diff --git a/.gitignore b/.gitignore index c4390ead3..3fe13b1da 100644 --- a/.gitignore +++ b/.gitignore @@ -36,3 +36,6 @@ operator/tests/e2e-v2-helm/ # Go releaser artifacts dist/ + +# Ignore depedencies +charts/*/charts/*.tgz diff --git a/acceptance/go.mod b/acceptance/go.mod index efb87c0ed..00610c6ed 100644 --- a/acceptance/go.mod +++ b/acceptance/go.mod @@ -157,7 +157,7 @@ require ( github.com/prometheus/procfs v0.15.1 // indirect github.com/redpanda-data/common-go/net v0.1.0 // indirect github.com/redpanda-data/console/backend v0.0.0-20240303221210-05d5d9e85f20 // indirect - github.com/redpanda-data/helm-charts v0.0.0-20241203151858-926cfe070c6e // indirect + github.com/redpanda-data/redpanda-operator/charts v0.0.0-00010101000000-000000000000 // indirect github.com/redpanda-data/redpanda/src/go/rpk v0.0.0-20240827155712-244863ea0ae8 // indirect github.com/rivo/uniseg v0.4.7 // indirect github.com/rogpeppe/go-internal v1.12.0 // indirect diff --git a/acceptance/go.sum b/acceptance/go.sum index 6c1cb2310..700514f96 100644 --- a/acceptance/go.sum +++ b/acceptance/go.sum @@ -653,8 +653,6 @@ github.com/redpanda-data/common-go/rpadmin v0.1.9 h1:X5a95P7Dc+7EaidU7dusWJyiG3e github.com/redpanda-data/common-go/rpadmin v0.1.9/go.mod h1:I7umqhnMhIOSEnIA3fvLtdQU7QO/SbWGCwFfFDs3De4= github.com/redpanda-data/console/backend v0.0.0-20240303221210-05d5d9e85f20 h1:+zsE3W1V86k2sjAGWOySIlF0xn5R1aXXQBaIdr80F48= github.com/redpanda-data/console/backend v0.0.0-20240303221210-05d5d9e85f20/go.mod h1:DC42/3+k5PefSo4IalYbDN3yRZrVFP0b69+gC/NwGd4= -github.com/redpanda-data/helm-charts v0.0.0-20241203151858-926cfe070c6e h1:UEzwEsi0nuT6qrDyDfpXjCm9DhjY4Cryj9XRPgjzpDs= -github.com/redpanda-data/helm-charts v0.0.0-20241203151858-926cfe070c6e/go.mod h1:maQmSf2TLXRGKLcDeCBO/zD+5/i+8NDNOkS2685/P9A= github.com/redpanda-data/redpanda/src/go/rpk v0.0.0-20240827155712-244863ea0ae8 h1:uTQKqF8UPNxYxKBJ11VlG6Vt2l9ctkkeXsmmjHUSUG4= github.com/redpanda-data/redpanda/src/go/rpk v0.0.0-20240827155712-244863ea0ae8/go.mod h1:97qkjcMI3gDL+y+aY/w5o0xF2qGHFof6rCXIYjnTalM= github.com/rhnvrm/simples3 v0.6.1/go.mod h1:Y+3vYm2V7Y4VijFoJHHTrja6OgPrJ2cBti8dPGkC3sA= diff --git a/operator/api/redpanda/v1alpha2/redpanda_types.go b/operator/api/redpanda/v1alpha2/redpanda_types.go index 2c261cc68..777ca82b9 100644 --- a/operator/api/redpanda/v1alpha2/redpanda_types.go +++ b/operator/api/redpanda/v1alpha2/redpanda_types.go @@ -24,9 +24,9 @@ import ( "k8s.io/client-go/rest" "k8s.io/utils/ptr" - redpandachart "github.com/redpanda-data/helm-charts/charts/redpanda" - "github.com/redpanda-data/helm-charts/pkg/gotohelm/helmette" - "github.com/redpanda-data/helm-charts/pkg/kube" + redpandachart "github.com/redpanda-data/redpanda-operator/charts/redpanda" + "github.com/redpanda-data/redpanda-operator/pkg/gotohelm/helmette" + "github.com/redpanda-data/redpanda-operator/pkg/kube" "github.com/redpanda-data/redpanda-operator/operator/api/vectorized/v1alpha1" ) diff --git a/operator/api/redpanda/v1alpha2/redpanda_types_test.go b/operator/api/redpanda/v1alpha2/redpanda_types_test.go index b7c14ed86..81ef5a49d 100644 --- a/operator/api/redpanda/v1alpha2/redpanda_types_test.go +++ b/operator/api/redpanda/v1alpha2/redpanda_types_test.go @@ -28,9 +28,9 @@ import ( "pgregory.net/rapid" "sigs.k8s.io/controller-runtime/pkg/client" - "github.com/redpanda-data/helm-charts/charts/connectors" - "github.com/redpanda-data/helm-charts/charts/console" - "github.com/redpanda-data/helm-charts/charts/redpanda" + "github.com/redpanda-data/redpanda-operator/charts/connectors" + "github.com/redpanda-data/redpanda-operator/charts/console" + "github.com/redpanda-data/redpanda-operator/charts/redpanda" "github.com/redpanda-data/redpanda-operator/operator/api/apiutil" "github.com/redpanda-data/redpanda-operator/operator/api/redpanda/v1alpha2" crds "github.com/redpanda-data/redpanda-operator/operator/config/crd/bases" diff --git a/operator/config/crd/bases/crds.go b/operator/config/crd/bases/crds.go index d4ad54e79..7647362e0 100644 --- a/operator/config/crd/bases/crds.go +++ b/operator/config/crd/bases/crds.go @@ -19,7 +19,7 @@ import ( apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1" "k8s.io/apimachinery/pkg/runtime" - "github.com/redpanda-data/helm-charts/pkg/kube" + "github.com/redpanda-data/redpanda-operator/pkg/kube" ) var ( diff --git a/operator/go.mod b/operator/go.mod index daea6b65f..238812f60 100644 --- a/operator/go.mod +++ b/operator/go.mod @@ -30,7 +30,8 @@ require ( github.com/redpanda-data/common-go/net v0.1.0 github.com/redpanda-data/common-go/rpadmin v0.1.9 github.com/redpanda-data/console/backend v0.0.0-20240303221210-05d5d9e85f20 - github.com/redpanda-data/helm-charts v0.0.0-20241203151858-926cfe070c6e + github.com/redpanda-data/redpanda-operator/charts v0.0.0-00010101000000-000000000000 + github.com/redpanda-data/redpanda-operator/pkg v0.0.0-00010101000000-000000000000 github.com/redpanda-data/redpanda/src/go/rpk v0.0.0-20240827155712-244863ea0ae8 github.com/scalalang2/golang-fifo v1.0.2 github.com/spf13/afero v1.11.0 @@ -254,7 +255,6 @@ require ( github.com/hashicorp/go-multierror v1.1.1 // indirect github.com/hashicorp/go-retryablehttp v0.7.5 // indirect github.com/hashicorp/go-uuid v1.0.3 // indirect - github.com/hashicorp/golang-lru/arc/v2 v2.0.7 // indirect github.com/hashicorp/hcl v1.0.1-vault-5 // indirect github.com/homeport/dyff v1.7.1 // indirect github.com/huandu/xstrings v1.4.0 // indirect @@ -299,7 +299,6 @@ require ( github.com/mattn/go-colorable v0.1.13 // indirect github.com/mattn/go-isatty v0.0.20 // indirect github.com/mattn/go-runewidth v0.0.15 // indirect - github.com/mattn/go-sqlite3 v1.14.22 // indirect github.com/mgutz/ansi v0.0.0-20200706080929-d51e80ef957d // indirect github.com/miekg/pkcs11 v1.1.1 // indirect github.com/minio/md5-simd v1.1.2 // indirect @@ -444,14 +443,13 @@ require ( sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect ) -replace github.com/opencontainers/go-digest => github.com/opencontainers/go-digest v1.0.1-0.20230815154656-802ce17c4f59 - -replace github.com/cyphar/filepath-securejoin => github.com/cyphar/filepath-securejoin v0.2.4 - -replace github.com/fluxcd/helm-controller/shim => github.com/redpanda-data/flux-controller-shim/helm/shim v0.0.0-20231227162419-a45126310240 - -replace github.com/fluxcd/source-controller/shim => github.com/redpanda-data/flux-controller-shim/source/shim v0.0.0-20240113100428-5e301ef97b19 - -replace github.com/fluxcd/helm-controller v0.37.2 => github.com/redpanda-data/helm-controller v0.37.3-0.20240119022335-c90fadbd044e - -replace pgregory.net/rapid => github.com/chrisseto/rapid v0.0.0-20240815210052-cdeef406c65c +replace ( + github.com/cyphar/filepath-securejoin => github.com/cyphar/filepath-securejoin v0.2.4 + github.com/fluxcd/helm-controller v0.37.2 => github.com/redpanda-data/helm-controller v0.37.3-0.20240119022335-c90fadbd044e + github.com/fluxcd/helm-controller/shim => github.com/redpanda-data/flux-controller-shim/helm/shim v0.0.0-20231227162419-a45126310240 + github.com/fluxcd/source-controller/shim => github.com/redpanda-data/flux-controller-shim/source/shim v0.0.0-20240113100428-5e301ef97b19 + github.com/opencontainers/go-digest => github.com/opencontainers/go-digest v1.0.1-0.20230815154656-802ce17c4f59 + github.com/redpanda-data/redpanda-operator/charts => ../charts + github.com/redpanda-data/redpanda-operator/pkg => ../pkg + pgregory.net/rapid => github.com/chrisseto/rapid v0.0.0-20240815210052-cdeef406c65c +) diff --git a/operator/go.sum b/operator/go.sum index 842eae8b1..9ed99a504 100644 --- a/operator/go.sum +++ b/operator/go.sum @@ -1093,8 +1093,6 @@ github.com/redpanda-data/flux-controller-shim/helm/shim v0.0.0-20231227162419-a4 github.com/redpanda-data/flux-controller-shim/helm/shim v0.0.0-20231227162419-a45126310240/go.mod h1:5KLXArOMFOrwb3BihpFaRNiPCyo9AXsXhvMdUmrCdUg= github.com/redpanda-data/flux-controller-shim/source/shim v0.0.0-20240113100428-5e301ef97b19 h1:sJjDhnIbTMOuP4Rnhm1N3GNfgv6BJlocCnGliNvhgbw= github.com/redpanda-data/flux-controller-shim/source/shim v0.0.0-20240113100428-5e301ef97b19/go.mod h1:T39OECA7eOlhpHZPBSGg+bpuwtt/G4m03fjBkJ821CM= -github.com/redpanda-data/helm-charts v0.0.0-20241203151858-926cfe070c6e h1:UEzwEsi0nuT6qrDyDfpXjCm9DhjY4Cryj9XRPgjzpDs= -github.com/redpanda-data/helm-charts v0.0.0-20241203151858-926cfe070c6e/go.mod h1:maQmSf2TLXRGKLcDeCBO/zD+5/i+8NDNOkS2685/P9A= github.com/redpanda-data/helm-controller v0.37.3-0.20240119022335-c90fadbd044e h1:8HB05vSCY+0MwjT2DIVq6gJV5iw7nQNIDfMqcc1NEC8= github.com/redpanda-data/helm-controller v0.37.3-0.20240119022335-c90fadbd044e/go.mod h1:jF5kbQy3qT/zufL27DE3lecfYTRWeAzSiVmrbDDQwUw= github.com/redpanda-data/redpanda/src/go/rpk v0.0.0-20240827155712-244863ea0ae8 h1:uTQKqF8UPNxYxKBJ11VlG6Vt2l9ctkkeXsmmjHUSUG4= diff --git a/operator/internal/controller/redpanda/redpanda_controller.go b/operator/internal/controller/redpanda/redpanda_controller.go index 9bd4df829..a0da0db3c 100644 --- a/operator/internal/controller/redpanda/redpanda_controller.go +++ b/operator/internal/controller/redpanda/redpanda_controller.go @@ -45,14 +45,14 @@ import ( "github.com/redpanda-data/common-go/rpadmin" - "github.com/redpanda-data/helm-charts/charts/redpanda" - "github.com/redpanda-data/helm-charts/pkg/gotohelm/helmette" - "github.com/redpanda-data/helm-charts/pkg/kube" + "github.com/redpanda-data/redpanda-operator/charts/redpanda" "github.com/redpanda-data/redpanda-operator/operator/api/redpanda/v1alpha2" "github.com/redpanda-data/redpanda-operator/operator/cmd/syncclusterconfig" internalclient "github.com/redpanda-data/redpanda-operator/operator/pkg/client" opkube "github.com/redpanda-data/redpanda-operator/operator/pkg/kube" "github.com/redpanda-data/redpanda-operator/operator/pkg/resources" + "github.com/redpanda-data/redpanda-operator/pkg/gotohelm/helmette" + "github.com/redpanda-data/redpanda-operator/pkg/kube" ) const ( diff --git a/operator/internal/controller/redpanda/redpanda_controller_test.go b/operator/internal/controller/redpanda/redpanda_controller_test.go index 221368beb..4a2ed4e2f 100644 --- a/operator/internal/controller/redpanda/redpanda_controller_test.go +++ b/operator/internal/controller/redpanda/redpanda_controller_test.go @@ -43,9 +43,7 @@ import ( ctrl "sigs.k8s.io/controller-runtime" "sigs.k8s.io/controller-runtime/pkg/client" - redpandachart "github.com/redpanda-data/helm-charts/charts/redpanda" - "github.com/redpanda-data/helm-charts/pkg/gotohelm/helmette" - "github.com/redpanda-data/helm-charts/pkg/kube" + redpandachart "github.com/redpanda-data/redpanda-operator/charts/redpanda" redpandav1alpha2 "github.com/redpanda-data/redpanda-operator/operator/api/redpanda/v1alpha2" crds "github.com/redpanda-data/redpanda-operator/operator/config/crd/bases" "github.com/redpanda-data/redpanda-operator/operator/internal/controller" @@ -53,6 +51,8 @@ import ( "github.com/redpanda-data/redpanda-operator/operator/internal/controller/redpanda" "github.com/redpanda-data/redpanda-operator/operator/internal/testenv" internalclient "github.com/redpanda-data/redpanda-operator/operator/pkg/client" + "github.com/redpanda-data/redpanda-operator/pkg/gotohelm/helmette" + "github.com/redpanda-data/redpanda-operator/pkg/kube" ) // operatorRBAC is the ClusterRole and Role generated via controller-gen and diff --git a/operator/internal/controller/vectorized/pvcunbinder_test.go b/operator/internal/controller/vectorized/pvcunbinder_test.go index e2ad77d7c..099406b43 100644 --- a/operator/internal/controller/vectorized/pvcunbinder_test.go +++ b/operator/internal/controller/vectorized/pvcunbinder_test.go @@ -29,8 +29,8 @@ import ( "sigs.k8s.io/controller-runtime/pkg/manager" metricsserver "sigs.k8s.io/controller-runtime/pkg/metrics/server" - "github.com/redpanda-data/helm-charts/pkg/testutil" "github.com/redpanda-data/redpanda-operator/operator/pkg/k3d" + "github.com/redpanda-data/redpanda-operator/pkg/testutil" ) func TestPVCUnbinderShouldRemediate(t *testing.T) { diff --git a/operator/internal/decommissioning/statefulset_decommissioner_test.go b/operator/internal/decommissioning/statefulset_decommissioner_test.go index 18cff663d..0201e6d1a 100644 --- a/operator/internal/decommissioning/statefulset_decommissioner_test.go +++ b/operator/internal/decommissioning/statefulset_decommissioner_test.go @@ -31,13 +31,13 @@ import ( ctrl "sigs.k8s.io/controller-runtime" "sigs.k8s.io/controller-runtime/pkg/client" - "github.com/redpanda-data/helm-charts/pkg/helm" - "github.com/redpanda-data/helm-charts/pkg/kube" redpandav1alpha2 "github.com/redpanda-data/redpanda-operator/operator/api/redpanda/v1alpha2" "github.com/redpanda-data/redpanda-operator/operator/internal/decommissioning" "github.com/redpanda-data/redpanda-operator/operator/internal/testenv" internalclient "github.com/redpanda-data/redpanda-operator/operator/pkg/client" "github.com/redpanda-data/redpanda-operator/operator/pkg/functional" + "github.com/redpanda-data/redpanda-operator/pkg/helm" + "github.com/redpanda-data/redpanda-operator/pkg/kube" ) //go:embed role.yaml diff --git a/operator/internal/testenv/testenv.go b/operator/internal/testenv/testenv.go index 056f1a707..d412e7feb 100644 --- a/operator/internal/testenv/testenv.go +++ b/operator/internal/testenv/testenv.go @@ -35,8 +35,8 @@ import ( "sigs.k8s.io/controller-runtime/pkg/envtest" "sigs.k8s.io/controller-runtime/pkg/metrics/server" - "github.com/redpanda-data/helm-charts/pkg/testutil" "github.com/redpanda-data/redpanda-operator/operator/pkg/k3d" + "github.com/redpanda-data/redpanda-operator/pkg/testutil" ) const k3dClusterName = "testenv" diff --git a/operator/pkg/client/cluster.go b/operator/pkg/client/cluster.go index 4791c156a..7b02ca813 100644 --- a/operator/pkg/client/cluster.go +++ b/operator/pkg/client/cluster.go @@ -14,7 +14,7 @@ import ( "github.com/twmb/franz-go/pkg/kgo" "github.com/twmb/franz-go/pkg/sr" - "github.com/redpanda-data/helm-charts/pkg/redpanda" + redpanda "github.com/redpanda-data/redpanda-operator/charts/redpanda/client" redpandav1alpha2 "github.com/redpanda-data/redpanda-operator/operator/api/redpanda/v1alpha2" ) diff --git a/operator/pkg/client/factory.go b/operator/pkg/client/factory.go index 4acc38584..ddc547b64 100644 --- a/operator/pkg/client/factory.go +++ b/operator/pkg/client/factory.go @@ -28,7 +28,7 @@ import ( rpkconfig "github.com/redpanda-data/redpanda/src/go/rpk/pkg/config" - "github.com/redpanda-data/helm-charts/pkg/redpanda" + redpanda "github.com/redpanda-data/redpanda-operator/charts/redpanda/client" redpandav1alpha2 "github.com/redpanda-data/redpanda-operator/operator/api/redpanda/v1alpha2" "github.com/redpanda-data/redpanda-operator/operator/pkg/client/acls" "github.com/redpanda-data/redpanda-operator/operator/pkg/client/schemas" diff --git a/operator/pkg/client/factory_test.go b/operator/pkg/client/factory_test.go index 94776ec67..c3d76d2fb 100644 --- a/operator/pkg/client/factory_test.go +++ b/operator/pkg/client/factory_test.go @@ -29,12 +29,12 @@ import ( "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/log" - "github.com/redpanda-data/helm-charts/pkg/helm" - "github.com/redpanda-data/helm-charts/pkg/kube" - "github.com/redpanda-data/helm-charts/pkg/testutil" redpandav1alpha2 "github.com/redpanda-data/redpanda-operator/operator/api/redpanda/v1alpha2" "github.com/redpanda-data/redpanda-operator/operator/internal/controller" "github.com/redpanda-data/redpanda-operator/operator/pkg/k3d" + "github.com/redpanda-data/redpanda-operator/pkg/helm" + "github.com/redpanda-data/redpanda-operator/pkg/kube" + "github.com/redpanda-data/redpanda-operator/pkg/testutil" ) var chartVersion = "" diff --git a/operator/pkg/client/spec_tls.go b/operator/pkg/client/spec_tls.go index b17f73f66..a3fabb335 100644 --- a/operator/pkg/client/spec_tls.go +++ b/operator/pkg/client/spec_tls.go @@ -19,7 +19,7 @@ import ( "sigs.k8s.io/controller-runtime/pkg/log" - "github.com/redpanda-data/helm-charts/pkg/redpanda" + redpanda "github.com/redpanda-data/redpanda-operator/charts/redpanda/client" redpandav1alpha2 "github.com/redpanda-data/redpanda-operator/operator/api/redpanda/v1alpha2" ) diff --git a/operator/pkg/k3d/k3d.go b/operator/pkg/k3d/k3d.go index 91e74da1d..74bc346bb 100644 --- a/operator/pkg/k3d/k3d.go +++ b/operator/pkg/k3d/k3d.go @@ -35,7 +35,7 @@ import ( "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/yaml" - "github.com/redpanda-data/helm-charts/pkg/kube" + "github.com/redpanda-data/redpanda-operator/pkg/kube" ) const ( diff --git a/operator/pkg/lint/lint_test.go b/operator/pkg/lint/lint_test.go index d9171d741..88fb91834 100644 --- a/operator/pkg/lint/lint_test.go +++ b/operator/pkg/lint/lint_test.go @@ -15,7 +15,7 @@ import ( "strings" "testing" - "github.com/redpanda-data/helm-charts/pkg/testutil" + "github.com/redpanda-data/redpanda-operator/pkg/testutil" ) func TestToolVersions(t *testing.T) { diff --git a/operator/work-in-progress.yaml b/operator/work-in-progress.yaml deleted file mode 100644 index 629d1574e..000000000 --- a/operator/work-in-progress.yaml +++ /dev/null @@ -1,52287 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.12.0 - name: buckets.source.toolkit.fluxcd.io -spec: - group: source.toolkit.fluxcd.io - names: - kind: Bucket - listKind: BucketList - plural: buckets - singular: bucket - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .spec.endpoint - name: Endpoint - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1beta1 - schema: - openAPIV3Schema: - description: Bucket is the Schema for the buckets API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: BucketSpec defines the desired state of an S3 compatible - bucket - properties: - accessFrom: - description: AccessFrom defines an Access Control List for allowing - cross-namespace references to this object. - properties: - namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors - to which this ACL applies. Items in this list are evaluated - using a logical OR operation. - items: - description: NamespaceSelector selects the namespaces to which - this ACL applies. An empty map of MatchLabels matches all - namespaces in a cluster. - properties: - matchLabels: - additionalProperties: - type: string - description: MatchLabels is a map of {key,value} pairs. - A single {key,value} in the matchLabels map is equivalent - to an element of matchExpressions, whose key field is - "key", the operator is "In", and the values array contains - only "value". The requirements are ANDed. - type: object - type: object - type: array - required: - - namespaceSelectors - type: object - bucketName: - description: The bucket name. - type: string - endpoint: - description: The bucket endpoint address. - type: string - ignore: - description: Ignore overrides the set of excluded patterns in the - .sourceignore format (which is the same as .gitignore). If not provided, - a default will be used, consult the documentation for your version - to find out what those are. - type: string - insecure: - description: Insecure allows connecting to a non-TLS S3 HTTP endpoint. - type: boolean - interval: - description: The interval at which to check for bucket updates. - type: string - provider: - default: generic - description: The S3 compatible storage provider name, default ('generic'). - enum: - - generic - - aws - - gcp - type: string - region: - description: The bucket region. - type: string - secretRef: - description: The name of the secret containing authentication credentials - for the Bucket. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - suspend: - description: This flag tells the controller to suspend the reconciliation - of this source. - type: boolean - timeout: - default: 60s - description: The timeout for download operations, defaults to 60s. - type: string - required: - - bucketName - - endpoint - - interval - type: object - status: - default: - observedGeneration: -1 - description: BucketStatus defines the observed state of a bucket - properties: - artifact: - description: Artifact represents the output of the last successful - Bucket sync. - properties: - checksum: - description: Checksum is the SHA256 checksum of the Artifact file - (obsolete) - type: string - lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to - the last update of this artifact. - format: date-time - type: string - path: - description: Path is the relative file path of this artifact. - type: string - revision: - description: Revision is a human readable identifier traceable - in the origin source system. It can be a Git commit SHA, Git - tag, a Helm index timestamp, a Helm chart version, etc. - type: string - url: - description: URL is the HTTP address of this artifact. - type: string - required: - - path - - url - type: object - conditions: - description: Conditions holds the conditions for the Bucket. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value can - be detected. - type: string - observedGeneration: - description: ObservedGeneration is the last observed generation. - format: int64 - type: integer - url: - description: URL is the download link for the artifact output of the - last Bucket sync. - type: string - type: object - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .spec.endpoint - name: Endpoint - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - name: v1beta2 - schema: - openAPIV3Schema: - description: Bucket is the Schema for the buckets API. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: BucketSpec specifies the required configuration to produce - an Artifact for an object storage bucket. - properties: - accessFrom: - description: 'AccessFrom specifies an Access Control List for allowing - cross-namespace references to this object. NOTE: Not implemented, - provisional as of https://github.com/fluxcd/flux2/pull/2092' - properties: - namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors - to which this ACL applies. Items in this list are evaluated - using a logical OR operation. - items: - description: NamespaceSelector selects the namespaces to which - this ACL applies. An empty map of MatchLabels matches all - namespaces in a cluster. - properties: - matchLabels: - additionalProperties: - type: string - description: MatchLabels is a map of {key,value} pairs. - A single {key,value} in the matchLabels map is equivalent - to an element of matchExpressions, whose key field is - "key", the operator is "In", and the values array contains - only "value". The requirements are ANDed. - type: object - type: object - type: array - required: - - namespaceSelectors - type: object - bucketName: - description: BucketName is the name of the object storage bucket. - type: string - endpoint: - description: Endpoint is the object storage address the BucketName - is located at. - type: string - ignore: - description: Ignore overrides the set of excluded patterns in the - .sourceignore format (which is the same as .gitignore). If not provided, - a default will be used, consult the documentation for your version - to find out what those are. - type: string - insecure: - description: Insecure allows connecting to a non-TLS HTTP Endpoint. - type: boolean - interval: - description: Interval at which the Bucket Endpoint is checked for - updates. This interval is approximate and may be subject to jitter - to ensure efficient use of resources. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - prefix: - description: Prefix to use for server-side filtering of files in the - Bucket. - type: string - provider: - default: generic - description: Provider of the object storage bucket. Defaults to 'generic', - which expects an S3 (API) compatible object storage. - enum: - - generic - - aws - - gcp - - azure - type: string - region: - description: Region of the Endpoint where the BucketName is located - in. - type: string - secretRef: - description: SecretRef specifies the Secret containing authentication - credentials for the Bucket. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - suspend: - description: Suspend tells the controller to suspend the reconciliation - of this Bucket. - type: boolean - timeout: - default: 60s - description: Timeout for fetch operations, defaults to 60s. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ - type: string - required: - - bucketName - - endpoint - - interval - type: object - status: - default: - observedGeneration: -1 - description: BucketStatus records the observed state of a Bucket. - properties: - artifact: - description: Artifact represents the last successful Bucket reconciliation. - properties: - checksum: - description: Checksum is the SHA256 checksum of the Artifact file - (obsolete) - type: string - digest: - description: Digest is the digest of the file in the form of ':'. - pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ - type: string - lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to - the last update of the Artifact. - format: date-time - type: string - metadata: - additionalProperties: - type: string - description: Metadata holds upstream information such as OCI annotations. - type: object - path: - description: Path is the relative file path of the Artifact. It - can be used to locate the file in the root of the Artifact storage - on the local file system of the controller managing the Source. - type: string - revision: - description: Revision is a human-readable identifier traceable - in the origin source system. It can be a Git commit SHA, Git - tag, a Helm chart version, etc. - type: string - size: - description: Size is the number of bytes in the file. - format: int64 - type: integer - url: - description: URL is the HTTP address of the Artifact as exposed - by the controller managing the Source. It can be used to retrieve - the Artifact for consumption, e.g. by another controller applying - the Artifact contents. - type: string - required: - - lastUpdateTime - - path - - revision - - url - type: object - conditions: - description: Conditions holds the conditions for the Bucket. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value can - be detected. - type: string - observedGeneration: - description: ObservedGeneration is the last observed generation of - the Bucket object. - format: int64 - type: integer - observedIgnore: - description: ObservedIgnore is the observed exclusion patterns used - for constructing the source artifact. - type: string - url: - description: URL is the dynamic fetch link for the latest Artifact. - It is provided on a "best effort" basis, and using the precise BucketStatus.Artifact - data is recommended. - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - cert-manager.io/inject-ca-from: CERTIFICATE_NAMESPACE/CERTIFICATE_NAME - controller-gen.kubebuilder.io/version: v0.16.3 - name: clusters.redpanda.vectorized.io -spec: - conversion: - strategy: Webhook - webhook: - clientConfig: - service: - name: webhook-service - namespace: system - path: /convert - conversionReviewVersions: - - v1 - group: redpanda.vectorized.io - names: - kind: Cluster - listKind: ClusterList - plural: clusters - singular: cluster - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: Cluster is the Schema for the clusters API - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: ClusterSpec defines the desired state of Cluster - properties: - additionalConfiguration: - additionalProperties: - type: string - description: |- - For configuration parameters not exposed, a map can be provided for string values. - Such values are passed transparently to Redpanda. The key format is ".field", e.g., - - additionalConfiguration: - redpanda.enable_idempotence: "true" - redpanda.default_topic_partitions: "3" - pandaproxy_client.produce_batch_size_bytes: "2097152" - - Notes: - 1. versioning is not supported for map keys - 2. key names not supported by Redpanda will lead to failure on start up - 3. updating this map requires a manual restart of the Redpanda pods. Please be aware of - sync period when one Redpanda POD is restarted - 4. cannot have keys that conflict with existing struct fields - it leads to panic - - By default if Replicas is 3 or more and redpanda.default_topic_partitions is not set - default webhook is setting redpanda.default_topic_partitions to 3. - type: object - annotations: - additionalProperties: - type: string - description: If specified, Redpanda Pod annotations - type: object - cloudStorage: - description: Cloud storage configuration for cluster - properties: - accessKey: - description: Cloud storage access key - type: string - apiEndpoint: - description: API endpoint for data storage - type: string - apiEndpointPort: - description: Used to override TLS port (443) - type: integer - bucket: - description: Cloud storage bucket - type: string - cacheStorage: - description: Cache directory that will be mounted for Redpanda - properties: - capacity: - anyOf: - - type: integer - - type: string - description: Storage capacity requested - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - storageClassName: - description: Storage class name - https://kubernetes.io/docs/concepts/storage/storage-classes/ - type: string - type: object - credentialsSource: - description: |- - Determines how to load credentials for archival storage. Supported values - are config_file (default), aws_instance_metadata, sts, gcp_instance_metadata - (see the cloud_storage_credentials_source property at - https://docs.redpanda.com/docs/reference/cluster-properties/). - When using config_file then accessKey and secretKeyRef are mandatory. - type: string - disableTLS: - description: Disable TLS (can be used in tests) - type: boolean - enabled: - description: Enables data archiving feature - type: boolean - maxConnections: - description: Number of simultaneous uploads per shard (default - - 20) - type: integer - reconciliationIntervalMs: - description: Reconciliation period (default - 10s) - type: integer - region: - description: Cloud storage region - type: string - secretKeyRef: - description: |- - Reference to (Kubernetes) Secret containing the cloud storage secret key. - SecretKeyRef must contain the name and namespace of the Secret. - The Secret must contain a data entry of the form: - data[] = - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: |- - If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would take on a value like: - "spec.containers{name}" (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" (container with - index 2 in this pod). This syntax is chosen only to have some well-defined way of - referencing a part of an object. - type: string - kind: - description: |- - Kind of the referent. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - namespace: - description: |- - Namespace of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ - type: string - resourceVersion: - description: |- - Specific resourceVersion to which this reference is made, if any. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency - type: string - uid: - description: |- - UID of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids - type: string - type: object - x-kubernetes-map-type: atomic - trustfile: - description: Path to certificate that should be used to validate - server certificate - type: string - required: - - enabled - type: object - configuration: - description: Configuration represent redpanda specific configuration - properties: - additionalCommandlineArguments: - additionalProperties: - type: string - description: |- - Additional command line arguments that we pass to the redpanda binary - These are applied last and will override any other command line arguments that may be defined, - including the ones added when setting `DeveloperMode` to `true`. - type: object - adminApi: - items: - description: AdminAPI configures listener for the Redpanda Admin - API - properties: - external: - description: |- - External enables user to expose Redpanda - admin API outside of a Kubernetes cluster. For more - information please go to ExternalConnectivityConfig - properties: - bootstrapLoadBalancer: - description: Configures a load balancer for bootstrapping - properties: - annotations: - additionalProperties: - type: string - description: |- - If specified, sets the load balancer service annotations. - Example usage includes configuring the load balancer to - be an internal one through provider-specific annotations. - type: object - port: - description: The port used to communicate to the - load balancer. - type: integer - type: object - enabled: - description: Enabled enables the external connectivity - feature - type: boolean - endpointTemplate: - description: |- - EndpointTemplate is a Golang template string that allows customizing each - broker advertised address. - Redpanda uses the format BROKER_ID.SUBDOMAIN:EXTERNAL_KAFKA_API_PORT by - default for advertised addresses. When an EndpointTemplate is - provided, then the BROKER_ID part is replaced with the endpoint - computed from the template. - The following variables are available to the template: - - Index: the Redpanda broker progressive number - - HostIP: the ip address of the Node, as reported in pod status - - Common template functions from Sprig (http://masterminds.github.io/sprig/) - are also available. The set of available functions is limited to hermetic - functions because template application needs to be deterministic. - type: string - preferredAddressType: - description: |- - The preferred address type to be assigned to the external - advertised addresses. The valid types are ExternalDNS, - ExternalIP, InternalDNS, InternalIP, and Hostname. - When the address of the preferred type is not found the advertised - addresses remains empty. The default preferred address type is - ExternalIP. This option only applies when Subdomain is empty. - type: string - subdomain: - description: |- - Subdomain can be used to change the behavior of an advertised - KafkaAPI. Each broker advertises Kafka API as follows - ENDPOINT.SUBDOMAIN:EXTERNAL_KAFKA_API_PORT. - If Subdomain is empty then each broker advertises Kafka - API as PUBLIC_NODE_IP:EXTERNAL_KAFKA_API_PORT. - If TLS is enabled then this subdomain will be requested - as a subject alternative name. - type: string - type: object - port: - type: integer - tls: - description: Configuration of TLS for Admin API - properties: - clientCACertRef: - description: |- - If ClientCACertRef points to a secret containing the trusted CA certificates. - If provided and RequireClientAuth is true, the operator uses the certificate - in this secret instead of issuing client certificates. The secret is expected to provide - the following keys: 'ca.crt'. - properties: - apiGroup: - description: |- - APIGroup is the group for the resource being referenced. - If APIGroup is not specified, the specified Kind must be in the core API group. - For any other third-party types, APIGroup is required. - type: string - kind: - description: Kind is the type of resource being - referenced - type: string - name: - description: Name is the name of resource being - referenced - type: string - required: - - kind - - name - type: object - x-kubernetes-map-type: atomic - enabled: - type: boolean - issuerRef: - description: |- - References cert-manager Issuer or ClusterIssuer. When provided, this - issuer will be used to issue node certificates. - Typically you want to provide the issuer when a generated self-signed one - is not enough and you need to have a verifiable chain with a proper CA - certificate. - properties: - group: - description: Group of the resource being referred - to. - type: string - kind: - description: Kind of the resource being referred - to. - type: string - name: - description: Name of the resource being referred - to. - type: string - required: - - name - type: object - nodeSecretRef: - description: |- - If provided, operator uses certificate in this secret instead of - issuing its own node certificate. The secret is expected to provide - the following keys: 'ca.crt', 'tls.key' and 'tls.crt' - If NodeSecretRef points to secret in different namespace, operator will - duplicate the secret to the same namespace as redpanda CRD to be able to - mount it to the nodes. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: |- - If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would take on a value like: - "spec.containers{name}" (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" (container with - index 2 in this pod). This syntax is chosen only to have some well-defined way of - referencing a part of an object. - type: string - kind: - description: |- - Kind of the referent. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - namespace: - description: |- - Namespace of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ - type: string - resourceVersion: - description: |- - Specific resourceVersion to which this reference is made, if any. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency - type: string - uid: - description: |- - UID of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids - type: string - type: object - x-kubernetes-map-type: atomic - requireClientAuth: - type: boolean - type: object - type: object - type: array - autoCreateTopics: - description: Enable auto-creation of topics. Reference https://kafka.apache.org/documentation/#brokerconfigs_auto.create.topics.enable - type: boolean - developerMode: - type: boolean - groupTopicPartitions: - description: Number of partitions in the internal group membership - topic - type: integer - kafkaApi: - items: - description: KafkaAPI configures listener for the Kafka API - properties: - authenticationMethod: - description: |- - AuthenticationMethod can enable authentication method per Kafka - listener. Available options are: none, sasl, mtls_identity. - https://docs.redpanda.com/docs/security/authentication/ - type: string - external: - description: |- - External enables user to expose Redpanda - nodes outside of a Kubernetes cluster. For more - information please go to ExternalConnectivityConfig - properties: - bootstrapLoadBalancer: - description: Configures a load balancer for bootstrapping - properties: - annotations: - additionalProperties: - type: string - description: |- - If specified, sets the load balancer service annotations. - Example usage includes configuring the load balancer to - be an internal one through provider-specific annotations. - type: object - port: - description: The port used to communicate to the - load balancer. - type: integer - type: object - enabled: - description: Enabled enables the external connectivity - feature - type: boolean - endpointTemplate: - description: |- - EndpointTemplate is a Golang template string that allows customizing each - broker advertised address. - Redpanda uses the format BROKER_ID.SUBDOMAIN:EXTERNAL_KAFKA_API_PORT by - default for advertised addresses. When an EndpointTemplate is - provided, then the BROKER_ID part is replaced with the endpoint - computed from the template. - The following variables are available to the template: - - Index: the Redpanda broker progressive number - - HostIP: the ip address of the Node, as reported in pod status - - Common template functions from Sprig (http://masterminds.github.io/sprig/) - are also available. The set of available functions is limited to hermetic - functions because template application needs to be deterministic. - type: string - preferredAddressType: - description: |- - The preferred address type to be assigned to the external - advertised addresses. The valid types are ExternalDNS, - ExternalIP, InternalDNS, InternalIP, and Hostname. - When the address of the preferred type is not found the advertised - addresses remains empty. The default preferred address type is - ExternalIP. This option only applies when Subdomain is empty. - type: string - subdomain: - description: |- - Subdomain can be used to change the behavior of an advertised - KafkaAPI. Each broker advertises Kafka API as follows - ENDPOINT.SUBDOMAIN:EXTERNAL_KAFKA_API_PORT. - If Subdomain is empty then each broker advertises Kafka - API as PUBLIC_NODE_IP:EXTERNAL_KAFKA_API_PORT. - If TLS is enabled then this subdomain will be requested - as a subject alternative name. - type: string - type: object - port: - type: integer - tls: - description: Configuration of TLS for Kafka API - properties: - clientCACertRef: - description: |- - If ClientCACertRef points to a secret containing the trusted CA certificates. - If provided and RequireClientAuth is true, the operator uses the certificate - in this secret instead of issuing client certificates. The secret is expected to provide - the following keys: 'ca.crt'. - properties: - apiGroup: - description: |- - APIGroup is the group for the resource being referenced. - If APIGroup is not specified, the specified Kind must be in the core API group. - For any other third-party types, APIGroup is required. - type: string - kind: - description: Kind is the type of resource being - referenced - type: string - name: - description: Name is the name of resource being - referenced - type: string - required: - - kind - - name - type: object - x-kubernetes-map-type: atomic - enabled: - type: boolean - issuerRef: - description: |- - References cert-manager Issuer or ClusterIssuer. When provided, this - issuer will be used to issue node certificates. - Typically you want to provide the issuer when a generated self-signed one - is not enough and you need to have a verifiable chain with a proper CA - certificate. - properties: - group: - description: Group of the resource being referred - to. - type: string - kind: - description: Kind of the resource being referred - to. - type: string - name: - description: Name of the resource being referred - to. - type: string - required: - - name - type: object - nodeSecretRef: - description: |- - If provided, operator uses certificate in this secret instead of - issuing its own node certificate. The secret is expected to provide - the following keys: 'ca.crt', 'tls.key' and 'tls.crt' - If NodeSecretRef points to secret in different namespace, operator will - duplicate the secret to the same namespace as redpanda CRD to be able to - mount it to the nodes - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: |- - If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would take on a value like: - "spec.containers{name}" (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" (container with - index 2 in this pod). This syntax is chosen only to have some well-defined way of - referencing a part of an object. - type: string - kind: - description: |- - Kind of the referent. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - namespace: - description: |- - Namespace of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ - type: string - resourceVersion: - description: |- - Specific resourceVersion to which this reference is made, if any. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency - type: string - uid: - description: |- - UID of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids - type: string - type: object - x-kubernetes-map-type: atomic - requireClientAuth: - description: |- - Enables two-way verification on the server side. If enabled, all Kafka - API clients are required to have a valid client certificate. - type: boolean - type: object - type: object - type: array - pandaproxyApi: - items: - description: PandaproxyAPI configures listener for the Pandaproxy - API - properties: - authenticationMethod: - description: |- - AuthenticationMethod can enable authentication method per pandaproxy - listener. Available options are: none, http_basic. - type: string - external: - description: |- - External enables user to expose Redpanda - nodes outside of a Kubernetes cluster. For more - information please go to ExternalConnectivityConfig - properties: - bootstrapLoadBalancer: - description: Configures a load balancer for bootstrapping - properties: - annotations: - additionalProperties: - type: string - description: |- - If specified, sets the load balancer service annotations. - Example usage includes configuring the load balancer to - be an internal one through provider-specific annotations. - type: object - port: - description: The port used to communicate to the - load balancer. - type: integer - type: object - enabled: - description: Enabled enables the external connectivity - feature - type: boolean - endpointTemplate: - description: |- - EndpointTemplate is a Golang template string that allows customizing each - broker advertised address. - Redpanda uses the format BROKER_ID.SUBDOMAIN:EXTERNAL_KAFKA_API_PORT by - default for advertised addresses. When an EndpointTemplate is - provided, then the BROKER_ID part is replaced with the endpoint - computed from the template. - The following variables are available to the template: - - Index: the Redpanda broker progressive number - - HostIP: the ip address of the Node, as reported in pod status - - Common template functions from Sprig (http://masterminds.github.io/sprig/) - are also available. The set of available functions is limited to hermetic - functions because template application needs to be deterministic. - type: string - ingress: - description: Configures a ingress resource - properties: - annotations: - additionalProperties: - type: string - description: Optional annotations for the generated - ingress. - type: object - enabled: - description: Indicates if ingress is enabled (true - when unspecified). - type: boolean - endpoint: - description: If present, it's appended to the subdomain - to form the ingress hostname. - type: string - type: object - preferredAddressType: - description: |- - The preferred address type to be assigned to the external - advertised addresses. The valid types are ExternalDNS, - ExternalIP, InternalDNS, InternalIP, and Hostname. - When the address of the preferred type is not found the advertised - addresses remains empty. The default preferred address type is - ExternalIP. This option only applies when Subdomain is empty. - type: string - subdomain: - description: |- - Subdomain can be used to change the behavior of an advertised - KafkaAPI. Each broker advertises Kafka API as follows - ENDPOINT.SUBDOMAIN:EXTERNAL_KAFKA_API_PORT. - If Subdomain is empty then each broker advertises Kafka - API as PUBLIC_NODE_IP:EXTERNAL_KAFKA_API_PORT. - If TLS is enabled then this subdomain will be requested - as a subject alternative name. - type: string - type: object - port: - type: integer - tls: - description: Configuration of TLS for Pandaproxy API - properties: - clientCACertRef: - description: |- - If ClientCACertRef points to a secret containing the trusted CA certificates. - If provided and RequireClientAuth is true, the operator uses the certificate - in this secret instead of issuing client certificates. The secret is expected to provide - the following keys: 'ca.crt'. - properties: - apiGroup: - description: |- - APIGroup is the group for the resource being referenced. - If APIGroup is not specified, the specified Kind must be in the core API group. - For any other third-party types, APIGroup is required. - type: string - kind: - description: Kind is the type of resource being - referenced - type: string - name: - description: Name is the name of resource being - referenced - type: string - required: - - kind - - name - type: object - x-kubernetes-map-type: atomic - enabled: - type: boolean - issuerRef: - description: |- - References cert-manager Issuer or ClusterIssuer. When provided, this - issuer will be used to issue node certificates. - Typically you want to provide the issuer when a generated self-signed one - is not enough and you need to have a verifiable chain with a proper CA - certificate. - properties: - group: - description: Group of the resource being referred - to. - type: string - kind: - description: Kind of the resource being referred - to. - type: string - name: - description: Name of the resource being referred - to. - type: string - required: - - name - type: object - nodeSecretRef: - description: |- - If provided, operator uses certificate in this secret instead of - issuing its own node certificate. The secret is expected to provide - the following keys: 'ca.crt', 'tls.key' and 'tls.crt' - If NodeSecretRef points to secret in different namespace, operator will - duplicate the secret to the same namespace as redpanda CRD to be able to - mount it to the nodes - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: |- - If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would take on a value like: - "spec.containers{name}" (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" (container with - index 2 in this pod). This syntax is chosen only to have some well-defined way of - referencing a part of an object. - type: string - kind: - description: |- - Kind of the referent. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - namespace: - description: |- - Namespace of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ - type: string - resourceVersion: - description: |- - Specific resourceVersion to which this reference is made, if any. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency - type: string - uid: - description: |- - UID of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids - type: string - type: object - x-kubernetes-map-type: atomic - requireClientAuth: - description: |- - Enables two-way verification on the server side. If enabled, all - Pandaproxy API clients are required to have a valid client certificate. - type: boolean - type: object - type: object - type: array - rpcServer: - description: SocketAddress provide the way to configure the port - properties: - port: - type: integer - type: object - schemaRegistry: - description: SchemaRegistryAPI configures the schema registry - API - properties: - authenticationMethod: - description: |- - AuthenticationMethod can enable authentication method per schema registry - listener. Available options are: none, http_basic. - type: string - external: - description: |- - External enables user to expose Redpanda - nodes outside of a Kubernetes cluster. For more - information please go to ExternalConnectivityConfig - properties: - bootstrapLoadBalancer: - description: Configures a load balancer for bootstrapping - properties: - annotations: - additionalProperties: - type: string - description: |- - If specified, sets the load balancer service annotations. - Example usage includes configuring the load balancer to - be an internal one through provider-specific annotations. - type: object - port: - description: The port used to communicate to the load - balancer. - type: integer - type: object - enabled: - description: Enabled enables the external connectivity - feature - type: boolean - endpoint: - description: |- - Indicates the global endpoint that (together with subdomain), should be - advertised for schema registry. - type: string - endpointTemplate: - description: |- - EndpointTemplate is a Golang template string that allows customizing each - broker advertised address. - Redpanda uses the format BROKER_ID.SUBDOMAIN:EXTERNAL_KAFKA_API_PORT by - default for advertised addresses. When an EndpointTemplate is - provided, then the BROKER_ID part is replaced with the endpoint - computed from the template. - The following variables are available to the template: - - Index: the Redpanda broker progressive number - - HostIP: the ip address of the Node, as reported in pod status - - Common template functions from Sprig (http://masterminds.github.io/sprig/) - are also available. The set of available functions is limited to hermetic - functions because template application needs to be deterministic. - type: string - preferredAddressType: - description: |- - The preferred address type to be assigned to the external - advertised addresses. The valid types are ExternalDNS, - ExternalIP, InternalDNS, InternalIP, and Hostname. - When the address of the preferred type is not found the advertised - addresses remains empty. The default preferred address type is - ExternalIP. This option only applies when Subdomain is empty. - type: string - staticNodePort: - description: Indicates that the node port for the service - needs not to be generated. - type: boolean - subdomain: - description: |- - Subdomain can be used to change the behavior of an advertised - KafkaAPI. Each broker advertises Kafka API as follows - ENDPOINT.SUBDOMAIN:EXTERNAL_KAFKA_API_PORT. - If Subdomain is empty then each broker advertises Kafka - API as PUBLIC_NODE_IP:EXTERNAL_KAFKA_API_PORT. - If TLS is enabled then this subdomain will be requested - as a subject alternative name. - type: string - type: object - port: - description: |- - Port will set the schema registry listener port in Redpanda - configuration. - If not set the default will be 8081 - type: integer - tls: - description: TLS is the configuration for schema registry - properties: - clientCACertRef: - description: |- - If ClientCACertRef points to a secret containing the trusted CA certificates. - If provided and RequireClientAuth is true, the operator uses the certificate - in this secret instead of issuing client certificates. The secret is expected to provide - the following keys: 'ca.crt'. - properties: - apiGroup: - description: |- - APIGroup is the group for the resource being referenced. - If APIGroup is not specified, the specified Kind must be in the core API group. - For any other third-party types, APIGroup is required. - type: string - kind: - description: Kind is the type of resource being referenced - type: string - name: - description: Name is the name of resource being referenced - type: string - required: - - kind - - name - type: object - x-kubernetes-map-type: atomic - enabled: - type: boolean - issuerRef: - description: |- - References cert-manager Issuer or ClusterIssuer. When provided, this - issuer will be used to issue node certificates. - Typically you want to provide the issuer when a generated self-signed one - is not enough and you need to have a verifiable chain with a proper CA - certificate. - properties: - group: - description: Group of the resource being referred - to. - type: string - kind: - description: Kind of the resource being referred to. - type: string - name: - description: Name of the resource being referred to. - type: string - required: - - name - type: object - nodeSecretRef: - description: |- - If provided, operator uses certificate in this secret instead of - issuing its own node certificate. The secret is expected to provide - the following keys: 'ca.crt', 'tls.key' and 'tls.crt' - If NodeSecretRef points to secret in different namespace, operator will - duplicate the secret to the same namespace as redpanda CRD to be able to - mount it to the nodes - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: |- - If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would take on a value like: - "spec.containers{name}" (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" (container with - index 2 in this pod). This syntax is chosen only to have some well-defined way of - referencing a part of an object. - type: string - kind: - description: |- - Kind of the referent. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - namespace: - description: |- - Namespace of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ - type: string - resourceVersion: - description: |- - Specific resourceVersion to which this reference is made, if any. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency - type: string - uid: - description: |- - UID of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids - type: string - type: object - x-kubernetes-map-type: atomic - requireClientAuth: - description: |- - Enables two-way verification on the server side. If enabled, all SchemaRegistry - clients are required to have a valid client certificate. - type: boolean - type: object - required: - - port - type: object - type: object - dnsTrailingDotDisabled: - description: |- - DNSTrailingDotDisabled gives ability to turn off the fully-qualified - DNS name. - http://www.dns-sd.org/trailingdotsindomainnames.html - type: boolean - enableSasl: - description: |- - SASL enablement flag - Deprecated: replaced by "kafkaEnableAuthorization" - type: boolean - image: - description: Image is the fully qualified name of the Redpanda container - type: string - initialValidationForVolume: - description: |- - When InitialValidationForVolume is enabled the mounted Redpanda data folder - will be checked if: - - it is dir - - it has XFS file system - - it can create test file and delete it - type: boolean - kafkaEnableAuthorization: - description: |- - Enable authorization for Kafka connections. Values are: - - - `nil`: Ignored. Authorization is enabled with `enable_sasl: true` - - - `true`: authorization is required - - - `false`: authorization is disabled; - - See also `enableSasl` and `configuration.kafkaApi[].authenticationMethod` - type: boolean - licenseRef: - description: If key is not provided in the SecretRef, Secret data - should have key "license" - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - namespace: - description: |- - Namespace of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ - type: string - required: - - name - - namespace - type: object - nodePools: - description: |- - NodePools runs a StatefulSet for every NodePool. All these produce pods, - that join the cluster, but are steered independently (especially replica - count). - items: - description: |- - NodePoolSpec defines a NodePool. NodePools have their own: - NodeSelector, so they can be scheduled on specific cloud provider Node Pools. - Storage, as different NodePools may have different disk shapes. - Replicas, so they can be controlled independently - Resources, because this is tied strongly to the actual machine shape backing the NodePool. - properties: - additionalCommandlineArguments: - additionalProperties: - type: string - description: |- - Additional command line arguments that we pass to the redpanda binary - These are applied last and will override any other command line arguments that may be defined, - including the ones added when setting `DeveloperMode` to `true`. - type: object - cloudCacheStorage: - description: Cache directory that will be mounted for Cloud - Storage. - properties: - capacity: - anyOf: - - type: integer - - type: string - description: Storage capacity requested - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - storageClassName: - description: Storage class name - https://kubernetes.io/docs/concepts/storage/storage-classes/ - type: string - type: object - hostIndexOffset: - description: |- - HostIndexOffset is an additional offset on top of the host index - which - is practically the pod ordinal. - This makes it possible to have PrivateLink separate port ranges per NodePool. - type: integer - name: - description: Name of the NodePool. Must be unique, and must - not be "default". - minLength: 3 - type: string - nodeSelector: - additionalProperties: - type: string - description: |- - If specified, Redpanda Pod node selectors. For reference please visit - https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node - type: object - replicas: - description: Replicas determine how big the node pool will be. - format: int32 - minimum: 0 - type: integer - resources: - description: |- - Resources used by redpanda process running in container. Beware that - there are multiple containers running in the redpanda pod and these can - be enabled/disabled and configured from the `sidecars` field. These - containers have separate resources settings and the amount of resources - assigned to these containers will be required on the cluster on top of - the resources defined here - properties: - claims: - description: |- - Claims lists the names of resources, defined in spec.resourceClaims, - that are used by this container. - - This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. - - This field is immutable. It can only be set for containers. - items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. - properties: - name: - description: |- - Name must match the name of one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes that resource available - inside a container. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - redpanda: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Redpanda describes the amount of compute resources passed to redpanda. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - storage: - description: Storage spec for cluster - properties: - capacity: - anyOf: - - type: integer - - type: string - description: Storage capacity requested - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - storageClassName: - description: Storage class name - https://kubernetes.io/docs/concepts/storage/storage-classes/ - type: string - type: object - tolerations: - description: If specified, Redpanda Pod tolerations - items: - description: |- - The pod this Toleration is attached to tolerates any taint that matches - the triple using the matching operator . - properties: - effect: - description: |- - Effect indicates the taint effect to match. Empty means match all taint effects. - When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: |- - Key is the taint key that the toleration applies to. Empty means match all taint keys. - If the key is empty, operator must be Exists; this combination means to match all values and all keys. - type: string - operator: - description: |- - Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod can - tolerate all taints of a particular category. - type: string - tolerationSeconds: - description: |- - TolerationSeconds represents the period of time the toleration (which must be - of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, - it is not set, which means tolerate the taint forever (do not evict). Zero and - negative values will be treated as 0 (evict immediately) by the system. - format: int64 - type: integer - value: - description: |- - Value is the taint value the toleration matches to. - If the operator is Exists, the value should be empty, otherwise just a regular string. - type: string - type: object - type: array - required: - - cloudCacheStorage - - name - - resources - - storage - type: object - type: array - nodeSelector: - additionalProperties: - type: string - description: |- - If specified, Redpanda Pod node selectors. For reference please visit - https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node - type: object - podDisruptionBudget: - description: |- - PodDisruptionBudget specifies whether PDB resource should be created for - the cluster and how should it be configured. By default this is enabled - and defaults to MaxUnavailable=1 - properties: - enabled: - description: Enabled specifies whether PDB should be generated - for the cluster. It defaults to true - type: boolean - maxUnavailable: - anyOf: - - type: integer - - type: string - description: |- - An eviction is allowed if at most "maxUnavailable" pods selected by - "selector" are unavailable after the eviction, i.e. even in absence of - the evicted pod. For example, one can prevent all voluntary evictions - by specifying 0. This is a mutually exclusive setting with "minAvailable". - This property defaults to 1. - you can read more in https://kubernetes.io/docs/tasks/run-application/configure-pdb/ - x-kubernetes-int-or-string: true - minAvailable: - anyOf: - - type: integer - - type: string - description: |- - An eviction is allowed if at least "minAvailable" pods selected by - "selector" will still be available after the eviction, i.e. even in the - absence of the evicted pod. So for example you can prevent all voluntary - evictions by specifying "100%". This is a mutually exclusive setting with "maxUnavailable". - you can read more in https://kubernetes.io/docs/tasks/run-application/configure-pdb/ - x-kubernetes-int-or-string: true - type: object - priorityClassName: - description: PriorityClassName is used to set the PodSpec.PriorityClassName - of the redpanda Statefulset. - type: string - replicas: - description: Replicas determine how big the cluster will be. - format: int32 - minimum: 0 - type: integer - resources: - description: |- - Resources used by redpanda process running in container. Beware that - there are multiple containers running in the redpanda pod and these can - be enabled/disabled and configured from the `sidecars` field. These - containers have separate resources settings and the amount of resources - assigned to these containers will be required on the cluster on top of - the resources defined here - properties: - claims: - description: |- - Claims lists the names of resources, defined in spec.resourceClaims, - that are used by this container. - - This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. - - This field is immutable. It can only be set for containers. - items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. - properties: - name: - description: |- - Name must match the name of one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes that resource available - inside a container. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - redpanda: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Redpanda describes the amount of compute resources passed to redpanda. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - restartConfig: - description: RestartConfig allows to control the behavior of the cluster - when restarting - properties: - disableMaintenanceModeHooks: - description: DisableMaintenanceModeHooks deactivates the preStop - and postStart hooks that force nodes to enter maintenance mode - when stopping and exit maintenance mode when up again - type: boolean - underReplicatedPartitionThreshold: - description: |- - UnderReplicatedPartitionThreshold controls when rolling update will continue with - restarts. The procedure can be described as follows: - - 1. Rolling update checks if Pod specification needs to be replaced and deletes it - 2. Deleted Redpanda Pod is put into maintenance mode (postStart hook will disable - maintenance mode when new Pod starts) - 3. Rolling update waits for Pod to be in Ready state - 4. Rolling update checks if cluster is in healthy state - 5. Rolling update checks if restarted Redpanda Pod admin API Ready endpoint returns HTTP 200 response - 6. Using UnderReplicatedPartitionThreshold each under replicated partition metric is compared with the threshold - 7. Rolling update moves to the next Redpanda pod - - The metric `vectorized_cluster_partition_under_replicated_replicas` is used in the comparison - - Mentioned metrics has the following help description: - `vectorized_cluster_partition_under_replicated_replicas` Number of under replicated replicas - - By default, the UnderReplicatedPartitionThreshold will be 0, which means all partitions needs to catch up without any lag. - type: integer - type: object - serviceAccount: - description: The name of the ServiceAccount to be used by the Redpanda - pods - type: string - sidecars: - description: Sidecars is list of sidecars run alongside redpanda container - properties: - rpkStatus: - description: |- - RpkStatus is sidecar running rpk status collecting status information - from the running node - properties: - enabled: - description: Enabled if false, the sidecar won't be added - to the pod running redpanda node - type: boolean - resources: - description: |- - Resources are resource requirements and limits for the container running - this sidecar. For the default sidecars this is defaulted - properties: - claims: - description: |- - Claims lists the names of resources, defined in spec.resourceClaims, - that are used by this container. - - This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. - - This field is immutable. It can only be set for containers. - items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. - properties: - name: - description: |- - Name must match the name of one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes that resource available - inside a container. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - type: object - type: object - storage: - description: Storage spec for cluster - properties: - capacity: - anyOf: - - type: integer - - type: string - description: Storage capacity requested - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - storageClassName: - description: Storage class name - https://kubernetes.io/docs/concepts/storage/storage-classes/ - type: string - type: object - superUsers: - description: List of superusers - items: - description: Superuser has full access to the Redpanda cluster - properties: - username: - type: string - required: - - username - type: object - type: array - tolerations: - description: If specified, Redpanda Pod tolerations - items: - description: |- - The pod this Toleration is attached to tolerates any taint that matches - the triple using the matching operator . - properties: - effect: - description: |- - Effect indicates the taint effect to match. Empty means match all taint effects. - When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: |- - Key is the taint key that the toleration applies to. Empty means match all taint keys. - If the key is empty, operator must be Exists; this combination means to match all values and all keys. - type: string - operator: - description: |- - Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod can - tolerate all taints of a particular category. - type: string - tolerationSeconds: - description: |- - TolerationSeconds represents the period of time the toleration (which must be - of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, - it is not set, which means tolerate the taint forever (do not evict). Zero and - negative values will be treated as 0 (evict immediately) by the system. - format: int64 - type: integer - value: - description: |- - Value is the taint value the toleration matches to. - If the operator is Exists, the value should be empty, otherwise just a regular string. - type: string - type: object - type: array - version: - description: Version is the Redpanda container tag - type: string - type: object - status: - description: ClusterStatus defines the observed state of Cluster - properties: - conditions: - description: Current state of the cluster. - items: - description: ClusterCondition contains details for the current conditions - of the cluster - properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another - format: date-time - type: string - message: - description: Human-readable message indicating details about - last transition - type: string - reason: - description: Unique, one-word, CamelCase reason for the condition's - last transition - type: string - status: - description: Status is the status of the condition - type: string - type: - description: Type is the type of the condition - enum: - - ClusterConfigured - - OperatorQuiescent - type: string - required: - - status - - type - type: object - type: array - currentReplicas: - description: CurrentReplicas is the number of Pods that the controller - currently wants to run for the cluster. - format: int32 - type: integer - decommissioningNode: - description: Indicates that a node is currently being decommissioned - from the cluster and provides its ordinal number - format: int32 - type: integer - nodePools: - additionalProperties: - description: NodePoolStatus describes the status of the NodePool. - properties: - currentReplicas: - format: int32 - type: integer - readyReplicas: - format: int32 - type: integer - replicas: - format: int32 - type: integer - restarting: - description: Indicates that a nodePool's pods are restarting. - type: boolean - required: - - currentReplicas - - readyReplicas - - replicas - type: object - description: Every NodePool has its own status. - type: object - nodes: - description: Nodes of the provisioned redpanda nodes - properties: - external: - items: - type: string - type: array - externalAdmin: - items: - type: string - type: array - externalBootstrap: - description: |- - LoadBalancerStatus reports the load balancer status as generated - by the load balancer core service - properties: - ingress: - description: |- - Ingress is a list containing ingress points for the load-balancer. - Traffic intended for the service should be sent to these ingress points. - items: - description: |- - LoadBalancerIngress represents the status of a load-balancer ingress point: - traffic intended for the service should be sent to an ingress point. - properties: - hostname: - description: |- - Hostname is set for load-balancer ingress points that are DNS based - (typically AWS load-balancers) - type: string - ip: - description: |- - IP is set for load-balancer ingress points that are IP based - (typically GCE or OpenStack load-balancers) - type: string - ipMode: - description: |- - IPMode specifies how the load-balancer IP behaves, and may only be specified when the ip field is specified. - Setting this to "VIP" indicates that traffic is delivered to the node with - the destination set to the load-balancer's IP and port. - Setting this to "Proxy" indicates that traffic is delivered to the node or pod with - the destination set to the node's IP and node port or the pod's IP and port. - Service implementations may use this information to adjust traffic routing. - type: string - ports: - description: |- - Ports is a list of records of service ports - If used, every port defined in the service should have an entry in it - items: - properties: - error: - description: |- - Error is to record the problem with the service port - The format of the error shall comply with the following rules: - - built-in error values shall be specified in this file and those shall use - CamelCase names - - cloud provider specific error values must have names that comply with the - format foo.example.com/CamelCase. - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - port: - description: Port is the port number of the service - port of which status is recorded here - format: int32 - type: integer - protocol: - description: |- - Protocol is the protocol of the service port of which status is recorded here - The supported values are: "TCP", "UDP", "SCTP" - type: string - required: - - error - - port - - protocol - type: object - type: array - x-kubernetes-list-type: atomic - type: object - type: array - x-kubernetes-list-type: atomic - type: object - externalPandaproxy: - items: - type: string - type: array - internal: - items: - type: string - type: array - pandaproxyIngress: - type: string - schemaRegistry: - description: |- - SchemaRegistryStatus reports addresses where schema registry - can be reached - properties: - external: - description: |- - External address should be registered in DNS provider using - all public IP of a nodes that Redpanda is scheduled on. - - The External is empty when subdomain is not provided. - type: string - externalNodeIPs: - description: |- - ExternalNodeIPs is only filled when the Schema Registry - external connectivity feature flag is enabled, but the subdomain is - empty. This gives user ability to register all addresses individually - in DNS provider of choice. - items: - type: string - type: array - internal: - type: string - type: object - type: object - observedGeneration: - description: If set, this represents the .metadata.generation that - was observed by the controller. - format: int64 - type: integer - readyReplicas: - description: ReadyReplicas is the number of Pods belonging to the - cluster that have a Ready Condition. - format: int32 - type: integer - replicas: - description: Replicas show how many nodes have been created for the - cluster - format: int32 - type: integer - restarting: - description: Indicates that a cluster is restarting due to an upgrade - or a different reason - type: boolean - upgrading: - description: |- - Indicates cluster is upgrading. - Deprecated: replaced by "restarting" - type: boolean - version: - description: Current version of the cluster. - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - cert-manager.io/inject-ca-from: CERTIFICATE_NAMESPACE/CERTIFICATE_NAME - controller-gen.kubebuilder.io/version: v0.16.3 - name: consoles.redpanda.vectorized.io -spec: - conversion: - strategy: Webhook - webhook: - clientConfig: - service: - name: webhook-service - namespace: system - path: /convert - conversionReviewVersions: - - v1 - group: redpanda.vectorized.io - names: - kind: Console - listKind: ConsoleList - plural: consoles - singular: console - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: Console is the Schema for the consoles API - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: |- - ConsoleSpec defines the desired state of Console - Most of the fields here are copied from Console config - REF https://github.com/redpanda-data/console/blob/master/backend/pkg/api/config.go - properties: - cloud: - description: |- - Cloud contains configurations for Redpanda cloud. If you're running a - self-hosted installation, you can ignore this - properties: - prometheusEndpoint: - description: |- - PrometheusEndpointConfig configures the Prometheus endpoint that shall be - exposed in Redpanda Cloud so that users can scrape this URL to - collect their dataplane's metrics in their own time-series database. - properties: - basicAuth: - description: |- - BasicAuthConfig are credentials that will be required by the user in order to - scrape the endpoint - properties: - passwordRef: - description: |- - SecretKeyRef contains enough information to inspect or modify the referred Secret data - REF https://pkg.go.dev/k8s.io/api/core/v1#ObjectReference - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - namespace: - description: |- - Namespace of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ - type: string - required: - - name - - namespace - type: object - username: - type: string - required: - - passwordRef - - username - type: object - enabled: - type: boolean - prometheus: - description: PrometheusConfig is configuration of prometheus - instance - properties: - address: - description: Address to Prometheus endpoint - type: string - jobs: - description: |- - Jobs is the list of Prometheus Jobs that we want to discover so that we - can then scrape the discovered targets ourselves. - items: - description: |- - PrometheusScraperJobConfig is the configuration object that determines what Prometheus - targets we should scrape. - properties: - jobName: - description: JobName refers to the Prometheus job - name whose discovered targets we want to scrape - type: string - keepLabels: - description: |- - KeepLabels is a list of label keys that are added by Prometheus when scraping - the target and should remain for all metrics as exposed to the Prometheus endpoint. - items: - type: string - type: array - required: - - jobName - - keepLabels - type: object - type: array - targetRefreshInterval: - default: 10s - type: string - required: - - address - - jobs - type: object - responseCacheDuration: - default: 1s - format: duration - type: string - scrapeTargetTimeout: - default: 15s - format: duration - type: string - required: - - enabled - - prometheus - type: object - redpandaConnect: - description: RedpandaConnect is the configuration for Redpanda - Connect in Redpanda Cloud. - properties: - address: - description: |- - Address to Redpanda Connect Cloud API service endpoint - (e.g. "redpanda-connect-api.redpanda-connect.svc.cluster.local:8080") - type: string - enabled: - type: boolean - type: object - required: - - prometheusEndpoint - type: object - clusterRef: - description: The referenced Redpanda Cluster - properties: - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - namespace: - description: |- - Namespace of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ - type: string - required: - - name - - namespace - type: object - connect: - description: Connect defines configurable fields for Kafka Connect - properties: - clusters: - items: - description: ConnectCluster defines configurable fields for - the Kafka Connect cluster - properties: - basicAuthRef: - description: |- - BasicAuthRef configures basic auth credentials referenced by Secret - Expects to have keys "username", "password" - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: |- - If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would take on a value like: - "spec.containers{name}" (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" (container with - index 2 in this pod). This syntax is chosen only to have some well-defined way of - referencing a part of an object. - type: string - kind: - description: |- - Kind of the referent. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - namespace: - description: |- - Namespace of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ - type: string - resourceVersion: - description: |- - Specific resourceVersion to which this reference is made, if any. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency - type: string - uid: - description: |- - UID of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids - type: string - type: object - x-kubernetes-map-type: atomic - name: - type: string - tls: - description: TLS configures mTLS auth - properties: - enabled: - type: boolean - insecureSkipTlsVerify: - type: boolean - secretKeyRef: - description: |- - SecretKeyRef configures certificate used for mTLS auth referenced by Secret - Expects to have keys "tls.crt", "tls.key", "ca.crt" - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: |- - If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would take on a value like: - "spec.containers{name}" (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" (container with - index 2 in this pod). This syntax is chosen only to have some well-defined way of - referencing a part of an object. - type: string - kind: - description: |- - Kind of the referent. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - namespace: - description: |- - Namespace of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ - type: string - resourceVersion: - description: |- - Specific resourceVersion to which this reference is made, if any. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency - type: string - uid: - description: |- - UID of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids - type: string - type: object - x-kubernetes-map-type: atomic - type: object - tokenRef: - description: |- - TokenRef configures token header auth referenced by Secret - Expects to have key "token" - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: |- - If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would take on a value like: - "spec.containers{name}" (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" (container with - index 2 in this pod). This syntax is chosen only to have some well-defined way of - referencing a part of an object. - type: string - kind: - description: |- - Kind of the referent. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - namespace: - description: |- - Namespace of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ - type: string - resourceVersion: - description: |- - Specific resourceVersion to which this reference is made, if any. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency - type: string - uid: - description: |- - UID of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids - type: string - type: object - x-kubernetes-map-type: atomic - url: - type: string - required: - - name - - url - type: object - type: array - connectTimeout: - default: 15s - format: duration - type: string - enabled: - type: boolean - readTimeout: - default: 60s - format: duration - type: string - requestTimeout: - default: 6s - format: duration - type: string - type: object - console: - description: |- - Console contains all configuration options for features that are generic, - such as enabling API endpoints. - properties: - api: - description: |- - ConsoleAPI declares the configuration properties for managing the - connect/grpc/grpc-gateway API endpoints. - properties: - enabled: - default: true - description: |- - Enabled determines whether any of the connect/grpc/grpc-gateway endpoints - will be mounted to the server. - type: boolean - enabledProcedures: - default: - - '*' - description: |- - EnabledProcedures is a list of procedure names that shall be allowed. - If a procedure is called that is not on this list a descriptive error - will be returned. A procedure name has the following format, regardless - whether it's called via connect, gRPC or the HTTP interface: - "/redpanda.api.dataplane.v1alpha1.UserService/ListUsers". - You can use "*" to enable all procedures. - items: - type: string - type: array - required: - - enabled - - enabledProcedures - type: object - type: object - deployment: - description: Deployment defines configurable fields for the Console - Deployment resource - properties: - image: - type: string - imagePullPolicy: - description: PullPolicy describes a policy for if/when to pull - a container image - type: string - imagePullSecrets: - description: Specifies credentials for a private image repository. - For details, see https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/. - items: - description: |- - LocalObjectReference contains enough information to let you locate the - referenced object inside the same namespace. - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - type: object - x-kubernetes-map-type: atomic - type: array - maxSurge: - default: 1 - format: int32 - type: integer - maxUnavailable: - default: 0 - format: int32 - type: integer - replicas: - default: 1 - format: int32 - type: integer - resources: - description: |- - Resources are the [corev1.ResourceRequirements] that are passed, verbatim, to the console Deployment. - See: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - properties: - claims: - description: |- - Claims lists the names of resources, defined in spec.resourceClaims, - that are used by this container. - - This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. - - This field is immutable. It can only be set for containers. - items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. - properties: - name: - description: |- - Name must match the name of one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes that resource available - inside a container. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - required: - - image - type: object - enterprise: - description: Enterprise defines configurable fields for features that - require license - properties: - rbac: - description: Console uses role-based access control (RBAC) to - restrict system access to authorized users - properties: - enabled: - type: boolean - roleBindingsRef: - description: |- - RoleBindingsRef is the ConfigMap that contains the RBAC file - The ConfigMap should contain "rbac.yaml" key - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - type: object - x-kubernetes-map-type: atomic - required: - - enabled - - roleBindingsRef - type: object - required: - - rbac - type: object - ingress: - description: Ingress contains configuration for the Console ingress. - properties: - annotations: - additionalProperties: - type: string - description: Optional annotations for the generated ingress. - type: object - enabled: - description: Indicates if ingress is enabled (true when unspecified). - type: boolean - endpoint: - description: If present, it's appended to the subdomain to form - the ingress hostname. - type: string - type: object - licenseRef: - description: |- - If you don't provide an enterprise license, Console ignores configurations for enterprise features - REF https://docs.redpanda.com/docs/console/reference/config/ - If key is not provided in the SecretRef, Secret data should have key "license" - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - namespace: - description: |- - Namespace of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ - type: string - required: - - name - - namespace - type: object - login: - description: |- - Login contains all configurations in order to protect Console with a login screen - Configure one or more of the below identity providers in order to support SSO - This feature requires an Enterprise license - REF https://docs.redpanda.com/docs/console/single-sign-on/identity-providers/google/ - properties: - enabled: - type: boolean - google: - description: EnterpriseLoginGoogle defines configurable fields - for Google provider - properties: - clientCredentialsRef: - description: |- - ClientCredentials is the Secret that contains SSO credentials - The Secret should contain keys "clientId", "clientSecret" - properties: - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - namespace: - description: |- - Namespace of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ - type: string - required: - - name - - namespace - type: object - directory: - description: Use Google groups in your RBAC role bindings. - properties: - serviceAccountRef: - description: |- - ServiceAccountRef is the ConfigMap that contains the Google Service Account json - The ConfigMap should contain "sa.json" key - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - type: object - x-kubernetes-map-type: atomic - targetPrincipal: - description: TargetPrincipal is the user that shall be - impersonated by the service account - type: string - required: - - serviceAccountRef - - targetPrincipal - type: object - enabled: - type: boolean - required: - - clientCredentialsRef - - enabled - type: object - jwtSecretRef: - description: |- - JWTSecret is the Secret that is used to sign and encrypt the JSON Web tokens that are used by the backend for session management - If not provided, the default key is "jwt" - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - namespace: - description: |- - Namespace of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ - type: string - required: - - name - - namespace - type: object - redpandaCloud: - description: EnterpriseLoginRedpandaCloud defines configurable - fields for RedpandaCloud SSO provider - properties: - allowedOrigins: - description: AllowedOrigins indicates if response is allowed - from given origin - items: - type: string - type: array - audience: - description: Audience is the domain where this auth is intended - for - type: string - domain: - description: Domain is the domain of the auth server - type: string - enabled: - type: boolean - orgId: - description: |- - OrgID refers to the Redpanda Cloud organization id that Console is running in. - If the OrgID is set, Console will ensure that incoming requests will only pass - if the provided access token matches this org id in the custom claims. - type: string - required: - - audience - - domain - - enabled - type: object - required: - - enabled - - jwtSecretRef - type: object - metricsNamespace: - default: console - description: Prefix for all exported prometheus metrics - type: string - redpanda: - description: Redpanda contains configurations that are Redpanda specific - properties: - adminApi: - description: RedpandaAdmin defines API configuration that enables - additional features that are Redpanda specific - properties: - enabled: - type: boolean - required: - - enabled - type: object - type: object - schema: - description: Schema defines configurable fields for Schema Registry - properties: - enabled: - type: boolean - refreshInterval: - default: 1m - format: duration - type: string - useSchemaRegistryCA: - description: |- - Indication on whether to use the schema registry CA as trust when connecting to the schema registry. - If not set, the public CAs will be used. - type: boolean - required: - - enabled - type: object - secretStore: - description: SecretStore contains the configuration for the cloud - provider secret manager - properties: - awsSecretManager: - description: SecretManagerAWS is the configuration object for - using Amazon's secret manager. - properties: - AWSCredentialsRef: - description: |- - AWSCredentialsRef refers to Kubernetes secret where AWS access key id and secret access key - is taken and used as environments variable - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - type: object - x-kubernetes-map-type: atomic - enabled: - description: |- - Enabled is whether AWS secret manager is enabled. Only one store - can be enabled at a time. - type: boolean - kmsKeyId: - description: |- - KmsKeyID is the ARN, key ID, or alias of the KMS key that Secrets Manager uses to encrypt - the secret value in the secret. - - To use a KMS key in a different account, use the key ARN or the alias ARN. - - If you don't specify this value, then Secrets Manager uses the key aws/secretsmanager. - If that key doesn't yet exist, then Secrets Manager creates it for you automatically - the first time it encrypts the secret value. - - If the secret is in a different Amazon Web Services account from the credentials - calling the API, then you can't use aws/secretsmanager to encrypt the secret, - and you must create and use a customer managed KMS key. - type: string - region: - description: |- - Region in which service is deployed so that related resources like - secrets are put to the same region - type: string - serviceAccountRoleARNAnnotation: - description: |- - ServiceAccountRoleARNAnnotation will be included in the Service Account definition. - That Kubernetes Service Account will be used in Kubernetes Deployment Spec of Console - Ref https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html - type: string - tags: - additionalProperties: - type: string - description: |- - Tags is a list of tags to attach to the secret. Each tag is a key and value a pair - of strings in a JSON text string, for example: - - [{"Key":"CostCenter","Value":"12345"},{"Key":"environment","Value":"production"}] - - Secrets Manager tag key names are case sensitive. A tag with the key "ABC" - is a different tag from one with key "abc". - - Tags can be used for permissions, so that you can namespace your secrets within a - single secret store. Console will also only allow the deletion of secrets that - posses the configured tags. - Tags default to: - "owner": "console" - type: object - required: - - enabled - - region - type: object - enabled: - type: boolean - gcpSecretManager: - description: SecretManagerGCP is the configuration object for - using Google Cloud's secret manager. - properties: - credentialsSecretRef: - description: |- - CredentialsSecretRef points to Kubernetes secret where service account - will be mounted to Console and used to authenticate again GCP API. - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - namespace: - description: |- - Namespace of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ - type: string - required: - - name - - namespace - type: object - enabled: - description: |- - Enabled is whether GCP secret manager is enabled. Only one store - can be enabled at a time. - type: boolean - labels: - additionalProperties: - type: string - description: |- - Labels help you to organize your project, add arbitrary labels as key/value - pairs to your resources. Use labels to indicate different environments, - services, teams, and so on. Console may use additional labels for each secret. - - Use a label with key "owner" to namespace secrets within a secret manager. - This label will always be set for the creation and listing of all secrets. - If you change the value after secrets have been created, Console will no - longer return them and consider them as managed by another application. - The owner label is optional but recommended. - - Labels default to: - "owner": "console" - type: object - projectId: - description: ProjectID is the GCP project in which to store - the secrets. - type: string - serviceAccountNameAnnotation: - description: |- - ServiceAccountNameAnnotation will be included in the Service Account definition. - That Kubernetes Service Account will be used in Kubernetes Deployment Spec of Console - Ref https://cloud.google.com/kubernetes-engine/docs/how-to/workload-identity - type: string - required: - - enabled - - projectId - type: object - kafkaConnect: - description: |- - SecretStoreKafkaConnect is a configuration block that specifies - what configured Kafka connect clusters support loading secrets from - the configured secret store. The frontend will only store sensitive - connector configurations in the secret store if the respective - kafka connect cluster is listed in this configuration. - properties: - clusters: - description: |- - Clusters is the list of Kafka connect clusters - which the secret store shall be used for. - items: - description: |- - SecretStoreKafkaConnectCluster configures the Kafka connect clusters - that support loading secrets from the configured secret store. - properties: - name: - description: |- - Name refers to the Kafka connect cluster name that has been - given in the connect configuration. This name must match some - cluster name or the configuration will be rejected. - type: string - secretNamePrefixAppend: - description: |- - SecretNamePrefixAppend is an optional string that shall be appended - to the global secretNamePrefix. This config is helpful if you want - to use a specific prefix for secrets belonging to this Kafka connect - cluster. You may want to do this if you want to restrict the - permissions for the kafka connect workers reading these secrets. - - Example: - secretstore.secretNamePrefix is set to: "redpanda/prod/" - secretstore.kafkaConnect.clusters.dwh.secretNamePrefixAppend is set to: "dwh/" - => Secrets will be created with the prefix "redpanda/prod/dwh/" so that - you can apply special iam permissions in your cloud account. - type: string - required: - - name - - secretNamePrefixAppend - type: object - type: array - enabled: - type: boolean - required: - - clusters - - enabled - type: object - scopes: - description: Scopes is a list of supported secret scopes - items: - type: string - type: array - secretNamePrefix: - description: |- - SecretNamePrefix is the prefix that shall be used for each secret name - that will be stored. The prefix is used for namespacing your secrets, - so that one secret store can be used by multiple tenants. - For AWS it's common to use a path-like structure whereas GCP does not - allow slashes. - - Examples: - AWS: redpanda/analytics/prod/console/ - GCP: redpanda-analytics-prod-console- - - Changing this prefix won't let you access secrets created under - a different prefix. - type: string - required: - - enabled - - secretNamePrefix - type: object - serveFrontend: - default: true - description: Only relevant for developers, who might want to run the - frontend separately - type: boolean - server: - description: |- - Server is the Console app HTTP server config - REF https://github.com/cloudhut/common/blob/b601d681e8599cee4255899def813142c0218e8b/rest/config.go - properties: - basePath: - description: Sets the subpath (root prefix) under which Kowl is - reachable. If you want to host Kowl under 'your.domain.com/kowl/' - you'd set the base path to 'kowl/'. The default is an empty - string which makes Kowl reachable under just 'domain.com/'. - When using this setting (or letting the 'X-Forwarded-Prefix' - header set it for you) remember to either leave 'strip-prefix' - enabled, or use a proxy that can strip the base-path/prefix - before it reaches Kowl. - type: string - compressionLevel: - default: 4 - description: 'Compression level applied to all http responses. - Valid values are: 0-9 (0=completely disable compression middleware, - 1=weakest compression, 9=best compression)' - type: integer - gracefulShutdownTimeout: - default: 30s - description: Timeout for graceful shutdowns - format: duration - type: string - idleTimeout: - default: 30s - description: Idle timeout for HTTP server - format: duration - type: string - listenAddress: - description: HTTP server listen address - type: string - listenPort: - default: 8080 - description: HTTP server listen port - type: integer - readTimeout: - default: 30s - description: Read timeout for HTTP server - format: duration - type: string - setBasePathFromXForwardedPrefix: - default: true - description: server.set-base-path-from-x-forwarded-prefix", true, - "When set to true, Kowl will use the 'X-Forwarded-Prefix' header - as the base path. (When enabled the 'base-path' setting won't - be used) - type: boolean - stripPrefix: - default: true - description: If a base-path is set (either by the 'base-path' - setting, or by the 'X-Forwarded-Prefix' header), they will be - removed from the request url. You probably want to leave this - enabled, unless you are using a proxy that can remove the prefix - automatically (like Traefik's 'StripPrefix' option) - type: boolean - writeTimeout: - default: 30s - description: Write timeout for HTTP server - format: duration - type: string - type: object - serviceAccount: - description: The name of the ServiceAccount to be used by the Redpanda - pods - type: string - required: - - clusterRef - - connect - - deployment - - schema - type: object - status: - description: ConsoleStatus defines the observed state of Console - properties: - availableReplicas: - description: Total number of available pods (ready for at least minReadySeconds) - targeted by this deployment. - format: int32 - type: integer - clusterGeneration: - description: The generation of the Repanda cluster - format: int64 - type: integer - configMapRef: - description: |- - The ConfigMap used by Console - This is used to pass the ConfigMap used to mount in the Deployment Resource since Ensure() only returns error - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: |- - If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would take on a value like: - "spec.containers{name}" (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" (container with - index 2 in this pod). This syntax is chosen only to have some well-defined way of - referencing a part of an object. - type: string - kind: - description: |- - Kind of the referent. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - namespace: - description: |- - Namespace of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ - type: string - resourceVersion: - description: |- - Specific resourceVersion to which this reference is made, if any. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency - type: string - uid: - description: |- - UID of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids - type: string - type: object - x-kubernetes-map-type: atomic - connectivity: - description: Connectivity defines internal/external hosts - properties: - external: - type: string - internal: - type: string - type: object - observedGeneration: - description: The generation observed by the controller - format: int64 - type: integer - readyReplicas: - description: readyReplicas is the number of pods targeted by this - Deployment with a Ready Condition. - format: int32 - type: integer - replicas: - description: Total number of non-terminated pods targeted by this - deployment (their labels match the selector). - format: int32 - type: integer - unavailableReplicas: - description: |- - Total number of unavailable pods targeted by this deployment. This is the total number of - pods that are still required for the deployment to have 100% available capacity. They may - either be pods that are running but not yet available or pods that still have not been created. - format: int32 - type: integer - updatedReplicas: - description: Total number of non-terminated pods targeted by this - deployment that have the desired template spec. - format: int32 - type: integer - version: - description: Current version of the cluster. - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.12.0 - name: gitrepositories.source.toolkit.fluxcd.io -spec: - group: source.toolkit.fluxcd.io - names: - kind: GitRepository - listKind: GitRepositoryList - plural: gitrepositories - shortNames: - - gitrepo - singular: gitrepository - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .spec.url - name: URL - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - name: v1 - schema: - openAPIV3Schema: - description: GitRepository is the Schema for the gitrepositories API. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: GitRepositorySpec specifies the required configuration to - produce an Artifact for a Git repository. - properties: - ignore: - description: Ignore overrides the set of excluded patterns in the - .sourceignore format (which is the same as .gitignore). If not provided, - a default will be used, consult the documentation for your version - to find out what those are. - type: string - include: - description: Include specifies a list of GitRepository resources which - Artifacts should be included in the Artifact produced for this GitRepository. - items: - description: GitRepositoryInclude specifies a local reference to - a GitRepository which Artifact (sub-)contents must be included, - and where they should be placed. - properties: - fromPath: - description: FromPath specifies the path to copy contents from, - defaults to the root of the Artifact. - type: string - repository: - description: GitRepositoryRef specifies the GitRepository which - Artifact contents must be included. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - toPath: - description: ToPath specifies the path to copy contents to, - defaults to the name of the GitRepositoryRef. - type: string - required: - - repository - type: object - type: array - interval: - description: Interval at which the GitRepository URL is checked for - updates. This interval is approximate and may be subject to jitter - to ensure efficient use of resources. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - proxySecretRef: - description: ProxySecretRef specifies the Secret containing the proxy - configuration to use while communicating with the Git server. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - recurseSubmodules: - description: RecurseSubmodules enables the initialization of all submodules - within the GitRepository as cloned from the URL, using their default - settings. - type: boolean - ref: - description: Reference specifies the Git reference to resolve and - monitor for changes, defaults to the 'master' branch. - properties: - branch: - description: Branch to check out, defaults to 'master' if no other - field is defined. - type: string - commit: - description: "Commit SHA to check out, takes precedence over all - reference fields. \n This can be combined with Branch to shallow - clone the branch, in which the commit is expected to exist." - type: string - name: - description: "Name of the reference to check out; takes precedence - over Branch, Tag and SemVer. \n It must be a valid Git reference: - https://git-scm.com/docs/git-check-ref-format#_description Examples: - \"refs/heads/main\", \"refs/tags/v0.1.0\", \"refs/pull/420/head\", - \"refs/merge-requests/1/head\"" - type: string - semver: - description: SemVer tag expression to check out, takes precedence - over Tag. - type: string - tag: - description: Tag to check out, takes precedence over Branch. - type: string - type: object - secretRef: - description: SecretRef specifies the Secret containing authentication - credentials for the GitRepository. For HTTPS repositories the Secret - must contain 'username' and 'password' fields for basic auth or - 'bearerToken' field for token auth. For SSH repositories the Secret - must contain 'identity' and 'known_hosts' fields. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - suspend: - description: Suspend tells the controller to suspend the reconciliation - of this GitRepository. - type: boolean - timeout: - default: 60s - description: Timeout for Git operations like cloning, defaults to - 60s. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ - type: string - url: - description: URL specifies the Git repository URL, it can be an HTTP/S - or SSH address. - pattern: ^(http|https|ssh)://.*$ - type: string - verify: - description: Verification specifies the configuration to verify the - Git commit signature(s). - properties: - mode: - default: HEAD - description: "Mode specifies which Git object(s) should be verified. - \n The variants \"head\" and \"HEAD\" both imply the same thing, - i.e. verify the commit that the HEAD of the Git repository points - to. The variant \"head\" solely exists to ensure backwards compatibility." - enum: - - head - - HEAD - - Tag - - TagAndHEAD - type: string - secretRef: - description: SecretRef specifies the Secret containing the public - keys of trusted Git authors. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - required: - - secretRef - type: object - required: - - interval - - url - type: object - status: - default: - observedGeneration: -1 - description: GitRepositoryStatus records the observed state of a Git repository. - properties: - artifact: - description: Artifact represents the last successful GitRepository - reconciliation. - properties: - digest: - description: Digest is the digest of the file in the form of ':'. - pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ - type: string - lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to - the last update of the Artifact. - format: date-time - type: string - metadata: - additionalProperties: - type: string - description: Metadata holds upstream information such as OCI annotations. - type: object - path: - description: Path is the relative file path of the Artifact. It - can be used to locate the file in the root of the Artifact storage - on the local file system of the controller managing the Source. - type: string - revision: - description: Revision is a human-readable identifier traceable - in the origin source system. It can be a Git commit SHA, Git - tag, a Helm chart version, etc. - type: string - size: - description: Size is the number of bytes in the file. - format: int64 - type: integer - url: - description: URL is the HTTP address of the Artifact as exposed - by the controller managing the Source. It can be used to retrieve - the Artifact for consumption, e.g. by another controller applying - the Artifact contents. - type: string - required: - - lastUpdateTime - - path - - revision - - url - type: object - conditions: - description: Conditions holds the conditions for the GitRepository. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - includedArtifacts: - description: IncludedArtifacts contains a list of the last successfully - included Artifacts as instructed by GitRepositorySpec.Include. - items: - description: Artifact represents the output of a Source reconciliation. - properties: - digest: - description: Digest is the digest of the file in the form of - ':'. - pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ - type: string - lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to - the last update of the Artifact. - format: date-time - type: string - metadata: - additionalProperties: - type: string - description: Metadata holds upstream information such as OCI - annotations. - type: object - path: - description: Path is the relative file path of the Artifact. - It can be used to locate the file in the root of the Artifact - storage on the local file system of the controller managing - the Source. - type: string - revision: - description: Revision is a human-readable identifier traceable - in the origin source system. It can be a Git commit SHA, Git - tag, a Helm chart version, etc. - type: string - size: - description: Size is the number of bytes in the file. - format: int64 - type: integer - url: - description: URL is the HTTP address of the Artifact as exposed - by the controller managing the Source. It can be used to retrieve - the Artifact for consumption, e.g. by another controller applying - the Artifact contents. - type: string - required: - - lastUpdateTime - - path - - revision - - url - type: object - type: array - lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value can - be detected. - type: string - observedGeneration: - description: ObservedGeneration is the last observed generation of - the GitRepository object. - format: int64 - type: integer - observedIgnore: - description: ObservedIgnore is the observed exclusion patterns used - for constructing the source artifact. - type: string - observedInclude: - description: ObservedInclude is the observed list of GitRepository - resources used to produce the current Artifact. - items: - description: GitRepositoryInclude specifies a local reference to - a GitRepository which Artifact (sub-)contents must be included, - and where they should be placed. - properties: - fromPath: - description: FromPath specifies the path to copy contents from, - defaults to the root of the Artifact. - type: string - repository: - description: GitRepositoryRef specifies the GitRepository which - Artifact contents must be included. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - toPath: - description: ToPath specifies the path to copy contents to, - defaults to the name of the GitRepositoryRef. - type: string - required: - - repository - type: object - type: array - observedRecurseSubmodules: - description: ObservedRecurseSubmodules is the observed resource submodules - configuration used to produce the current Artifact. - type: boolean - sourceVerificationMode: - description: SourceVerificationMode is the last used verification - mode indicating which Git object(s) have been verified. - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .spec.url - name: URL - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - deprecated: true - deprecationWarning: v1beta1 GitRepository is deprecated, upgrade to v1 - name: v1beta1 - schema: - openAPIV3Schema: - description: GitRepository is the Schema for the gitrepositories API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: GitRepositorySpec defines the desired state of a Git repository. - properties: - accessFrom: - description: AccessFrom defines an Access Control List for allowing - cross-namespace references to this object. - properties: - namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors - to which this ACL applies. Items in this list are evaluated - using a logical OR operation. - items: - description: NamespaceSelector selects the namespaces to which - this ACL applies. An empty map of MatchLabels matches all - namespaces in a cluster. - properties: - matchLabels: - additionalProperties: - type: string - description: MatchLabels is a map of {key,value} pairs. - A single {key,value} in the matchLabels map is equivalent - to an element of matchExpressions, whose key field is - "key", the operator is "In", and the values array contains - only "value". The requirements are ANDed. - type: object - type: object - type: array - required: - - namespaceSelectors - type: object - gitImplementation: - default: go-git - description: Determines which git client library to use. Defaults - to go-git, valid values are ('go-git', 'libgit2'). - enum: - - go-git - - libgit2 - type: string - ignore: - description: Ignore overrides the set of excluded patterns in the - .sourceignore format (which is the same as .gitignore). If not provided, - a default will be used, consult the documentation for your version - to find out what those are. - type: string - include: - description: Extra git repositories to map into the repository - items: - description: GitRepositoryInclude defines a source with a from and - to path. - properties: - fromPath: - description: The path to copy contents from, defaults to the - root directory. - type: string - repository: - description: Reference to a GitRepository to include. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - toPath: - description: The path to copy contents to, defaults to the name - of the source ref. - type: string - required: - - repository - type: object - type: array - interval: - description: The interval at which to check for repository updates. - type: string - recurseSubmodules: - description: When enabled, after the clone is created, initializes - all submodules within, using their default settings. This option - is available only when using the 'go-git' GitImplementation. - type: boolean - ref: - description: The Git reference to checkout and monitor for changes, - defaults to master branch. - properties: - branch: - description: The Git branch to checkout, defaults to master. - type: string - commit: - description: The Git commit SHA to checkout, if specified Tag - filters will be ignored. - type: string - semver: - description: The Git tag semver expression, takes precedence over - Tag. - type: string - tag: - description: The Git tag to checkout, takes precedence over Branch. - type: string - type: object - secretRef: - description: The secret name containing the Git credentials. For HTTPS - repositories the secret must contain username and password fields. - For SSH repositories the secret must contain identity and known_hosts - fields. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - suspend: - description: This flag tells the controller to suspend the reconciliation - of this source. - type: boolean - timeout: - default: 60s - description: The timeout for remote Git operations like cloning, defaults - to 60s. - type: string - url: - description: The repository URL, can be a HTTP/S or SSH address. - pattern: ^(http|https|ssh)://.*$ - type: string - verify: - description: Verify OpenPGP signature for the Git commit HEAD points - to. - properties: - mode: - description: Mode describes what git object should be verified, - currently ('head'). - enum: - - head - type: string - secretRef: - description: The secret name containing the public keys of all - trusted Git authors. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - required: - - mode - type: object - required: - - interval - - url - type: object - status: - default: - observedGeneration: -1 - description: GitRepositoryStatus defines the observed state of a Git repository. - properties: - artifact: - description: Artifact represents the output of the last successful - repository sync. - properties: - checksum: - description: Checksum is the SHA256 checksum of the Artifact file - (obsolete) - type: string - lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to - the last update of this artifact. - format: date-time - type: string - path: - description: Path is the relative file path of this artifact. - type: string - revision: - description: Revision is a human readable identifier traceable - in the origin source system. It can be a Git commit SHA, Git - tag, a Helm index timestamp, a Helm chart version, etc. - type: string - url: - description: URL is the HTTP address of this artifact. - type: string - required: - - path - - url - type: object - conditions: - description: Conditions holds the conditions for the GitRepository. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - includedArtifacts: - description: IncludedArtifacts represents the included artifacts from - the last successful repository sync. - items: - description: Artifact represents the output of a source synchronisation. - properties: - checksum: - description: Checksum is the SHA256 checksum of the Artifact - file (obsolete) - type: string - lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to - the last update of this artifact. - format: date-time - type: string - path: - description: Path is the relative file path of this artifact. - type: string - revision: - description: Revision is a human readable identifier traceable - in the origin source system. It can be a Git commit SHA, Git - tag, a Helm index timestamp, a Helm chart version, etc. - type: string - url: - description: URL is the HTTP address of this artifact. - type: string - required: - - path - - url - type: object - type: array - lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value can - be detected. - type: string - observedGeneration: - description: ObservedGeneration is the last observed generation. - format: int64 - type: integer - url: - description: URL is the download link for the artifact output of the - last repository sync. - type: string - type: object - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .spec.url - name: URL - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - deprecated: true - deprecationWarning: v1beta2 GitRepository is deprecated, upgrade to v1 - name: v1beta2 - schema: - openAPIV3Schema: - description: GitRepository is the Schema for the gitrepositories API. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: GitRepositorySpec specifies the required configuration to - produce an Artifact for a Git repository. - properties: - accessFrom: - description: 'AccessFrom specifies an Access Control List for allowing - cross-namespace references to this object. NOTE: Not implemented, - provisional as of https://github.com/fluxcd/flux2/pull/2092' - properties: - namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors - to which this ACL applies. Items in this list are evaluated - using a logical OR operation. - items: - description: NamespaceSelector selects the namespaces to which - this ACL applies. An empty map of MatchLabels matches all - namespaces in a cluster. - properties: - matchLabels: - additionalProperties: - type: string - description: MatchLabels is a map of {key,value} pairs. - A single {key,value} in the matchLabels map is equivalent - to an element of matchExpressions, whose key field is - "key", the operator is "In", and the values array contains - only "value". The requirements are ANDed. - type: object - type: object - type: array - required: - - namespaceSelectors - type: object - gitImplementation: - default: go-git - description: 'GitImplementation specifies which Git client library - implementation to use. Defaults to ''go-git'', valid values are - (''go-git'', ''libgit2''). Deprecated: gitImplementation is deprecated - now that ''go-git'' is the only supported implementation.' - enum: - - go-git - - libgit2 - type: string - ignore: - description: Ignore overrides the set of excluded patterns in the - .sourceignore format (which is the same as .gitignore). If not provided, - a default will be used, consult the documentation for your version - to find out what those are. - type: string - include: - description: Include specifies a list of GitRepository resources which - Artifacts should be included in the Artifact produced for this GitRepository. - items: - description: GitRepositoryInclude specifies a local reference to - a GitRepository which Artifact (sub-)contents must be included, - and where they should be placed. - properties: - fromPath: - description: FromPath specifies the path to copy contents from, - defaults to the root of the Artifact. - type: string - repository: - description: GitRepositoryRef specifies the GitRepository which - Artifact contents must be included. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - toPath: - description: ToPath specifies the path to copy contents to, - defaults to the name of the GitRepositoryRef. - type: string - required: - - repository - type: object - type: array - interval: - description: Interval at which to check the GitRepository for updates. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - recurseSubmodules: - description: RecurseSubmodules enables the initialization of all submodules - within the GitRepository as cloned from the URL, using their default - settings. - type: boolean - ref: - description: Reference specifies the Git reference to resolve and - monitor for changes, defaults to the 'master' branch. - properties: - branch: - description: Branch to check out, defaults to 'master' if no other - field is defined. - type: string - commit: - description: "Commit SHA to check out, takes precedence over all - reference fields. \n This can be combined with Branch to shallow - clone the branch, in which the commit is expected to exist." - type: string - name: - description: "Name of the reference to check out; takes precedence - over Branch, Tag and SemVer. \n It must be a valid Git reference: - https://git-scm.com/docs/git-check-ref-format#_description Examples: - \"refs/heads/main\", \"refs/tags/v0.1.0\", \"refs/pull/420/head\", - \"refs/merge-requests/1/head\"" - type: string - semver: - description: SemVer tag expression to check out, takes precedence - over Tag. - type: string - tag: - description: Tag to check out, takes precedence over Branch. - type: string - type: object - secretRef: - description: SecretRef specifies the Secret containing authentication - credentials for the GitRepository. For HTTPS repositories the Secret - must contain 'username' and 'password' fields for basic auth or - 'bearerToken' field for token auth. For SSH repositories the Secret - must contain 'identity' and 'known_hosts' fields. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - suspend: - description: Suspend tells the controller to suspend the reconciliation - of this GitRepository. - type: boolean - timeout: - default: 60s - description: Timeout for Git operations like cloning, defaults to - 60s. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ - type: string - url: - description: URL specifies the Git repository URL, it can be an HTTP/S - or SSH address. - pattern: ^(http|https|ssh)://.*$ - type: string - verify: - description: Verification specifies the configuration to verify the - Git commit signature(s). - properties: - mode: - description: Mode specifies what Git object should be verified, - currently ('head'). - enum: - - head - type: string - secretRef: - description: SecretRef specifies the Secret containing the public - keys of trusted Git authors. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - required: - - mode - - secretRef - type: object - required: - - interval - - url - type: object - status: - default: - observedGeneration: -1 - description: GitRepositoryStatus records the observed state of a Git repository. - properties: - artifact: - description: Artifact represents the last successful GitRepository - reconciliation. - properties: - digest: - description: Digest is the digest of the file in the form of ':'. - pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ - type: string - lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to - the last update of the Artifact. - format: date-time - type: string - metadata: - additionalProperties: - type: string - description: Metadata holds upstream information such as OCI annotations. - type: object - path: - description: Path is the relative file path of the Artifact. It - can be used to locate the file in the root of the Artifact storage - on the local file system of the controller managing the Source. - type: string - revision: - description: Revision is a human-readable identifier traceable - in the origin source system. It can be a Git commit SHA, Git - tag, a Helm chart version, etc. - type: string - size: - description: Size is the number of bytes in the file. - format: int64 - type: integer - url: - description: URL is the HTTP address of the Artifact as exposed - by the controller managing the Source. It can be used to retrieve - the Artifact for consumption, e.g. by another controller applying - the Artifact contents. - type: string - required: - - lastUpdateTime - - path - - revision - - url - type: object - conditions: - description: Conditions holds the conditions for the GitRepository. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - contentConfigChecksum: - description: "ContentConfigChecksum is a checksum of all the configurations - related to the content of the source artifact: - .spec.ignore - - .spec.recurseSubmodules - .spec.included and the checksum of the - included artifacts observed in .status.observedGeneration version - of the object. This can be used to determine if the content of the - included repository has changed. It has the format of `:`, - for example: `sha256:`. \n Deprecated: Replaced with explicit - fields for observed artifact content config in the status." - type: string - includedArtifacts: - description: IncludedArtifacts contains a list of the last successfully - included Artifacts as instructed by GitRepositorySpec.Include. - items: - description: Artifact represents the output of a Source reconciliation. - properties: - digest: - description: Digest is the digest of the file in the form of - ':'. - pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ - type: string - lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to - the last update of the Artifact. - format: date-time - type: string - metadata: - additionalProperties: - type: string - description: Metadata holds upstream information such as OCI - annotations. - type: object - path: - description: Path is the relative file path of the Artifact. - It can be used to locate the file in the root of the Artifact - storage on the local file system of the controller managing - the Source. - type: string - revision: - description: Revision is a human-readable identifier traceable - in the origin source system. It can be a Git commit SHA, Git - tag, a Helm chart version, etc. - type: string - size: - description: Size is the number of bytes in the file. - format: int64 - type: integer - url: - description: URL is the HTTP address of the Artifact as exposed - by the controller managing the Source. It can be used to retrieve - the Artifact for consumption, e.g. by another controller applying - the Artifact contents. - type: string - required: - - lastUpdateTime - - path - - revision - - url - type: object - type: array - lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value can - be detected. - type: string - observedGeneration: - description: ObservedGeneration is the last observed generation of - the GitRepository object. - format: int64 - type: integer - observedIgnore: - description: ObservedIgnore is the observed exclusion patterns used - for constructing the source artifact. - type: string - observedInclude: - description: ObservedInclude is the observed list of GitRepository - resources used to to produce the current Artifact. - items: - description: GitRepositoryInclude specifies a local reference to - a GitRepository which Artifact (sub-)contents must be included, - and where they should be placed. - properties: - fromPath: - description: FromPath specifies the path to copy contents from, - defaults to the root of the Artifact. - type: string - repository: - description: GitRepositoryRef specifies the GitRepository which - Artifact contents must be included. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - toPath: - description: ToPath specifies the path to copy contents to, - defaults to the name of the GitRepositoryRef. - type: string - required: - - repository - type: object - type: array - observedRecurseSubmodules: - description: ObservedRecurseSubmodules is the observed resource submodules - configuration used to produce the current Artifact. - type: boolean - url: - description: URL is the dynamic fetch link for the latest Artifact. - It is provided on a "best effort" basis, and using the precise GitRepositoryStatus.Artifact - data is recommended. - type: string - type: object - type: object - served: true - storage: false - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.12.0 - name: helmcharts.source.toolkit.fluxcd.io -spec: - group: source.toolkit.fluxcd.io - names: - kind: HelmChart - listKind: HelmChartList - plural: helmcharts - shortNames: - - hc - singular: helmchart - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .spec.chart - name: Chart - type: string - - jsonPath: .spec.version - name: Version - type: string - - jsonPath: .spec.sourceRef.kind - name: Source Kind - type: string - - jsonPath: .spec.sourceRef.name - name: Source Name - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1beta1 - schema: - openAPIV3Schema: - description: HelmChart is the Schema for the helmcharts API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: HelmChartSpec defines the desired state of a Helm chart. - properties: - accessFrom: - description: AccessFrom defines an Access Control List for allowing - cross-namespace references to this object. - properties: - namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors - to which this ACL applies. Items in this list are evaluated - using a logical OR operation. - items: - description: NamespaceSelector selects the namespaces to which - this ACL applies. An empty map of MatchLabels matches all - namespaces in a cluster. - properties: - matchLabels: - additionalProperties: - type: string - description: MatchLabels is a map of {key,value} pairs. - A single {key,value} in the matchLabels map is equivalent - to an element of matchExpressions, whose key field is - "key", the operator is "In", and the values array contains - only "value". The requirements are ANDed. - type: object - type: object - type: array - required: - - namespaceSelectors - type: object - chart: - description: The name or path the Helm chart is available at in the - SourceRef. - type: string - interval: - description: The interval at which to check the Source for updates. - type: string - reconcileStrategy: - default: ChartVersion - description: Determines what enables the creation of a new artifact. - Valid values are ('ChartVersion', 'Revision'). See the documentation - of the values for an explanation on their behavior. Defaults to - ChartVersion when omitted. - enum: - - ChartVersion - - Revision - type: string - sourceRef: - description: The reference to the Source the chart is available at. - properties: - apiVersion: - description: APIVersion of the referent. - type: string - kind: - description: Kind of the referent, valid values are ('HelmRepository', - 'GitRepository', 'Bucket'). - enum: - - HelmRepository - - GitRepository - - Bucket - type: string - name: - description: Name of the referent. - type: string - required: - - kind - - name - type: object - suspend: - description: This flag tells the controller to suspend the reconciliation - of this source. - type: boolean - valuesFile: - description: Alternative values file to use as the default chart values, - expected to be a relative path in the SourceRef. Deprecated in favor - of ValuesFiles, for backwards compatibility the file defined here - is merged before the ValuesFiles items. Ignored when omitted. - type: string - valuesFiles: - description: Alternative list of values files to use as the chart - values (values.yaml is not included by default), expected to be - a relative path in the SourceRef. Values files are merged in the - order of this list with the last file overriding the first. Ignored - when omitted. - items: - type: string - type: array - version: - default: '*' - description: The chart version semver expression, ignored for charts - from GitRepository and Bucket sources. Defaults to latest when omitted. - type: string - required: - - chart - - interval - - sourceRef - type: object - status: - default: - observedGeneration: -1 - description: HelmChartStatus defines the observed state of the HelmChart. - properties: - artifact: - description: Artifact represents the output of the last successful - chart sync. - properties: - checksum: - description: Checksum is the SHA256 checksum of the Artifact file - (obsolete) - type: string - lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to - the last update of this artifact. - format: date-time - type: string - path: - description: Path is the relative file path of this artifact. - type: string - revision: - description: Revision is a human readable identifier traceable - in the origin source system. It can be a Git commit SHA, Git - tag, a Helm index timestamp, a Helm chart version, etc. - type: string - url: - description: URL is the HTTP address of this artifact. - type: string - required: - - path - - url - type: object - conditions: - description: Conditions holds the conditions for the HelmChart. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value can - be detected. - type: string - observedGeneration: - description: ObservedGeneration is the last observed generation. - format: int64 - type: integer - url: - description: URL is the download link for the last chart pulled. - type: string - type: object - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .spec.chart - name: Chart - type: string - - jsonPath: .spec.version - name: Version - type: string - - jsonPath: .spec.sourceRef.kind - name: Source Kind - type: string - - jsonPath: .spec.sourceRef.name - name: Source Name - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - name: v1beta2 - schema: - openAPIV3Schema: - description: HelmChart is the Schema for the helmcharts API. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: HelmChartSpec specifies the desired state of a Helm chart. - properties: - accessFrom: - description: 'AccessFrom specifies an Access Control List for allowing - cross-namespace references to this object. NOTE: Not implemented, - provisional as of https://github.com/fluxcd/flux2/pull/2092' - properties: - namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors - to which this ACL applies. Items in this list are evaluated - using a logical OR operation. - items: - description: NamespaceSelector selects the namespaces to which - this ACL applies. An empty map of MatchLabels matches all - namespaces in a cluster. - properties: - matchLabels: - additionalProperties: - type: string - description: MatchLabels is a map of {key,value} pairs. - A single {key,value} in the matchLabels map is equivalent - to an element of matchExpressions, whose key field is - "key", the operator is "In", and the values array contains - only "value". The requirements are ANDed. - type: object - type: object - type: array - required: - - namespaceSelectors - type: object - chart: - description: Chart is the name or path the Helm chart is available - at in the SourceRef. - type: string - interval: - description: Interval at which the HelmChart SourceRef is checked - for updates. This interval is approximate and may be subject to - jitter to ensure efficient use of resources. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - reconcileStrategy: - default: ChartVersion - description: ReconcileStrategy determines what enables the creation - of a new artifact. Valid values are ('ChartVersion', 'Revision'). - See the documentation of the values for an explanation on their - behavior. Defaults to ChartVersion when omitted. - enum: - - ChartVersion - - Revision - type: string - sourceRef: - description: SourceRef is the reference to the Source the chart is - available at. - properties: - apiVersion: - description: APIVersion of the referent. - type: string - kind: - description: Kind of the referent, valid values are ('HelmRepository', - 'GitRepository', 'Bucket'). - enum: - - HelmRepository - - GitRepository - - Bucket - type: string - name: - description: Name of the referent. - type: string - required: - - kind - - name - type: object - suspend: - description: Suspend tells the controller to suspend the reconciliation - of this source. - type: boolean - valuesFile: - description: ValuesFile is an alternative values file to use as the - default chart values, expected to be a relative path in the SourceRef. - Deprecated in favor of ValuesFiles, for backwards compatibility - the file specified here is merged before the ValuesFiles items. - Ignored when omitted. - type: string - valuesFiles: - description: ValuesFiles is an alternative list of values files to - use as the chart values (values.yaml is not included by default), - expected to be a relative path in the SourceRef. Values files are - merged in the order of this list with the last file overriding the - first. Ignored when omitted. - items: - type: string - type: array - verify: - description: Verify contains the secret name containing the trusted - public keys used to verify the signature and specifies which provider - to use to check whether OCI image is authentic. This field is only - supported when using HelmRepository source with spec.type 'oci'. - Chart dependencies, which are not bundled in the umbrella chart - artifact, are not verified. - properties: - matchOIDCIdentity: - description: MatchOIDCIdentity specifies the identity matching - criteria to use while verifying an OCI artifact which was signed - using Cosign keyless signing. The artifact's identity is deemed - to be verified if any of the specified matchers match against - the identity. - items: - description: OIDCIdentityMatch specifies options for verifying - the certificate identity, i.e. the issuer and the subject - of the certificate. - properties: - issuer: - description: Issuer specifies the regex pattern to match - against to verify the OIDC issuer in the Fulcio certificate. - The pattern must be a valid Go regular expression. - type: string - subject: - description: Subject specifies the regex pattern to match - against to verify the identity subject in the Fulcio certificate. - The pattern must be a valid Go regular expression. - type: string - required: - - issuer - - subject - type: object - type: array - provider: - default: cosign - description: Provider specifies the technology used to sign the - OCI Artifact. - enum: - - cosign - type: string - secretRef: - description: SecretRef specifies the Kubernetes Secret containing - the trusted public keys. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - required: - - provider - type: object - version: - default: '*' - description: Version is the chart version semver expression, ignored - for charts from GitRepository and Bucket sources. Defaults to latest - when omitted. - type: string - required: - - chart - - interval - - sourceRef - type: object - status: - default: - observedGeneration: -1 - description: HelmChartStatus records the observed state of the HelmChart. - properties: - artifact: - description: Artifact represents the output of the last successful - reconciliation. - properties: - checksum: - description: Checksum is the SHA256 checksum of the Artifact file - (obsolete) - type: string - digest: - description: Digest is the digest of the file in the form of ':'. - pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ - type: string - lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to - the last update of the Artifact. - format: date-time - type: string - metadata: - additionalProperties: - type: string - description: Metadata holds upstream information such as OCI annotations. - type: object - path: - description: Path is the relative file path of the Artifact. It - can be used to locate the file in the root of the Artifact storage - on the local file system of the controller managing the Source. - type: string - revision: - description: Revision is a human-readable identifier traceable - in the origin source system. It can be a Git commit SHA, Git - tag, a Helm chart version, etc. - type: string - size: - description: Size is the number of bytes in the file. - format: int64 - type: integer - url: - description: URL is the HTTP address of the Artifact as exposed - by the controller managing the Source. It can be used to retrieve - the Artifact for consumption, e.g. by another controller applying - the Artifact contents. - type: string - required: - - lastUpdateTime - - path - - revision - - url - type: object - conditions: - description: Conditions holds the conditions for the HelmChart. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value can - be detected. - type: string - observedChartName: - description: ObservedChartName is the last observed chart name as - specified by the resolved chart reference. - type: string - observedGeneration: - description: ObservedGeneration is the last observed generation of - the HelmChart object. - format: int64 - type: integer - observedSourceArtifactRevision: - description: ObservedSourceArtifactRevision is the last observed Artifact.Revision - of the HelmChartSpec.SourceRef. - type: string - url: - description: URL is the dynamic fetch link for the latest Artifact. - It is provided on a "best effort" basis, and using the precise BucketStatus.Artifact - data is recommended. - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.12.0 - name: helmreleases.helm.toolkit.fluxcd.io -spec: - group: helm.toolkit.fluxcd.io - names: - kind: HelmRelease - listKind: HelmReleaseList - plural: helmreleases - shortNames: - - hr - singular: helmrelease - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - deprecated: true - deprecationWarning: v2beta1 HelmRelease is deprecated, upgrade to v2beta2 - name: v2beta1 - schema: - openAPIV3Schema: - description: HelmRelease is the Schema for the helmreleases API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: HelmReleaseSpec defines the desired state of a Helm release. - properties: - chart: - description: Chart defines the template of the v1beta2.HelmChart that - should be created for this HelmRelease. - properties: - metadata: - description: ObjectMeta holds the template for metadata like labels - and annotations. - properties: - annotations: - additionalProperties: - type: string - description: 'Annotations is an unstructured key value map - stored with a resource that may be set by external tools - to store and retrieve arbitrary metadata. They are not queryable - and should be preserved when modifying objects. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/' - type: object - labels: - additionalProperties: - type: string - description: 'Map of string keys and values that can be used - to organize and categorize (scope and select) objects. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/' - type: object - type: object - spec: - description: Spec holds the template for the v1beta2.HelmChartSpec - for this HelmRelease. - properties: - chart: - description: The name or path the Helm chart is available - at in the SourceRef. - type: string - interval: - description: Interval at which to check the v1beta2.Source - for updates. Defaults to 'HelmReleaseSpec.Interval'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - reconcileStrategy: - default: ChartVersion - description: Determines what enables the creation of a new - artifact. Valid values are ('ChartVersion', 'Revision'). - See the documentation of the values for an explanation on - their behavior. Defaults to ChartVersion when omitted. - enum: - - ChartVersion - - Revision - type: string - sourceRef: - description: The name and namespace of the v1beta2.Source - the chart is available at. - properties: - apiVersion: - description: APIVersion of the referent. - type: string - kind: - description: Kind of the referent. - enum: - - HelmRepository - - GitRepository - - Bucket - type: string - name: - description: Name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: Namespace of the referent. - maxLength: 63 - minLength: 1 - type: string - required: - - name - type: object - valuesFile: - description: Alternative values file to use as the default - chart values, expected to be a relative path in the SourceRef. - Deprecated in favor of ValuesFiles, for backwards compatibility - the file defined here is merged before the ValuesFiles items. - Ignored when omitted. - type: string - valuesFiles: - description: Alternative list of values files to use as the - chart values (values.yaml is not included by default), expected - to be a relative path in the SourceRef. Values files are - merged in the order of this list with the last file overriding - the first. Ignored when omitted. - items: - type: string - type: array - verify: - description: Verify contains the secret name containing the - trusted public keys used to verify the signature and specifies - which provider to use to check whether OCI image is authentic. - This field is only supported for OCI sources. Chart dependencies, - which are not bundled in the umbrella chart artifact, are - not verified. - properties: - provider: - default: cosign - description: Provider specifies the technology used to - sign the OCI Helm chart. - enum: - - cosign - type: string - secretRef: - description: SecretRef specifies the Kubernetes Secret - containing the trusted public keys. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - required: - - provider - type: object - version: - default: '*' - description: Version semver expression, ignored for charts - from v1beta2.GitRepository and v1beta2.Bucket sources. Defaults - to latest when omitted. - type: string - required: - - chart - - sourceRef - type: object - required: - - spec - type: object - dependsOn: - description: DependsOn may contain a meta.NamespacedObjectReference - slice with references to HelmRelease resources that must be ready - before this HelmRelease can be reconciled. - items: - description: NamespacedObjectReference contains enough information - to locate the referenced Kubernetes resource object in any namespace. - properties: - name: - description: Name of the referent. - type: string - namespace: - description: Namespace of the referent, when not specified it - acts as LocalObjectReference. - type: string - required: - - name - type: object - type: array - driftDetection: - description: "DriftDetection holds the configuration for detecting - and handling differences between the manifest in the Helm storage - and the resources currently existing in the cluster. \n Note: this - field is provisional to the v2beta2 API, and not actively used by - v2beta1 HelmReleases." - properties: - ignore: - description: Ignore contains a list of rules for specifying which - changes to ignore during diffing. - items: - description: IgnoreRule defines a rule to selectively disregard - specific changes during the drift detection process. - properties: - paths: - description: Paths is a list of JSON Pointer (RFC 6901) - paths to be excluded from consideration in a Kubernetes - object. - items: - type: string - type: array - target: - description: Target is a selector for specifying Kubernetes - objects to which this rule applies. If Target is not set, - the Paths will be ignored for all Kubernetes objects within - the manifest of the Helm release. - properties: - annotationSelector: - description: AnnotationSelector is a string that follows - the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource annotations. - type: string - group: - description: Group is the API group to select resources - from. Together with Version and Kind it is capable - of unambiguously identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - kind: - description: Kind of the API Group to select resources - from. Together with Group and Version it is capable - of unambiguously identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - labelSelector: - description: LabelSelector is a string that follows - the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource labels. - type: string - name: - description: Name to match resources with. - type: string - namespace: - description: Namespace to select resources from. - type: string - version: - description: Version of the API Group to select resources - from. Together with Group and Kind it is capable of - unambiguously identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - type: object - required: - - paths - type: object - type: array - mode: - description: Mode defines how differences should be handled between - the Helm manifest and the manifest currently applied to the - cluster. If not explicitly set, it defaults to DiffModeDisabled. - enum: - - enabled - - warn - - disabled - type: string - type: object - install: - description: Install holds the configuration for Helm install actions - for this HelmRelease. - properties: - crds: - description: "CRDs upgrade CRDs from the Helm Chart's crds directory - according to the CRD upgrade policy provided here. Valid values - are `Skip`, `Create` or `CreateReplace`. Default is `Create` - and if omitted CRDs are installed but not updated. \n Skip: - do neither install nor replace (update) any CRDs. \n Create: - new CRDs are created, existing CRDs are neither updated nor - deleted. \n CreateReplace: new CRDs are created, existing CRDs - are updated (replaced) but not deleted. \n By default, CRDs - are applied (installed) during Helm install action. With this - option users can opt-in to CRD replace existing CRDs on Helm - install actions, which is not (yet) natively supported by Helm. - https://helm.sh/docs/chart_best_practices/custom_resource_definitions." - enum: - - Skip - - Create - - CreateReplace - type: string - createNamespace: - description: CreateNamespace tells the Helm install action to - create the HelmReleaseSpec.TargetNamespace if it does not exist - yet. On uninstall, the namespace will not be garbage collected. - type: boolean - disableHooks: - description: DisableHooks prevents hooks from running during the - Helm install action. - type: boolean - disableOpenAPIValidation: - description: DisableOpenAPIValidation prevents the Helm install - action from validating rendered templates against the Kubernetes - OpenAPI Schema. - type: boolean - disableWait: - description: DisableWait disables the waiting for resources to - be ready after a Helm install has been performed. - type: boolean - disableWaitForJobs: - description: DisableWaitForJobs disables waiting for jobs to complete - after a Helm install has been performed. - type: boolean - remediation: - description: Remediation holds the remediation configuration for - when the Helm install action for the HelmRelease fails. The - default is to not perform any action. - properties: - ignoreTestFailures: - description: IgnoreTestFailures tells the controller to skip - remediation when the Helm tests are run after an install - action but fail. Defaults to 'Test.IgnoreFailures'. - type: boolean - remediateLastFailure: - description: RemediateLastFailure tells the controller to - remediate the last failure, when no retries remain. Defaults - to 'false'. - type: boolean - retries: - description: Retries is the number of retries that should - be attempted on failures before bailing. Remediation, using - an uninstall, is performed between each attempt. Defaults - to '0', a negative integer equals to unlimited retries. - type: integer - type: object - replace: - description: Replace tells the Helm install action to re-use the - 'ReleaseName', but only if that name is a deleted release which - remains in the history. - type: boolean - skipCRDs: - description: "SkipCRDs tells the Helm install action to not install - any CRDs. By default, CRDs are installed if not already present. - \n Deprecated use CRD policy (`crds`) attribute with value `Skip` - instead." - type: boolean - timeout: - description: Timeout is the time to wait for any individual Kubernetes - operation (like Jobs for hooks) during the performance of a - Helm install action. Defaults to 'HelmReleaseSpec.Timeout'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - type: object - interval: - description: Interval at which to reconcile the Helm release. This - interval is approximate and may be subject to jitter to ensure efficient - use of resources. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - kubeConfig: - description: KubeConfig for reconciling the HelmRelease on a remote - cluster. When used in combination with HelmReleaseSpec.ServiceAccountName, - forces the controller to act on behalf of that Service Account at - the target cluster. If the --default-service-account flag is set, - its value will be used as a controller level fallback for when HelmReleaseSpec.ServiceAccountName - is empty. - properties: - secretRef: - description: SecretRef holds the name of a secret that contains - a key with the kubeconfig file as the value. If no key is set, - the key will default to 'value'. It is recommended that the - kubeconfig is self-contained, and the secret is regularly updated - if credentials such as a cloud-access-token expire. Cloud specific - `cmd-path` auth helpers will not function without adding binaries - and credentials to the Pod that is responsible for reconciling - Kubernetes resources. - properties: - key: - description: Key in the Secret, when not specified an implementation-specific - default key is used. - type: string - name: - description: Name of the Secret. - type: string - required: - - name - type: object - required: - - secretRef - type: object - maxHistory: - description: MaxHistory is the number of revisions saved by Helm for - this HelmRelease. Use '0' for an unlimited number of revisions; - defaults to '10'. - type: integer - persistentClient: - description: "PersistentClient tells the controller to use a persistent - Kubernetes client for this release. When enabled, the client will - be reused for the duration of the reconciliation, instead of being - created and destroyed for each (step of a) Helm action. \n This - can improve performance, but may cause issues with some Helm charts - that for example do create Custom Resource Definitions during installation - outside Helm's CRD lifecycle hooks, which are then not observed - to be available by e.g. post-install hooks. \n If not set, it defaults - to true." - type: boolean - postRenderers: - description: PostRenderers holds an array of Helm PostRenderers, which - will be applied in order of their definition. - items: - description: PostRenderer contains a Helm PostRenderer specification. - properties: - kustomize: - description: Kustomization to apply as PostRenderer. - properties: - images: - description: Images is a list of (image name, new name, - new tag or digest) for changing image names, tags or digests. - This can also be achieved with a patch, but this operator - is simpler to specify. - items: - description: Image contains an image name, a new name, - a new tag or digest, which will replace the original - name and tag. - properties: - digest: - description: Digest is the value used to replace the - original image tag. If digest is present NewTag - value is ignored. - type: string - name: - description: Name is a tag-less image name. - type: string - newName: - description: NewName is the value used to replace - the original name. - type: string - newTag: - description: NewTag is the value used to replace the - original tag. - type: string - required: - - name - type: object - type: array - patches: - description: Strategic merge and JSON patches, defined as - inline YAML objects, capable of targeting objects based - on kind, label and annotation selectors. - items: - description: Patch contains an inline StrategicMerge or - JSON6902 patch, and the target the patch should be applied - to. - properties: - patch: - description: Patch contains an inline StrategicMerge - patch or an inline JSON6902 patch with an array - of operation objects. - type: string - target: - description: Target points to the resources that the - patch document should be applied to. - properties: - annotationSelector: - description: AnnotationSelector is a string that - follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource annotations. - type: string - group: - description: Group is the API group to select - resources from. Together with Version and Kind - it is capable of unambiguously identifying and/or - selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - kind: - description: Kind of the API Group to select resources - from. Together with Group and Version it is - capable of unambiguously identifying and/or - selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - labelSelector: - description: LabelSelector is a string that follows - the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource labels. - type: string - name: - description: Name to match resources with. - type: string - namespace: - description: Namespace to select resources from. - type: string - version: - description: Version of the API Group to select - resources from. Together with Group and Kind - it is capable of unambiguously identifying and/or - selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - type: object - required: - - patch - type: object - type: array - patchesJson6902: - description: JSON 6902 patches, defined as inline YAML objects. - items: - description: JSON6902Patch contains a JSON6902 patch and - the target the patch should be applied to. - properties: - patch: - description: Patch contains the JSON6902 patch document - with an array of operation objects. - items: - description: JSON6902 is a JSON6902 operation object. - https://datatracker.ietf.org/doc/html/rfc6902#section-4 - properties: - from: - description: From contains a JSON-pointer value - that references a location within the target - document where the operation is performed. - The meaning of the value depends on the value - of Op, and is NOT taken into account by all - operations. - type: string - op: - description: Op indicates the operation to perform. - Its value MUST be one of "add", "remove", - "replace", "move", "copy", or "test". https://datatracker.ietf.org/doc/html/rfc6902#section-4 - enum: - - test - - remove - - add - - replace - - move - - copy - type: string - path: - description: Path contains the JSON-pointer - value that references a location within the - target document where the operation is performed. - The meaning of the value depends on the value - of Op. - type: string - value: - description: Value contains a valid JSON structure. - The meaning of the value depends on the value - of Op, and is NOT taken into account by all - operations. - x-kubernetes-preserve-unknown-fields: true - required: - - op - - path - type: object - type: array - target: - description: Target points to the resources that the - patch document should be applied to. - properties: - annotationSelector: - description: AnnotationSelector is a string that - follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource annotations. - type: string - group: - description: Group is the API group to select - resources from. Together with Version and Kind - it is capable of unambiguously identifying and/or - selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - kind: - description: Kind of the API Group to select resources - from. Together with Group and Version it is - capable of unambiguously identifying and/or - selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - labelSelector: - description: LabelSelector is a string that follows - the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource labels. - type: string - name: - description: Name to match resources with. - type: string - namespace: - description: Namespace to select resources from. - type: string - version: - description: Version of the API Group to select - resources from. Together with Group and Kind - it is capable of unambiguously identifying and/or - selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - type: object - required: - - patch - - target - type: object - type: array - patchesStrategicMerge: - description: Strategic merge patches, defined as inline - YAML objects. - items: - x-kubernetes-preserve-unknown-fields: true - type: array - type: object - type: object - type: array - releaseName: - description: ReleaseName used for the Helm release. Defaults to a - composition of '[TargetNamespace-]Name'. - maxLength: 53 - minLength: 1 - type: string - rollback: - description: Rollback holds the configuration for Helm rollback actions - for this HelmRelease. - properties: - cleanupOnFail: - description: CleanupOnFail allows deletion of new resources created - during the Helm rollback action when it fails. - type: boolean - disableHooks: - description: DisableHooks prevents hooks from running during the - Helm rollback action. - type: boolean - disableWait: - description: DisableWait disables the waiting for resources to - be ready after a Helm rollback has been performed. - type: boolean - disableWaitForJobs: - description: DisableWaitForJobs disables waiting for jobs to complete - after a Helm rollback has been performed. - type: boolean - force: - description: Force forces resource updates through a replacement - strategy. - type: boolean - recreate: - description: Recreate performs pod restarts for the resource if - applicable. - type: boolean - timeout: - description: Timeout is the time to wait for any individual Kubernetes - operation (like Jobs for hooks) during the performance of a - Helm rollback action. Defaults to 'HelmReleaseSpec.Timeout'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - type: object - serviceAccountName: - description: The name of the Kubernetes service account to impersonate - when reconciling this HelmRelease. - type: string - storageNamespace: - description: StorageNamespace used for the Helm storage. Defaults - to the namespace of the HelmRelease. - maxLength: 63 - minLength: 1 - type: string - suspend: - description: Suspend tells the controller to suspend reconciliation - for this HelmRelease, it does not apply to already started reconciliations. - Defaults to false. - type: boolean - targetNamespace: - description: TargetNamespace to target when performing operations - for the HelmRelease. Defaults to the namespace of the HelmRelease. - maxLength: 63 - minLength: 1 - type: string - test: - description: Test holds the configuration for Helm test actions for - this HelmRelease. - properties: - enable: - description: Enable enables Helm test actions for this HelmRelease - after an Helm install or upgrade action has been performed. - type: boolean - ignoreFailures: - description: IgnoreFailures tells the controller to skip remediation - when the Helm tests are run but fail. Can be overwritten for - tests run after install or upgrade actions in 'Install.IgnoreTestFailures' - and 'Upgrade.IgnoreTestFailures'. - type: boolean - timeout: - description: Timeout is the time to wait for any individual Kubernetes - operation during the performance of a Helm test action. Defaults - to 'HelmReleaseSpec.Timeout'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - type: object - timeout: - description: Timeout is the time to wait for any individual Kubernetes - operation (like Jobs for hooks) during the performance of a Helm - action. Defaults to '5m0s'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - uninstall: - description: Uninstall holds the configuration for Helm uninstall - actions for this HelmRelease. - properties: - deletionPropagation: - default: background - description: DeletionPropagation specifies the deletion propagation - policy when a Helm uninstall is performed. - enum: - - background - - foreground - - orphan - type: string - disableHooks: - description: DisableHooks prevents hooks from running during the - Helm rollback action. - type: boolean - disableWait: - description: DisableWait disables waiting for all the resources - to be deleted after a Helm uninstall is performed. - type: boolean - keepHistory: - description: KeepHistory tells Helm to remove all associated resources - and mark the release as deleted, but retain the release history. - type: boolean - timeout: - description: Timeout is the time to wait for any individual Kubernetes - operation (like Jobs for hooks) during the performance of a - Helm uninstall action. Defaults to 'HelmReleaseSpec.Timeout'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - type: object - upgrade: - description: Upgrade holds the configuration for Helm upgrade actions - for this HelmRelease. - properties: - cleanupOnFail: - description: CleanupOnFail allows deletion of new resources created - during the Helm upgrade action when it fails. - type: boolean - crds: - description: "CRDs upgrade CRDs from the Helm Chart's crds directory - according to the CRD upgrade policy provided here. Valid values - are `Skip`, `Create` or `CreateReplace`. Default is `Skip` and - if omitted CRDs are neither installed nor upgraded. \n Skip: - do neither install nor replace (update) any CRDs. \n Create: - new CRDs are created, existing CRDs are neither updated nor - deleted. \n CreateReplace: new CRDs are created, existing CRDs - are updated (replaced) but not deleted. \n By default, CRDs - are not applied during Helm upgrade action. With this option - users can opt-in to CRD upgrade, which is not (yet) natively - supported by Helm. https://helm.sh/docs/chart_best_practices/custom_resource_definitions." - enum: - - Skip - - Create - - CreateReplace - type: string - disableHooks: - description: DisableHooks prevents hooks from running during the - Helm upgrade action. - type: boolean - disableOpenAPIValidation: - description: DisableOpenAPIValidation prevents the Helm upgrade - action from validating rendered templates against the Kubernetes - OpenAPI Schema. - type: boolean - disableWait: - description: DisableWait disables the waiting for resources to - be ready after a Helm upgrade has been performed. - type: boolean - disableWaitForJobs: - description: DisableWaitForJobs disables waiting for jobs to complete - after a Helm upgrade has been performed. - type: boolean - force: - description: Force forces resource updates through a replacement - strategy. - type: boolean - preserveValues: - description: PreserveValues will make Helm reuse the last release's - values and merge in overrides from 'Values'. Setting this flag - makes the HelmRelease non-declarative. - type: boolean - remediation: - description: Remediation holds the remediation configuration for - when the Helm upgrade action for the HelmRelease fails. The - default is to not perform any action. - properties: - ignoreTestFailures: - description: IgnoreTestFailures tells the controller to skip - remediation when the Helm tests are run after an upgrade - action but fail. Defaults to 'Test.IgnoreFailures'. - type: boolean - remediateLastFailure: - description: RemediateLastFailure tells the controller to - remediate the last failure, when no retries remain. Defaults - to 'false' unless 'Retries' is greater than 0. - type: boolean - retries: - description: Retries is the number of retries that should - be attempted on failures before bailing. Remediation, using - 'Strategy', is performed between each attempt. Defaults - to '0', a negative integer equals to unlimited retries. - type: integer - strategy: - description: Strategy to use for failure remediation. Defaults - to 'rollback'. - enum: - - rollback - - uninstall - type: string - type: object - timeout: - description: Timeout is the time to wait for any individual Kubernetes - operation (like Jobs for hooks) during the performance of a - Helm upgrade action. Defaults to 'HelmReleaseSpec.Timeout'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - type: object - values: - description: Values holds the values for this Helm release. - x-kubernetes-preserve-unknown-fields: true - valuesFrom: - description: ValuesFrom holds references to resources containing Helm - values for this HelmRelease, and information about how they should - be merged. - items: - description: ValuesReference contains a reference to a resource - containing Helm values, and optionally the key they can be found - at. - properties: - kind: - description: Kind of the values referent, valid values are ('Secret', - 'ConfigMap'). - enum: - - Secret - - ConfigMap - type: string - name: - description: Name of the values referent. Should reside in the - same namespace as the referring resource. - maxLength: 253 - minLength: 1 - type: string - optional: - description: Optional marks this ValuesReference as optional. - When set, a not found error for the values reference is ignored, - but any ValuesKey, TargetPath or transient error will still - result in a reconciliation failure. - type: boolean - targetPath: - description: TargetPath is the YAML dot notation path the value - should be merged at. When set, the ValuesKey is expected to - be a single flat value. Defaults to 'None', which results - in the values getting merged at the root. - maxLength: 250 - pattern: ^([a-zA-Z0-9_\-.