStatus: - description: 'Important: Run "make" to regenerate code after modifying - this file' - properties: - healthLastUpdateTime: - description: Keep track of how long the service is healthy. - format: date-time - type: string - lastUpdateTime: - format: date-time - type: string - message: - type: string - status: - type: string - type: object - dashboardStatus: - description: DashboardStatus defines the current states of Ray - Dashboard - properties: - healthLastUpdateTime: - description: Keep track of how long the dashboard is healthy. - format: date-time - type: string - isHealthy: - type: boolean - lastUpdateTime: - format: date-time - type: string - type: object - rayClusterName: - type: string - rayClusterStatus: - description: RayClusterStatus defines the observed state of RayCluster - properties: - availableWorkerReplicas: - description: AvailableWorkerReplicas indicates how many replicas - are available in the cluster - format: int32 - type: integer - desiredWorkerReplicas: - description: DesiredWorkerReplicas indicates overall desired - replicas claimed by the user at the cluster level. - format: int32 - type: integer - endpoints: - additionalProperties: - type: string - description: Service Endpoints - type: object - lastUpdateTime: - description: LastUpdateTime indicates last update timestamp - for this cluster status. - format: date-time - nullable: true - type: string - maxWorkerReplicas: - description: MaxWorkerReplicas indicates sum of maximum replicas - of each node group. - format: int32 - type: integer - minWorkerReplicas: - description: MinWorkerReplicas indicates sum of minimum replicas - of each node group. - format: int32 - type: integer - state: - description: 'INSERT ADDITIONAL STATUS FIELD - define observed - state of cluster Important: Run "make" to regenerat' - type: string - type: object - serveDeploymentStatuses: - items: - description: ServeDeploymentStatus defines the current state - of Serve Deployment - properties: - healthLastUpdateTime: - description: Keep track of how long the service is healthy. - format: date-time - type: string - lastUpdateTime: - format: date-time - type: string - message: - type: string - name: - description: Name, Status, Message are from Ray Dashboard - to represent the state of a serve deployment. - type: string - status: - description: 'TODO: change status type to enum' - type: string - type: object - type: array - type: object - serviceStatus: - description: ServiceStatus indicates the current RayService status. - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/infrastructure/helm/quantumserverless/charts/operator/templates/_helpers.tpl b/infrastructure/helm/quantumserverless/charts/operator/templates/_helpers.tpl deleted file mode 100644 index 040cdd9e4..000000000 --- a/infrastructure/helm/quantumserverless/charts/operator/templates/_helpers.tpl +++ /dev/null @@ -1,56 +0,0 @@ -{{/* vim: set filetype=mustache: */}} -{{/* -Expand the name of the chart. -*/}} -{{- define "kuberay-operator.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "kuberay-operator.fullname" -}} -{{- if .Values.fullnameOverride -}} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- $name := default .Chart.Name .Values.nameOverride -}} -{{- if contains $name .Release.Name -}} -{{- .Release.Name | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} -{{- end -}} -{{- end -}} -{{- end -}} - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "kuberay-operator.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Common labels -*/}} -{{- define "kuberay-operator.labels" -}} -app.kubernetes.io/name: {{ include "kuberay-operator.name" . }} -helm.sh/chart: {{ include "kuberay-operator.chart" . }} -app.kubernetes.io/instance: {{ .Release.Name }} -{{- if .Chart.AppVersion }} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} -{{- end }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- end -}} - -{{/* -Create the name of the service account to use -*/}} -{{- define "kuberay-operator.serviceAccountName" -}} -{{- if .Values.serviceAccount.create -}} - {{ default (include "kuberay-operator.fullname" .) .Values.serviceAccount.name }} -{{- else -}} - {{ default "default" .Values.serviceAccount.name }} -{{- end -}} -{{- end -}} diff --git a/infrastructure/helm/quantumserverless/charts/operator/templates/deployment.yaml b/infrastructure/helm/quantumserverless/charts/operator/templates/deployment.yaml deleted file mode 100644 index f41959adb..000000000 --- a/infrastructure/helm/quantumserverless/charts/operator/templates/deployment.yaml +++ /dev/null @@ -1,68 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "kuberay-operator.fullname" . }} - labels: -{{ include "kuberay-operator.labels" . | indent 4 }} -spec: - replicas: {{ .Values.replicaCount }} - selector: - matchLabels: - app.kubernetes.io/name: {{ include "kuberay-operator.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - template: - metadata: - labels: - app.kubernetes.io/name: {{ include "kuberay-operator.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - spec: - {{- with .Values.imagePullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} - serviceAccountName: {{ .Values.serviceAccount.name }} - volumes: [] - securityContext: - {{- toYaml .Values.podSecurityContext | nindent 8 }} - containers: - - name: {{ .Chart.Name }} - securityContext: - {{- toYaml .Values.securityContext | nindent 12 }} - image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" - imagePullPolicy: {{ .Values.image.pullPolicy }} - volumeMounts: [] - command: - - /manager - ports: - - name: http - containerPort: 8080 - protocol: TCP - env: [] - livenessProbe: - httpGet: - path: /metrics - port: http - initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.livenessProbe.periodSeconds }} - failureThreshold: {{ .Values.livenessProbe.failureThreshold }} - readinessProbe: - httpGet: - path: /metrics - port: http - initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.readinessProbe.periodSeconds }} - failureThreshold: {{ .Values.readinessProbe.failureThreshold }} - resources: - {{- toYaml .Values.resources | nindent 12 }} - {{- with .Values.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} diff --git a/infrastructure/helm/quantumserverless/charts/operator/templates/leader-role.yaml b/infrastructure/helm/quantumserverless/charts/operator/templates/leader-role.yaml deleted file mode 100644 index c86852eb1..000000000 --- a/infrastructure/helm/quantumserverless/charts/operator/templates/leader-role.yaml +++ /dev/null @@ -1,35 +0,0 @@ -{{- if .Values.rbacEnable }} -kind: Role -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - labels: -{{ include "kuberay-operator.labels" . | indent 4 }} - name: {{ include "kuberay-operator.fullname" . }} -rules: -- apiGroups: - - "" - resources: - - configmaps - verbs: - - get - - list - - watch - - create - - update - - patch - - delete -- apiGroups: - - "" - resources: - - configmaps/status - verbs: - - get - - update - - patch -- apiGroups: - - "" - resources: - - events - verbs: - - create -{{- end }} diff --git a/infrastructure/helm/quantumserverless/charts/operator/templates/leader-rolebinding.yaml b/infrastructure/helm/quantumserverless/charts/operator/templates/leader-rolebinding.yaml deleted file mode 100644 index bf7c5db16..000000000 --- a/infrastructure/helm/quantumserverless/charts/operator/templates/leader-rolebinding.yaml +++ /dev/null @@ -1,16 +0,0 @@ -{{- if .Values.rbacEnable }} -kind: RoleBinding -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - labels: -{{ include "kuberay-operator.labels" . | indent 4 }} - name: {{ include "kuberay-operator.fullname" . }} -subjects: -- kind: ServiceAccount - name: {{ .Values.serviceAccount.name }} - namespace: {{ .Release.Namespace }} -roleRef: - kind: Role - name: {{ include "kuberay-operator.fullname" . }} - apiGroup: rbac.authorization.k8s.io -{{- end }} diff --git a/infrastructure/helm/quantumserverless/charts/operator/templates/ray_rayjob_editor_role.yaml b/infrastructure/helm/quantumserverless/charts/operator/templates/ray_rayjob_editor_role.yaml deleted file mode 100644 index 090286ab3..000000000 --- a/infrastructure/helm/quantumserverless/charts/operator/templates/ray_rayjob_editor_role.yaml +++ /dev/null @@ -1,28 +0,0 @@ -# permissions for end users to edit rayjobs. -{{- if .Values.rbacEnable }} -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - labels: -{{ include "kuberay-operator.labels" . | indent 4 }} - name: rayjob-editor-role -rules: -- apiGroups: - - ray.io - resources: - - rayjobs - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - ray.io - resources: - - rayjobs/status - verbs: - - get -{{- end }} diff --git a/infrastructure/helm/quantumserverless/charts/operator/templates/ray_rayjob_viewer_role.yaml b/infrastructure/helm/quantumserverless/charts/operator/templates/ray_rayjob_viewer_role.yaml deleted file mode 100644 index 332147cf7..000000000 --- a/infrastructure/helm/quantumserverless/charts/operator/templates/ray_rayjob_viewer_role.yaml +++ /dev/null @@ -1,24 +0,0 @@ -# permissions for end users to view rayjobs. -{{- if .Values.rbacEnable }} -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - labels: -{{ include "kuberay-operator.labels" . | indent 4 }} - name: rayjob-viewer-role -rules: -- apiGroups: - - ray.io - resources: - - rayjobs - verbs: - - get - - list - - watch -- apiGroups: - - ray.io - resources: - - rayjobs/status - verbs: - - get -{{- end }} diff --git a/infrastructure/helm/quantumserverless/charts/operator/templates/ray_rayservice_editor_role.yaml b/infrastructure/helm/quantumserverless/charts/operator/templates/ray_rayservice_editor_role.yaml deleted file mode 100644 index ea89c9a80..000000000 --- a/infrastructure/helm/quantumserverless/charts/operator/templates/ray_rayservice_editor_role.yaml +++ /dev/null @@ -1,26 +0,0 @@ -# permissions for end users to edit rayservices. -{{- if .Values.rbacEnable }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: rayservice-editor-role -rules: -- apiGroups: - - ray.io - resources: - - rayservices - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - ray.io - resources: - - rayservices/status - verbs: - - get -{{- end }} \ No newline at end of file diff --git a/infrastructure/helm/quantumserverless/charts/operator/templates/ray_rayservice_viewer_role.yaml b/infrastructure/helm/quantumserverless/charts/operator/templates/ray_rayservice_viewer_role.yaml deleted file mode 100644 index ba934485c..000000000 --- a/infrastructure/helm/quantumserverless/charts/operator/templates/ray_rayservice_viewer_role.yaml +++ /dev/null @@ -1,22 +0,0 @@ -# permissions for end users to view rayservices. -{{- if .Values.rbacEnable }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: rayservice-viewer-role -rules: -- apiGroups: - - ray.io - resources: - - rayservices - verbs: - - get - - list - - watch -- apiGroups: - - ray.io - resources: - - rayservices/status - verbs: - - get -{{- end }} \ No newline at end of file diff --git a/infrastructure/helm/quantumserverless/charts/operator/templates/role.yaml b/infrastructure/helm/quantumserverless/charts/operator/templates/role.yaml deleted file mode 100644 index e79592b42..000000000 --- a/infrastructure/helm/quantumserverless/charts/operator/templates/role.yaml +++ /dev/null @@ -1,215 +0,0 @@ -{{- if .Values.rbacEnable }} -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - labels: -{{ include "kuberay-operator.labels" . | indent 4 }} - name: {{ include "kuberay-operator.fullname" . }} -rules: -- apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - create - - get - - list - - update -- apiGroups: - - "" - resources: - - events - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - "" - resources: - - pods - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - "" - resources: - - pods/status - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - "" - resources: - - serviceaccounts - verbs: - - create - - delete - - get - - list - - watch -- apiGroups: - - "" - resources: - - services - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - "" - resources: - - services/status - verbs: - - get - - patch - - update -- apiGroups: - - extensions - resources: - - ingresses - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - networking.k8s.io - resources: - - ingressclasses - verbs: - - get - - list - - watch -- apiGroups: - - networking.k8s.io - resources: - - ingresses - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - ray.io - resources: - - rayclusters - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - ray.io - resources: - - rayclusters/finalizer - verbs: - - update -- apiGroups: - - ray.io - resources: - - rayclusters/status - verbs: - - get - - patch - - update -- apiGroups: - - ray.io - resources: - - rayjobs - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - ray.io - resources: - - rayjobs/finalizer - verbs: - - update -- apiGroups: - - ray.io - resources: - - rayjobs/status - verbs: - - get - - patch - - update -- apiGroups: - - ray.io - resources: - - rayservices - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - ray.io - resources: - - rayservices/finalizers - verbs: - - update -- apiGroups: - - ray.io - resources: - - rayservices/status - verbs: - - get - - patch - - update -- apiGroups: - - rbac.authorization.k8s.io - resources: - - rolebindings - verbs: - - create - - delete - - get - - list - - watch -- apiGroups: - - rbac.authorization.k8s.io - resources: - - roles - verbs: - - create - - delete - - get - - list - - update - - watch -{{- end }} diff --git a/infrastructure/helm/quantumserverless/charts/operator/templates/rolebinding.yaml b/infrastructure/helm/quantumserverless/charts/operator/templates/rolebinding.yaml deleted file mode 100644 index cfa1d0cf8..000000000 --- a/infrastructure/helm/quantumserverless/charts/operator/templates/rolebinding.yaml +++ /dev/null @@ -1,16 +0,0 @@ -{{- if .Values.rbacEnable }} -kind: ClusterRoleBinding -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - labels: -{{ include "kuberay-operator.labels" . | indent 4 }} - name: {{ include "kuberay-operator.fullname" . }} -subjects: -- kind: ServiceAccount - name: {{ .Values.serviceAccount.name }} - namespace: {{ .Release.Namespace }} -roleRef: - kind: ClusterRole - name: {{ include "kuberay-operator.fullname" . }} - apiGroup: rbac.authorization.k8s.io -{{- end }} diff --git a/infrastructure/helm/quantumserverless/charts/operator/templates/service.yaml b/infrastructure/helm/quantumserverless/charts/operator/templates/service.yaml deleted file mode 100644 index 7756d6e64..000000000 --- a/infrastructure/helm/quantumserverless/charts/operator/templates/service.yaml +++ /dev/null @@ -1,16 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: {{ include "kuberay-operator.fullname" . }} - labels: -{{ include "kuberay-operator.labels" . | indent 4 }} -spec: - type: {{ .Values.service.type }} - ports: - - port: {{ .Values.service.port }} - targetPort: http - protocol: TCP - name: http - selector: - app.kubernetes.io/name: {{ include "kuberay-operator.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} diff --git a/infrastructure/helm/quantumserverless/charts/operator/templates/serviceaccount.yaml b/infrastructure/helm/quantumserverless/charts/operator/templates/serviceaccount.yaml deleted file mode 100644 index 1d63ff56a..000000000 --- a/infrastructure/helm/quantumserverless/charts/operator/templates/serviceaccount.yaml +++ /dev/null @@ -1,8 +0,0 @@ -{{- if .Values.serviceAccount.create -}} -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ template "kuberay-operator.serviceAccountName" . }} - labels: -{{ include "kuberay-operator.labels" . | indent 4 }} -{{- end -}} diff --git a/infrastructure/helm/quantumserverless/charts/operator/values.yaml b/infrastructure/helm/quantumserverless/charts/operator/values.yaml deleted file mode 100644 index 6c230594e..000000000 --- a/infrastructure/helm/quantumserverless/charts/operator/values.yaml +++ /dev/null @@ -1,57 +0,0 @@ -# Default values for kuberay-operator. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. - -replicaCount: 1 - -image: - repository: kuberay/operator - tag: nightly - pullPolicy: IfNotPresent - -nameOverride: "kuberay-operator" -fullnameOverride: "kuberay-operator" - -## Install Default RBAC roles and bindings -rbac: - create: true - apiVersion: v1 - -serviceAccount: - # Specifies whether a service account should be created - create: true - # The name of the service account to use. - # If not set and create is true, a name is generated using the fullname template - name: "kuberay-operator" - -service: - type: ClusterIP - port: 8080 - -ingress: - enabled: false - -resources: - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do whelm to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - limits: - cpu: 100m - memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi - -livenessProbe: - initialDelaySeconds: 10 - periodSeconds: 5 - failureThreshold: 5 - -readinessProbe: - initialDelaySeconds: 10 - periodSeconds: 5 - failureThreshold: 5 - -createCustomResource: true -rbacEnable: true diff --git a/infrastructure/helm/quantumserverless/charts/ray-cluster/.helmignore b/infrastructure/helm/quantumserverless/charts/ray-cluster/.helmignore deleted file mode 100644 index 50af03172..000000000 --- a/infrastructure/helm/quantumserverless/charts/ray-cluster/.helmignore +++ /dev/null @@ -1,22 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj -.vscode/ diff --git a/infrastructure/helm/quantumserverless/charts/ray-cluster/Chart.yaml b/infrastructure/helm/quantumserverless/charts/ray-cluster/Chart.yaml deleted file mode 100644 index 48850503c..000000000 --- a/infrastructure/helm/quantumserverless/charts/ray-cluster/Chart.yaml +++ /dev/null @@ -1,6 +0,0 @@ -apiVersion: v1 -appVersion: "1.0" -description: A Helm chart for Kubernetes -name: ray-cluster -version: 0.3.0 -icon: https://github.com/ray-project/ray/raw/master/doc/source/images/ray_header_logo.png diff --git a/infrastructure/helm/quantumserverless/charts/ray-cluster/README.md b/infrastructure/helm/quantumserverless/charts/ray-cluster/README.md deleted file mode 100644 index f8e416c89..000000000 --- a/infrastructure/helm/quantumserverless/charts/ray-cluster/README.md +++ /dev/null @@ -1,67 +0,0 @@ -# Ray Cluster - -Make sure ray-operator has been deployed. - -[Ray](https://ray.io/) is a unified framework for scaling AI and Python applications. Ray consists of a core distributed runtime and a toolkit of libraries (Ray AIR) for simplifying ML compute. - -## Helm - -```console -$ helm version -version.BuildInfo{Version:"v3.6.2", GitCommit:"ee407bdf364942bcb8e8c665f82e15aa28009b71", GitTreeState:"dirty", GoVersion:"go1.16.5"} -``` - -## TL;DR; - -```bash -# Because the ray-cluster chart in release 0.3.0 has some bugs, we need to clone the KubeRay repo and install the latest ray-cluster chart until release 0.4.0. -cd helm-chart/ray-cluster -helm install ray-cluster --namespace ray-system --create-namespace . -``` - -## Installing the Chart - -To install the chart with the release name `my-release`: -```bash -# Because the ray-cluster chart in release 0.3.0 has some bugs, we need to clone the KubeRay repo and install the latest ray-cluster chart until release 0.4.0. -cd helm-chart/ray-cluster -helm install my-release --namespace ray-system --create-namespace . -``` - -> note: The chart will submit a RayCluster. - - -## Uninstalling the Chart - -To uninstall/delete the `my-release` deployment: - -```console -helm delete my-release -n ray-system -``` - -The command removes nearly all the Kubernetes components associated with the -chart and deletes the release. - -## Check Cluster status - -### Get Service - -```console -$ kubectl get svc -l ray.io/cluster=ray-cluster -NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE -ray-cluster-head-svc ClusterIP 10.103.36.68 10001/TCP,6379/TCP,8265/TCP 9m24s -``` - -## Forward to dashboard - -```console -$ kubectl get pod -o wide -NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES -ray-cluster-head-sd77l 1/1 Running 0 8h 10.1.61.208 docker-desktop -ray-cluster-worker-workergroup-czxd6 1/1 Running 0 8h 10.1.61.207 docker-desktop -kuberay-operator-687785b964-jgfhv 1/1 Running 6 3d4h 10.1.61.196 docker-desktop - -$ kubectl port-forward ray-cluster-head-sd77l 8265 -Forwarding from 127.0.0.1:8265 -> 8265 -Forwarding from [::1]:8265 -> 8265 -``` diff --git a/infrastructure/helm/quantumserverless/charts/ray-cluster/templates/_helpers.tpl b/infrastructure/helm/quantumserverless/charts/ray-cluster/templates/_helpers.tpl deleted file mode 100644 index 38d0a90d5..000000000 --- a/infrastructure/helm/quantumserverless/charts/ray-cluster/templates/_helpers.tpl +++ /dev/null @@ -1,56 +0,0 @@ -{{/* vim: set filetype=mustache: */}} -{{/* -Expand the name of the chart. -*/}} -{{- define "ray-cluster.