\\\/]|\[[0-9]{1,5}\])+$ - type: string - valuesKey: - description: ValuesKey is the data key where the values.yaml - or a specific value can be found at. Defaults to 'values.yaml'. - When set, must be a valid Data Key, consisting of alphanumeric - characters, '-', '_' or '.'. - maxLength: 253 - pattern: ^[\-._a-zA-Z0-9]+$ - type: string - required: - - kind - - name - type: object - type: array - required: - - chart - - interval - type: object - status: - default: - observedGeneration: -1 - description: HelmReleaseStatus defines the observed state of a HelmRelease. - properties: - conditions: - description: Conditions holds the conditions for the HelmRelease. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - failures: - description: Failures is the reconciliation failure count against - the latest desired state. It is reset after a successful reconciliation. - format: int64 - type: integer - helmChart: - description: HelmChart is the namespaced name of the HelmChart resource - created by the controller for the HelmRelease. - type: string - history: - description: "History holds the history of Helm releases performed - for this HelmRelease up to the last successfully completed release. - \n Note: this field is provisional to the v2beta2 API, and not actively - used by v2beta1 HelmReleases." - items: - description: Snapshot captures a point-in-time copy of the status - information for a Helm release, as managed by the controller. - properties: - apiVersion: - description: 'APIVersion is the API version of the Snapshot. - Provisional: when the calculation method of the Digest field - is changed, this field will be used to distinguish between - the old and new methods.' - type: string - chartName: - description: ChartName is the chart name of the release object - in storage. - type: string - chartVersion: - description: ChartVersion is the chart version of the release - object in storage. - type: string - configDigest: - description: ConfigDigest is the checksum of the config (better - known as "values") of the release object in storage. It has - the format of `:`. - type: string - deleted: - description: Deleted is when the release was deleted. - format: date-time - type: string - digest: - description: Digest is the checksum of the release object in - storage. It has the format of `:`. - type: string - firstDeployed: - description: FirstDeployed is when the release was first deployed. - format: date-time - type: string - lastDeployed: - description: LastDeployed is when the release was last deployed. - format: date-time - type: string - name: - description: Name is the name of the release. - type: string - namespace: - description: Namespace is the namespace the release is deployed - to. - type: string - status: - description: Status is the current state of the release. - type: string - testHooks: - additionalProperties: - description: TestHookStatus holds the status information for - a test hook as observed to be run by the controller. - properties: - lastCompleted: - description: LastCompleted is the time the test hook last - completed. - format: date-time - type: string - lastStarted: - description: LastStarted is the time the test hook was - last started. - format: date-time - type: string - phase: - description: Phase the test hook was observed to be in. - type: string - type: object - description: TestHooks is the list of test hooks for the release - as observed to be run by the controller. - type: object - version: - description: Version is the version of the release object in - storage. - type: integer - required: - - chartName - - chartVersion - - configDigest - - digest - - firstDeployed - - lastDeployed - - name - - namespace - - status - - version - type: object - type: array - installFailures: - description: InstallFailures is the install failure count against - the latest desired state. It is reset after a successful reconciliation. - format: int64 - type: integer - lastAppliedRevision: - description: LastAppliedRevision is the revision of the last successfully - applied source. - type: string - lastAttemptedConfigDigest: - description: "LastAttemptedConfigDigest is the digest for the config - (better known as \"values\") of the last reconciliation attempt. - \n Note: this field is provisional to the v2beta2 API, and not actively - used by v2beta1 HelmReleases." - type: string - lastAttemptedGeneration: - description: "LastAttemptedGeneration is the last generation the controller - attempted to reconcile. \n Note: this field is provisional to the - v2beta2 API, and not actively used by v2beta1 HelmReleases." - format: int64 - type: integer - lastAttemptedReleaseAction: - description: "LastAttemptedReleaseAction is the last release action - performed for this HelmRelease. It is used to determine the active - remediation strategy. \n Note: this field is provisional to the - v2beta2 API, and not actively used by v2beta1 HelmReleases." - type: string - lastAttemptedRevision: - description: LastAttemptedRevision is the revision of the last reconciliation - attempt. - type: string - lastAttemptedValuesChecksum: - description: LastAttemptedValuesChecksum is the SHA1 checksum of the - values of the last reconciliation attempt. - type: string - lastHandledForceAt: - description: "LastHandledForceAt holds the value of the most recent - force request value, so a change of the annotation value can be - detected. \n Note: this field is provisional to the v2beta2 API, - and not actively used by v2beta1 HelmReleases." - type: string - lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value can - be detected. - type: string - lastHandledResetAt: - description: "LastHandledResetAt holds the value of the most recent - reset request value, so a change of the annotation value can be - detected. \n Note: this field is provisional to the v2beta2 API, - and not actively used by v2beta1 HelmReleases." - type: string - lastReleaseRevision: - description: LastReleaseRevision is the revision of the last successful - Helm release. - type: integer - observedGeneration: - description: ObservedGeneration is the last observed generation. - format: int64 - type: integer - storageNamespace: - description: "StorageNamespace is the namespace of the Helm release - storage for the current release. \n Note: this field is provisional - to the v2beta2 API, and not actively used by v2beta1 HelmReleases." - type: string - upgradeFailures: - description: UpgradeFailures is the upgrade failure count against - the latest desired state. It is reset after a successful reconciliation. - format: int64 - type: integer - type: object - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - name: v2beta2 - schema: - openAPIV3Schema: - description: HelmRelease is the Schema for the helmreleases API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: HelmReleaseSpec defines the desired state of a Helm release. - properties: - chart: - description: Chart defines the template of the v1beta2.HelmChart that - should be created for this HelmRelease. - properties: - metadata: - description: ObjectMeta holds the template for metadata like labels - and annotations. - properties: - annotations: - additionalProperties: - type: string - description: 'Annotations is an unstructured key value map - stored with a resource that may be set by external tools - to store and retrieve arbitrary metadata. They are not queryable - and should be preserved when modifying objects. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/' - type: object - labels: - additionalProperties: - type: string - description: 'Map of string keys and values that can be used - to organize and categorize (scope and select) objects. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/' - type: object - type: object - spec: - description: Spec holds the template for the v1beta2.HelmChartSpec - for this HelmRelease. - properties: - chart: - description: The name or path the Helm chart is available - at in the SourceRef. - maxLength: 2048 - minLength: 1 - type: string - interval: - description: Interval at which to check the v1.Source for - updates. Defaults to 'HelmReleaseSpec.Interval'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - reconcileStrategy: - default: ChartVersion - description: Determines what enables the creation of a new - artifact. Valid values are ('ChartVersion', 'Revision'). - See the documentation of the values for an explanation on - their behavior. Defaults to ChartVersion when omitted. - enum: - - ChartVersion - - Revision - type: string - sourceRef: - description: The name and namespace of the v1.Source the chart - is available at. - properties: - apiVersion: - description: APIVersion of the referent. - type: string - kind: - description: Kind of the referent. - enum: - - HelmRepository - - GitRepository - - Bucket - type: string - name: - description: Name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: Namespace of the referent. - maxLength: 63 - minLength: 1 - type: string - required: - - name - type: object - valuesFile: - description: Alternative values file to use as the default - chart values, expected to be a relative path in the SourceRef. - Deprecated in favor of ValuesFiles, for backwards compatibility - the file defined here is merged before the ValuesFiles items. - Ignored when omitted. - type: string - valuesFiles: - description: Alternative list of values files to use as the - chart values (values.yaml is not included by default), expected - to be a relative path in the SourceRef. Values files are - merged in the order of this list with the last file overriding - the first. Ignored when omitted. - items: - type: string - type: array - verify: - description: Verify contains the secret name containing the - trusted public keys used to verify the signature and specifies - which provider to use to check whether OCI image is authentic. - This field is only supported for OCI sources. Chart dependencies, - which are not bundled in the umbrella chart artifact, are - not verified. - properties: - provider: - default: cosign - description: Provider specifies the technology used to - sign the OCI Helm chart. - enum: - - cosign - type: string - secretRef: - description: SecretRef specifies the Kubernetes Secret - containing the trusted public keys. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - required: - - provider - type: object - version: - default: '*' - description: Version semver expression, ignored for charts - from v1beta2.GitRepository and v1beta2.Bucket sources. Defaults - to latest when omitted. - type: string - required: - - chart - - sourceRef - type: object - required: - - spec - type: object - dependsOn: - description: DependsOn may contain a meta.NamespacedObjectReference - slice with references to HelmRelease resources that must be ready - before this HelmRelease can be reconciled. - items: - description: NamespacedObjectReference contains enough information - to locate the referenced Kubernetes resource object in any namespace. - properties: - name: - description: Name of the referent. - type: string - namespace: - description: Namespace of the referent, when not specified it - acts as LocalObjectReference. - type: string - required: - - name - type: object - type: array - driftDetection: - description: DriftDetection holds the configuration for detecting - and handling differences between the manifest in the Helm storage - and the resources currently existing in the cluster. - properties: - ignore: - description: Ignore contains a list of rules for specifying which - changes to ignore during diffing. - items: - description: IgnoreRule defines a rule to selectively disregard - specific changes during the drift detection process. - properties: - paths: - description: Paths is a list of JSON Pointer (RFC 6901) - paths to be excluded from consideration in a Kubernetes - object. - items: - type: string - type: array - target: - description: Target is a selector for specifying Kubernetes - objects to which this rule applies. If Target is not set, - the Paths will be ignored for all Kubernetes objects within - the manifest of the Helm release. - properties: - annotationSelector: - description: AnnotationSelector is a string that follows - the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource annotations. - type: string - group: - description: Group is the API group to select resources - from. Together with Version and Kind it is capable - of unambiguously identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - kind: - description: Kind of the API Group to select resources - from. Together with Group and Version it is capable - of unambiguously identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - labelSelector: - description: LabelSelector is a string that follows - the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource labels. - type: string - name: - description: Name to match resources with. - type: string - namespace: - description: Namespace to select resources from. - type: string - version: - description: Version of the API Group to select resources - from. Together with Group and Kind it is capable of - unambiguously identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - type: object - required: - - paths - type: object - type: array - mode: - description: Mode defines how differences should be handled between - the Helm manifest and the manifest currently applied to the - cluster. If not explicitly set, it defaults to DiffModeDisabled. - enum: - - enabled - - warn - - disabled - type: string - type: object - install: - description: Install holds the configuration for Helm install actions - for this HelmRelease. - properties: - crds: - description: "CRDs upgrade CRDs from the Helm Chart's crds directory - according to the CRD upgrade policy provided here. Valid values - are `Skip`, `Create` or `CreateReplace`. Default is `Create` - and if omitted CRDs are installed but not updated. \n Skip: - do neither install nor replace (update) any CRDs. \n Create: - new CRDs are created, existing CRDs are neither updated nor - deleted. \n CreateReplace: new CRDs are created, existing CRDs - are updated (replaced) but not deleted. \n By default, CRDs - are applied (installed) during Helm install action. With this - option users can opt in to CRD replace existing CRDs on Helm - install actions, which is not (yet) natively supported by Helm. - https://helm.sh/docs/chart_best_practices/custom_resource_definitions." - enum: - - Skip - - Create - - CreateReplace - type: string - createNamespace: - description: CreateNamespace tells the Helm install action to - create the HelmReleaseSpec.TargetNamespace if it does not exist - yet. On uninstall, the namespace will not be garbage collected. - type: boolean - disableHooks: - description: DisableHooks prevents hooks from running during the - Helm install action. - type: boolean - disableOpenAPIValidation: - description: DisableOpenAPIValidation prevents the Helm install - action from validating rendered templates against the Kubernetes - OpenAPI Schema. - type: boolean - disableWait: - description: DisableWait disables the waiting for resources to - be ready after a Helm install has been performed. - type: boolean - disableWaitForJobs: - description: DisableWaitForJobs disables waiting for jobs to complete - after a Helm install has been performed. - type: boolean - remediation: - description: Remediation holds the remediation configuration for - when the Helm install action for the HelmRelease fails. The - default is to not perform any action. - properties: - ignoreTestFailures: - description: IgnoreTestFailures tells the controller to skip - remediation when the Helm tests are run after an install - action but fail. Defaults to 'Test.IgnoreFailures'. - type: boolean - remediateLastFailure: - description: RemediateLastFailure tells the controller to - remediate the last failure, when no retries remain. Defaults - to 'false'. - type: boolean - retries: - description: Retries is the number of retries that should - be attempted on failures before bailing. Remediation, using - an uninstall, is performed between each attempt. Defaults - to '0', a negative integer equals to unlimited retries. - type: integer - type: object - replace: - description: Replace tells the Helm install action to re-use the - 'ReleaseName', but only if that name is a deleted release which - remains in the history. - type: boolean - skipCRDs: - description: "SkipCRDs tells the Helm install action to not install - any CRDs. By default, CRDs are installed if not already present. - \n Deprecated use CRD policy (`crds`) attribute with value `Skip` - instead." - type: boolean - timeout: - description: Timeout is the time to wait for any individual Kubernetes - operation (like Jobs for hooks) during the performance of a - Helm install action. Defaults to 'HelmReleaseSpec.Timeout'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - type: object - interval: - description: Interval at which to reconcile the Helm release. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - kubeConfig: - description: KubeConfig for reconciling the HelmRelease on a remote - cluster. When used in combination with HelmReleaseSpec.ServiceAccountName, - forces the controller to act on behalf of that Service Account at - the target cluster. If the --default-service-account flag is set, - its value will be used as a controller level fallback for when HelmReleaseSpec.ServiceAccountName - is empty. - properties: - secretRef: - description: SecretRef holds the name of a secret that contains - a key with the kubeconfig file as the value. If no key is set, - the key will default to 'value'. It is recommended that the - kubeconfig is self-contained, and the secret is regularly updated - if credentials such as a cloud-access-token expire. Cloud specific - `cmd-path` auth helpers will not function without adding binaries - and credentials to the Pod that is responsible for reconciling - Kubernetes resources. - properties: - key: - description: Key in the Secret, when not specified an implementation-specific - default key is used. - type: string - name: - description: Name of the Secret. - type: string - required: - - name - type: object - required: - - secretRef - type: object - maxHistory: - description: MaxHistory is the number of revisions saved by Helm for - this HelmRelease. Use '0' for an unlimited number of revisions; - defaults to '5'. - type: integer - persistentClient: - description: "PersistentClient tells the controller to use a persistent - Kubernetes client for this release. When enabled, the client will - be reused for the duration of the reconciliation, instead of being - created and destroyed for each (step of a) Helm action. \n This - can improve performance, but may cause issues with some Helm charts - that for example do create Custom Resource Definitions during installation - outside Helm's CRD lifecycle hooks, which are then not observed - to be available by e.g. post-install hooks. \n If not set, it defaults - to true." - type: boolean - postRenderers: - description: PostRenderers holds an array of Helm PostRenderers, which - will be applied in order of their definition. - items: - description: PostRenderer contains a Helm PostRenderer specification. - properties: - kustomize: - description: Kustomization to apply as PostRenderer. - properties: - images: - description: Images is a list of (image name, new name, - new tag or digest) for changing image names, tags or digests. - This can also be achieved with a patch, but this operator - is simpler to specify. - items: - description: Image contains an image name, a new name, - a new tag or digest, which will replace the original - name and tag. - properties: - digest: - description: Digest is the value used to replace the - original image tag. If digest is present NewTag - value is ignored. - type: string - name: - description: Name is a tag-less image name. - type: string - newName: - description: NewName is the value used to replace - the original name. - type: string - newTag: - description: NewTag is the value used to replace the - original tag. - type: string - required: - - name - type: object - type: array - patches: - description: Strategic merge and JSON patches, defined as - inline YAML objects, capable of targeting objects based - on kind, label and annotation selectors. - items: - description: Patch contains an inline StrategicMerge or - JSON6902 patch, and the target the patch should be applied - to. - properties: - patch: - description: Patch contains an inline StrategicMerge - patch or an inline JSON6902 patch with an array - of operation objects. - type: string - target: - description: Target points to the resources that the - patch document should be applied to. - properties: - annotationSelector: - description: AnnotationSelector is a string that - follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource annotations. - type: string - group: - description: Group is the API group to select - resources from. Together with Version and Kind - it is capable of unambiguously identifying and/or - selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - kind: - description: Kind of the API Group to select resources - from. Together with Group and Version it is - capable of unambiguously identifying and/or - selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - labelSelector: - description: LabelSelector is a string that follows - the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource labels. - type: string - name: - description: Name to match resources with. - type: string - namespace: - description: Namespace to select resources from. - type: string - version: - description: Version of the API Group to select - resources from. Together with Group and Kind - it is capable of unambiguously identifying and/or - selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - type: object - required: - - patch - type: object - type: array - patchesJson6902: - description: 'JSON 6902 patches, defined as inline YAML - objects. Deprecated: use Patches instead.' - items: - description: JSON6902Patch contains a JSON6902 patch and - the target the patch should be applied to. - properties: - patch: - description: Patch contains the JSON6902 patch document - with an array of operation objects. - items: - description: JSON6902 is a JSON6902 operation object. - https://datatracker.ietf.org/doc/html/rfc6902#section-4 - properties: - from: - description: From contains a JSON-pointer value - that references a location within the target - document where the operation is performed. - The meaning of the value depends on the value - of Op, and is NOT taken into account by all - operations. - type: string - op: - description: Op indicates the operation to perform. - Its value MUST be one of "add", "remove", - "replace", "move", "copy", or "test". https://datatracker.ietf.org/doc/html/rfc6902#section-4 - enum: - - test - - remove - - add - - replace - - move - - copy - type: string - path: - description: Path contains the JSON-pointer - value that references a location within the - target document where the operation is performed. - The meaning of the value depends on the value - of Op. - type: string - value: - description: Value contains a valid JSON structure. - The meaning of the value depends on the value - of Op, and is NOT taken into account by all - operations. - x-kubernetes-preserve-unknown-fields: true - required: - - op - - path - type: object - type: array - target: - description: Target points to the resources that the - patch document should be applied to. - properties: - annotationSelector: - description: AnnotationSelector is a string that - follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource annotations. - type: string - group: - description: Group is the API group to select - resources from. Together with Version and Kind - it is capable of unambiguously identifying and/or - selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - kind: - description: Kind of the API Group to select resources - from. Together with Group and Version it is - capable of unambiguously identifying and/or - selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - labelSelector: - description: LabelSelector is a string that follows - the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource labels. - type: string - name: - description: Name to match resources with. - type: string - namespace: - description: Namespace to select resources from. - type: string - version: - description: Version of the API Group to select - resources from. Together with Group and Kind - it is capable of unambiguously identifying and/or - selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - type: object - required: - - patch - - target - type: object - type: array - patchesStrategicMerge: - description: 'Strategic merge patches, defined as inline - YAML objects. Deprecated: use Patches instead.' - items: - x-kubernetes-preserve-unknown-fields: true - type: array - type: object - type: object - type: array - releaseName: - description: ReleaseName used for the Helm release. Defaults to a - composition of '[TargetNamespace-]Name'. - maxLength: 53 - minLength: 1 - type: string - rollback: - description: Rollback holds the configuration for Helm rollback actions - for this HelmRelease. - properties: - cleanupOnFail: - description: CleanupOnFail allows deletion of new resources created - during the Helm rollback action when it fails. - type: boolean - disableHooks: - description: DisableHooks prevents hooks from running during the - Helm rollback action. - type: boolean - disableWait: - description: DisableWait disables the waiting for resources to - be ready after a Helm rollback has been performed. - type: boolean - disableWaitForJobs: - description: DisableWaitForJobs disables waiting for jobs to complete - after a Helm rollback has been performed. - type: boolean - force: - description: Force forces resource updates through a replacement - strategy. - type: boolean - recreate: - description: Recreate performs pod restarts for the resource if - applicable. - type: boolean - timeout: - description: Timeout is the time to wait for any individual Kubernetes - operation (like Jobs for hooks) during the performance of a - Helm rollback action. Defaults to 'HelmReleaseSpec.Timeout'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - type: object - serviceAccountName: - description: The name of the Kubernetes service account to impersonate - when reconciling this HelmRelease. - maxLength: 253 - minLength: 1 - type: string - storageNamespace: - description: StorageNamespace used for the Helm storage. Defaults - to the namespace of the HelmRelease. - maxLength: 63 - minLength: 1 - type: string - suspend: - description: Suspend tells the controller to suspend reconciliation - for this HelmRelease, it does not apply to already started reconciliations. - Defaults to false. - type: boolean - targetNamespace: - description: TargetNamespace to target when performing operations - for the HelmRelease. Defaults to the namespace of the HelmRelease. - maxLength: 63 - minLength: 1 - type: string - test: - description: Test holds the configuration for Helm test actions for - this HelmRelease. - properties: - enable: - description: Enable enables Helm test actions for this HelmRelease - after an Helm install or upgrade action has been performed. - type: boolean - filters: - description: Filters is a list of tests to run or exclude from - running. - items: - description: Filter holds the configuration for individual Helm - test filters. - properties: - exclude: - description: Exclude specifies whether the named test should - be excluded. - type: boolean - name: - description: Name is the name of the test. - maxLength: 253 - minLength: 1 - type: string - required: - - name - type: object - type: array - ignoreFailures: - description: IgnoreFailures tells the controller to skip remediation - when the Helm tests are run but fail. Can be overwritten for - tests run after install or upgrade actions in 'Install.IgnoreTestFailures' - and 'Upgrade.IgnoreTestFailures'. - type: boolean - timeout: - description: Timeout is the time to wait for any individual Kubernetes - operation during the performance of a Helm test action. Defaults - to 'HelmReleaseSpec.Timeout'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - type: object - timeout: - description: Timeout is the time to wait for any individual Kubernetes - operation (like Jobs for hooks) during the performance of a Helm - action. Defaults to '5m0s'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - uninstall: - description: Uninstall holds the configuration for Helm uninstall - actions for this HelmRelease. - properties: - deletionPropagation: - default: background - description: DeletionPropagation specifies the deletion propagation - policy when a Helm uninstall is performed. - enum: - - background - - foreground - - orphan - type: string - disableHooks: - description: DisableHooks prevents hooks from running during the - Helm rollback action. - type: boolean - disableWait: - description: DisableWait disables waiting for all the resources - to be deleted after a Helm uninstall is performed. - type: boolean - keepHistory: - description: KeepHistory tells Helm to remove all associated resources - and mark the release as deleted, but retain the release history. - type: boolean - timeout: - description: Timeout is the time to wait for any individual Kubernetes - operation (like Jobs for hooks) during the performance of a - Helm uninstall action. Defaults to 'HelmReleaseSpec.Timeout'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - type: object - upgrade: - description: Upgrade holds the configuration for Helm upgrade actions - for this HelmRelease. - properties: - cleanupOnFail: - description: CleanupOnFail allows deletion of new resources created - during the Helm upgrade action when it fails. - type: boolean - crds: - description: "CRDs upgrade CRDs from the Helm Chart's crds directory - according to the CRD upgrade policy provided here. Valid values - are `Skip`, `Create` or `CreateReplace`. Default is `Skip` and - if omitted CRDs are neither installed nor upgraded. \n Skip: - do neither install nor replace (update) any CRDs. \n Create: - new CRDs are created, existing CRDs are neither updated nor - deleted. \n CreateReplace: new CRDs are created, existing CRDs - are updated (replaced) but not deleted. \n By default, CRDs - are not applied during Helm upgrade action. With this option - users can opt-in to CRD upgrade, which is not (yet) natively - supported by Helm. https://helm.sh/docs/chart_best_practices/custom_resource_definitions." - enum: - - Skip - - Create - - CreateReplace - type: string - disableHooks: - description: DisableHooks prevents hooks from running during the - Helm upgrade action. - type: boolean - disableOpenAPIValidation: - description: DisableOpenAPIValidation prevents the Helm upgrade - action from validating rendered templates against the Kubernetes - OpenAPI Schema. - type: boolean - disableWait: - description: DisableWait disables the waiting for resources to - be ready after a Helm upgrade has been performed. - type: boolean - disableWaitForJobs: - description: DisableWaitForJobs disables waiting for jobs to complete - after a Helm upgrade has been performed. - type: boolean - force: - description: Force forces resource updates through a replacement - strategy. - type: boolean - preserveValues: - description: PreserveValues will make Helm reuse the last release's - values and merge in overrides from 'Values'. Setting this flag - makes the HelmRelease non-declarative. - type: boolean - remediation: - description: Remediation holds the remediation configuration for - when the Helm upgrade action for the HelmRelease fails. The - default is to not perform any action. - properties: - ignoreTestFailures: - description: IgnoreTestFailures tells the controller to skip - remediation when the Helm tests are run after an upgrade - action but fail. Defaults to 'Test.IgnoreFailures'. - type: boolean - remediateLastFailure: - description: RemediateLastFailure tells the controller to - remediate the last failure, when no retries remain. Defaults - to 'false' unless 'Retries' is greater than 0. - type: boolean - retries: - description: Retries is the number of retries that should - be attempted on failures before bailing. Remediation, using - 'Strategy', is performed between each attempt. Defaults - to '0', a negative integer equals to unlimited retries. - type: integer - strategy: - description: Strategy to use for failure remediation. Defaults - to 'rollback'. - enum: - - rollback - - uninstall - type: string - type: object - timeout: - description: Timeout is the time to wait for any individual Kubernetes - operation (like Jobs for hooks) during the performance of a - Helm upgrade action. Defaults to 'HelmReleaseSpec.Timeout'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - type: object - values: - description: Values holds the values for this Helm release. - x-kubernetes-preserve-unknown-fields: true - valuesFrom: - description: ValuesFrom holds references to resources containing Helm - values for this HelmRelease, and information about how they should - be merged. - items: - description: ValuesReference contains a reference to a resource - containing Helm values, and optionally the key they can be found - at. - properties: - kind: - description: Kind of the values referent, valid values are ('Secret', - 'ConfigMap'). - enum: - - Secret - - ConfigMap - type: string - name: - description: Name of the values referent. Should reside in the - same namespace as the referring resource. - maxLength: 253 - minLength: 1 - type: string - optional: - description: Optional marks this ValuesReference as optional. - When set, a not found error for the values reference is ignored, - but any ValuesKey, TargetPath or transient error will still - result in a reconciliation failure. - type: boolean - targetPath: - description: TargetPath is the YAML dot notation path the value - should be merged at. When set, the ValuesKey is expected to - be a single flat value. Defaults to 'None', which results - in the values getting merged at the root. - maxLength: 250 - pattern: ^([a-zA-Z0-9_\-.\\\/]|\[[0-9]{1,5}\])+$ - type: string - valuesKey: - description: ValuesKey is the data key where the values.yaml - or a specific value can be found at. Defaults to 'values.yaml'. - maxLength: 253 - pattern: ^[\-._a-zA-Z0-9]+$ - type: string - required: - - kind - - name - type: object - type: array - required: - - chart - - interval - type: object - status: - default: - observedGeneration: -1 - description: HelmReleaseStatus defines the observed state of a HelmRelease. - properties: - conditions: - description: Conditions holds the conditions for the HelmRelease. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - failures: - description: Failures is the reconciliation failure count against - the latest desired state. It is reset after a successful reconciliation. - format: int64 - type: integer - helmChart: - description: HelmChart is the namespaced name of the HelmChart resource - created by the controller for the HelmRelease. - type: string - history: - description: History holds the history of Helm releases performed - for this HelmRelease up to the last successfully completed release. - items: - description: Snapshot captures a point-in-time copy of the status - information for a Helm release, as managed by the controller. - properties: - apiVersion: - description: 'APIVersion is the API version of the Snapshot. - Provisional: when the calculation method of the Digest field - is changed, this field will be used to distinguish between - the old and new methods.' - type: string - chartName: - description: ChartName is the chart name of the release object - in storage. - type: string - chartVersion: - description: ChartVersion is the chart version of the release - object in storage. - type: string - configDigest: - description: ConfigDigest is the checksum of the config (better - known as "values") of the release object in storage. It has - the format of `:`. - type: string - deleted: - description: Deleted is when the release was deleted. - format: date-time - type: string - digest: - description: Digest is the checksum of the release object in - storage. It has the format of `:`. - type: string - firstDeployed: - description: FirstDeployed is when the release was first deployed. - format: date-time - type: string - lastDeployed: - description: LastDeployed is when the release was last deployed. - format: date-time - type: string - name: - description: Name is the name of the release. - type: string - namespace: - description: Namespace is the namespace the release is deployed - to. - type: string - status: - description: Status is the current state of the release. - type: string - testHooks: - additionalProperties: - description: TestHookStatus holds the status information for - a test hook as observed to be run by the controller. - properties: - lastCompleted: - description: LastCompleted is the time the test hook last - completed. - format: date-time - type: string - lastStarted: - description: LastStarted is the time the test hook was - last started. - format: date-time - type: string - phase: - description: Phase the test hook was observed to be in. - type: string - type: object - description: TestHooks is the list of test hooks for the release - as observed to be run by the controller. - type: object - version: - description: Version is the version of the release object in - storage. - type: integer - required: - - chartName - - chartVersion - - configDigest - - digest - - firstDeployed - - lastDeployed - - name - - namespace - - status - - version - type: object - type: array - installFailures: - description: InstallFailures is the install failure count against - the latest desired state. It is reset after a successful reconciliation. - format: int64 - type: integer - lastAppliedRevision: - description: 'LastAppliedRevision is the revision of the last successfully - applied source. Deprecated: the revision can now be found in the - History.' - type: string - lastAttemptedConfigDigest: - description: LastAttemptedConfigDigest is the digest for the config - (better known as "values") of the last reconciliation attempt. - type: string - lastAttemptedGeneration: - description: LastAttemptedGeneration is the last generation the controller - attempted to reconcile. - format: int64 - type: integer - lastAttemptedReleaseAction: - description: LastAttemptedReleaseAction is the last release action - performed for this HelmRelease. It is used to determine the active - remediation strategy. - enum: - - install - - upgrade - type: string - lastAttemptedRevision: - description: LastAttemptedRevision is the Source revision of the last - reconciliation attempt. - type: string - lastAttemptedValuesChecksum: - description: 'LastAttemptedValuesChecksum is the SHA1 checksum for - the values of the last reconciliation attempt. Deprecated: Use LastAttemptedConfigDigest - instead.' - type: string - lastHandledForceAt: - description: LastHandledForceAt holds the value of the most recent - force request value, so a change of the annotation value can be - detected. - type: string - lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value can - be detected. - type: string - lastHandledResetAt: - description: LastHandledResetAt holds the value of the most recent - reset request value, so a change of the annotation value can be - detected. - type: string - lastReleaseRevision: - description: 'LastReleaseRevision is the revision of the last successful - Helm release. Deprecated: Use History instead.' - type: integer - observedGeneration: - description: ObservedGeneration is the last observed generation. - format: int64 - type: integer - storageNamespace: - description: StorageNamespace is the namespace of the Helm release - storage for the current release. - maxLength: 63 - minLength: 1 - type: string - upgradeFailures: - description: UpgradeFailures is the upgrade failure count against - the latest desired state. It is reset after a successful reconciliation. - format: int64 - type: integer - type: object - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.12.0 - name: helmrepositories.source.toolkit.fluxcd.io -spec: - group: source.toolkit.fluxcd.io - names: - kind: HelmRepository - listKind: HelmRepositoryList - plural: helmrepositories - shortNames: - - helmrepo - singular: helmrepository - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .spec.url - name: URL - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1beta1 - schema: - openAPIV3Schema: - description: HelmRepository is the Schema for the helmrepositories API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: HelmRepositorySpec defines the reference to a Helm repository. - properties: - accessFrom: - description: AccessFrom defines an Access Control List for allowing - cross-namespace references to this object. - properties: - namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors - to which this ACL applies. Items in this list are evaluated - using a logical OR operation. - items: - description: NamespaceSelector selects the namespaces to which - this ACL applies. An empty map of MatchLabels matches all - namespaces in a cluster. - properties: - matchLabels: - additionalProperties: - type: string - description: MatchLabels is a map of {key,value} pairs. - A single {key,value} in the matchLabels map is equivalent - to an element of matchExpressions, whose key field is - "key", the operator is "In", and the values array contains - only "value". The requirements are ANDed. - type: object - type: object - type: array - required: - - namespaceSelectors - type: object - interval: - description: The interval at which to check the upstream for updates. - type: string - passCredentials: - description: PassCredentials allows the credentials from the SecretRef - to be passed on to a host that does not match the host as defined - in URL. This may be required if the host of the advertised chart - URLs in the index differ from the defined URL. Enabling this should - be done with caution, as it can potentially result in credentials - getting stolen in a MITM-attack. - type: boolean - secretRef: - description: The name of the secret containing authentication credentials - for the Helm repository. For HTTP/S basic auth the secret must contain - username and password fields. For TLS the secret must contain a - certFile and keyFile, and/or caFile fields. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - suspend: - description: This flag tells the controller to suspend the reconciliation - of this source. - type: boolean - timeout: - default: 60s - description: The timeout of index downloading, defaults to 60s. - type: string - url: - description: The Helm repository URL, a valid URL contains at least - a protocol and host. - type: string - required: - - interval - - url - type: object - status: - default: - observedGeneration: -1 - description: HelmRepositoryStatus defines the observed state of the HelmRepository. - properties: - artifact: - description: Artifact represents the output of the last successful - repository sync. - properties: - checksum: - description: Checksum is the SHA256 checksum of the Artifact file - (obsolete) - type: string - lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to - the last update of this artifact. - format: date-time - type: string - path: - description: Path is the relative file path of this artifact. - type: string - revision: - description: Revision is a human readable identifier traceable - in the origin source system. It can be a Git commit SHA, Git - tag, a Helm index timestamp, a Helm chart version, etc. - type: string - url: - description: URL is the HTTP address of this artifact. - type: string - required: - - path - - url - type: object - conditions: - description: Conditions holds the conditions for the HelmRepository. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value can - be detected. - type: string - observedGeneration: - description: ObservedGeneration is the last observed generation. - format: int64 - type: integer - url: - description: URL is the download link for the last index fetched. - type: string - type: object - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .spec.url - name: URL - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - name: v1beta2 - schema: - openAPIV3Schema: - description: HelmRepository is the Schema for the helmrepositories API. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: HelmRepositorySpec specifies the required configuration to - produce an Artifact for a Helm repository index YAML. - properties: - accessFrom: - description: 'AccessFrom specifies an Access Control List for allowing - cross-namespace references to this object. NOTE: Not implemented, - provisional as of https://github.com/fluxcd/flux2/pull/2092' - properties: - namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors - to which this ACL applies. Items in this list are evaluated - using a logical OR operation. - items: - description: NamespaceSelector selects the namespaces to which - this ACL applies. An empty map of MatchLabels matches all - namespaces in a cluster. - properties: - matchLabels: - additionalProperties: - type: string - description: MatchLabels is a map of {key,value} pairs. - A single {key,value} in the matchLabels map is equivalent - to an element of matchExpressions, whose key field is - "key", the operator is "In", and the values array contains - only "value". The requirements are ANDed. - type: object - type: object - type: array - required: - - namespaceSelectors - type: object - certSecretRef: - description: "CertSecretRef can be given the name of a Secret containing - either or both of \n - a PEM-encoded client certificate (`tls.crt`) - and private key (`tls.key`); - a PEM-encoded CA certificate (`ca.crt`) - \n and whichever are supplied, will be used for connecting to the - registry. The client cert and key are useful if you are authenticating - with a certificate; the CA cert is useful if you are using a self-signed - server certificate. The Secret must be of type `Opaque` or `kubernetes.io/tls`. - \n It takes precedence over the values specified in the Secret referred - to by `.spec.secretRef`." - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - insecure: - description: Insecure allows connecting to a non-TLS HTTP container - registry. This field is only taken into account if the .spec.type - field is set to 'oci'. - type: boolean - interval: - description: Interval at which the HelmRepository URL is checked for - updates. This interval is approximate and may be subject to jitter - to ensure efficient use of resources. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - passCredentials: - description: PassCredentials allows the credentials from the SecretRef - to be passed on to a host that does not match the host as defined - in URL. This may be required if the host of the advertised chart - URLs in the index differ from the defined URL. Enabling this should - be done with caution, as it can potentially result in credentials - getting stolen in a MITM-attack. - type: boolean - provider: - default: generic - description: Provider used for authentication, can be 'aws', 'azure', - 'gcp' or 'generic'. This field is optional, and only taken into - account if the .spec.type field is set to 'oci'. When not specified, - defaults to 'generic'. - enum: - - generic - - aws - - azure - - gcp - type: string - secretRef: - description: SecretRef specifies the Secret containing authentication - credentials for the HelmRepository. For HTTP/S basic auth the secret - must contain 'username' and 'password' fields. Support for TLS auth - using the 'certFile' and 'keyFile', and/or 'caFile' keys is deprecated. - Please use `.spec.certSecretRef` instead. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - suspend: - description: Suspend tells the controller to suspend the reconciliation - of this HelmRepository. - type: boolean - timeout: - default: 60s - description: Timeout is used for the index fetch operation for an - HTTPS helm repository, and for remote OCI Repository operations - like pulling for an OCI helm chart by the associated HelmChart. - Its default value is 60s. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ - type: string - type: - description: Type of the HelmRepository. When this field is set to "oci", - the URL field value must be prefixed with "oci://". - enum: - - default - - oci - type: string - url: - description: URL of the Helm repository, a valid URL contains at least - a protocol and host. - pattern: ^(http|https|oci)://.*$ - type: string - required: - - url - type: object - status: - default: - observedGeneration: -1 - description: HelmRepositoryStatus records the observed state of the HelmRepository. - properties: - artifact: - description: Artifact represents the last successful HelmRepository - reconciliation. - properties: - checksum: - description: Checksum is the SHA256 checksum of the Artifact file - (obsolete) - type: string - digest: - description: Digest is the digest of the file in the form of ':'. - pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ - type: string - lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to - the last update of the Artifact. - format: date-time - type: string - metadata: - additionalProperties: - type: string - description: Metadata holds upstream information such as OCI annotations. - type: object - path: - description: Path is the relative file path of the Artifact. It - can be used to locate the file in the root of the Artifact storage - on the local file system of the controller managing the Source. - type: string - revision: - description: Revision is a human-readable identifier traceable - in the origin source system. It can be a Git commit SHA, Git - tag, a Helm chart version, etc. - type: string - size: - description: Size is the number of bytes in the file. - format: int64 - type: integer - url: - description: URL is the HTTP address of the Artifact as exposed - by the controller managing the Source. It can be used to retrieve - the Artifact for consumption, e.g. by another controller applying - the Artifact contents. - type: string - required: - - lastUpdateTime - - path - - revision - - url - type: object - conditions: - description: Conditions holds the conditions for the HelmRepository. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value can - be detected. - type: string - observedGeneration: - description: ObservedGeneration is the last observed generation of - the HelmRepository object. - format: int64 - type: integer - url: - description: URL is the dynamic fetch link for the latest Artifact. - It is provided on a "best effort" basis, and using the precise HelmRepositoryStatus.Artifact - data is recommended. - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.12.0 - name: ocirepositories.source.toolkit.fluxcd.io -spec: - group: source.toolkit.fluxcd.io - names: - kind: OCIRepository - listKind: OCIRepositoryList - plural: ocirepositories - shortNames: - - ocirepo - singular: ocirepository - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .spec.url - name: URL - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1beta2 - schema: - openAPIV3Schema: - description: OCIRepository is the Schema for the ocirepositories API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: OCIRepositorySpec defines the desired state of OCIRepository - properties: - certSecretRef: - description: "CertSecretRef can be given the name of a Secret containing - either or both of \n - a PEM-encoded client certificate (`tls.crt`) - and private key (`tls.key`); - a PEM-encoded CA certificate (`ca.crt`) - \n and whichever are supplied, will be used for connecting to the - registry. The client cert and key are useful if you are authenticating - with a certificate; the CA cert is useful if you are using a self-signed - server certificate. The Secret must be of type `Opaque` or `kubernetes.io/tls`. - \n Note: Support for the `caFile`, `certFile` and `keyFile` keys - have been deprecated." - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - ignore: - description: Ignore overrides the set of excluded patterns in the - .sourceignore format (which is the same as .gitignore). If not provided, - a default will be used, consult the documentation for your version - to find out what those are. - type: string - insecure: - description: Insecure allows connecting to a non-TLS HTTP container - registry. - type: boolean - interval: - description: Interval at which the OCIRepository URL is checked for - updates. This interval is approximate and may be subject to jitter - to ensure efficient use of resources. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - layerSelector: - description: LayerSelector specifies which layer should be extracted - from the OCI artifact. When not specified, the first layer found - in the artifact is selected. - properties: - mediaType: - description: MediaType specifies the OCI media type of the layer - which should be extracted from the OCI Artifact. The first layer - matching this type is selected. - type: string - operation: - description: Operation specifies how the selected layer should - be processed. By default, the layer compressed content is extracted - to storage. When the operation is set to 'copy', the layer compressed - content is persisted to storage as it is. - enum: - - extract - - copy - type: string - type: object - provider: - default: generic - description: The provider used for authentication, can be 'aws', 'azure', - 'gcp' or 'generic'. When not specified, defaults to 'generic'. - enum: - - generic - - aws - - azure - - gcp - type: string - ref: - description: The OCI reference to pull and monitor for changes, defaults - to the latest tag. - properties: - digest: - description: Digest is the image digest to pull, takes precedence - over SemVer. The value should be in the format 'sha256:'. - type: string - semver: - description: SemVer is the range of tags to pull selecting the - latest within the range, takes precedence over Tag. - type: string - tag: - description: Tag is the image tag to pull, defaults to latest. - type: string - type: object - secretRef: - description: SecretRef contains the secret name containing the registry - login credentials to resolve image metadata. The secret must be - of type kubernetes.io/dockerconfigjson. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - serviceAccountName: - description: 'ServiceAccountName is the name of the Kubernetes ServiceAccount - used to authenticate the image pull if the service account has attached - pull secrets. For more information: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#add-imagepullsecrets-to-a-service-account' - type: string - suspend: - description: This flag tells the controller to suspend the reconciliation - of this source. - type: boolean - timeout: - default: 60s - description: The timeout for remote OCI Repository operations like - pulling, defaults to 60s. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ - type: string - url: - description: URL is a reference to an OCI artifact repository hosted - on a remote container registry. - pattern: ^oci://.*$ - type: string - verify: - description: Verify contains the secret name containing the trusted - public keys used to verify the signature and specifies which provider - to use to check whether OCI image is authentic. - properties: - matchOIDCIdentity: - description: MatchOIDCIdentity specifies the identity matching - criteria to use while verifying an OCI artifact which was signed - using Cosign keyless signing. The artifact's identity is deemed - to be verified if any of the specified matchers match against - the identity. - items: - description: OIDCIdentityMatch specifies options for verifying - the certificate identity, i.e. the issuer and the subject - of the certificate. - properties: - issuer: - description: Issuer specifies the regex pattern to match - against to verify the OIDC issuer in the Fulcio certificate. - The pattern must be a valid Go regular expression. - type: string - subject: - description: Subject specifies the regex pattern to match - against to verify the identity subject in the Fulcio certificate. - The pattern must be a valid Go regular expression. - type: string - required: - - issuer - - subject - type: object - type: array - provider: - default: cosign - description: Provider specifies the technology used to sign the - OCI Artifact. - enum: - - cosign - type: string - secretRef: - description: SecretRef specifies the Kubernetes Secret containing - the trusted public keys. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - required: - - provider - type: object - required: - - interval - - url - type: object - status: - default: - observedGeneration: -1 - description: OCIRepositoryStatus defines the observed state of OCIRepository - properties: - artifact: - description: Artifact represents the output of the last successful - OCI Repository sync. - properties: - checksum: - description: Checksum is the SHA256 checksum of the Artifact file - (obsolete) - type: string - digest: - description: Digest is the digest of the file in the form of ':'. - pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ - type: string - lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to - the last update of the Artifact. - format: date-time - type: string - metadata: - additionalProperties: - type: string - description: Metadata holds upstream information such as OCI annotations. - type: object - path: - description: Path is the relative file path of the Artifact. It - can be used to locate the file in the root of the Artifact storage - on the local file system of the controller managing the Source. - type: string - revision: - description: Revision is a human-readable identifier traceable - in the origin source system. It can be a Git commit SHA, Git - tag, a Helm chart version, etc. - type: string - size: - description: Size is the number of bytes in the file. - format: int64 - type: integer - url: - description: URL is the HTTP address of the Artifact as exposed - by the controller managing the Source. It can be used to retrieve - the Artifact for consumption, e.g. by another controller applying - the Artifact contents. - type: string - required: - - lastUpdateTime - - path - - revision - - url - type: object - conditions: - description: Conditions holds the conditions for the OCIRepository. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - contentConfigChecksum: - description: "ContentConfigChecksum is a checksum of all the configurations - related to the content of the source artifact: - .spec.ignore - - .spec.layerSelector observed in .status.observedGeneration version - of the object. This can be used to determine if the content configuration - has changed and the artifact needs to be rebuilt. It has the format - of `:`, for example: `sha256:`. \n Deprecated: - Replaced with explicit fields for observed artifact content config - in the status." - type: string - lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value can - be detected. - type: string - observedGeneration: - description: ObservedGeneration is the last observed generation. - format: int64 - type: integer - observedIgnore: - description: ObservedIgnore is the observed exclusion patterns used - for constructing the source artifact. - type: string - observedLayerSelector: - description: ObservedLayerSelector is the observed layer selector - used for constructing the source artifact. - properties: - mediaType: - description: MediaType specifies the OCI media type of the layer - which should be extracted from the OCI Artifact. The first layer - matching this type is selected. - type: string - operation: - description: Operation specifies how the selected layer should - be processed. By default, the layer compressed content is extracted - to storage. When the operation is set to 'copy', the layer compressed - content is persisted to storage as it is. - enum: - - extract - - copy - type: string - type: object - url: - description: URL is the download link for the artifact output of the - last OCI Repository sync. - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.16.3 - name: redpandas.cluster.redpanda.com -spec: - group: cluster.redpanda.com - names: - kind: Redpanda - listKind: RedpandaList - plural: redpandas - shortNames: - - rp - singular: redpanda - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: Redpanda defines the CRD for Redpanda clusters. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: Defines the desired state of the Redpanda cluster. - properties: - chartRef: - description: Defines chart details, including the version and repository. - properties: - chartName: - description: Specifies the name of the chart to deploy. - type: string - chartVersion: - description: Defines the version of the Redpanda Helm chart to - deploy. - type: string - helmRepositoryName: - description: Defines the chart repository to use. Defaults to - `redpanda` if not defined. - type: string - timeout: - description: |- - Specifies the time to wait for any individual Kubernetes operation (like Jobs - for hooks) during Helm actions. Defaults to `15m0s`. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - upgrade: - description: Defines how to handle upgrades, including failures. - properties: - cleanupOnFail: - description: Specifies whether to perform cleanup in case - of failed upgrades. - type: boolean - force: - description: Enables forceful updates during an upgrade. - type: boolean - preserveValues: - description: Specifies whether to preserve user-configured - values during an upgrade. - type: boolean - remediation: - description: Specifies the actions to take on upgrade failures. - See https://pkg.go.dev/github.com/fluxcd/helm-controller/api/v2beta1#UpgradeRemediation. - properties: - ignoreTestFailures: - description: |- - IgnoreTestFailures tells the controller to skip remediation when the Helm - tests are run after an upgrade action but fail. - Defaults to 'Test.IgnoreFailures'. - type: boolean - remediateLastFailure: - description: |- - RemediateLastFailure tells the controller to remediate the last failure, when - no retries remain. Defaults to 'false' unless 'Retries' is greater than 0. - type: boolean - retries: - description: |- - Retries is the number of retries that should be attempted on failures before - bailing. Remediation, using 'Strategy', is performed between each attempt. - Defaults to '0', a negative integer equals to unlimited retries. - type: integer - strategy: - description: Strategy to use for failure remediation. - Defaults to 'rollback'. - enum: - - rollback - - uninstall - type: string - type: object - type: object - useFlux: - description: |- - NOTE! Alpha feature - UseFlux flag set to `false` will prevent helm controller from reconciling helm chart. The operator would be - tight with `go` based Redpanda helm chart version. The rest of the ChartRef fields would be ignored. - - Before setting UseFlux flag to `false` please align your ChartVersion to `5.9.15` or `` - version of the Redpanda chart. - - RedpandaStatus might not be accurate if flag is set to `false` and HelmRelease is manually deleted. - - To achieve dynamic switch for Flux controllers (HelmRelease and HelmRepository) the resources - would not be removed, but they will be put in suspended mode (if flag is provided and set to `false`). - - https://fluxcd.io/flux/components/helm/helmreleases/#suspend - https://fluxcd.io/flux/components/source/helmrepositories/#suspend - type: boolean - type: object - clusterSpec: - description: Defines the Helm values to use to deploy the cluster. - properties: - affinity: - description: |- - Affinity constraints for scheduling Pods, can override this for - StatefulSets and Jobs. For details, see the [Kubernetes - documentation](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity). - properties: - nodeAffinity: - description: Describes node affinity scheduling rules for - the pod. - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: |- - The scheduler will prefer to schedule pods to nodes that satisfy - the affinity expressions specified by this field, but it may choose - a node that violates one or more of the expressions. The node that is - most preferred is the one with the greatest sum of weights, i.e. - for each node that meets all of the scheduling requirements (resource - request, requiredDuringScheduling affinity expressions, etc.), - compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node matches the corresponding matchExpressions; the - node(s) with the highest sum are the most preferred. - items: - description: |- - An empty preferred scheduling term matches all objects with implicit weight 0 - (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). - properties: - preference: - description: A node selector term, associated with - the corresponding weight. - properties: - matchExpressions: - description: A list of node selector requirements - by node's labels. - items: - description: |- - A node selector requirement is a selector that contains values, a key, and an operator - that relates the key and values. - properties: - key: - description: The label key that the selector - applies to. - type: string - operator: - description: |- - Represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - type: string - values: - description: |- - An array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. If the operator is Gt or Lt, the values - array must have a single element, which will be interpreted as an integer. - This array is replaced during a strategic merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchFields: - description: A list of node selector requirements - by node's fields. - items: - description: |- - A node selector requirement is a selector that contains values, a key, and an operator - that relates the key and values. - properties: - key: - description: The label key that the selector - applies to. - type: string - operator: - description: |- - Represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - type: string - values: - description: |- - An array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. If the operator is Gt or Lt, the values - array must have a single element, which will be interpreted as an integer. - This array is replaced during a strategic merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - type: object - x-kubernetes-map-type: atomic - weight: - description: Weight associated with matching the - corresponding nodeSelectorTerm, in the range 1-100. - format: int32 - type: integer - required: - - preference - - weight - type: object - type: array - x-kubernetes-list-type: atomic - requiredDuringSchedulingIgnoredDuringExecution: - description: |- - If the affinity requirements specified by this field are not met at - scheduling time, the pod will not be scheduled onto the node. - If the affinity requirements specified by this field cease to be met - at some point during pod execution (e.g. due to an update), the system - may or may not try to eventually evict the pod from its node. - properties: - nodeSelectorTerms: - description: Required. A list of node selector terms. - The terms are ORed. - items: - description: |- - A null or empty node selector term matches no objects. The requirements of - them are ANDed. - The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. - properties: - matchExpressions: - description: A list of node selector requirements - by node's labels. - items: - description: |- - A node selector requirement is a selector that contains values, a key, and an operator - that relates the key and values. - properties: - key: - description: The label key that the selector - applies to. - type: string - operator: - description: |- - Represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - type: string - values: - description: |- - An array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. If the operator is Gt or Lt, the values - array must have a single element, which will be interpreted as an integer. - This array is replaced during a strategic merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchFields: - description: A list of node selector requirements - by node's fields. - items: - description: |- - A node selector requirement is a selector that contains values, a key, and an operator - that relates the key and values. - properties: - key: - description: The label key that the selector - applies to. - type: string - operator: - description: |- - Represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - type: string - values: - description: |- - An array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. If the operator is Gt or Lt, the values - array must have a single element, which will be interpreted as an integer. - This array is replaced during a strategic merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - type: object - x-kubernetes-map-type: atomic - type: array - x-kubernetes-list-type: atomic - required: - - nodeSelectorTerms - type: object - x-kubernetes-map-type: atomic - type: object - podAffinity: - description: Describes pod affinity scheduling rules (e.g. - co-locate this pod in the same node, zone, etc. as some - other pod(s)). - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: |- - The scheduler will prefer to schedule pods to nodes that satisfy - the affinity expressions specified by this field, but it may choose - a node that violates one or more of the expressions. The node that is - most preferred is the one with the greatest sum of weights, i.e. - for each node that meets all of the scheduling requirements (resource - request, requiredDuringScheduling affinity expressions, etc.), - compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the - node(s) with the highest sum are the most preferred. - items: - description: The weights of all of the matched WeightedPodAffinityTerm - fields are added per-node to find the most preferred - node(s) - properties: - podAffinityTerm: - description: Required. A pod affinity term, associated - with the corresponding weight. - properties: - labelSelector: - description: |- - A label query over a set of resources, in this case pods. - If it's null, this PodAffinityTerm matches with no Pods. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The requirements - are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key - that the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - matchLabelKeys: - description: |- - MatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both matchLabelKeys and labelSelector. - Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - items: - type: string - type: array - x-kubernetes-list-type: atomic - mismatchLabelKeys: - description: |- - MismatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. - Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - items: - type: string - type: array - x-kubernetes-list-type: atomic - namespaceSelector: - description: |- - A label query over the set of namespaces that the term applies to. - The term is applied to the union of the namespaces selected by this field - and the ones listed in the namespaces field. - null selector and null or empty namespaces list means "this pod's namespace". - An empty selector ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The requirements - are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key - that the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - namespaces: - description: |- - namespaces specifies a static list of namespace names that the term applies to. - The term is applied to the union of the namespaces listed in this field - and the ones selected by namespaceSelector. - null or empty namespaces list and null namespaceSelector means "this pod's namespace". - items: - type: string - type: array - x-kubernetes-list-type: atomic - topologyKey: - description: |- - This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching - the labelSelector in the specified namespaces, where co-located is defined as running on a node - whose value of the label with key topologyKey matches that of any node on which any of the - selected pods is running. - Empty topologyKey is not allowed. - type: string - required: - - topologyKey - type: object - weight: - description: |- - weight associated with matching the corresponding podAffinityTerm, - in the range 1-100. - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - x-kubernetes-list-type: atomic - requiredDuringSchedulingIgnoredDuringExecution: - description: |- - If the affinity requirements specified by this field are not met at - scheduling time, the pod will not be scheduled onto the node. - If the affinity requirements specified by this field cease to be met - at some point during pod execution (e.g. due to a pod label update), the - system may or may not try to eventually evict the pod from its node. - When there are multiple elements, the lists of nodes corresponding to each - podAffinityTerm are intersected, i.e. all terms must be satisfied. - items: - description: |- - Defines a set of pods (namely those matching the labelSelector - relative to the given namespace(s)) that this pod should be - co-located (affinity) or not co-located (anti-affinity) with, - where co-located is defined as running on a node whose value of - the label with key matches that of any node on which - a pod of the set of pods is running - properties: - labelSelector: - description: |- - A label query over a set of resources, in this case pods. - If it's null, this PodAffinityTerm matches with no Pods. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are - ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that - the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - matchLabelKeys: - description: |- - MatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both matchLabelKeys and labelSelector. - Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - items: - type: string - type: array - x-kubernetes-list-type: atomic - mismatchLabelKeys: - description: |- - MismatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. - Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - items: - type: string - type: array - x-kubernetes-list-type: atomic - namespaceSelector: - description: |- - A label query over the set of namespaces that the term applies to. - The term is applied to the union of the namespaces selected by this field - and the ones listed in the namespaces field. - null selector and null or empty namespaces list means "this pod's namespace". - An empty selector ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are - ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that - the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - namespaces: - description: |- - namespaces specifies a static list of namespace names that the term applies to. - The term is applied to the union of the namespaces listed in this field - and the ones selected by namespaceSelector. - null or empty namespaces list and null namespaceSelector means "this pod's namespace". - items: - type: string - type: array - x-kubernetes-list-type: atomic - topologyKey: - description: |- - This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching - the labelSelector in the specified namespaces, where co-located is defined as running on a node - whose value of the label with key topologyKey matches that of any node on which any of the - selected pods is running. - Empty topologyKey is not allowed. - type: string - required: - - topologyKey - type: object - type: array - x-kubernetes-list-type: atomic - type: object - podAntiAffinity: - description: Describes pod anti-affinity scheduling rules - (e.g. avoid putting this pod in the same node, zone, etc. - as some other pod(s)). - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: |- - The scheduler will prefer to schedule pods to nodes that satisfy - the anti-affinity expressions specified by this field, but it may choose - a node that violates one or more of the expressions. The node that is - most preferred is the one with the greatest sum of weights, i.e. - for each node that meets all of the scheduling requirements (resource - request, requiredDuringScheduling anti-affinity expressions, etc.), - compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the - node(s) with the highest sum are the most preferred. - items: - description: The weights of all of the matched WeightedPodAffinityTerm - fields are added per-node to find the most preferred - node(s) - properties: - podAffinityTerm: - description: Required. A pod affinity term, associated - with the corresponding weight. - properties: - labelSelector: - description: |- - A label query over a set of resources, in this case pods. - If it's null, this PodAffinityTerm matches with no Pods. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The requirements - are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key - that the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - matchLabelKeys: - description: |- - MatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both matchLabelKeys and labelSelector. - Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - items: - type: string - type: array - x-kubernetes-list-type: atomic - mismatchLabelKeys: - description: |- - MismatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. - Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - items: - type: string - type: array - x-kubernetes-list-type: atomic - namespaceSelector: - description: |- - A label query over the set of namespaces that the term applies to. - The term is applied to the union of the namespaces selected by this field - and the ones listed in the namespaces field. - null selector and null or empty namespaces list means "this pod's namespace". - An empty selector ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The requirements - are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key - that the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - namespaces: - description: |- - namespaces specifies a static list of namespace names that the term applies to. - The term is applied to the union of the namespaces listed in this field - and the ones selected by namespaceSelector. - null or empty namespaces list and null namespaceSelector means "this pod's namespace". - items: - type: string - type: array - x-kubernetes-list-type: atomic - topologyKey: - description: |- - This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching - the labelSelector in the specified namespaces, where co-located is defined as running on a node - whose value of the label with key topologyKey matches that of any node on which any of the - selected pods is running. - Empty topologyKey is not allowed. - type: string - required: - - topologyKey - type: object - weight: - description: |- - weight associated with matching the corresponding podAffinityTerm, - in the range 1-100. - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - x-kubernetes-list-type: atomic - requiredDuringSchedulingIgnoredDuringExecution: - description: |- - If the anti-affinity requirements specified by this field are not met at - scheduling time, the pod will not be scheduled onto the node. - If the anti-affinity requirements specified by this field cease to be met - at some point during pod execution (e.g. due to a pod label update), the - system may or may not try to eventually evict the pod from its node. - When there are multiple elements, the lists of nodes corresponding to each - podAffinityTerm are intersected, i.e. all terms must be satisfied. - items: - description: |- - Defines a set of pods (namely those matching the labelSelector - relative to the given namespace(s)) that this pod should be - co-located (affinity) or not co-located (anti-affinity) with, - where co-located is defined as running on a node whose value of - the label with key matches that of any node on which - a pod of the set of pods is running - properties: - labelSelector: - description: |- - A label query over a set of resources, in this case pods. - If it's null, this PodAffinityTerm matches with no Pods. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are - ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that - the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - matchLabelKeys: - description: |- - MatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both matchLabelKeys and labelSelector. - Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - items: - type: string - type: array - x-kubernetes-list-type: atomic - mismatchLabelKeys: - description: |- - MismatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. - Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - items: - type: string - type: array - x-kubernetes-list-type: atomic - namespaceSelector: - description: |- - A label query over the set of namespaces that the term applies to. - The term is applied to the union of the namespaces selected by this field - and the ones listed in the namespaces field. - null selector and null or empty namespaces list means "this pod's namespace". - An empty selector ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are - ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that - the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - namespaces: - description: |- - namespaces specifies a static list of namespace names that the term applies to. - The term is applied to the union of the namespaces listed in this field - and the ones selected by namespaceSelector. - null or empty namespaces list and null namespaceSelector means "this pod's namespace". - items: - type: string - type: array - x-kubernetes-list-type: atomic - topologyKey: - description: |- - This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching - the labelSelector in the specified namespaces, where co-located is defined as running on a node - whose value of the label with key topologyKey matches that of any node on which any of the - selected pods is running. - Empty topologyKey is not allowed. - type: string - required: - - topologyKey - type: object - type: array - x-kubernetes-list-type: atomic - type: object - type: object - auditLogging: - description: Defines the log level settings. - properties: - clientMaxBufferSize: - description: Defines the number of bytes (in bytes) allocated - by the internal audit client for audit messages. - type: integer - enabled: - description: Specifies whether to enable audit logging or - not - type: boolean - enabledEventTypes: - description: Event types that should be captured by audit - logs - items: - type: string - type: array - excludedPrincipals: - description: List of principals to exclude from auditing - items: - type: string - type: array - excludedTopics: - description: List of topics to exclude from auditing - items: - type: string - type: array - listener: - description: Kafka external listener name, note that it must - have `authenticationMethod` set to sasl - type: string - partitions: - description: Integer value defining the number of partitions - used by a newly created audit topic - type: integer - queueDrainIntervalMs: - description: In ms, frequency in which per shard audit logs - are batched to client for write to audit log. - type: integer - queueMaxBufferSizePerShard: - description: Defines the maximum amount of memory used (in - bytes) by the audit buffer in each shard - type: integer - replicationFactor: - description: |- - Defines the replication factor for a newly created audit log topic. This configuration applies - only to the audit log topic and may be different from the cluster or other topic configurations. - This cannot be altered for existing audit log topics. Setting this value is optional. If a value is not provided, - Redpanda will use the `internal_topic_replication_factor` cluster config value. Default is `null` - type: integer - type: object - auth: - description: Defines authentication settings for listeners. - properties: - sasl: - description: Configures SASL authentication in the Helm values. - properties: - bootstrapUser: - description: Specifies configuration about the bootstrap - user. - properties: - mechanism: - description: Specifies the authentication mechanism - to use for the bootstrap user. Options are `SCRAM-SHA-256` - and `SCRAM-SHA-512`. - type: string - name: - description: |- - Name specifies the name of the bootstrap user created for the cluster, if unspecified - defaults to "kubernetes-controller". - type: string - secretKeyRef: - description: |- - Specifies the location where the generated password will be written or a pre-existing - password will be read from. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - enabled: - description: Enables SASL authentication. If you enable - SASL authentication, you must provide a Secret name - in `secretRef`. - type: boolean - mechanism: - description: Specifies the default authentication mechanism - to use for superusers. Options are `SCRAM-SHA-256` and - `SCRAM-SHA-512`. - type: string - secretRef: - description: If `users` is empty, `secretRef` specifies - the name of the Secret that contains your superuser - credentials in the format ::. - Otherwise, `secretRef` specifies the name of the Secret - that the chart creates to store the credentials in `users`. - type: string - users: - description: Specifies a list of superuser credentials. - items: - description: UsersItems configures a list of superusers - in the Helm values. - properties: - mechanism: - description: Specifies the authentication mechanism - to use for superusers. Overrides the default in - `SASL`. Options are `SCRAM-SHA-256` and `SCRAM-SHA-512`. - type: string - name: - description: Specifies the name of the superuser. - type: string - password: - description: Specifies the superuser password. - type: string - type: object - type: array - type: object - type: object - clusterDomain: - description: Customizes the Kubernetes cluster domain. This domain - is used to generate the internal domains of the StatefulSet - Pods. For details, see https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#stable-network-id. - The default is the `cluster.local` domain. - type: string - commonLabels: - additionalProperties: - type: string - description: Assigns custom labels to all resources generated - by the Redpanda Helm chart. Specify labels as key/value pairs. - type: object - config: - description: Defines configuration properties supported by Redpanda - that may not work correctly in a Kubernetes cluster. Changing - these values from the defaults comes with some risk. Use these - properties to customize various Redpanda configurations that - are not available in the `RedpandaClusterSpec`. These values - have no impact on the configuration or behavior of the Kubernetes - objects deployed by Helm, and therefore should not be modified - for the purpose of configuring those objects. Instead, these - settings get passed directly to the Redpanda binary at startup. - properties: - cluster: - description: Specifies cluster configuration properties. See - https://docs.redpanda.com/current/reference/cluster-properties/. - type: object - x-kubernetes-preserve-unknown-fields: true - node: - description: Specifies broker configuration properties. See - https://docs.redpanda.com/current/reference/node-properties/. - type: object - x-kubernetes-preserve-unknown-fields: true - pandaproxy_client: - description: Specifies tunable configuration properties. See - https://docs.redpanda.com/current/reference/tunable-properties/. - type: object - x-kubernetes-preserve-unknown-fields: true - rpk: - description: Specifies cluster configuration properties. See - https://docs.redpanda.com/current/reference/cluster-properties/. - type: object - x-kubernetes-preserve-unknown-fields: true - schema_registry_client: - description: Specifies tunable configuration properties. See - https://docs.redpanda.com/current/reference/tunable-properties/. - type: object - x-kubernetes-preserve-unknown-fields: true - tunable: - description: Specifies tunable configuration properties. See - https://docs.redpanda.com/current/reference/tunable-properties/. - type: object - x-kubernetes-preserve-unknown-fields: true - type: object - connectors: - description: Defines Redpanda Connector settings. - properties: - auth: - description: Specifies superuser credentials - type: object - x-kubernetes-preserve-unknown-fields: true - commonLabels: - additionalProperties: - type: string - description: Assigns custom labels to all resources generated - by the Connector Helm chart. Specify labels as key/value - pairs. - type: object - connectors: - description: Connectors specified manual configurations - type: object - x-kubernetes-preserve-unknown-fields: true - container: - description: Specifies container information - type: object - x-kubernetes-preserve-unknown-fields: true - deployment: - description: Connectors specified manual configurations - type: object - x-kubernetes-preserve-unknown-fields: true - enabled: - type: boolean - fullnameOverride: - description: Specifies a full custom name, which overrides - the entire naming convention including release name and - chart name. - type: string - image: - description: Defines the container image settings to use for - the Redpanda cluster. - properties: - pullPolicy: - description: Specifies the strategy used for pulling images - from the repository. For available values, see https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy. - type: string - repository: - description: Specifies the image repository to pull from. - type: string - tag: - description: Specifies the image tag. - type: string - type: object - imagePullSecrets: - description: Specifies credentials for a private image repository. - For details, see https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/. - items: - description: |- - LocalObjectReference contains enough information to let you locate the - referenced object inside the same namespace. - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - type: object - x-kubernetes-map-type: atomic - type: array - logging: - description: Specifies logging details - type: object - x-kubernetes-preserve-unknown-fields: true - monitoring: - description: Specifies monitoring resources - properties: - annotations: - additionalProperties: - type: string - description: Adds custom Annotations to the ServiceMonitor - resource. - type: object - enabled: - description: Specifies whether to create a ServiceMonitor - that can be used by Prometheus Operator or VictoriaMetrics - Operator to scrape the metrics. - type: boolean - labels: - additionalProperties: - type: string - description: Adds custom labels to the ServiceMonitor - resource. - type: object - namespaceSelector: - description: Adds custom namespaceSelector to monitoring - resources - properties: - any: - description: |- - Boolean describing whether all namespaces are selected in contrast to a - list restricting them. - type: boolean - matchNames: - description: List of namespace names to select from. - items: - type: string - type: array - type: object - x-kubernetes-preserve-unknown-fields: true - scrapeInterval: - description: Specifies how often to scrape metrics. - type: string - type: object - nameOverride: - description: Specifies a custom name for the Redpanda Console - resources, overriding the default naming convention. - type: string - service: - description: Specifies service details - type: object - x-kubernetes-preserve-unknown-fields: true - serviceAccount: - description: Specifies service account details - type: object - x-kubernetes-preserve-unknown-fields: true - storage: - description: Specifies storage information - type: object - x-kubernetes-preserve-unknown-fields: true - test: - description: Specifies whether to create Helm tests. - properties: - create: - description: Specifies whether to create the resource. - type: boolean - enabled: - description: |- - Deprecated: this field exists for storage backwards compatibility and is - never used. Prefer Create. - type: boolean - type: object - tolerations: - description: Applies tolerations to allow Pods to be scheduled - on nodes with matching taints, enabling control over where - Pods can run. - items: - description: |- - The pod this Toleration is attached to tolerates any taint that matches - the triple using the matching operator . - properties: - effect: - description: |- - Effect indicates the taint effect to match. Empty means match all taint effects. - When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: |- - Key is the taint key that the toleration applies to. Empty means match all taint keys. - If the key is empty, operator must be Exists; this combination means to match all values and all keys. - type: string - operator: - description: |- - Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod can - tolerate all taints of a particular category. - type: string - tolerationSeconds: - description: |- - TolerationSeconds represents the period of time the toleration (which must be - of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, - it is not set, which means tolerate the taint forever (do not evict). Zero and - negative values will be treated as 0 (evict immediately) by the system. - format: int64 - type: integer - value: - description: |- - Value is the taint value the toleration matches to. - If the operator is Exists, the value should be empty, otherwise just a regular string. - type: string - type: object - type: array - type: object - console: - description: Defines Redpanda Console settings. - properties: - affinity: - description: Defines affinity rules for Pod assignment. - type: object - x-kubernetes-preserve-unknown-fields: true - annotations: - type: object - x-kubernetes-preserve-unknown-fields: true - automountServiceAccountToken: - description: Automount API credentials for the Service Account - into the pod. - type: boolean - autoscaling: - description: Configures Horizontal Pod Autoscaling (HPA) for - Redpanda Console. - type: object - x-kubernetes-preserve-unknown-fields: true - commonLabels: - additionalProperties: - type: string - type: object - configMap: - description: Specifies whether a ConfigMap should be created - for Redpanda Console. - properties: - create: - description: Indicates whether the corresponding Kubernetes - object (ConfigMap, Secret, or Deployment) should be - created. - type: boolean - type: object - configmap: - description: |- - Deprecated: this field exists for storage backwards compatibility and is - never used. Prefer ConfigMap (configmap). - properties: - create: - description: Indicates whether the corresponding Kubernetes - object (ConfigMap, Secret, or Deployment) should be - created. - type: boolean - type: object - console: - description: Configures custom settings for Redpanda Console. - type: object - x-kubernetes-preserve-unknown-fields: true - deployment: - description: Specifies whether a Deployment should be created - for Redpanda Console. - type: object - x-kubernetes-preserve-unknown-fields: true - enabled: - description: Specifies whether the Redpanda Console subchart - should be deployed. - type: boolean - enterprise: - description: |- - Settings for license key, as an alternative to secret.enterprise when a - license secret is available - type: object - x-kubernetes-preserve-unknown-fields: true - extraContainers: - description: Adds extra containers to the Pods that run Redpanda - Console. - items: - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - x-kubernetes-preserve-unknown-fields: true - extraEnv: - description: Adds extra environment variables to the Pods - that run Redpanda Console. - items: - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - x-kubernetes-preserve-unknown-fields: true - extraEnvFrom: - description: Allows you to add extra environment variables - from external resources to the Pods that run Redpanda Console. - items: - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - x-kubernetes-preserve-unknown-fields: true - extraVolumeMounts: - description: Mounts additional volumes inside the containers - that run Redpanda Console. - items: - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - x-kubernetes-preserve-unknown-fields: true - extraVolumes: - description: Adds extra volumes to the Pods that run Redpanda - Console. - items: - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - x-kubernetes-preserve-unknown-fields: true - fullnameOverride: - description: Specifies a full custom name, which overrides - the entire naming convention including release name and - chart name. - type: string - image: - description: Defines the container image for the Redpanda - Console, including the repository, name, and tag. - type: object - x-kubernetes-preserve-unknown-fields: true - imagePullSecrets: - description: Defines Secrets used to pull the container images - from a private registry. - items: - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - x-kubernetes-preserve-unknown-fields: true - ingress: - description: Configures the Kubernetes Ingress resource for - Redpanda Console. - type: object - x-kubernetes-preserve-unknown-fields: true - initContainers: - description: Specifies init containers for the Pods that run - Redpanda Console. - type: object - x-kubernetes-preserve-unknown-fields: true - livenessProbe: - description: Settings for console's Deployment's liveness - probe. - properties: - failureThreshold: - description: Sets the number of consecutive failures required - to consider a Pod as not live. - type: integer - initialDelaySeconds: - description: Specifies the time in seconds to wait before - the first probe is initiated. - type: integer - periodSeconds: - description: Determines the frequency in seconds of performing - the probe. - type: integer - successThreshold: - type: integer - timeoutSeconds: - type: integer - type: object - nameOverride: - description: Specifies a custom name for the Redpanda Console - resources, overriding the default naming convention. - type: string - nodeSelector: - description: Specifies Node labels for Pod assignment. - type: object - x-kubernetes-preserve-unknown-fields: true - podAnnotations: - description: Adds custom annotations to the Pods that run - Redpanda Console. - type: object - x-kubernetes-preserve-unknown-fields: true - podLabels: - description: Adds custom labels to the Pods that run Redpanda - Console. - type: object - x-kubernetes-preserve-unknown-fields: true - podSecurityContext: - type: object - x-kubernetes-preserve-unknown-fields: true - priorityClassName: - description: Specifies the priority class name for the Pods - that run Redpanda Console. - type: string - readinessProbe: - description: Settings for console's Deployment's readiness - probe. - properties: - failureThreshold: - description: Defines the threshold for how many times - the probe can fail before the Pod is marked Unready. - type: integer - initialDelaySeconds: - description: Sets the initial delay before the readiness - probe is initiated, in seconds. - type: integer - periodSeconds: - description: Configures the period, in seconds, between - each readiness check. - type: integer - successThreshold: - type: integer - timeoutSeconds: - type: integer - type: object - replicaCount: - description: Sets the number of replicas for the Redpanda - Console Deployment resource. - type: integer - resources: - description: Configures resource requests and limits for the - Pods that run Redpanda Console. - type: object - x-kubernetes-preserve-unknown-fields: true - secret: - description: Specifies whether a Secret should be created - for Redpanda Console. - type: object - x-kubernetes-preserve-unknown-fields: true - secretMounts: - description: Mounts additional Secret resources inside the - containers that run Redpanda Console. - items: - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - x-kubernetes-preserve-unknown-fields: true - securityContext: - description: Sets the security context for the Pods that run - Redpanda Console. - type: object - x-kubernetes-preserve-unknown-fields: true - service: - description: Configures the Kubernetes Service for Redpanda - Console. - type: object - x-kubernetes-preserve-unknown-fields: true - serviceAccount: - description: Configures the ServiceAccount used by the Pods - that run Redpanda Console. - type: object - x-kubernetes-preserve-unknown-fields: true - strategy: - description: Configures console's Deployment's update strategy. - type: object - x-kubernetes-preserve-unknown-fields: true - tests: - description: Controls the creation of helm tests for console. - properties: - enabled: - type: boolean - type: object - tolerations: - description: Specifies tolerations for scheduling Pods onto - Nodes with taints. - items: - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - x-kubernetes-preserve-unknown-fields: true - topologySpreadConstraints: - description: Specifies topology spread constraints for Pod - placement. - type: object - x-kubernetes-preserve-unknown-fields: true - type: object - enterprise: - description: Defines an Enterprise license. - properties: - license: - description: Specifies the Enterprise license key. - type: string - licenseSecretRef: - description: Defines a reference to a Secret resource that - contains the Enterprise license key. - properties: - key: - description: Specifies the key that is contains the Enterprise - license in the Secret. - type: string - name: - description: Specifies the name of the Secret resource - to use. - type: string - type: object - type: object - external: - description: Defines external access settings. - properties: - addresses: - description: Specifies addresses for the external listeners - to advertise.Provide one entry for each broker in order - of StatefulSet replicas. The number of brokers is defined - in `statefulset.replicas`. The values can be IP addresses - or DNS names. If `external.domain` is set, the domain is - appended to these values. - items: - type: string - type: array - annotations: - additionalProperties: - type: string - description: Adds custom annotations to the external Service. - type: object - domain: - description: Specifies the domain to advertise to external - clients. If specified, then it will be appended to the `external.addresses` - values as each broker's advertised address. - type: string - enabled: - description: Specifies whether the external access is enabled. - type: boolean - externalDns: - description: Defines externalDNS configurations. - properties: - enabled: - description: Specifies whether externalDNS annotations - are added to LoadBalancer Services. If you enable externalDns, - each LoadBalancer Service defined in `external.type` - will be annotated with an external-dns hostname that - matches `external.addresses[i]`.`external.domain`. - type: boolean - type: object - prefixTemplate: - description: Specifies a naming prefix template for external - Services. - type: string - service: - description: Configures the external Service resource. - properties: - enabled: - description: Specifies whether to create the external - Service. If set to `false`, the external Service type - is not created. You can still set your cluster with - external access but not create the supporting Service. - Set this to `false` to manage your own Service. - type: boolean - type: object - sourceRanges: - description: Source range for external access. Only applicable - when `external.type` is LoadBalancer. - items: - type: string - type: array - type: - description: Specifies the external Service type. Only NodePort - and LoadBalancer are supported. If undefined, then advertised - listeners will be configured in Redpanda, but the Helm chart - will not create a Service. NodePort is recommended in cases - where latency is a priority. - type: string - type: object - force: - description: |- - Adds the `--force` flag in `helm upgrade` commands. Used for allowing a change of TLS configuration for the RPC listener. - Setting `force` to `true` will result in a short period of downtime. - type: boolean - fullNameOverride: - description: 'Deprecated: use FullnameOverride (fullnameOverride).' - type: string - fullnameOverride: - description: Customizes the name of the StatefulSet and Services. - The default is `redpanda`. - type: string - image: - description: Defines the container image settings to use for the - Redpanda cluster. - properties: - pullPolicy: - description: Specifies the strategy used for pulling images - from the repository. For available values, see https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy. - type: string - repository: - description: Specifies the image repository to pull from. - type: string - tag: - description: Specifies the image tag. - type: string - type: object - imagePullSecrets: - description: Specifies credentials for a private image repository. - For details, see https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/. - items: - description: |- - LocalObjectReference contains enough information to let you locate the - referenced object inside the same namespace. - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - type: object - x-kubernetes-map-type: atomic - type: array - license_key: - description: 'Deprecated: Use `Enterprise` instead.' - type: string - license_secret_ref: - description: 'Deprecated: Use `EnterpriseLicenseSecretRef` instead.' - properties: - secret_key: - description: Specifies the key that is contains the Enterprise - license in the Secret. - type: string - secret_name: - description: Specifies the name of the Secret. - type: string - type: object - listeners: - description: Defines settings for listeners, including HTTP Proxy, - Schema Registry, the Admin API and the Kafka API. - properties: - admin: - description: Configures settings for the Admin API listeners. - properties: - appProtocol: - type: string - external: - additionalProperties: - description: ExternalListener configures settings for - the external listeners. - properties: - advertisedPorts: - description: Specifies the network port that the - external Service listens on. - items: - type: integer - type: array - authenticationMethod: - description: Specifies the authentication method - for the external listener. For example, 'mtls_identity' - or `sasl`. - type: string - enabled: - type: boolean - nodePort: - format: int32 - type: integer - port: - description: Specifies the container port number - for the external listener. - type: integer - prefixTemplate: - description: Specifies the template used for generating - the advertised addresses of Services. This field - accepts a string template that dynamically constructs - Service addresses based on various parameters - such as Service name and port number. - type: string - tls: - description: Configures TLS settings for the external - listener. - properties: - cert: - description: References a specific certificate - for the listener. - type: string - enabled: - description: Specifies whether TLS is enabled - for the listener. - type: boolean - requireClientAuth: - description: Indicates whether client authentication - (mTLS) is required. - type: boolean - secretRef: - description: |- - References a Secret resource containing TLS credentials for the listener. - - Deprecated: Setting SecretRef has no affect and will be removed in - future releases. - type: string - trustStore: - description: |- - TrustStore allows setting the `truststore_path` on this listener. If - specified, this field takes precedence over [Certificate.CAEnabled]. - maxProperties: 1 - minProperties: 1 - properties: - configMapKeyRef: - description: Selects a key from a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secretKeyRef: - description: SecretKeySelector selects a - key of a Secret. - properties: - key: - description: The key of the secret to - select from. Must be a valid secret - key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - type: object - type: object - description: Defines settings for the external listener. - type: object - port: - description: Specifies the container port number for the - internal listener. - type: integer - tls: - description: Configures TLS settings for the internal - listener. - properties: - cert: - description: References a specific certificate for - the listener. - type: string - enabled: - description: Specifies whether TLS is enabled for - the listener. - type: boolean - requireClientAuth: - description: Indicates whether client authentication - (mTLS) is required. - type: boolean - secretRef: - description: |- - References a Secret resource containing TLS credentials for the listener. - - Deprecated: Setting SecretRef has no affect and will be removed in - future releases. - type: string - trustStore: - description: |- - TrustStore allows setting the `truststore_path` on this listener. If - specified, this field takes precedence over [Certificate.CAEnabled]. - maxProperties: 1 - minProperties: 1 - properties: - configMapKeyRef: - description: Selects a key from a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secretKeyRef: - description: SecretKeySelector selects a key of - a Secret. - properties: - key: - description: The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or - its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - type: object - type: object - http: - description: Configures settings for the HTTP Proxy listeners. - properties: - authenticationMethod: - description: Specifies the authentication method for the - external listener. For example, 'mtls_identity' or `sasl`. - type: string - enabled: - description: Specifies whether the HTTP Proxy is enabled. - type: boolean - external: - additionalProperties: - description: ExternalListener configures settings for - the external listeners. - properties: - advertisedPorts: - description: Specifies the network port that the - external Service listens on. - items: - type: integer - type: array - authenticationMethod: - description: Specifies the authentication method - for the external listener. For example, 'mtls_identity' - or `sasl`. - type: string - enabled: - type: boolean - nodePort: - format: int32 - type: integer - port: - description: Specifies the container port number - for the external listener. - type: integer - prefixTemplate: - description: Specifies the template used for generating - the advertised addresses of Services. This field - accepts a string template that dynamically constructs - Service addresses based on various parameters - such as Service name and port number. - type: string - tls: - description: Configures TLS settings for the external - listener. - properties: - cert: - description: References a specific certificate - for the listener. - type: string - enabled: - description: Specifies whether TLS is enabled - for the listener. - type: boolean - requireClientAuth: - description: Indicates whether client authentication - (mTLS) is required. - type: boolean - secretRef: - description: |- - References a Secret resource containing TLS credentials for the listener. - - Deprecated: Setting SecretRef has no affect and will be removed in - future releases. - type: string - trustStore: - description: |- - TrustStore allows setting the `truststore_path` on this listener. If - specified, this field takes precedence over [Certificate.CAEnabled]. - maxProperties: 1 - minProperties: 1 - properties: - configMapKeyRef: - description: Selects a key from a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secretKeyRef: - description: SecretKeySelector selects a - key of a Secret. - properties: - key: - description: The key of the secret to - select from. Must be a valid secret - key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - type: object - type: object - description: Defines settings for the external listener. - type: object - kafkaEndpoint: - description: Configures the listener to use for HTTP connections. - For example `default` for the internal listener. - type: string - port: - description: Specifies the container port number for the - internal listener. - type: integer - prefixTemplate: - description: Specifies the template used for generating - the advertised addresses of Services. This field accepts - a string template that dynamically constructs Service - addresses based on various parameters such as Service - name and port number. - type: string - tls: - description: Configures TLS settings for the internal - listener. - properties: - cert: - description: References a specific certificate for - the listener. - type: string - enabled: - description: Specifies whether TLS is enabled for - the listener. - type: boolean - requireClientAuth: - description: Indicates whether client authentication - (mTLS) is required. - type: boolean - secretRef: - description: |- - References a Secret resource containing TLS credentials for the listener. - - Deprecated: Setting SecretRef has no affect and will be removed in - future releases. - type: string - trustStore: - description: |- - TrustStore allows setting the `truststore_path` on this listener. If - specified, this field takes precedence over [Certificate.CAEnabled]. - maxProperties: 1 - minProperties: 1 - properties: - configMapKeyRef: - description: Selects a key from a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secretKeyRef: - description: SecretKeySelector selects a key of - a Secret. - properties: - key: - description: The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or - its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - type: object - type: object - kafka: - description: Configures settings for the Kafka API listeners. - properties: - authenticationMethod: - description: Specifies the authentication method for the - external listener. For example, 'mtls_identity' or `sasl`. - type: string - external: - additionalProperties: - description: ExternalListener configures settings for - the external listeners. - properties: - advertisedPorts: - description: Specifies the network port that the - external Service listens on. - items: - type: integer - type: array - authenticationMethod: - description: Specifies the authentication method - for the external listener. For example, 'mtls_identity' - or `sasl`. - type: string - enabled: - type: boolean - nodePort: - format: int32 - type: integer - port: - description: Specifies the container port number - for the external listener. - type: integer - prefixTemplate: - description: Specifies the template used for generating - the advertised addresses of Services. This field - accepts a string template that dynamically constructs - Service addresses based on various parameters - such as Service name and port number. - type: string - tls: - description: Configures TLS settings for the external - listener. - properties: - cert: - description: References a specific certificate - for the listener. - type: string - enabled: - description: Specifies whether TLS is enabled - for the listener. - type: boolean - requireClientAuth: - description: Indicates whether client authentication - (mTLS) is required. - type: boolean - secretRef: - description: |- - References a Secret resource containing TLS credentials for the listener. - - Deprecated: Setting SecretRef has no affect and will be removed in - future releases. - type: string - trustStore: - description: |- - TrustStore allows setting the `truststore_path` on this listener. If - specified, this field takes precedence over [Certificate.CAEnabled]. - maxProperties: 1 - minProperties: 1 - properties: - configMapKeyRef: - description: Selects a key from a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secretKeyRef: - description: SecretKeySelector selects a - key of a Secret. - properties: - key: - description: The key of the secret to - select from. Must be a valid secret - key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - type: object - type: object - description: Defines settings for the external listener. - type: object - port: - description: Specifies the container port number for the - internal listener. - type: integer - prefixTemplate: - description: Specifies the template used for generating - the advertised addresses of Services. This field accepts - a string template that dynamically constructs Service - addresses based on various parameters such as Service - name and port number. - type: string - tls: - description: Configures TLS settings for the internal - listener. - properties: - cert: - description: References a specific certificate for - the listener. - type: string - enabled: - description: Specifies whether TLS is enabled for - the listener. - type: boolean - requireClientAuth: - description: Indicates whether client authentication - (mTLS) is required. - type: boolean - secretRef: - description: |- - References a Secret resource containing TLS credentials for the listener. - - Deprecated: Setting SecretRef has no affect and will be removed in - future releases. - type: string - trustStore: - description: |- - TrustStore allows setting the `truststore_path` on this listener. If - specified, this field takes precedence over [Certificate.CAEnabled]. - maxProperties: 1 - minProperties: 1 - properties: - configMapKeyRef: - description: Selects a key from a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secretKeyRef: - description: SecretKeySelector selects a key of - a Secret. - properties: - key: - description: The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or - its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - type: object - type: object - rpc: - description: Configures settings for the RPC API listener. - properties: - port: - description: Specifies the container port number for the - internal listener. - type: integer - tls: - description: Configures TLS settings for the internal - listener. - properties: - cert: - description: References a specific certificate for - the listener. - type: string - enabled: - description: Specifies whether TLS is enabled for - the listener. - type: boolean - requireClientAuth: - description: Indicates whether client authentication - (mTLS) is required. - type: boolean - secretRef: - description: |- - References a Secret resource containing TLS credentials for the listener. - - Deprecated: Setting SecretRef has no affect and will be removed in - future releases. - type: string - trustStore: - description: |- - TrustStore allows setting the `truststore_path` on this listener. If - specified, this field takes precedence over [Certificate.CAEnabled]. - maxProperties: 1 - minProperties: 1 - properties: - configMapKeyRef: - description: Selects a key from a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secretKeyRef: - description: SecretKeySelector selects a key of - a Secret. - properties: - key: - description: The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or - its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - type: object - type: object - schemaRegistry: - description: Configures settings for the Schema Registry listeners. - properties: - authenticationMethod: - description: Specifies the authentication method for the - external listener. For example, 'mtls_identity' or `sasl`. - type: string - enabled: - description: Specifies whether the Schema Registry is - enabled. - type: boolean - external: - additionalProperties: - description: ExternalListener configures settings for - the external listeners. - properties: - advertisedPorts: - description: Specifies the network port that the - external Service listens on. - items: - type: integer - type: array - authenticationMethod: - description: Specifies the authentication method - for the external listener. For example, 'mtls_identity' - or `sasl`. - type: string - enabled: - type: boolean - nodePort: - format: int32 - type: integer - port: - description: Specifies the container port number - for the external listener. - type: integer - prefixTemplate: - description: Specifies the template used for generating - the advertised addresses of Services. This field - accepts a string template that dynamically constructs - Service addresses based on various parameters - such as Service name and port number. - type: string - tls: - description: Configures TLS settings for the external - listener. - properties: - cert: - description: References a specific certificate - for the listener. - type: string - enabled: - description: Specifies whether TLS is enabled - for the listener. - type: boolean - requireClientAuth: - description: Indicates whether client authentication - (mTLS) is required. - type: boolean - secretRef: - description: |- - References a Secret resource containing TLS credentials for the listener. - - Deprecated: Setting SecretRef has no affect and will be removed in - future releases. - type: string - trustStore: - description: |- - TrustStore allows setting the `truststore_path` on this listener. If - specified, this field takes precedence over [Certificate.CAEnabled]. - maxProperties: 1 - minProperties: 1 - properties: - configMapKeyRef: - description: Selects a key from a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secretKeyRef: - description: SecretKeySelector selects a - key of a Secret. - properties: - key: - description: The key of the secret to - select from. Must be a valid secret - key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - type: object - type: object - description: Defines settings for the external listener. - type: object - kafkaEndpoint: - description: Configures the listener to use for HTTP connections. - For example `default` for the internal listener. - type: string - port: - description: Specifies the container port number for the - internal listener. - type: integer - tls: - description: Configures TLS settings for the internal - listener. - properties: - cert: - description: References a specific certificate for - the listener. - type: string - enabled: - description: Specifies whether TLS is enabled for - the listener. - type: boolean - requireClientAuth: - description: Indicates whether client authentication - (mTLS) is required. - type: boolean - secretRef: - description: |- - References a Secret resource containing TLS credentials for the listener. - - Deprecated: Setting SecretRef has no affect and will be removed in - future releases. - type: string - trustStore: - description: |- - TrustStore allows setting the `truststore_path` on this listener. If - specified, this field takes precedence over [Certificate.CAEnabled]. - maxProperties: 1 - minProperties: 1 - properties: - configMapKeyRef: - description: Selects a key from a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secretKeyRef: - description: SecretKeySelector selects a key of - a Secret. - properties: - key: - description: The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or - its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - type: object - type: object - type: object - logging: - description: Defines the log level settings. - properties: - logLevel: - description: Sets the verbosity level of logs. - type: string - usageStats: - description: Specifies whether to send usage statistics to - Redpanda Data. - properties: - clusterId: - description: Specifies the ID of your Redpanda cluster. - type: string - enabled: - description: Specifies whether usage reporting is enabled. - type: boolean - organization: - description: |- - Specifies the name of the organization using the software. This can be useful for identifying and segmenting usage data by organization, if usage reporting is enabled. - Deprecated: This value is no longer respected in the redpanda helm chart - and will be removed in a future version. - type: string - type: object - type: object - monitoring: - description: Defines settings for monitoring Redpanda. - properties: - enableHttp2: - type: boolean - enabled: - description: Specifies whether to create a ServiceMonitor - that can be used by Prometheus Operator or VictoriaMetrics - Operator to scrape the metrics. - type: boolean - labels: - additionalProperties: - type: string - description: Adds custom labels to the ServiceMonitor resource. - type: object - scrapeInterval: - description: Specifies how often to scrape metrics. - type: string - tlsConfig: - description: Specifies tls configuration properties. - type: object - x-kubernetes-preserve-unknown-fields: true - type: object - nameOverride: - description: Customizes the labels `app.kubernetes.io/component=-statefulset` - and `app.kubernetes.io/name=` on the StatefulSet - Pods. The default is `redpanda`. - type: string - nodeSelector: - additionalProperties: - type: string - description: Specifies on which nodes a Pod should be scheduled. - These key/value pairs ensure that Pods are scheduled onto nodes - with the specified labels. - type: object - post_install_job: - description: Defines settings for the post-install hook, which - runs after each install or upgrade. For example, this job is - responsible for setting the Enterprise license, if specified. - properties: - affinity: - description: |- - Affinity constraints for scheduling Pods. For details, see the - [Kubernetes documentation](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity). - properties: - nodeAffinity: - description: Describes node affinity scheduling rules - for the pod. - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: |- - The scheduler will prefer to schedule pods to nodes that satisfy - the affinity expressions specified by this field, but it may choose - a node that violates one or more of the expressions. The node that is - most preferred is the one with the greatest sum of weights, i.e. - for each node that meets all of the scheduling requirements (resource - request, requiredDuringScheduling affinity expressions, etc.), - compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node matches the corresponding matchExpressions; the - node(s) with the highest sum are the most preferred. - items: - description: |- - An empty preferred scheduling term matches all objects with implicit weight 0 - (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). - properties: - preference: - description: A node selector term, associated - with the corresponding weight. - properties: - matchExpressions: - description: A list of node selector requirements - by node's labels. - items: - description: |- - A node selector requirement is a selector that contains values, a key, and an operator - that relates the key and values. - properties: - key: - description: The label key that the - selector applies to. - type: string - operator: - description: |- - Represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - type: string - values: - description: |- - An array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. If the operator is Gt or Lt, the values - array must have a single element, which will be interpreted as an integer. - This array is replaced during a strategic merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchFields: - description: A list of node selector requirements - by node's fields. - items: - description: |- - A node selector requirement is a selector that contains values, a key, and an operator - that relates the key and values. - properties: - key: - description: The label key that the - selector applies to. - type: string - operator: - description: |- - Represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - type: string - values: - description: |- - An array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. If the operator is Gt or Lt, the values - array must have a single element, which will be interpreted as an integer. - This array is replaced during a strategic merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - type: object - x-kubernetes-map-type: atomic - weight: - description: Weight associated with matching - the corresponding nodeSelectorTerm, in the - range 1-100. - format: int32 - type: integer - required: - - preference - - weight - type: object - type: array - x-kubernetes-list-type: atomic - requiredDuringSchedulingIgnoredDuringExecution: - description: |- - If the affinity requirements specified by this field are not met at - scheduling time, the pod will not be scheduled onto the node. - If the affinity requirements specified by this field cease to be met - at some point during pod execution (e.g. due to an update), the system - may or may not try to eventually evict the pod from its node. - properties: - nodeSelectorTerms: - description: Required. A list of node selector - terms. The terms are ORed. - items: - description: |- - A null or empty node selector term matches no objects. The requirements of - them are ANDed. - The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. - properties: - matchExpressions: - description: A list of node selector requirements - by node's labels. - items: - description: |- - A node selector requirement is a selector that contains values, a key, and an operator - that relates the key and values. - properties: - key: - description: The label key that the - selector applies to. - type: string - operator: - description: |- - Represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - type: string - values: - description: |- - An array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. If the operator is Gt or Lt, the values - array must have a single element, which will be interpreted as an integer. - This array is replaced during a strategic merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchFields: - description: A list of node selector requirements - by node's fields. - items: - description: |- - A node selector requirement is a selector that contains values, a key, and an operator - that relates the key and values. - properties: - key: - description: The label key that the - selector applies to. - type: string - operator: - description: |- - Represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - type: string - values: - description: |- - An array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. If the operator is Gt or Lt, the values - array must have a single element, which will be interpreted as an integer. - This array is replaced during a strategic merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - type: object - x-kubernetes-map-type: atomic - type: array - x-kubernetes-list-type: atomic - required: - - nodeSelectorTerms - type: object - x-kubernetes-map-type: atomic - type: object - podAffinity: - description: Describes pod affinity scheduling rules (e.g. - co-locate this pod in the same node, zone, etc. as some - other pod(s)). - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: |- - The scheduler will prefer to schedule pods to nodes that satisfy - the affinity expressions specified by this field, but it may choose - a node that violates one or more of the expressions. The node that is - most preferred is the one with the greatest sum of weights, i.e. - for each node that meets all of the scheduling requirements (resource - request, requiredDuringScheduling affinity expressions, etc.), - compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the - node(s) with the highest sum are the most preferred. - items: - description: The weights of all of the matched WeightedPodAffinityTerm - fields are added per-node to find the most preferred - node(s) - properties: - podAffinityTerm: - description: Required. A pod affinity term, - associated with the corresponding weight. - properties: - labelSelector: - description: |- - A label query over a set of resources, in this case pods. - If it's null, this PodAffinityTerm matches with no Pods. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The - requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label - key that the selector applies - to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - matchLabelKeys: - description: |- - MatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both matchLabelKeys and labelSelector. - Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - items: - type: string - type: array - x-kubernetes-list-type: atomic - mismatchLabelKeys: - description: |- - MismatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. - Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - items: - type: string - type: array - x-kubernetes-list-type: atomic - namespaceSelector: - description: |- - A label query over the set of namespaces that the term applies to. - The term is applied to the union of the namespaces selected by this field - and the ones listed in the namespaces field. - null selector and null or empty namespaces list means "this pod's namespace". - An empty selector ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The - requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label - key that the selector applies - to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - namespaces: - description: |- - namespaces specifies a static list of namespace names that the term applies to. - The term is applied to the union of the namespaces listed in this field - and the ones selected by namespaceSelector. - null or empty namespaces list and null namespaceSelector means "this pod's namespace". - items: - type: string - type: array - x-kubernetes-list-type: atomic - topologyKey: - description: |- - This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching - the labelSelector in the specified namespaces, where co-located is defined as running on a node - whose value of the label with key topologyKey matches that of any node on which any of the - selected pods is running. - Empty topologyKey is not allowed. - type: string - required: - - topologyKey - type: object - weight: - description: |- - weight associated with matching the corresponding podAffinityTerm, - in the range 1-100. - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - x-kubernetes-list-type: atomic - requiredDuringSchedulingIgnoredDuringExecution: - description: |- - If the affinity requirements specified by this field are not met at - scheduling time, the pod will not be scheduled onto the node. - If the affinity requirements specified by this field cease to be met - at some point during pod execution (e.g. due to a pod label update), the - system may or may not try to eventually evict the pod from its node. - When there are multiple elements, the lists of nodes corresponding to each - podAffinityTerm are intersected, i.e. all terms must be satisfied. - items: - description: |- - Defines a set of pods (namely those matching the labelSelector - relative to the given namespace(s)) that this pod should be - co-located (affinity) or not co-located (anti-affinity) with, - where co-located is defined as running on a node whose value of - the label with key matches that of any node on which - a pod of the set of pods is running - properties: - labelSelector: - description: |- - A label query over a set of resources, in this case pods. - If it's null, this PodAffinityTerm matches with no Pods. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The requirements - are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key - that the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - matchLabelKeys: - description: |- - MatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both matchLabelKeys and labelSelector. - Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - items: - type: string - type: array - x-kubernetes-list-type: atomic - mismatchLabelKeys: - description: |- - MismatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. - Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - items: - type: string - type: array - x-kubernetes-list-type: atomic - namespaceSelector: - description: |- - A label query over the set of namespaces that the term applies to. - The term is applied to the union of the namespaces selected by this field - and the ones listed in the namespaces field. - null selector and null or empty namespaces list means "this pod's namespace". - An empty selector ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The requirements - are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key - that the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - namespaces: - description: |- - namespaces specifies a static list of namespace names that the term applies to. - The term is applied to the union of the namespaces listed in this field - and the ones selected by namespaceSelector. - null or empty namespaces list and null namespaceSelector means "this pod's namespace". - items: - type: string - type: array - x-kubernetes-list-type: atomic - topologyKey: - description: |- - This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching - the labelSelector in the specified namespaces, where co-located is defined as running on a node - whose value of the label with key topologyKey matches that of any node on which any of the - selected pods is running. - Empty topologyKey is not allowed. - type: string - required: - - topologyKey - type: object - type: array - x-kubernetes-list-type: atomic - type: object - podAntiAffinity: - description: Describes pod anti-affinity scheduling rules - (e.g. avoid putting this pod in the same node, zone, - etc. as some other pod(s)). - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: |- - The scheduler will prefer to schedule pods to nodes that satisfy - the anti-affinity expressions specified by this field, but it may choose - a node that violates one or more of the expressions. The node that is - most preferred is the one with the greatest sum of weights, i.e. - for each node that meets all of the scheduling requirements (resource - request, requiredDuringScheduling anti-affinity expressions, etc.), - compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the - node(s) with the highest sum are the most preferred. - items: - description: The weights of all of the matched WeightedPodAffinityTerm - fields are added per-node to find the most preferred - node(s) - properties: - podAffinityTerm: - description: Required. A pod affinity term, - associated with the corresponding weight. - properties: - labelSelector: - description: |- - A label query over a set of resources, in this case pods. - If it's null, this PodAffinityTerm matches with no Pods. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The - requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label - key that the selector applies - to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - matchLabelKeys: - description: |- - MatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both matchLabelKeys and labelSelector. - Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - items: - type: string - type: array - x-kubernetes-list-type: atomic - mismatchLabelKeys: - description: |- - MismatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. - Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - items: - type: string - type: array - x-kubernetes-list-type: atomic - namespaceSelector: - description: |- - A label query over the set of namespaces that the term applies to. - The term is applied to the union of the namespaces selected by this field - and the ones listed in the namespaces field. - null selector and null or empty namespaces list means "this pod's namespace". - An empty selector ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The - requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label - key that the selector applies - to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - namespaces: - description: |- - namespaces specifies a static list of namespace names that the term applies to. - The term is applied to the union of the namespaces listed in this field - and the ones selected by namespaceSelector. - null or empty namespaces list and null namespaceSelector means "this pod's namespace". - items: - type: string - type: array - x-kubernetes-list-type: atomic - topologyKey: - description: |- - This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching - the labelSelector in the specified namespaces, where co-located is defined as running on a node - whose value of the label with key topologyKey matches that of any node on which any of the - selected pods is running. - Empty topologyKey is not allowed. - type: string - required: - - topologyKey - type: object - weight: - description: |- - weight associated with matching the corresponding podAffinityTerm, - in the range 1-100. - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - x-kubernetes-list-type: atomic - requiredDuringSchedulingIgnoredDuringExecution: - description: |- - If the anti-affinity requirements specified by this field are not met at - scheduling time, the pod will not be scheduled onto the node. - If the anti-affinity requirements specified by this field cease to be met - at some point during pod execution (e.g. due to a pod label update), the - system may or may not try to eventually evict the pod from its node. - When there are multiple elements, the lists of nodes corresponding to each - podAffinityTerm are intersected, i.e. all terms must be satisfied. - items: - description: |- - Defines a set of pods (namely those matching the labelSelector - relative to the given namespace(s)) that this pod should be - co-located (affinity) or not co-located (anti-affinity) with, - where co-located is defined as running on a node whose value of - the label with key matches that of any node on which - a pod of the set of pods is running - properties: - labelSelector: - description: |- - A label query over a set of resources, in this case pods. - If it's null, this PodAffinityTerm matches with no Pods. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The requirements - are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key - that the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - matchLabelKeys: - description: |- - MatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both matchLabelKeys and labelSelector. - Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - items: - type: string - type: array - x-kubernetes-list-type: atomic - mismatchLabelKeys: - description: |- - MismatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. - Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - items: - type: string - type: array - x-kubernetes-list-type: atomic - namespaceSelector: - description: |- - A label query over the set of namespaces that the term applies to. - The term is applied to the union of the namespaces selected by this field - and the ones listed in the namespaces field. - null selector and null or empty namespaces list means "this pod's namespace". - An empty selector ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The requirements - are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key - that the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - namespaces: - description: |- - namespaces specifies a static list of namespace names that the term applies to. - The term is applied to the union of the namespaces listed in this field - and the ones selected by namespaceSelector. - null or empty namespaces list and null namespaceSelector means "this pod's namespace". - items: - type: string - type: array - x-kubernetes-list-type: atomic - topologyKey: - description: |- - This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching - the labelSelector in the specified namespaces, where co-located is defined as running on a node - whose value of the label with key topologyKey matches that of any node on which any of the - selected pods is running. - Empty topologyKey is not allowed. - type: string - required: - - topologyKey - type: object - type: array - x-kubernetes-list-type: atomic - type: object - type: object - annotations: - additionalProperties: - type: string - description: Adds annotations to the job to provide additional - information or metadata that can be used by other tools - or libraries. - type: object - enabled: - description: Specifies whether the job is deployed. - type: boolean - labels: - additionalProperties: - type: string - description: Applies labels to the job to facilitate identification - and selection based on custom criteria. - type: object - podTemplate: - description: |- - PodTemplate is a subset of Kubernetes' PodTemplate that will be merged - into this Job's PodTemplate. - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - spec: - description: |- - PodSpecApplyConfiguration is a wrapper around - [applycorev1.PodSpecApplyConfiguration] that adds support for DeepCopying. - properties: - activeDeadlineSeconds: - format: int64 - type: integer - affinity: - description: |- - AffinityApplyConfiguration represents an declarative configuration of the Affinity type for use - with apply. - properties: - nodeAffinity: - description: |- - NodeAffinityApplyConfiguration represents an declarative configuration of the NodeAffinity type for use - with apply. - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - description: |- - PreferredSchedulingTermApplyConfiguration represents an declarative configuration of the PreferredSchedulingTerm type for use - with apply. - properties: - preference: - description: |- - NodeSelectorTermApplyConfiguration represents an declarative configuration of the NodeSelectorTerm type for use - with apply. - properties: - matchExpressions: - items: - description: |- - NodeSelectorRequirementApplyConfiguration represents an declarative configuration of the NodeSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: |- - A node selector operator is the set of operators that can be used in - a node selector requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchFields: - items: - description: |- - NodeSelectorRequirementApplyConfiguration represents an declarative configuration of the NodeSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: |- - A node selector operator is the set of operators that can be used in - a node selector requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - type: object - weight: - format: int32 - type: integer - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: |- - NodeSelectorApplyConfiguration represents an declarative configuration of the NodeSelector type for use - with apply. - properties: - nodeSelectorTerms: - items: - description: |- - NodeSelectorTermApplyConfiguration represents an declarative configuration of the NodeSelectorTerm type for use - with apply. - properties: - matchExpressions: - items: - description: |- - NodeSelectorRequirementApplyConfiguration represents an declarative configuration of the NodeSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: |- - A node selector operator is the set of operators that can be used in - a node selector requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchFields: - items: - description: |- - NodeSelectorRequirementApplyConfiguration represents an declarative configuration of the NodeSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: |- - A node selector operator is the set of operators that can be used in - a node selector requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - type: object - type: array - type: object - type: object - podAffinity: - description: |- - PodAffinityApplyConfiguration represents an declarative configuration of the PodAffinity type for use - with apply. - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - description: |- - WeightedPodAffinityTermApplyConfiguration represents an declarative configuration of the WeightedPodAffinityTerm type for use - with apply. - properties: - podAffinityTerm: - description: |- - PodAffinityTermApplyConfiguration represents an declarative configuration of the PodAffinityTerm type for use - with apply. - properties: - labelSelector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label selector - operator is the set - of operators that can - be used in a selector - requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - matchLabelKeys: - items: - type: string - type: array - mismatchLabelKeys: - items: - type: string - type: array - namespaceSelector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label selector - operator is the set - of operators that can - be used in a selector - requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - type: object - weight: - format: int32 - type: integer - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - items: - description: |- - PodAffinityTermApplyConfiguration represents an declarative configuration of the PodAffinityTerm type for use - with apply. - properties: - labelSelector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label selector - operator is the set of operators - that can be used in a selector - requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - matchLabelKeys: - items: - type: string - type: array - mismatchLabelKeys: - items: - type: string - type: array - namespaceSelector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label selector - operator is the set of operators - that can be used in a selector - requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - type: object - type: array - type: object - podAntiAffinity: - description: |- - PodAntiAffinityApplyConfiguration represents an declarative configuration of the PodAntiAffinity type for use - with apply. - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - description: |- - WeightedPodAffinityTermApplyConfiguration represents an declarative configuration of the WeightedPodAffinityTerm type for use - with apply. - properties: - podAffinityTerm: - description: |- - PodAffinityTermApplyConfiguration represents an declarative configuration of the PodAffinityTerm type for use - with apply. - properties: - labelSelector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label selector - operator is the set - of operators that can - be used in a selector - requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - matchLabelKeys: - items: - type: string - type: array - mismatchLabelKeys: - items: - type: string - type: array - namespaceSelector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label selector - operator is the set - of operators that can - be used in a selector - requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - type: object - weight: - format: int32 - type: integer - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - items: - description: |- - PodAffinityTermApplyConfiguration represents an declarative configuration of the PodAffinityTerm type for use - with apply. - properties: - labelSelector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label selector - operator is the set of operators - that can be used in a selector - requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - matchLabelKeys: - items: - type: string - type: array - mismatchLabelKeys: - items: - type: string - type: array - namespaceSelector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label selector - operator is the set of operators - that can be used in a selector - requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - type: object - type: array - type: object - type: object - automountServiceAccountToken: - type: boolean - containers: - items: - description: |- - ContainerApplyConfiguration represents an declarative configuration of the Container type for use - with apply. - properties: - args: - items: - type: string - type: array - command: - items: - type: string - type: array - env: - items: - description: |- - EnvVarApplyConfiguration represents an declarative configuration of the EnvVar type for use - with apply. - properties: - name: - type: string - value: - type: string - valueFrom: - description: |- - EnvVarSourceApplyConfiguration represents an declarative configuration of the EnvVarSource type for use - with apply. - properties: - configMapKeyRef: - description: |- - ConfigMapKeySelectorApplyConfiguration represents an declarative configuration of the ConfigMapKeySelector type for use - with apply. - properties: - key: - type: string - name: - type: string - optional: - type: boolean - type: object - fieldRef: - description: |- - ObjectFieldSelectorApplyConfiguration represents an declarative configuration of the ObjectFieldSelector type for use - with apply. - properties: - apiVersion: - type: string - fieldPath: - type: string - type: object - resourceFieldRef: - description: |- - ResourceFieldSelectorApplyConfiguration represents an declarative configuration of the ResourceFieldSelector type for use - with apply. - properties: - containerName: - type: string - divisor: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - type: string - type: object - secretKeyRef: - description: |- - SecretKeySelectorApplyConfiguration represents an declarative configuration of the SecretKeySelector type for use - with apply. - properties: - key: - type: string - name: - type: string - optional: - type: boolean - type: object - type: object - type: object - type: array - envFrom: - items: - description: |- - EnvFromSourceApplyConfiguration represents an declarative configuration of the EnvFromSource type for use - with apply. - properties: - configMapRef: - description: |- - ConfigMapEnvSourceApplyConfiguration represents an declarative configuration of the ConfigMapEnvSource type for use - with apply. - properties: - name: - type: string - optional: - type: boolean - type: object - prefix: - type: string - secretRef: - description: |- - SecretEnvSourceApplyConfiguration represents an declarative configuration of the SecretEnvSource type for use - with apply. - properties: - name: - type: string - optional: - type: boolean - type: object - type: object - type: array - image: - type: string - imagePullPolicy: - description: PullPolicy describes a policy for - if/when to pull a container image - type: string - lifecycle: - description: |- - LifecycleApplyConfiguration represents an declarative configuration of the Lifecycle type for use - with apply. - properties: - postStart: - description: |- - LifecycleHandlerApplyConfiguration represents an declarative configuration of the LifecycleHandler type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies - the scheme used for connection - to a host for Get actions - type: string - type: object - sleep: - description: |- - SleepActionApplyConfiguration represents an declarative configuration of the SleepAction type for use - with apply. - properties: - seconds: - format: int64 - type: integer - type: object - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - type: object - preStop: - description: |- - LifecycleHandlerApplyConfiguration represents an declarative configuration of the LifecycleHandler type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies - the scheme used for connection - to a host for Get actions - type: string - type: object - sleep: - description: |- - SleepActionApplyConfiguration represents an declarative configuration of the SleepAction type for use - with apply. - properties: - seconds: - format: int64 - type: integer - type: object - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - type: object - type: object - livenessProbe: - description: |- - ProbeApplyConfiguration represents an declarative configuration of the Probe type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - description: |- - GRPCActionApplyConfiguration represents an declarative configuration of the GRPCAction type for use - with apply. - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies the - scheme used for connection to