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "ray-cluster.fullname" -}} -{{- if .Values.fullnameOverride -}} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- $name := default .Chart.Name .Values.nameOverride -}} -{{- if contains $name .Release.Name -}} -{{- .Release.Name | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} -{{- end -}} -{{- end -}} -{{- end -}} - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "ray-cluster.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Common labels -*/}} -{{- define "ray-cluster.labels" -}} -app.kubernetes.io/name: {{ include "ray-cluster.name" . }} -helm.sh/chart: {{ include "ray-cluster.chart" . }} -app.kubernetes.io/instance: {{ .Release.Name }} -{{- if .Chart.AppVersion }} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} -{{- end }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- end -}} - -{{/* -Create the name of the service account to use -*/}} -{{- define "ray-cluster.serviceAccountName" -}} -{{- if .Values.serviceAccount.create -}} - {{ default (include "ray-cluster.fullname" .) .Values.serviceAccount.name }} -{{- else -}} - {{ default "default" .Values.serviceAccount.name }} -{{- end -}} -{{- end -}} diff --git a/infrastructure/helm/quantumserverless/charts/ray-cluster/templates/raycluster-cluster.yaml b/infrastructure/helm/quantumserverless/charts/ray-cluster/templates/raycluster-cluster.yaml deleted file mode 100644 index 7647769ed..000000000 --- a/infrastructure/helm/quantumserverless/charts/ray-cluster/templates/raycluster-cluster.yaml +++ /dev/null @@ -1,151 +0,0 @@ -apiVersion: ray.io/v1alpha1 -kind: RayCluster -metadata: - labels: -{{ include "ray-cluster.labels" . | indent 4 }} - name: {{ include "ray-cluster.fullname" . }} -spec: - {{- if .Values.head.rayVersion }} - rayVersion: {{ .Values.head.rayVersion }} - {{- end }} - {{- if .Values.head.enableInTreeAutoscaling }} - enableInTreeAutoscaling: {{ .Values.head.enableInTreeAutoscaling }} - {{- end }} - headGroupSpec: - serviceType: {{ .Values.service.type }} - rayStartParams: - {{- range $key, $val := .Values.head.initArgs }} - {{ $key }}: {{ $val | quote }} - {{- end }} - replicas: {{ .Values.head.replicas }} - template: - spec: - imagePullSecrets: {{- toYaml .Values.imagePullSecrets | nindent 10 }} - containers: - - volumeMounts: {{- toYaml .Values.head.volumeMounts | nindent 12 }} - name: ray-head - image: {{ .Values.image.repository }}:{{ .Values.image.tag }} - imagePullPolicy: {{ .Values.image.pullPolicy }} - resources: {{- toYaml .Values.head.resources | nindent 14 }} - env: - - name: TYPE - value: head - {{- toYaml .Values.head.containerEnv | nindent 14}} - {{- with .Values.head.envFrom }} - envFrom: {{- toYaml . | nindent 14}} - {{- end }} - {{- if .Values.head.ports }} - ports: {{- toYaml .Values.head.ports | nindent 14}} - {{- end }} - {{- if .Values.head.lifecycle }} - lifecycle: - {{- toYaml .Values.head.lifecycle | nindent 14 }} - {{- end }} - volumes: {{- toYaml .Values.head.volumes | nindent 10 }} - affinity: {{- toYaml .Values.head.affinity | nindent 10 }} - tolerations: {{- toYaml .Values.head.tolerations | nindent 10 }} - nodeSelector: {{- toYaml .Values.head.nodeSelector | nindent 10 }} - metadata: - annotations: {{- toYaml .Values.head.annotations | nindent 10 }} - labels: - groupName: {{ .Values.head.groupName }} - rayNodeType: {{ .Values.head.type }} - rayCluster: {{ include "ray-cluster.fullname" . }} -{{ include "ray-cluster.labels" . | indent 10 }} - - workerGroupSpecs: - {{- range $groupName, $values := .Values.additionalWorkerGroups }} - {{- if ne $values.disabled true }} - - rayStartParams: - {{- range $key, $val := $values.initArgs }} - {{ $key }}: {{ $val | quote }} - {{- end }} - replicas: {{ $values.replicas }} - minReplicas: {{ $values.miniReplicas | default 1 }} - maxReplicas: {{ $values.maxiReplicas | default 2147483647 }} - groupName: {{ $groupName }} - template: - spec: - imagePullSecrets: {{- toYaml $.Values.imagePullSecrets | nindent 10 }} - initContainers: - - name: init-myservice - image: busybox:1.28 - command: ['sh', '-c', "until nslookup $RAY_IP.$(cat /var/run/secrets/kubernetes.io/serviceaccount/namespace).svc.cluster.local; do echo waiting for myservice; sleep 2; done"] - containers: - - volumeMounts: {{- toYaml $values.volumeMounts | nindent 12 }} - name: ray-worker - image: {{ $.Values.image.repository }}:{{ $.Values.image.tag }} - imagePullPolicy: {{ $.Values.image.pullPolicy }} - resources: {{- toYaml $values.resources | nindent 14 }} - env: - - name: TYPE - value: worker - {{- toYaml $values.containerEnv | nindent 14}} - {{- with $values.envFrom }} - envFrom: {{- toYaml $ | nindent 14}} - {{- end }} - ports: {{- toYaml $values.ports | nindent 14}} - {{- if $values.lifecycle }} - lifecycle: - {{- toYaml $values.lifecycle | nindent 14 }} - {{- end }} - volumes: {{- toYaml $values.volumes | nindent 10 }} - affinity: {{- toYaml $values.affinity | nindent 10 }} - tolerations: {{- toYaml $values.tolerations | nindent 10 }} - nodeSelector: {{- toYaml $values.nodeSelector | nindent 10 }} - metadata: - annotations: {{- toYaml $values.annotations | nindent 10 }} - labels: - rayNodeType: {{ $values.type }} - groupName: {{ $groupName }} - rayCluster: {{ include "ray-cluster.fullname" $ }} -{{ include "ray-cluster.labels" $ | indent 10 }} - {{- end }} - {{- end }} - {{- if ne (.Values.worker.disabled | default false) true }} - - rayStartParams: - {{- range $key, $val := .Values.worker.initArgs }} - {{ $key }}: {{ $val | quote }} - {{- end }} - replicas: {{ .Values.worker.replicas }} - minReplicas: {{ .Values.worker.miniReplicas | default 1 }} - maxReplicas: {{ .Values.worker.maxiReplicas | default 2147483647 }} - groupName: {{ .Values.worker.groupName }} - template: - spec: - imagePullSecrets: {{- toYaml .Values.imagePullSecrets | nindent 10 }} - initContainers: - - name: init-myservice - image: busybox:1.28 - command: ['sh', '-c', "until nslookup $RAY_IP.$(cat /var/run/secrets/kubernetes.io/serviceaccount/namespace).svc.cluster.local; do echo waiting for myservice; sleep 2; done"] - containers: - - volumeMounts: {{- toYaml .Values.worker.volumeMounts | nindent 12 }} - name: ray-worker - image: {{ .Values.image.repository }}:{{ .Values.image.tag }} - imagePullPolicy: {{ .Values.image.pullPolicy }} - resources: {{- toYaml .Values.worker.resources | nindent 14 }} - env: - - name: TYPE - value: worker - {{- toYaml .Values.worker.containerEnv | nindent 14}} - {{- with .Values.worker.envFrom }} - envFrom: {{- toYaml . | nindent 14}} - {{- end }} - ports: {{- toYaml .Values.worker.ports | nindent 14}} - {{- if .Values.worker.lifecycle }} - lifecycle: - {{- toYaml .Values.worker.lifecycle | nindent 14 }} - {{- end }} - volumes: {{- toYaml .Values.worker.volumes | nindent 10 }} - affinity: {{- toYaml .Values.worker.affinity | nindent 10 }} - tolerations: {{- toYaml .Values.worker.tolerations | nindent 10 }} - nodeSelector: {{- toYaml .Values.worker.nodeSelector | nindent 10 }} - metadata: - annotations: {{- toYaml .Values.worker.annotations | nindent 10 }} - labels: - rayNodeType: {{ .Values.worker.type }} - groupName: {{ .Values.worker.groupName }} - rayCluster: {{ include "ray-cluster.fullname" . }} -{{ include "ray-cluster.labels" . | indent 10 }} - {{- end }} - diff --git a/infrastructure/helm/quantumserverless/charts/ray-cluster/values.yaml b/infrastructure/helm/quantumserverless/charts/ray-cluster/values.yaml deleted file mode 100644 index cc33f7d0e..000000000 --- a/infrastructure/helm/quantumserverless/charts/ray-cluster/values.yaml +++ /dev/null @@ -1,165 +0,0 @@ -# Default values for ray-cluster. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. - -image: - repository: rayproject/ray - tag: 2.0.0 - pullPolicy: IfNotPresent - -nameOverride: "kuberay" -fullnameOverride: "" - -imagePullSecrets: [] - # - name: an-existing-secret - -head: - groupName: headgroup - replicas: 1 - type: head - labels: - key: value - initArgs: - port: '6379' - redis-password: 'LetMeInRay' # Deprecated since Ray 1.11 due to GCS bootstrapping enabled - dashboard-host: '0.0.0.0' - num-cpus: '1' # can be auto-completed from the limits - node-ip-address: $MY_POD_IP # auto-completed as the head pod IP - block: 'true' - containerEnv: - - name: MY_POD_IP - valueFrom: - fieldRef: - fieldPath: status.podIP - envFrom: [] - # - secretRef: - # name: my-env-secret - resources: - limits: - cpu: 1 - requests: - cpu: 1 - annotations: {} - nodeSelector: {} - tolerations: [] - affinity: {} - volumes: - - name: log-volume - emptyDir: {} - volumeMounts: - - mountPath: /tmp/ray - name: log-volume - - -worker: - # If you want to disable the default workergroup - # uncomment the line below - # disabled: true - groupName: workergroup - replicas: 1 - type: worker - labels: - key: value - initArgs: - node-ip-address: $MY_POD_IP - redis-password: LetMeInRay - block: 'true' - containerEnv: - - name: MY_POD_IP - valueFrom: - fieldRef: - fieldPath: status.podIP - - name: RAY_DISABLE_DOCKER_CPU_WARNING - value: "1" - - name: CPU_REQUEST - valueFrom: - resourceFieldRef: - containerName: ray-worker - resource: requests.cpu - - name: MY_POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - envFrom: [] - # - secretRef: - # name: my-env-secret - ports: - - containerPort: 80 - protocol: TCP - resources: - limits: - cpu: 1 - requests: - cpu: 200m - annotations: - key: value - nodeSelector: {} - tolerations: [] - affinity: {} - volumes: - - name: log-volume - emptyDir: {} - volumeMounts: - - mountPath: /tmp/ray - name: log-volume - -# The map's key is used as the groupName. -# For example, key:small-group in the map below -# will be used as the groupName -additionalWorkerGroups: - small-group: - # Disabled by default - disabled: true - replicas: 1 - miniReplicas: 1 - maxiReplicas: 3 - type: worker - labels: {} - initArgs: - node-ip-address: $MY_POD_IP - redis-password: LetMeInRay - block: 'true' - containerEnv: - - name: MY_POD_IP - valueFrom: - fieldRef: - fieldPath: status.podIP - - name: RAY_DISABLE_DOCKER_CPU_WARNING - value: "1" - - name: CPU_REQUEST - valueFrom: - resourceFieldRef: - containerName: ray-worker - resource: requests.cpu - - name: MY_POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - envFrom: [] - # - secretRef: - # name: my-env-secret - ports: - - containerPort: 80 - protocol: TCP - resources: - limits: - cpu: 1 - requests: - cpu: 200m - annotations: - key: value - nodeSelector: {} - tolerations: [] - affinity: {} - volumes: - - name: log-volume - emptyDir: {} - volumeMounts: - - mountPath: /tmp/ray - name: log-volume - -headServiceSuffix: "ray-operator.svc" - -service: - type: LoadBalancer - port: 8080 diff --git a/infrastructure/helm/quantumserverless/values.yaml b/infrastructure/helm/quantumserverless/values.yaml index 2bf4b4d70..2d359562a 100644 --- a/infrastructure/helm/quantumserverless/values.yaml +++ b/infrastructure/helm/quantumserverless/values.yaml @@ -53,7 +53,6 @@ jupyter: # =================== managerEnable: true - manager: image: repository: "qiskit/quantum-serverless-manager" @@ -73,63 +72,44 @@ manager: # =================== -# Ray configs +# Ray Cluster # =================== -# RAY CLUSTER - rayClusterEnable: true - ray-cluster: + nameOverride: "kuberay" + fullnameOverride: "" + image: repository: "qiskit/quantum-serverless-ray-node" tag: "latest" pullPolicy: IfNotPresent - imagePullSecrets: [] - # - name: an-existing-secret - - nameOverride: "kuberay" - fullnameOverride: "" - head: - initArgs: + rayStartParams: dashboard-host: '0.0.0.0' - port: '6379' worker: # If you want to disable the default workergroup # uncomment the line below # disabled: true replicas: 1 - ports: - - containerPort: 80 - protocol: TCP - resources: - limits: - cpu: 1 - requests: - cpu: 200m - - headServiceSuffix: "ray-operator.svc" + type: worker service: type: ClusterIP - port: 8080 -# KUBERAY OPERATOR -rayOperatorEnable: true - -operator: - image: - repository: kuberay/operator - tag: nightly - pullPolicy: IfNotPresent +# =================== +# Kuberay Operator +# =================== +kuberayOperatorEnable: true +kuberay-operator: nameOverride: "kuberay-operator" fullnameOverride: "kuberay-operator" + rbacEnable: true ## Install Default RBAC roles and bindings rbac: create: true @@ -146,9 +126,6 @@ operator: type: ClusterIP port: 8080 - ingress: - enabled: false - livenessProbe: initialDelaySeconds: 10 periodSeconds: 5 @@ -160,4 +137,6 @@ operator: failureThreshold: 5 createCustomResource: true - rbacEnable: true + + batchScheduler: + enabled: false