a host - for Get actions - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - name: - type: string - ports: - items: - description: |- - ContainerPortApplyConfiguration represents an declarative configuration of the ContainerPort type for use - with apply. - properties: - containerPort: - format: int32 - type: integer - hostIP: - type: string - hostPort: - format: int32 - type: integer - name: - type: string - protocol: - description: Protocol defines network - protocols supported for things like - container ports. - type: string - type: object - type: array - readinessProbe: - description: |- - ProbeApplyConfiguration represents an declarative configuration of the Probe type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - description: |- - GRPCActionApplyConfiguration represents an declarative configuration of the GRPCAction type for use - with apply. - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies the - scheme used for connection to a host - for Get actions - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - resizePolicy: - items: - description: |- - ContainerResizePolicyApplyConfiguration represents an declarative configuration of the ContainerResizePolicy type for use - with apply. - properties: - resourceName: - description: ResourceName is the name - identifying various resources in a ResourceList. - type: string - restartPolicy: - description: ResourceResizeRestartPolicy - specifies how to handle container resource - resize. - type: string - type: object - type: array - resources: - description: |- - ResourceRequirementsApplyConfiguration represents an declarative configuration of the ResourceRequirements type for use - with apply. - properties: - claims: - items: - description: |- - ResourceClaimApplyConfiguration represents an declarative configuration of the ResourceClaim type for use - with apply. - properties: - name: - type: string - type: object - type: array - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: ResourceList is a set of (resource - name, quantity) pairs. - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: ResourceList is a set of (resource - name, quantity) pairs. - type: object - type: object - restartPolicy: - description: |- - ContainerRestartPolicy is the restart policy for a single container. - This may only be set for init containers and only allowed value is "Always". - type: string - securityContext: - description: |- - SecurityContextApplyConfiguration represents an declarative configuration of the SecurityContext type for use - with apply. - properties: - allowPrivilegeEscalation: - type: boolean - appArmorProfile: - description: |- - AppArmorProfileApplyConfiguration represents an declarative configuration of the AppArmorProfile type for use - with apply. - properties: - localhostProfile: - type: string - type: - type: string - type: object - capabilities: - description: |- - CapabilitiesApplyConfiguration represents an declarative configuration of the Capabilities type for use - with apply. - properties: - add: - items: - description: Capability represent - POSIX capabilities type - type: string - type: array - drop: - items: - description: Capability represent - POSIX capabilities type - type: string - type: array - type: object - privileged: - type: boolean - procMount: - type: string - readOnlyRootFilesystem: - type: boolean - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - description: |- - SELinuxOptionsApplyConfiguration represents an declarative configuration of the SELinuxOptions type for use - with apply. - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - seccompProfile: - description: |- - SeccompProfileApplyConfiguration represents an declarative configuration of the SeccompProfile type for use - with apply. - properties: - localhostProfile: - type: string - type: - description: SeccompProfileType defines - the supported seccomp profile types. - type: string - type: object - windowsOptions: - description: |- - WindowsSecurityContextOptionsApplyConfiguration represents an declarative configuration of the WindowsSecurityContextOptions type for use - with apply. - properties: - gmsaCredentialSpec: - type: string - gmsaCredentialSpecName: - type: string - hostProcess: - type: boolean - runAsUserName: - type: string - type: object - type: object - startupProbe: - description: |- - ProbeApplyConfiguration represents an declarative configuration of the Probe type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - description: |- - GRPCActionApplyConfiguration represents an declarative configuration of the GRPCAction type for use - with apply. - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies the - scheme used for connection to a host - for Get actions - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - stdin: - type: boolean - stdinOnce: - type: boolean - terminationMessagePath: - type: string - terminationMessagePolicy: - description: TerminationMessagePolicy describes - how termination messages are retrieved from - a container. - type: string - tty: - type: boolean - volumeDevices: - items: - description: |- - VolumeDeviceApplyConfiguration represents an declarative configuration of the VolumeDevice type for use - with apply. - properties: - devicePath: - type: string - name: - type: string - type: object - type: array - volumeMounts: - items: - description: |- - VolumeMountApplyConfiguration represents an declarative configuration of the VolumeMount type for use - with apply. - properties: - mountPath: - type: string - mountPropagation: - description: MountPropagationMode describes - mount propagation. - type: string - name: - type: string - readOnly: - type: boolean - recursiveReadOnly: - description: RecursiveReadOnlyMode describes - recursive-readonly mode. - type: string - subPath: - type: string - subPathExpr: - type: string - type: object - type: array - workingDir: - type: string - type: object - type: array - dnsConfig: - description: |- - PodDNSConfigApplyConfiguration represents an declarative configuration of the PodDNSConfig type for use - with apply. - properties: - nameservers: - items: - type: string - type: array - options: - items: - description: |- - PodDNSConfigOptionApplyConfiguration represents an declarative configuration of the PodDNSConfigOption type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - searches: - items: - type: string - type: array - type: object - dnsPolicy: - description: DNSPolicy defines how a pod's DNS will - be configured. - type: string - enableServiceLinks: - type: boolean - ephemeralContainers: - items: - description: |- - EphemeralContainerApplyConfiguration represents an declarative configuration of the EphemeralContainer type for use - with apply. - properties: - args: - items: - type: string - type: array - command: - items: - type: string - type: array - env: - items: - description: |- - EnvVarApplyConfiguration represents an declarative configuration of the EnvVar type for use - with apply. - properties: - name: - type: string - value: - type: string - valueFrom: - description: |- - EnvVarSourceApplyConfiguration represents an declarative configuration of the EnvVarSource type for use - with apply. - properties: - configMapKeyRef: - description: |- - ConfigMapKeySelectorApplyConfiguration represents an declarative configuration of the ConfigMapKeySelector type for use - with apply. - properties: - key: - type: string - name: - type: string - optional: - type: boolean - type: object - fieldRef: - description: |- - ObjectFieldSelectorApplyConfiguration represents an declarative configuration of the ObjectFieldSelector type for use - with apply. - properties: - apiVersion: - type: string - fieldPath: - type: string - type: object - resourceFieldRef: - description: |- - ResourceFieldSelectorApplyConfiguration represents an declarative configuration of the ResourceFieldSelector type for use - with apply. - properties: - containerName: - type: string - divisor: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - type: string - type: object - secretKeyRef: - description: |- - SecretKeySelectorApplyConfiguration represents an declarative configuration of the SecretKeySelector type for use - with apply. - properties: - key: - type: string - name: - type: string - optional: - type: boolean - type: object - type: object - type: object - type: array - envFrom: - items: - description: |- - EnvFromSourceApplyConfiguration represents an declarative configuration of the EnvFromSource type for use - with apply. - properties: - configMapRef: - description: |- - ConfigMapEnvSourceApplyConfiguration represents an declarative configuration of the ConfigMapEnvSource type for use - with apply. - properties: - name: - type: string - optional: - type: boolean - type: object - prefix: - type: string - secretRef: - description: |- - SecretEnvSourceApplyConfiguration represents an declarative configuration of the SecretEnvSource type for use - with apply. - properties: - name: - type: string - optional: - type: boolean - type: object - type: object - type: array - image: - type: string - imagePullPolicy: - description: PullPolicy describes a policy for - if/when to pull a container image - type: string - lifecycle: - description: |- - LifecycleApplyConfiguration represents an declarative configuration of the Lifecycle type for use - with apply. - properties: - postStart: - description: |- - LifecycleHandlerApplyConfiguration represents an declarative configuration of the LifecycleHandler type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies - the scheme used for connection - to a host for Get actions - type: string - type: object - sleep: - description: |- - SleepActionApplyConfiguration represents an declarative configuration of the SleepAction type for use - with apply. - properties: - seconds: - format: int64 - type: integer - type: object - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - type: object - preStop: - description: |- - LifecycleHandlerApplyConfiguration represents an declarative configuration of the LifecycleHandler type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies - the scheme used for connection - to a host for Get actions - type: string - type: object - sleep: - description: |- - SleepActionApplyConfiguration represents an declarative configuration of the SleepAction type for use - with apply. - properties: - seconds: - format: int64 - type: integer - type: object - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - type: object - type: object - livenessProbe: - description: |- - ProbeApplyConfiguration represents an declarative configuration of the Probe type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - description: |- - GRPCActionApplyConfiguration represents an declarative configuration of the GRPCAction type for use - with apply. - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies the - scheme used for connection to a host - for Get actions - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - name: - type: string - ports: - items: - description: |- - ContainerPortApplyConfiguration represents an declarative configuration of the ContainerPort type for use - with apply. - properties: - containerPort: - format: int32 - type: integer - hostIP: - type: string - hostPort: - format: int32 - type: integer - name: - type: string - protocol: - description: Protocol defines network - protocols supported for things like - container ports. - type: string - type: object - type: array - readinessProbe: - description: |- - ProbeApplyConfiguration represents an declarative configuration of the Probe type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - description: |- - GRPCActionApplyConfiguration represents an declarative configuration of the GRPCAction type for use - with apply. - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies the - scheme used for connection to a host - for Get actions - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - resizePolicy: - items: - description: |- - ContainerResizePolicyApplyConfiguration represents an declarative configuration of the ContainerResizePolicy type for use - with apply. - properties: - resourceName: - description: ResourceName is the name - identifying various resources in a ResourceList. - type: string - restartPolicy: - description: ResourceResizeRestartPolicy - specifies how to handle container resource - resize. - type: string - type: object - type: array - resources: - description: |- - ResourceRequirementsApplyConfiguration represents an declarative configuration of the ResourceRequirements type for use - with apply. - properties: - claims: - items: - description: |- - ResourceClaimApplyConfiguration represents an declarative configuration of the ResourceClaim type for use - with apply. - properties: - name: - type: string - type: object - type: array - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: ResourceList is a set of (resource - name, quantity) pairs. - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: ResourceList is a set of (resource - name, quantity) pairs. - type: object - type: object - restartPolicy: - description: |- - ContainerRestartPolicy is the restart policy for a single container. - This may only be set for init containers and only allowed value is "Always". - type: string - securityContext: - description: |- - SecurityContextApplyConfiguration represents an declarative configuration of the SecurityContext type for use - with apply. - properties: - allowPrivilegeEscalation: - type: boolean - appArmorProfile: - description: |- - AppArmorProfileApplyConfiguration represents an declarative configuration of the AppArmorProfile type for use - with apply. - properties: - localhostProfile: - type: string - type: - type: string - type: object - capabilities: - description: |- - CapabilitiesApplyConfiguration represents an declarative configuration of the Capabilities type for use - with apply. - properties: - add: - items: - description: Capability represent - POSIX capabilities type - type: string - type: array - drop: - items: - description: Capability represent - POSIX capabilities type - type: string - type: array - type: object - privileged: - type: boolean - procMount: - type: string - readOnlyRootFilesystem: - type: boolean - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - description: |- - SELinuxOptionsApplyConfiguration represents an declarative configuration of the SELinuxOptions type for use - with apply. - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - seccompProfile: - description: |- - SeccompProfileApplyConfiguration represents an declarative configuration of the SeccompProfile type for use - with apply. - properties: - localhostProfile: - type: string - type: - description: SeccompProfileType defines - the supported seccomp profile types. - type: string - type: object - windowsOptions: - description: |- - WindowsSecurityContextOptionsApplyConfiguration represents an declarative configuration of the WindowsSecurityContextOptions type for use - with apply. - properties: - gmsaCredentialSpec: - type: string - gmsaCredentialSpecName: - type: string - hostProcess: - type: boolean - runAsUserName: - type: string - type: object - type: object - startupProbe: - description: |- - ProbeApplyConfiguration represents an declarative configuration of the Probe type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - description: |- - GRPCActionApplyConfiguration represents an declarative configuration of the GRPCAction type for use - with apply. - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies the - scheme used for connection to a host - for Get actions - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - stdin: - type: boolean - stdinOnce: - type: boolean - targetContainerName: - type: string - terminationMessagePath: - type: string - terminationMessagePolicy: - description: TerminationMessagePolicy describes - how termination messages are retrieved from - a container. - type: string - tty: - type: boolean - volumeDevices: - items: - description: |- - VolumeDeviceApplyConfiguration represents an declarative configuration of the VolumeDevice type for use - with apply. - properties: - devicePath: - type: string - name: - type: string - type: object - type: array - volumeMounts: - items: - description: |- - VolumeMountApplyConfiguration represents an declarative configuration of the VolumeMount type for use - with apply. - properties: - mountPath: - type: string - mountPropagation: - description: MountPropagationMode describes - mount propagation. - type: string - name: - type: string - readOnly: - type: boolean - recursiveReadOnly: - description: RecursiveReadOnlyMode describes - recursive-readonly mode. - type: string - subPath: - type: string - subPathExpr: - type: string - type: object - type: array - workingDir: - type: string - type: object - type: array - hostAliases: - items: - description: |- - HostAliasApplyConfiguration represents an declarative configuration of the HostAlias type for use - with apply. - properties: - hostnames: - items: - type: string - type: array - ip: - type: string - type: object - type: array - hostIPC: - type: boolean - hostNetwork: - type: boolean - hostPID: - type: boolean - hostUsers: - type: boolean - hostname: - type: string - imagePullSecrets: - items: - description: |- - LocalObjectReferenceApplyConfiguration represents an declarative configuration of the LocalObjectReference type for use - with apply. - properties: - name: - type: string - type: object - type: array - initContainers: - items: - description: |- - ContainerApplyConfiguration represents an declarative configuration of the Container type for use - with apply. - properties: - args: - items: - type: string - type: array - command: - items: - type: string - type: array - env: - items: - description: |- - EnvVarApplyConfiguration represents an declarative configuration of the EnvVar type for use - with apply. - properties: - name: - type: string - value: - type: string - valueFrom: - description: |- - EnvVarSourceApplyConfiguration represents an declarative configuration of the EnvVarSource type for use - with apply. - properties: - configMapKeyRef: - description: |- - ConfigMapKeySelectorApplyConfiguration represents an declarative configuration of the ConfigMapKeySelector type for use - with apply. - properties: - key: - type: string - name: - type: string - optional: - type: boolean - type: object - fieldRef: - description: |- - ObjectFieldSelectorApplyConfiguration represents an declarative configuration of the ObjectFieldSelector type for use - with apply. - properties: - apiVersion: - type: string - fieldPath: - type: string - type: object - resourceFieldRef: - description: |- - ResourceFieldSelectorApplyConfiguration represents an declarative configuration of the ResourceFieldSelector type for use - with apply. - properties: - containerName: - type: string - divisor: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - type: string - type: object - secretKeyRef: - description: |- - SecretKeySelectorApplyConfiguration represents an declarative configuration of the SecretKeySelector type for use - with apply. - properties: - key: - type: string - name: - type: string - optional: - type: boolean - type: object - type: object - type: object - type: array - envFrom: - items: - description: |- - EnvFromSourceApplyConfiguration represents an declarative configuration of the EnvFromSource type for use - with apply. - properties: - configMapRef: - description: |- - ConfigMapEnvSourceApplyConfiguration represents an declarative configuration of the ConfigMapEnvSource type for use - with apply. - properties: - name: - type: string - optional: - type: boolean - type: object - prefix: - type: string - secretRef: - description: |- - SecretEnvSourceApplyConfiguration represents an declarative configuration of the SecretEnvSource type for use - with apply. - properties: - name: - type: string - optional: - type: boolean - type: object - type: object - type: array - image: - type: string - imagePullPolicy: - description: PullPolicy describes a policy for - if/when to pull a container image - type: string - lifecycle: - description: |- - LifecycleApplyConfiguration represents an declarative configuration of the Lifecycle type for use - with apply. - properties: - postStart: - description: |- - LifecycleHandlerApplyConfiguration represents an declarative configuration of the LifecycleHandler type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies - the scheme used for connection - to a host for Get actions - type: string - type: object - sleep: - description: |- - SleepActionApplyConfiguration represents an declarative configuration of the SleepAction type for use - with apply. - properties: - seconds: - format: int64 - type: integer - type: object - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - type: object - preStop: - description: |- - LifecycleHandlerApplyConfiguration represents an declarative configuration of the LifecycleHandler type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies - the scheme used for connection - to a host for Get actions - type: string - type: object - sleep: - description: |- - SleepActionApplyConfiguration represents an declarative configuration of the SleepAction type for use - with apply. - properties: - seconds: - format: int64 - type: integer - type: object - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - type: object - type: object - livenessProbe: - description: |- - ProbeApplyConfiguration represents an declarative configuration of the Probe type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - description: |- - GRPCActionApplyConfiguration represents an declarative configuration of the GRPCAction type for use - with apply. - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies the - scheme used for connection to a host - for Get actions - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - name: - type: string - ports: - items: - description: |- - ContainerPortApplyConfiguration represents an declarative configuration of the ContainerPort type for use - with apply. - properties: - containerPort: - format: int32 - type: integer - hostIP: - type: string - hostPort: - format: int32 - type: integer - name: - type: string - protocol: - description: Protocol defines network - protocols supported for things like - container ports. - type: string - type: object - type: array - readinessProbe: - description: |- - ProbeApplyConfiguration represents an declarative configuration of the Probe type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - description: |- - GRPCActionApplyConfiguration represents an declarative configuration of the GRPCAction type for use - with apply. - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies the - scheme used for connection to a host - for Get actions - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - resizePolicy: - items: - description: |- - ContainerResizePolicyApplyConfiguration represents an declarative configuration of the ContainerResizePolicy type for use - with apply. - properties: - resourceName: - description: ResourceName is the name - identifying various resources in a ResourceList. - type: string - restartPolicy: - description: ResourceResizeRestartPolicy - specifies how to handle container resource - resize. - type: string - type: object - type: array - resources: - description: |- - ResourceRequirementsApplyConfiguration represents an declarative configuration of the ResourceRequirements type for use - with apply. - properties: - claims: - items: - description: |- - ResourceClaimApplyConfiguration represents an declarative configuration of the ResourceClaim type for use - with apply. - properties: - name: - type: string - type: object - type: array - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: ResourceList is a set of (resource - name, quantity) pairs. - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: ResourceList is a set of (resource - name, quantity) pairs. - type: object - type: object - restartPolicy: - description: |- - ContainerRestartPolicy is the restart policy for a single container. - This may only be set for init containers and only allowed value is "Always". - type: string - securityContext: - description: |- - SecurityContextApplyConfiguration represents an declarative configuration of the SecurityContext type for use - with apply. - properties: - allowPrivilegeEscalation: - type: boolean - appArmorProfile: - description: |- - AppArmorProfileApplyConfiguration represents an declarative configuration of the AppArmorProfile type for use - with apply. - properties: - localhostProfile: - type: string - type: - type: string - type: object - capabilities: - description: |- - CapabilitiesApplyConfiguration represents an declarative configuration of the Capabilities type for use - with apply. - properties: - add: - items: - description: Capability represent - POSIX capabilities type - type: string - type: array - drop: - items: - description: Capability represent - POSIX capabilities type - type: string - type: array - type: object - privileged: - type: boolean - procMount: - type: string - readOnlyRootFilesystem: - type: boolean - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - description: |- - SELinuxOptionsApplyConfiguration represents an declarative configuration of the SELinuxOptions type for use - with apply. - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - seccompProfile: - description: |- - SeccompProfileApplyConfiguration represents an declarative configuration of the SeccompProfile type for use - with apply. - properties: - localhostProfile: - type: string - type: - description: SeccompProfileType defines - the supported seccomp profile types. - type: string - type: object - windowsOptions: - description: |- - WindowsSecurityContextOptionsApplyConfiguration represents an declarative configuration of the WindowsSecurityContextOptions type for use - with apply. - properties: - gmsaCredentialSpec: - type: string - gmsaCredentialSpecName: - type: string - hostProcess: - type: boolean - runAsUserName: - type: string - type: object - type: object - startupProbe: - description: |- - ProbeApplyConfiguration represents an declarative configuration of the Probe type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - description: |- - GRPCActionApplyConfiguration represents an declarative configuration of the GRPCAction type for use - with apply. - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies the - scheme used for connection to a host - for Get actions - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - stdin: - type: boolean - stdinOnce: - type: boolean - terminationMessagePath: - type: string - terminationMessagePolicy: - description: TerminationMessagePolicy describes - how termination messages are retrieved from - a container. - type: string - tty: - type: boolean - volumeDevices: - items: - description: |- - VolumeDeviceApplyConfiguration represents an declarative configuration of the VolumeDevice type for use - with apply. - properties: - devicePath: - type: string - name: - type: string - type: object - type: array - volumeMounts: - items: - description: |- - VolumeMountApplyConfiguration represents an declarative configuration of the VolumeMount type for use - with apply. - properties: - mountPath: - type: string - mountPropagation: - description: MountPropagationMode describes - mount propagation. - type: string - name: - type: string - readOnly: - type: boolean - recursiveReadOnly: - description: RecursiveReadOnlyMode describes - recursive-readonly mode. - type: string - subPath: - type: string - subPathExpr: - type: string - type: object - type: array - workingDir: - type: string - type: object - type: array - nodeName: - type: string - nodeSelector: - additionalProperties: - type: string - type: object - os: - description: |- - PodOSApplyConfiguration represents an declarative configuration of the PodOS type for use - with apply. - properties: - name: - description: OSName is the set of OS'es that can - be used in OS. - type: string - type: object - overhead: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: ResourceList is a set of (resource name, - quantity) pairs. - type: object - preemptionPolicy: - description: PreemptionPolicy describes a policy for - if/when to preempt a pod. - type: string - priority: - format: int32 - type: integer - priorityClassName: - type: string - readinessGates: - items: - description: |- - PodReadinessGateApplyConfiguration represents an declarative configuration of the PodReadinessGate type for use - with apply. - properties: - conditionType: - description: PodConditionType is a valid value - for PodCondition.Type - type: string - type: object - type: array - resourceClaims: - items: - description: |- - PodResourceClaimApplyConfiguration represents an declarative configuration of the PodResourceClaim type for use - with apply. - properties: - name: - type: string - source: - description: |- - ClaimSourceApplyConfiguration represents an declarative configuration of the ClaimSource type for use - with apply. - properties: - resourceClaimName: - type: string - resourceClaimTemplateName: - type: string - type: object - type: object - type: array - restartPolicy: - description: |- - RestartPolicy describes how the container should be restarted. - Only one of the following restart policies may be specified. - If none of the following policies is specified, the default one - is RestartPolicyAlways. - type: string - runtimeClassName: - type: string - schedulerName: - type: string - schedulingGates: - items: - description: |- - PodSchedulingGateApplyConfiguration represents an declarative configuration of the PodSchedulingGate type for use - with apply. - properties: - name: - type: string - type: object - type: array - securityContext: - description: |- - PodSecurityContextApplyConfiguration represents an declarative configuration of the PodSecurityContext type for use - with apply. - properties: - appArmorProfile: - description: |- - AppArmorProfileApplyConfiguration represents an declarative configuration of the AppArmorProfile type for use - with apply. - properties: - localhostProfile: - type: string - type: - type: string - type: object - fsGroup: - format: int64 - type: integer - fsGroupChangePolicy: - description: |- - PodFSGroupChangePolicy holds policies that will be used for applying fsGroup to a volume - when volume is mounted. - type: string - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - description: |- - SELinuxOptionsApplyConfiguration represents an declarative configuration of the SELinuxOptions type for use - with apply. - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - seccompProfile: - description: |- - SeccompProfileApplyConfiguration represents an declarative configuration of the SeccompProfile type for use - with apply. - properties: - localhostProfile: - type: string - type: - description: SeccompProfileType defines the - supported seccomp profile types. - type: string - type: object - supplementalGroups: - items: - format: int64 - type: integer - type: array - sysctls: - items: - description: |- - SysctlApplyConfiguration represents an declarative configuration of the Sysctl type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - windowsOptions: - description: |- - WindowsSecurityContextOptionsApplyConfiguration represents an declarative configuration of the WindowsSecurityContextOptions type for use - with apply. - properties: - gmsaCredentialSpec: - type: string - gmsaCredentialSpecName: - type: string - hostProcess: - type: boolean - runAsUserName: - type: string - type: object - type: object - serviceAccount: - type: string - serviceAccountName: - type: string - setHostnameAsFQDN: - type: boolean - shareProcessNamespace: - type: boolean - subdomain: - type: string - terminationGracePeriodSeconds: - format: int64 - type: integer - tolerations: - items: - description: |- - TolerationApplyConfiguration represents an declarative configuration of the Toleration type for use - with apply. - properties: - effect: - type: string - key: - type: string - operator: - description: A toleration operator is the set - of operators that can be used in a toleration. - type: string - tolerationSeconds: - format: int64 - type: integer - value: - type: string - type: object - type: array - topologySpreadConstraints: - items: - description: |- - TopologySpreadConstraintApplyConfiguration represents an declarative configuration of the TopologySpreadConstraint type for use - with apply. - properties: - labelSelector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label selector operator - is the set of operators that can - be used in a selector requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - matchLabelKeys: - items: - type: string - type: array - maxSkew: - format: int32 - type: integer - minDomains: - format: int32 - type: integer - nodeAffinityPolicy: - description: NodeInclusionPolicy defines the - type of node inclusion policy - type: string - nodeTaintsPolicy: - description: NodeInclusionPolicy defines the - type of node inclusion policy - type: string - topologyKey: - type: string - whenUnsatisfiable: - type: string - type: object - type: array - volumes: - items: - description: |- - VolumeApplyConfiguration represents an declarative configuration of the Volume type for use - with apply. - properties: - awsElasticBlockStore: - description: |- - AWSElasticBlockStoreVolumeSourceApplyConfiguration represents an declarative configuration of the AWSElasticBlockStoreVolumeSource type for use - with apply. - properties: - fsType: - type: string - partition: - format: int32 - type: integer - readOnly: - type: boolean - volumeID: - type: string - type: object - azureDisk: - description: |- - AzureDiskVolumeSourceApplyConfiguration represents an declarative configuration of the AzureDiskVolumeSource type for use - with apply. - properties: - cachingMode: - type: string - diskName: - type: string - diskURI: - type: string - fsType: - type: string - kind: - type: string - readOnly: - type: boolean - type: object - azureFile: - description: |- - AzureFileVolumeSourceApplyConfiguration represents an declarative configuration of the AzureFileVolumeSource type for use - with apply. - properties: - readOnly: - type: boolean - secretName: - type: string - shareName: - type: string - type: object - cephfs: - description: |- - CephFSVolumeSourceApplyConfiguration represents an declarative configuration of the CephFSVolumeSource type for use - with apply. - properties: - monitors: - items: - type: string - type: array - path: - type: string - readOnly: - type: boolean - secretFile: - type: string - secretRef: - description: |- - LocalObjectReferenceApplyConfiguration represents an declarative configuration of the LocalObjectReference type for use - with apply. - properties: - name: - type: string - type: object - user: - type: string - type: object - cinder: - description: |- - CinderVolumeSourceApplyConfiguration represents an declarative configuration of the CinderVolumeSource type for use - with apply. - properties: - fsType: - type: string - readOnly: - type: boolean - secretRef: - description: |- - LocalObjectReferenceApplyConfiguration represents an declarative configuration of the LocalObjectReference type for use - with apply. - properties: - name: - type: string - type: object - volumeID: - type: string - type: object - configMap: - description: |- - ConfigMapVolumeSourceApplyConfiguration represents an declarative configuration of the ConfigMapVolumeSource type for use - with apply. - properties: - defaultMode: - format: int32 - type: integer - items: - items: - description: |- - KeyToPathApplyConfiguration represents an declarative configuration of the KeyToPath type for use - with apply. - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - type: object - type: array - name: - type: string - optional: - type: boolean - type: object - csi: - description: |- - CSIVolumeSourceApplyConfiguration represents an declarative configuration of the CSIVolumeSource type for use - with apply. - properties: - driver: - type: string - fsType: - type: string - nodePublishSecretRef: - description: |- - LocalObjectReferenceApplyConfiguration represents an declarative configuration of the LocalObjectReference type for use - with apply. - properties: - name: - type: string - type: object - readOnly: - type: boolean - volumeAttributes: - additionalProperties: - type: string - type: object - type: object - downwardAPI: - description: |- - DownwardAPIVolumeSourceApplyConfiguration represents an declarative configuration of the DownwardAPIVolumeSource type for use - with apply. - properties: - defaultMode: - format: int32 - type: integer - items: - items: - description: |- - DownwardAPIVolumeFileApplyConfiguration represents an declarative configuration of the DownwardAPIVolumeFile type for use - with apply. - properties: - fieldRef: - description: |- - ObjectFieldSelectorApplyConfiguration represents an declarative configuration of the ObjectFieldSelector type for use - with apply. - properties: - apiVersion: - type: string - fieldPath: - type: string - type: object - mode: - format: int32 - type: integer - path: - type: string - resourceFieldRef: - description: |- - ResourceFieldSelectorApplyConfiguration represents an declarative configuration of the ResourceFieldSelector type for use - with apply. - properties: - containerName: - type: string - divisor: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - type: string - type: object - type: object - type: array - type: object - emptyDir: - description: |- - EmptyDirVolumeSourceApplyConfiguration represents an declarative configuration of the EmptyDirVolumeSource type for use - with apply. - properties: - medium: - description: StorageMedium defines ways - that storage can be allocated to a volume. - type: string - sizeLimit: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - ephemeral: - description: |- - EphemeralVolumeSourceApplyConfiguration represents an declarative configuration of the EphemeralVolumeSource type for use - with apply. - properties: - volumeClaimTemplate: - description: |- - PersistentVolumeClaimTemplateApplyConfiguration represents an declarative configuration of the PersistentVolumeClaimTemplate type for use - with apply. - properties: - metadata: - description: |- - ObjectMetaApplyConfiguration represents an declarative configuration of the ObjectMeta type for use - with apply. - properties: - annotations: - additionalProperties: - type: string - type: object - creationTimestamp: - format: date-time - type: string - deletionGracePeriodSeconds: - format: int64 - type: integer - deletionTimestamp: - format: date-time - type: string - finalizers: - items: - type: string - type: array - generateName: - type: string - generation: - format: int64 - type: integer - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - ownerReferences: - items: - description: |- - OwnerReferenceApplyConfiguration represents an declarative configuration of the OwnerReference type for use - with apply. - properties: - apiVersion: - type: string - blockOwnerDeletion: - type: boolean - controller: - type: boolean - kind: - type: string - name: - type: string - uid: - description: |- - UID is a type that holds unique ID values, including UUIDs. Because we - don't ONLY use UUIDs, this is an alias to string. Being a type captures - intent and helps make sure that UIDs and names do not get conflated. - type: string - type: object - type: array - resourceVersion: - type: string - uid: - description: |- - UID is a type that holds unique ID values, including UUIDs. Because we - don't ONLY use UUIDs, this is an alias to string. Being a type captures - intent and helps make sure that UIDs and names do not get conflated. - type: string - type: object - spec: - description: |- - PersistentVolumeClaimSpecApplyConfiguration represents an declarative configuration of the PersistentVolumeClaimSpec type for use - with apply. - properties: - accessModes: - items: - type: string - type: array - dataSource: - description: |- - TypedLocalObjectReferenceApplyConfiguration represents an declarative configuration of the TypedLocalObjectReference type for use - with apply. - properties: - apiGroup: - type: string - kind: - type: string - name: - type: string - type: object - dataSourceRef: - description: |- - TypedObjectReferenceApplyConfiguration represents an declarative configuration of the TypedObjectReference type for use - with apply. - properties: - apiGroup: - type: string - kind: - type: string - name: - type: string - namespace: - type: string - type: object - resources: - description: |- - VolumeResourceRequirementsApplyConfiguration represents an declarative configuration of the VolumeResourceRequirements type for use - with apply. - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: ResourceList is - a set of (resource name, quantity) - pairs. - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: ResourceList is - a set of (resource name, quantity) - pairs. - type: object - type: object - selector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label selector - operator is the set - of operators that can - be used in a selector - requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - storageClassName: - type: string - volumeAttributesClassName: - type: string - volumeMode: - description: PersistentVolumeMode - describes how a volume is intended - to be consumed, either Block or - Filesystem. - type: string - volumeName: - type: string - type: object - type: object - type: object - fc: - description: |- - FCVolumeSourceApplyConfiguration represents an declarative configuration of the FCVolumeSource type for use - with apply. - properties: - fsType: - type: string - lun: - format: int32 - type: integer - readOnly: - type: boolean - targetWWNs: - items: - type: string - type: array - wwids: - items: - type: string - type: array - type: object - flexVolume: - description: |- - FlexVolumeSourceApplyConfiguration represents an declarative configuration of the FlexVolumeSource type for use - with apply. - properties: - driver: - type: string - fsType: - type: string - options: - additionalProperties: - type: string - type: object - readOnly: - type: boolean - secretRef: - description: |- - LocalObjectReferenceApplyConfiguration represents an declarative configuration of the LocalObjectReference type for use - with apply. - properties: - name: - type: string - type: object - type: object - flocker: - description: |- - FlockerVolumeSourceApplyConfiguration represents an declarative configuration of the FlockerVolumeSource type for use - with apply. - properties: - datasetName: - type: string - datasetUUID: - type: string - type: object - gcePersistentDisk: - description: |- - GCEPersistentDiskVolumeSourceApplyConfiguration represents an declarative configuration of the GCEPersistentDiskVolumeSource type for use - with apply. - properties: - fsType: - type: string - partition: - format: int32 - type: integer - pdName: - type: string - readOnly: - type: boolean - type: object - gitRepo: - description: |- - GitRepoVolumeSourceApplyConfiguration represents an declarative configuration of the GitRepoVolumeSource type for use - with apply. - properties: - directory: - type: string - repository: - type: string - revision: - type: string - type: object - glusterfs: - description: |- - GlusterfsVolumeSourceApplyConfiguration represents an declarative configuration of the GlusterfsVolumeSource type for use - with apply. - properties: - endpoints: - type: string - path: - type: string - readOnly: - type: boolean - type: object - hostPath: - description: |- - HostPathVolumeSourceApplyConfiguration represents an declarative configuration of the HostPathVolumeSource type for use - with apply. - properties: - path: - type: string - type: - type: string - type: object - iscsi: - description: |- - ISCSIVolumeSourceApplyConfiguration represents an declarative configuration of the ISCSIVolumeSource type for use - with apply. - properties: - chapAuthDiscovery: - type: boolean - chapAuthSession: - type: boolean - fsType: - type: string - initiatorName: - type: string - iqn: - type: string - iscsiInterface: - type: string - lun: - format: int32 - type: integer - portals: - items: - type: string - type: array - readOnly: - type: boolean - secretRef: - description: |- - LocalObjectReferenceApplyConfiguration represents an declarative configuration of the LocalObjectReference type for use - with apply. - properties: - name: - type: string - type: object - targetPortal: - type: string - type: object - name: - type: string - nfs: - description: |- - NFSVolumeSourceApplyConfiguration represents an declarative configuration of the NFSVolumeSource type for use - with apply. - properties: - path: - type: string - readOnly: - type: boolean - server: - type: string - type: object - persistentVolumeClaim: - description: |- - PersistentVolumeClaimVolumeSourceApplyConfiguration represents an declarative configuration of the PersistentVolumeClaimVolumeSource type for use - with apply. - properties: - claimName: - type: string - readOnly: - type: boolean - type: object - photonPersistentDisk: - description: |- - PhotonPersistentDiskVolumeSourceApplyConfiguration represents an declarative configuration of the PhotonPersistentDiskVolumeSource type for use - with apply. - properties: - fsType: - type: string - pdID: - type: string - type: object - portworxVolume: - description: |- - PortworxVolumeSourceApplyConfiguration represents an declarative configuration of the PortworxVolumeSource type for use - with apply. - properties: - fsType: - type: string - readOnly: - type: boolean - volumeID: - type: string - type: object - projected: - description: |- - ProjectedVolumeSourceApplyConfiguration represents an declarative configuration of the ProjectedVolumeSource type for use - with apply. - properties: - defaultMode: - format: int32 - type: integer - sources: - items: - description: |- - VolumeProjectionApplyConfiguration represents an declarative configuration of the VolumeProjection type for use - with apply. - properties: - clusterTrustBundle: - description: |- - ClusterTrustBundleProjectionApplyConfiguration represents an declarative configuration of the ClusterTrustBundleProjection type for use - with apply. - properties: - labelSelector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label - selector operator - is the set of operators - that can be used in - a selector requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - name: - type: string - optional: - type: boolean - path: - type: string - signerName: - type: string - type: object - configMap: - description: |- - ConfigMapProjectionApplyConfiguration represents an declarative configuration of the ConfigMapProjection type for use - with apply. - properties: - items: - items: - description: |- - KeyToPathApplyConfiguration represents an declarative configuration of the KeyToPath type for use - with apply. - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - type: object - type: array - name: - type: string - optional: - type: boolean - type: object - downwardAPI: - description: |- - DownwardAPIProjectionApplyConfiguration represents an declarative configuration of the DownwardAPIProjection type for use - with apply. - properties: - items: - items: - description: |- - DownwardAPIVolumeFileApplyConfiguration represents an declarative configuration of the DownwardAPIVolumeFile type for use - with apply. - properties: - fieldRef: - description: |- - ObjectFieldSelectorApplyConfiguration represents an declarative configuration of the ObjectFieldSelector type for use - with apply. - properties: - apiVersion: - type: string - fieldPath: - type: string - type: object - mode: - format: int32 - type: integer - path: - type: string - resourceFieldRef: - description: |- - ResourceFieldSelectorApplyConfiguration represents an declarative configuration of the ResourceFieldSelector type for use - with apply. - properties: - containerName: - type: string - divisor: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - type: string - type: object - type: object - type: array - type: object - secret: - description: |- - SecretProjectionApplyConfiguration represents an declarative configuration of the SecretProjection type for use - with apply. - properties: - items: - items: - description: |- - KeyToPathApplyConfiguration represents an declarative configuration of the KeyToPath type for use - with apply. - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - type: object - type: array - name: - type: string - optional: - type: boolean - type: object - serviceAccountToken: - description: |- - ServiceAccountTokenProjectionApplyConfiguration represents an declarative configuration of the ServiceAccountTokenProjection type for use - with apply. - properties: - audience: - type: string - expirationSeconds: - format: int64 - type: integer - path: - type: string - type: object - type: object - type: array - type: object - quobyte: - description: |- - QuobyteVolumeSourceApplyConfiguration represents an declarative configuration of the QuobyteVolumeSource type for use - with apply. - properties: - group: - type: string - readOnly: - type: boolean - registry: - type: string - tenant: - type: string - user: - type: string - volume: - type: string - type: object - rbd: - description: |- - RBDVolumeSourceApplyConfiguration represents an declarative configuration of the RBDVolumeSource type for use - with apply. - properties: - fsType: - type: string - image: - type: string - keyring: - type: string - monitors: - items: - type: string - type: array - pool: - type: string - readOnly: - type: boolean - secretRef: - description: |- - LocalObjectReferenceApplyConfiguration represents an declarative configuration of the LocalObjectReference type for use - with apply. - properties: - name: - type: string - type: object - user: - type: string - type: object - scaleIO: - description: |- - ScaleIOVolumeSourceApplyConfiguration represents an declarative configuration of the ScaleIOVolumeSource type for use - with apply. - properties: - fsType: - type: string - gateway: - type: string - protectionDomain: - type: string - readOnly: - type: boolean - secretRef: - description: |- - LocalObjectReferenceApplyConfiguration represents an declarative configuration of the LocalObjectReference type for use - with apply. - properties: - name: - type: string - type: object - sslEnabled: - type: boolean - storageMode: - type: string - storagePool: - type: string - system: - type: string - volumeName: - type: string - type: object - secret: - description: |- - SecretVolumeSourceApplyConfiguration represents an declarative configuration of the SecretVolumeSource type for use - with apply. - properties: - defaultMode: - format: int32 - type: integer - items: - items: - description: |- - KeyToPathApplyConfiguration represents an declarative configuration of the KeyToPath type for use - with apply. - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - type: object - type: array - optional: - type: boolean - secretName: - type: string - type: object - storageos: - description: |- - StorageOSVolumeSourceApplyConfiguration represents an declarative configuration of the StorageOSVolumeSource type for use - with apply. - properties: - fsType: - type: string - readOnly: - type: boolean - secretRef: - description: |- - LocalObjectReferenceApplyConfiguration represents an declarative configuration of the LocalObjectReference type for use - with apply. - properties: - name: - type: string - type: object - volumeName: - type: string - volumeNamespace: - type: string - type: object - vsphereVolume: - description: |- - VsphereVirtualDiskVolumeSourceApplyConfiguration represents an declarative configuration of the VsphereVirtualDiskVolumeSource type for use - with apply. - properties: - fsType: - type: string - storagePolicyID: - type: string - storagePolicyName: - type: string - volumePath: - type: string - type: object - type: object - type: array - type: object - type: object - resources: - description: Sets resource requirements (CPU, memory) for - the job to ensure proper allocation and limit resource usage. - properties: - claims: - description: |- - Claims lists the names of resources, defined in spec.resourceClaims, - that are used by this container. - - This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. - - This field is immutable. It can only be set for containers. - items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. - properties: - name: - description: |- - Name must match the name of one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes that resource available - inside a container. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - securityContext: - description: |- - SecurityContext is deprecated. Prefer [PodTemplate.Spec.SecurityContext] - or [PodTemplate.Spec.Containers[*].SecurityContext]. - properties: - allowPrivilegeEscalation: - description: |- - AllowPrivilegeEscalation controls whether a process can gain more - privileges than its parent process. This bool directly controls if - the no_new_privs flag will be set on the container process. - AllowPrivilegeEscalation is true always when the container is: - 1) run as Privileged - 2) has CAP_SYS_ADMIN - Note that this field cannot be set when spec.os.name is windows. - type: boolean - appArmorProfile: - description: |- - appArmorProfile is the AppArmor options to use by this container. If set, this profile - overrides the pod's appArmorProfile. - Note that this field cannot be set when spec.os.name is windows. - properties: - localhostProfile: - description: |- - localhostProfile indicates a profile loaded on the node that should be used. - The profile must be preconfigured on the node to work. - Must match the loaded name of the profile. - Must be set if and only if type is "Localhost". - type: string - type: - description: |- - type indicates which kind of AppArmor profile will be applied. - Valid options are: - Localhost - a profile pre-loaded on the node. - RuntimeDefault - the container runtime's default profile. - Unconfined - no AppArmor enforcement. - type: string - required: - - type - type: object - capabilities: - description: |- - The capabilities to add/drop when running containers. - Defaults to the default set of capabilities granted by the container runtime. - Note that this field cannot be set when spec.os.name is windows. - properties: - add: - description: Added capabilities - items: - description: Capability represent POSIX capabilities - type - type: string - type: array - x-kubernetes-list-type: atomic - drop: - description: Removed capabilities - items: - description: Capability represent POSIX capabilities - type - type: string - type: array - x-kubernetes-list-type: atomic - type: object - privileged: - description: |- - Run container in privileged mode. - Processes in privileged containers are essentially equivalent to root on the host. - Defaults to false. - Note that this field cannot be set when spec.os.name is windows. - type: boolean - procMount: - description: |- - procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for - readonly paths and masked paths. - This requires the ProcMountType feature flag to be enabled. - Note that this field cannot be set when spec.os.name is windows. - type: string - readOnlyRootFilesystem: - description: |- - Whether this container has a read-only root filesystem. - Default is false. - Note that this field cannot be set when spec.os.name is windows. - type: boolean - runAsGroup: - description: |- - The GID to run the entrypoint of the container process. - Uses runtime default if unset. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is windows. - format: int64 - type: integer - runAsNonRoot: - description: |- - Indicates that the container must run as a non-root user. - If true, the Kubelet will validate the image at runtime to ensure that it - does not run as UID 0 (root) and fail to start the container if it does. - If unset or false, no such validation will be performed. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - type: boolean - runAsUser: - description: |- - The UID to run the entrypoint of the container process. - Defaults to user specified in image metadata if unspecified. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is windows. - format: int64 - type: integer - seLinuxOptions: - description: |- - The SELinux context to be applied to the container. - If unspecified, the container runtime will allocate a random SELinux context for each - container. May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is windows. - properties: - level: - description: Level is SELinux level label that applies - to the container. - type: string - role: - description: Role is a SELinux role label that applies - to the container. - type: string - type: - description: Type is a SELinux type label that applies - to the container. - type: string - user: - description: User is a SELinux user label that applies - to the container. - type: string - type: object - seccompProfile: - description: |- - The seccomp options to use by this container. If seccomp options are - provided at both the pod & container level, the container options - override the pod options. - Note that this field cannot be set when spec.os.name is windows. - properties: - localhostProfile: - description: |- - localhostProfile indicates a profile defined in a file on the node should be used. - The profile must be preconfigured on the node to work. - Must be a descending path, relative to the kubelet's configured seccomp profile location. - Must be set if type is "Localhost". Must NOT be set for any other type. - type: string - type: - description: |- - type indicates which kind of seccomp profile will be applied. - Valid options are: - - Localhost - a profile defined in a file on the node should be used. - RuntimeDefault - the container runtime default profile should be used. - Unconfined - no profile should be applied. - type: string - required: - - type - type: object - windowsOptions: - description: |- - The Windows specific settings applied to all containers. - If unspecified, the options from the PodSecurityContext will be used. - If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is linux. - properties: - gmsaCredentialSpec: - description: |- - GMSACredentialSpec is where the GMSA admission webhook - (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the - GMSA credential spec named by the GMSACredentialSpecName field. - type: string - gmsaCredentialSpecName: - description: GMSACredentialSpecName is the name of - the GMSA credential spec to use. - type: string - hostProcess: - description: |- - HostProcess determines if a container should be run as a 'Host Process' container. - All of a Pod's containers must have the same effective HostProcess value - (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). - In addition, if HostProcess is true then HostNetwork must also be set to true. - type: boolean - runAsUserName: - description: |- - The UserName in Windows to run the entrypoint of the container process. - Defaults to the user specified in image metadata if unspecified. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - type: string - type: object - type: object - type: object - post_upgrade_job: - description: Defines settings for the post-upgrade hook, which - runs after each update. For example, this job is responsible - for setting cluster configuration properties and restarting - services such as Schema Registry, if required. - properties: - affinity: - description: |- - Affinity constraints for scheduling Pods. For details, see the - [Kubernetes documentation](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity). - properties: - nodeAffinity: - description: Describes node affinity scheduling rules - for the pod. - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: |- - The scheduler will prefer to schedule pods to nodes that satisfy - the affinity expressions specified by this field, but it may choose - a node that violates one or more of the expressions. The node that is - most preferred is the one with the greatest sum of weights, i.e. - for each node that meets all of the scheduling requirements (resource - request, requiredDuringScheduling affinity expressions, etc.), - compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node matches the corresponding matchExpressions; the - node(s) with the highest sum are the most preferred. - items: - description: |- - An empty preferred scheduling term matches all objects with implicit weight 0 - (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). - properties: - preference: - description: A node selector term, associated - with the corresponding weight. - properties: - matchExpressions: - description: A list of node selector requirements - by node's labels. - items: - description: |- - A node selector requirement is a selector that contains values, a key, and an operator - that relates the key and values. - properties: - key: - description: The label key that the - selector applies to. - type: string - operator: - description: |- - Represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - type: string - values: - description: |- - An array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. If the operator is Gt or Lt, the values - array must have a single element, which will be interpreted as an integer. - This array is replaced during a strategic merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchFields: - description: A list of node selector requirements - by node's fields. - items: - description: |- - A node selector requirement is a selector that contains values, a key, and an operator - that relates the key and values. - properties: - key: - description: The label key that the - selector applies to. - type: string - operator: - description: |- - Represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - type: string - values: - description: |- - An array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. If the operator is Gt or Lt, the values - array must have a single element, which will be interpreted as an integer. - This array is replaced during a strategic merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - type: object - x-kubernetes-map-type: atomic - weight: - description: Weight associated with matching - the corresponding nodeSelectorTerm, in the - range 1-100. - format: int32 - type: integer - required: - - preference - - weight - type: object - type: array - x-kubernetes-list-type: atomic - requiredDuringSchedulingIgnoredDuringExecution: - description: |- - If the affinity requirements specified by this field are not met at - scheduling time, the pod will not be scheduled onto the node. - If the affinity requirements specified by this field cease to be met - at some point during pod execution (e.g. due to an update), the system - may or may not try to eventually evict the pod from its node. - properties: - nodeSelectorTerms: - description: Required. A list of node selector - terms. The terms are ORed. - items: - description: |- - A null or empty node selector term matches no objects. The requirements of - them are ANDed. - The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. - properties: - matchExpressions: - description: A list of node selector requirements - by node's labels. - items: - description: |- - A node selector requirement is a selector that contains values, a key, and an operator - that relates the key and values. - properties: - key: - description: The label key that the - selector applies to. - type: string - operator: - description: |- - Represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - type: string - values: - description: |- - An array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. If the operator is Gt or Lt, the values - array must have a single element, which will be interpreted as an integer. - This array is replaced during a strategic merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchFields: - description: A list of node selector requirements - by node's fields. - items: - description: |- - A node selector requirement is a selector that contains values, a key, and an operator - that relates the key and values. - properties: - key: - description: The label key that the - selector applies to. - type: string - operator: - description: |- - Represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - type: string - values: - description: |- - An array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. If the operator is Gt or Lt, the values - array must have a single element, which will be interpreted as an integer. - This array is replaced during a strategic merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - type: object - x-kubernetes-map-type: atomic - type: array - x-kubernetes-list-type: atomic - required: - - nodeSelectorTerms - type: object - x-kubernetes-map-type: atomic - type: object - podAffinity: - description: Describes pod affinity scheduling rules (e.g. - co-locate this pod in the same node, zone, etc. as some - other pod(s)). - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: |- - The scheduler will prefer to schedule pods to nodes that satisfy - the affinity expressions specified by this field, but it may choose - a node that violates one or more of the expressions. The node that is - most preferred is the one with the greatest sum of weights, i.e. - for each node that meets all of the scheduling requirements (resource - request, requiredDuringScheduling affinity expressions, etc.), - compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the - node(s) with the highest sum are the most preferred. - items: - description: The weights of all of the matched WeightedPodAffinityTerm - fields are added per-node to find the most preferred - node(s) - properties: - podAffinityTerm: - description: Required. A pod affinity term, - associated with the corresponding weight. - properties: - labelSelector: - description: |- - A label query over a set of resources, in this case pods. - If it's null, this PodAffinityTerm matches with no Pods. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The - requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label - key that the selector applies - to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - matchLabelKeys: - description: |- - MatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both matchLabelKeys and labelSelector. - Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - items: - type: string - type: array - x-kubernetes-list-type: atomic - mismatchLabelKeys: - description: |- - MismatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. - Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - items: - type: string - type: array - x-kubernetes-list-type: atomic - namespaceSelector: - description: |- - A label query over the set of namespaces that the term applies to. - The term is applied to the union of the namespaces selected by this field - and the ones listed in the namespaces field. - null selector and null or empty namespaces list means "this pod's namespace". - An empty selector ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The - requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label - key that the selector applies - to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - namespaces: - description: |- - namespaces specifies a static list of namespace names that the term applies to. - The term is applied to the union of the namespaces listed in this field - and the ones selected by namespaceSelector. - null or empty namespaces list and null namespaceSelector means "this pod's namespace". - items: - type: string - type: array - x-kubernetes-list-type: atomic - topologyKey: - description: |- - This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching - the labelSelector in the specified namespaces, where co-located is defined as running on a node - whose value of the label with key topologyKey matches that of any node on which any of the - selected pods is running. - Empty topologyKey is not allowed. - type: string - required: - - topologyKey - type: object - weight: - description: |- - weight associated with matching the corresponding podAffinityTerm, - in the range 1-100. - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - x-kubernetes-list-type: atomic - requiredDuringSchedulingIgnoredDuringExecution: - description: |- - If the affinity requirements specified by this field are not met at - scheduling time, the pod will not be scheduled onto the node. - If the affinity requirements specified by this field cease to be met - at some point during pod execution (e.g. due to a pod label update), the - system may or may not try to eventually evict the pod from its node. - When there are multiple elements, the lists of nodes corresponding to each - podAffinityTerm are intersected, i.e. all terms must be satisfied. - items: - description: |- - Defines a set of pods (namely those matching the labelSelector - relative to the given namespace(s)) that this pod should be - co-located (affinity) or not co-located (anti-affinity) with, - where co-located is defined as running on a node whose value of - the label with key matches that of any node on which - a pod of the set of pods is running - properties: - labelSelector: - description: |- - A label query over a set of resources, in this case pods. - If it's null, this PodAffinityTerm matches with no Pods. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The requirements - are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key - that the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - matchLabelKeys: - description: |- - MatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both matchLabelKeys and labelSelector. - Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - items: - type: string - type: array - x-kubernetes-list-type: atomic - mismatchLabelKeys: - description: |- - MismatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. - Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - items: - type: string - type: array - x-kubernetes-list-type: atomic - namespaceSelector: - description: |- - A label query over the set of namespaces that the term applies to. - The term is applied to the union of the namespaces selected by this field - and the ones listed in the namespaces field. - null selector and null or empty namespaces list means "this pod's namespace". - An empty selector ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The requirements - are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key - that the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - namespaces: - description: |- - namespaces specifies a static list of namespace names that the term applies to. - The term is applied to the union of the namespaces listed in this field - and the ones selected by namespaceSelector. - null or empty namespaces list and null namespaceSelector means "this pod's namespace". - items: - type: string - type: array - x-kubernetes-list-type: atomic - topologyKey: - description: |- - This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching - the labelSelector in the specified namespaces, where co-located is defined as running on a node - whose value of the label with key topologyKey matches that of any node on which any of the - selected pods is running. - Empty topologyKey is not allowed. - type: string - required: - - topologyKey - type: object - type: array - x-kubernetes-list-type: atomic - type: object - podAntiAffinity: - description: Describes pod anti-affinity scheduling rules - (e.g. avoid putting this pod in the same node, zone, - etc. as some other pod(s)). - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: |- - The scheduler will prefer to schedule pods to nodes that satisfy - the anti-affinity expressions specified by this field, but it may choose - a node that violates one or more of the expressions. The node that is - most preferred is the one with the greatest sum of weights, i.e. - for each node that meets all of the scheduling requirements (resource - request, requiredDuringScheduling anti-affinity expressions, etc.), - compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the - node(s) with the highest sum are the most preferred. - items: - description: The weights of all of the matched WeightedPodAffinityTerm - fields are added per-node to find the most preferred - node(s) - properties: - podAffinityTerm: - description: Required. A pod affinity term, - associated with the corresponding weight. - properties: - labelSelector: - description: |- - A label query over a set of resources, in this case pods. - If it's null, this PodAffinityTerm matches with no Pods. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The - requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label - key that the selector applies - to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - matchLabelKeys: - description: |- - MatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both matchLabelKeys and labelSelector. - Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - items: - type: string - type: array - x-kubernetes-list-type: atomic - mismatchLabelKeys: - description: |- - MismatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. - Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - items: - type: string - type: array - x-kubernetes-list-type: atomic - namespaceSelector: - description: |- - A label query over the set of namespaces that the term applies to. - The term is applied to the union of the namespaces selected by this field - and the ones listed in the namespaces field. - null selector and null or empty namespaces list means "this pod's namespace". - An empty selector ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The - requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label - key that the selector applies - to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - namespaces: - description: |- - namespaces specifies a static list of namespace names that the term applies to. - The term is applied to the union of the namespaces listed in this field - and the ones selected by namespaceSelector. - null or empty namespaces list and null namespaceSelector means "this pod's namespace". - items: - type: string - type: array - x-kubernetes-list-type: atomic - topologyKey: - description: |- - This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching - the labelSelector in the specified namespaces, where co-located is defined as running on a node - whose value of the label with key topologyKey matches that of any node on which any of the - selected pods is running. - Empty topologyKey is not allowed. - type: string - required: - - topologyKey - type: object - weight: - description: |- - weight associated with matching the corresponding podAffinityTerm, - in the range 1-100. - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - x-kubernetes-list-type: atomic - requiredDuringSchedulingIgnoredDuringExecution: - description: |- - If the anti-affinity requirements specified by this field are not met at - scheduling time, the pod will not be scheduled onto the node. - If the anti-affinity requirements specified by this field cease to be met - at some point during pod execution (e.g. due to a pod label update), the - system may or may not try to eventually evict the pod from its node. - When there are multiple elements, the lists of nodes corresponding to each - podAffinityTerm are intersected, i.e. all terms must be satisfied. - items: - description: |- - Defines a set of pods (namely those matching the labelSelector - relative to the given namespace(s)) that this pod should be - co-located (affinity) or not co-located (anti-affinity) with, - where co-located is defined as running on a node whose value of - the label with key matches that of any node on which - a pod of the set of pods is running - properties: - labelSelector: - description: |- - A label query over a set of resources, in this case pods. - If it's null, this PodAffinityTerm matches with no Pods. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The requirements - are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key - that the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - matchLabelKeys: - description: |- - MatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both matchLabelKeys and labelSelector. - Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - items: - type: string - type: array - x-kubernetes-list-type: atomic - mismatchLabelKeys: - description: |- - MismatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. - Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - items: - type: string - type: array - x-kubernetes-list-type: atomic - namespaceSelector: - description: |- - A label query over the set of namespaces that the term applies to. - The term is applied to the union of the namespaces selected by this field - and the ones listed in the namespaces field. - null selector and null or empty namespaces list means "this pod's namespace". - An empty selector ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The requirements - are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key - that the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - namespaces: - description: |- - namespaces specifies a static list of namespace names that the term applies to. - The term is applied to the union of the namespaces listed in this field - and the ones selected by namespaceSelector. - null or empty namespaces list and null namespaceSelector means "this pod's namespace". - items: - type: string - type: array - x-kubernetes-list-type: atomic - topologyKey: - description: |- - This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching - the labelSelector in the specified namespaces, where co-located is defined as running on a node - whose value of the label with key topologyKey matches that of any node on which any of the - selected pods is running. - Empty topologyKey is not allowed. - type: string - required: - - topologyKey - type: object - type: array - x-kubernetes-list-type: atomic - type: object - type: object - annotations: - additionalProperties: - type: string - description: Adds annotations to the job to provide additional - information or metadata that can be used by other tools - or libraries. - type: object - backoffLimit: - format: int32 - type: integer - enabled: - description: Specifies whether the job is deployed. - type: boolean - extraEnv: - description: Adds environment variables to the job container - to configure its runtime behavior. - items: - description: EnvVar represents an environment variable present - in a Container. - properties: - name: - description: Name of the environment variable. Must - be a C_IDENTIFIER. - type: string - value: - description: |- - Variable references $(VAR_NAME) are expanded - using the previously defined environment variables in the container and - any service environment variables. If a variable cannot be resolved, - the reference in the input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. - "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, regardless of whether the variable - exists or not. - Defaults to "". - type: string - valueFrom: - description: Source for the environment variable's value. - Cannot be used if value is not empty. - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap or - its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - fieldRef: - description: |- - Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, - spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. - properties: - apiVersion: - description: Version of the schema the FieldPath - is written in terms of, defaults to "v1". - type: string - fieldPath: - description: Path of the field to select in - the specified API version. - type: string - required: - - fieldPath - type: object - x-kubernetes-map-type: atomic - resourceFieldRef: - description: |- - Selects a resource of the container: only resources limits and requests - (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. - properties: - containerName: - description: 'Container name: required for volumes, - optional for env vars' - type: string - divisor: - anyOf: - - type: integer - - type: string - description: Specifies the output format of - the exposed resources, defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: 'Required: resource to select' - type: string - required: - - resource - type: object - x-kubernetes-map-type: atomic - secretKeyRef: - description: Selects a key of a secret in the pod's - namespace - properties: - key: - description: The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - required: - - name - type: object - type: array - extraEnvFrom: - description: Specifies environment variables from external - sources, such as ConfigMap resources, or Secret resources, - to dynamically configure the job. - items: - description: EnvFromSource represents the source of a set - of ConfigMaps - properties: - configMapRef: - description: The ConfigMap to select from - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap must - be defined - type: boolean - type: object - x-kubernetes-map-type: atomic - prefix: - description: An optional identifier to prepend to each - key in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret must be - defined - type: boolean - type: object - x-kubernetes-map-type: atomic - type: object - type: array - labels: - additionalProperties: - type: string - description: Applies labels to the job to facilitate identification - and selection based on custom criteria. - type: object - podTemplate: - description: |- - PodTemplate is a subset of Kubernetes' PodTemplate that will be merged - into this Job's PodTemplate. - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - spec: - description: |- - PodSpecApplyConfiguration is a wrapper around - [applycorev1.PodSpecApplyConfiguration] that adds support for DeepCopying. - properties: - activeDeadlineSeconds: - format: int64 - type: integer - affinity: - description: |- - AffinityApplyConfiguration represents an declarative configuration of the Affinity type for use - with apply. - properties: - nodeAffinity: - description: |- - NodeAffinityApplyConfiguration represents an declarative configuration of the NodeAffinity type for use - with apply. - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - description: |- - PreferredSchedulingTermApplyConfiguration represents an declarative configuration of the PreferredSchedulingTerm type for use - with apply. - properties: - preference: - description: |- - NodeSelectorTermApplyConfiguration represents an declarative configuration of the NodeSelectorTerm type for use - with apply. - properties: - matchExpressions: - items: - description: |- - NodeSelectorRequirementApplyConfiguration represents an declarative configuration of the NodeSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: |- - A node selector operator is the set of operators that can be used in - a node selector requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchFields: - items: - description: |- - NodeSelectorRequirementApplyConfiguration represents an declarative configuration of the NodeSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: |- - A node selector operator is the set of operators that can be used in - a node selector requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - type: object - weight: - format: int32 - type: integer - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: |- - NodeSelectorApplyConfiguration represents an declarative configuration of the NodeSelector type for use - with apply. - properties: - nodeSelectorTerms: - items: - description: |- - NodeSelectorTermApplyConfiguration represents an declarative configuration of the NodeSelectorTerm type for use - with apply. - properties: - matchExpressions: - items: - description: |- - NodeSelectorRequirementApplyConfiguration represents an declarative configuration of the NodeSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: |- - A node selector operator is the set of operators that can be used in - a node selector requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchFields: - items: - description: |- - NodeSelectorRequirementApplyConfiguration represents an declarative configuration of the NodeSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: |- - A node selector operator is the set of operators that can be used in - a node selector requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - type: object - type: array - type: object - type: object - podAffinity: - description: |- - PodAffinityApplyConfiguration represents an declarative configuration of the PodAffinity type for use - with apply. - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - description: |- - WeightedPodAffinityTermApplyConfiguration represents an declarative configuration of the WeightedPodAffinityTerm type for use - with apply. - properties: - podAffinityTerm: - description: |- - PodAffinityTermApplyConfiguration represents an declarative configuration of the PodAffinityTerm type for use - with apply. - properties: - labelSelector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label selector - operator is the set - of operators that can - be used in a selector - requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - matchLabelKeys: - items: - type: string - type: array - mismatchLabelKeys: - items: - type: string - type: array - namespaceSelector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label selector - operator is the set - of operators that can - be used in a selector - requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - type: object - weight: - format: int32 - type: integer - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - items: - description: |- - PodAffinityTermApplyConfiguration represents an declarative configuration of the PodAffinityTerm type for use - with apply. - properties: - labelSelector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label selector - operator is the set of operators - that can be used in a selector - requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - matchLabelKeys: - items: - type: string - type: array - mismatchLabelKeys: - items: - type: string - type: array - namespaceSelector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label selector - operator is the set of operators - that can be used in a selector - requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - type: object - type: array - type: object - podAntiAffinity: - description: |- - PodAntiAffinityApplyConfiguration represents an declarative configuration of the PodAntiAffinity type for use - with apply. - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - description: |- - WeightedPodAffinityTermApplyConfiguration represents an declarative configuration of the WeightedPodAffinityTerm type for use - with apply. - properties: - podAffinityTerm: - description: |- - PodAffinityTermApplyConfiguration represents an declarative configuration of the PodAffinityTerm type for use - with apply. - properties: - labelSelector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label selector - operator is the set - of operators that can - be used in a selector - requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - matchLabelKeys: - items: - type: string - type: array - mismatchLabelKeys: - items: - type: string - type: array - namespaceSelector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label selector - operator is the set - of operators that can - be used in a selector - requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - type: object - weight: - format: int32 - type: integer - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - items: - description: |- - PodAffinityTermApplyConfiguration represents an declarative configuration of the PodAffinityTerm type for use - with apply. - properties: - labelSelector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label selector - operator is the set of operators - that can be used in a selector - requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - matchLabelKeys: - items: - type: string - type: array - mismatchLabelKeys: - items: - type: string - type: array - namespaceSelector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label selector - operator is the set of operators - that can be used in a selector - requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - type: object - type: array - type: object - type: object - automountServiceAccountToken: - type: boolean - containers: - items: - description: |- - ContainerApplyConfiguration represents an declarative configuration of the Container type for use - with apply. - properties: - args: - items: - type: string - type: array - command: - items: - type: string - type: array - env: - items: - description: |- - EnvVarApplyConfiguration represents an declarative configuration of the EnvVar type for use - with apply. - properties: - name: - type: string - value: - type: string - valueFrom: - description: |- - EnvVarSourceApplyConfiguration represents an declarative configuration of the EnvVarSource type for use - with apply. - properties: - configMapKeyRef: - description: |- - ConfigMapKeySelectorApplyConfiguration represents an declarative configuration of the ConfigMapKeySelector type for use - with apply. - properties: - key: - type: string - name: - type: string - optional: - type: boolean - type: object - fieldRef: - description: |- - ObjectFieldSelectorApplyConfiguration represents an declarative configuration of the ObjectFieldSelector type for use - with apply. - properties: - apiVersion: - type: string - fieldPath: - type: string - type: object - resourceFieldRef: - description: |- - ResourceFieldSelectorApplyConfiguration represents an declarative configuration of the ResourceFieldSelector type for use - with apply. - properties: - containerName: - type: string - divisor: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - type: string - type: object - secretKeyRef: - description: |- - SecretKeySelectorApplyConfiguration represents an declarative configuration of the SecretKeySelector type for use - with apply. - properties: - key: - type: string - name: - type: string - optional: - type: boolean - type: object - type: object - type: object - type: array - envFrom: - items: - description: |- - EnvFromSourceApplyConfiguration represents an declarative configuration of the EnvFromSource type for use - with apply. - properties: - configMapRef: - description: |- - ConfigMapEnvSourceApplyConfiguration represents an declarative configuration of the ConfigMapEnvSource type for use - with apply. - properties: - name: - type: string - optional: - type: boolean - type: object - prefix: - type: string - secretRef: - description: |- - SecretEnvSourceApplyConfiguration represents an declarative configuration of the SecretEnvSource type for use - with apply. - properties: - name: - type: string - optional: - type: boolean - type: object - type: object - type: array - image: - type: string - imagePullPolicy: - description: PullPolicy describes a policy for - if/when to pull a container image - type: string - lifecycle: - description: |- - LifecycleApplyConfiguration represents an declarative configuration of the Lifecycle type for use - with apply. - properties: - postStart: - description: |- - LifecycleHandlerApplyConfiguration represents an declarative configuration of the LifecycleHandler type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies - the scheme used for connection - to a host for Get actions - type: string - type: object - sleep: - description: |- - SleepActionApplyConfiguration represents an declarative configuration of the SleepAction type for use - with apply. - properties: - seconds: - format: int64 - type: integer - type: object - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - type: object - preStop: - description: |- - LifecycleHandlerApplyConfiguration represents an declarative configuration of the LifecycleHandler type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies - the scheme used for connection - to a host for Get actions - type: string - type: object - sleep: - description: |- - SleepActionApplyConfiguration represents an declarative configuration of the SleepAction type for use - with apply. - properties: - seconds: - format: int64 - type: integer - type: object - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - type: object - type: object - livenessProbe: - description: |- - ProbeApplyConfiguration represents an declarative configuration of the Probe type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - description: |- - GRPCActionApplyConfiguration represents an declarative configuration of the GRPCAction type for use - with apply. - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies the - scheme used for connection to a host - for Get actions - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - name: - type: string - ports: - items: - description: |- - ContainerPortApplyConfiguration represents an declarative configuration of the ContainerPort type for use - with apply. - properties: - containerPort: - format: int32 - type: integer - hostIP: - type: string - hostPort: - format: int32 - type: integer - name: - type: string - protocol: - description: Protocol defines network - protocols supported for things like - container ports. - type: string - type: object - type: array - readinessProbe: - description: |- - ProbeApplyConfiguration represents an declarative configuration of the Probe type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - description: |- - GRPCActionApplyConfiguration represents an declarative configuration of the GRPCAction type for use - with apply. - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies the - scheme used for connection to a host - for Get actions - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - resizePolicy: - items: - description: |- - ContainerResizePolicyApplyConfiguration represents an declarative configuration of the ContainerResizePolicy type for use - with apply. - properties: - resourceName: - description: ResourceName is the name - identifying various resources in a ResourceList. - type: string - restartPolicy: - description: ResourceResizeRestartPolicy - specifies how to handle container resource - resize. - type: string - type: object - type: array - resources: - description: |- - ResourceRequirementsApplyConfiguration represents an declarative configuration of the ResourceRequirements type for use - with apply. - properties: - claims: - items: - description: |- - ResourceClaimApplyConfiguration represents an declarative configuration of the ResourceClaim type for use - with apply. - properties: - name: - type: string - type: object - type: array - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: ResourceList is a set of (resource - name, quantity) pairs. - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: ResourceList is a set of (resource - name, quantity) pairs. - type: object - type: object - restartPolicy: - description: |- - ContainerRestartPolicy is the restart policy for a single container. - This may only be set for init containers and only allowed value is "Always". - type: string - securityContext: - description: |- - SecurityContextApplyConfiguration represents an declarative configuration of the SecurityContext type for use - with apply. - properties: - allowPrivilegeEscalation: - type: boolean - appArmorProfile: - description: |- - AppArmorProfileApplyConfiguration represents an declarative configuration of the AppArmorProfile type for use - with apply. - properties: - localhostProfile: - type: string - type: - type: string - type: object - capabilities: - description: |- - CapabilitiesApplyConfiguration represents an declarative configuration of the Capabilities type for use - with apply. - properties: - add: - items: - description: Capability represent - POSIX capabilities type - type: string - type: array - drop: - items: - description: Capability represent - POSIX capabilities type - type: string - type: array - type: object - privileged: - type: boolean - procMount: - type: string - readOnlyRootFilesystem: - type: boolean - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - description: |- - SELinuxOptionsApplyConfiguration represents an declarative configuration of the SELinuxOptions type for use - with apply. - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - seccompProfile: - description: |- - SeccompProfileApplyConfiguration represents an declarative configuration of the SeccompProfile type for use - with apply. - properties: - localhostProfile: - type: string - type: - description: SeccompProfileType defines - the supported seccomp profile types. - type: string - type: object - windowsOptions: - description: |- - WindowsSecurityContextOptionsApplyConfiguration represents an declarative configuration of the WindowsSecurityContextOptions type for use - with apply. - properties: - gmsaCredentialSpec: - type: string - gmsaCredentialSpecName: - type: string - hostProcess: - type: boolean - runAsUserName: - type: string - type: object - type: object - startupProbe: - description: |- - ProbeApplyConfiguration represents an declarative configuration of the Probe type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - description: |- - GRPCActionApplyConfiguration represents an declarative configuration of the GRPCAction type for use - with apply. - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies the - scheme used for connection to a host - for Get actions - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - stdin: - type: boolean - stdinOnce: - type: boolean - terminationMessagePath: - type: string - terminationMessagePolicy: - description: TerminationMessagePolicy describes - how termination messages are retrieved from - a container. - type: string - tty: - type: boolean - volumeDevices: - items: - description: |- - VolumeDeviceApplyConfiguration represents an declarative configuration of the VolumeDevice type for use - with apply. - properties: - devicePath: - type: string - name: - type: string - type: object - type: array - volumeMounts: - items: - description: |- - VolumeMountApplyConfiguration represents an declarative configuration of the VolumeMount type for use - with apply. - properties: - mountPath: - type: string - mountPropagation: - description: MountPropagationMode describes - mount propagation. - type: string - name: - type: string - readOnly: - type: boolean - recursiveReadOnly: - description: RecursiveReadOnlyMode describes - recursive-readonly mode. - type: string - subPath: - type: string - subPathExpr: - type: string - type: object - type: array - workingDir: - type: string - type: object - type: array - dnsConfig: - description: |- - PodDNSConfigApplyConfiguration represents an declarative configuration of the PodDNSConfig type for use - with apply. - properties: - nameservers: - items: - type: string - type: array - options: - items: - description: |- - PodDNSConfigOptionApplyConfiguration represents an declarative configuration of the PodDNSConfigOption type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - searches: - items: - type: string - type: array - type: object - dnsPolicy: - description: DNSPolicy defines how a pod's DNS will - be configured. - type: string - enableServiceLinks: - type: boolean - ephemeralContainers: - items: - description: |- - EphemeralContainerApplyConfiguration represents an declarative configuration of the EphemeralContainer type for use - with apply. - properties: - args: - items: - type: string - type: array - command: - items: - type: string - type: array - env: - items: - description: |- - EnvVarApplyConfiguration represents an declarative configuration of the EnvVar type for use - with apply. - properties: - name: - type: string - value: - type: string - valueFrom: - description: |- - EnvVarSourceApplyConfiguration represents an declarative configuration of the EnvVarSource type for use - with apply. - properties: - configMapKeyRef: - description: |- - ConfigMapKeySelectorApplyConfiguration represents an declarative configuration of the ConfigMapKeySelector type for use - with apply. - properties: - key: - type: string - name: - type: string - optional: - type: boolean - type: object - fieldRef: - description: |- - ObjectFieldSelectorApplyConfiguration represents an declarative configuration of the ObjectFieldSelector type for use - with apply. - properties: - apiVersion: - type: string - fieldPath: - type: string - type: object - resourceFieldRef: - description: |- - ResourceFieldSelectorApplyConfiguration represents an declarative configuration of the ResourceFieldSelector type for use - with apply. - properties: - containerName: - type: string - divisor: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - type: string - type: object - secretKeyRef: - description: |- - SecretKeySelectorApplyConfiguration represents an declarative configuration of the SecretKeySelector type for use - with apply. - properties: - key: - type: string - name: - type: string - optional: - type: boolean - type: object - type: object - type: object - type: array - envFrom: - items: - description: |- - EnvFromSourceApplyConfiguration represents an declarative configuration of the EnvFromSource type for use - with apply. - properties: - configMapRef: - description: |- - ConfigMapEnvSourceApplyConfiguration represents an declarative configuration of the ConfigMapEnvSource type for use - with apply. - properties: - name: - type: string - optional: - type: boolean - type: object - prefix: - type: string - secretRef: - description: |- - SecretEnvSourceApplyConfiguration represents an declarative configuration of the SecretEnvSource type for use - with apply. - properties: - name: - type: string - optional: - type: boolean - type: object - type: object - type: array - image: - type: string - imagePullPolicy: - description: PullPolicy describes a policy for - if/when to pull a container image - type: string - lifecycle: - description: |- - LifecycleApplyConfiguration represents an declarative configuration of the Lifecycle type for use - with apply. - properties: - postStart: - description: |- - LifecycleHandlerApplyConfiguration represents an declarative configuration of the LifecycleHandler type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies - the scheme used for connection - to a host for Get actions - type: string - type: object - sleep: - description: |- - SleepActionApplyConfiguration represents an declarative configuration of the SleepAction type for use - with apply. - properties: - seconds: - format: int64 - type: integer - type: object - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - type: object - preStop: - description: |- - LifecycleHandlerApplyConfiguration represents an declarative configuration of the LifecycleHandler type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies - the scheme used for connection - to a host for Get actions - type: string - type: object - sleep: - description: |- - SleepActionApplyConfiguration represents an declarative configuration of the SleepAction type for use - with apply. - properties: - seconds: - format: int64 - type: integer - type: object - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - type: object - type: object - livenessProbe: - description: |- - ProbeApplyConfiguration represents an declarative configuration of the Probe type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - description: |- - GRPCActionApplyConfiguration represents an declarative configuration of the GRPCAction type for use - with apply. - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies the - scheme used for connection to a host - for Get actions - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - name: - type: string - ports: - items: - description: |- - ContainerPortApplyConfiguration represents an declarative configuration of the ContainerPort type for use - with apply. - properties: - containerPort: - format: int32 - type: integer - hostIP: - type: string - hostPort: - format: int32 - type: integer - name: - type: string - protocol: - description: Protocol defines network - protocols supported for things like - container ports. - type: string - type: object - type: array - readinessProbe: - description: |- - ProbeApplyConfiguration represents an declarative configuration of the Probe type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - description: |- - GRPCActionApplyConfiguration represents an declarative configuration of the GRPCAction type for use - with apply. - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies the - scheme used for connection to a host - for Get actions - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - resizePolicy: - items: - description: |- - ContainerResizePolicyApplyConfiguration represents an declarative configuration of the ContainerResizePolicy type for use - with apply. - properties: - resourceName: - description: ResourceName is the name - identifying various resources in a ResourceList. - type: string - restartPolicy: - description: ResourceResizeRestartPolicy - specifies how to handle container resource - resize. - type: string - type: object - type: array - resources: - description: |- - ResourceRequirementsApplyConfiguration represents an declarative configuration of the ResourceRequirements type for use - with apply. - properties: - claims: - items: - description: |- - ResourceClaimApplyConfiguration represents an declarative configuration of the ResourceClaim type for use - with apply. - properties: - name: - type: string - type: object - type: array - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: ResourceList is a set of (resource - name, quantity) pairs. - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: ResourceList is a set of (resource - name, quantity) pairs. - type: object - type: object - restartPolicy: - description: |- - ContainerRestartPolicy is the restart policy for a single container. - This may only be set for init containers and only allowed value is "Always". - type: string - securityContext: - description: |- - SecurityContextApplyConfiguration represents an declarative configuration of the SecurityContext type for use - with apply. - properties: - allowPrivilegeEscalation: - type: boolean - appArmorProfile: - description: |- - AppArmorProfileApplyConfiguration represents an declarative configuration of the AppArmorProfile type for use - with apply. - properties: - localhostProfile: - type: string - type: - type: string - type: object - capabilities: - description: |- - CapabilitiesApplyConfiguration represents an declarative configuration of the Capabilities type for use - with apply. - properties: - add: - items: - description: Capability represent - POSIX capabilities type - type: string - type: array - drop: - items: - description: Capability represent - POSIX capabilities type - type: string - type: array - type: object - privileged: - type: boolean - procMount: - type: string - readOnlyRootFilesystem: - type: boolean - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - description: |- - SELinuxOptionsApplyConfiguration represents an declarative configuration of the SELinuxOptions type for use - with apply. - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - seccompProfile: - description: |- - SeccompProfileApplyConfiguration represents an declarative configuration of the SeccompProfile type for use - with apply. - properties: - localhostProfile: - type: string - type: - description: SeccompProfileType defines - the supported seccomp profile types. - type: string - type: object - windowsOptions: - description: |- - WindowsSecurityContextOptionsApplyConfiguration represents an declarative configuration of the WindowsSecurityContextOptions type for use - with apply. - properties: - gmsaCredentialSpec: - type: string - gmsaCredentialSpecName: - type: string - hostProcess: - type: boolean - runAsUserName: - type: string - type: object - type: object - startupProbe: - description: |- - ProbeApplyConfiguration represents an declarative configuration of the Probe type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - description: |- - GRPCActionApplyConfiguration represents an declarative configuration of the GRPCAction type for use - with apply. - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies the - scheme used for connection to a host - for Get actions - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - stdin: - type: boolean - stdinOnce: - type: boolean - targetContainerName: - type: string - terminationMessagePath: - type: string - terminationMessagePolicy: - description: TerminationMessagePolicy describes - how termination messages are retrieved from - a container. - type: string - tty: - type: boolean - volumeDevices: - items: - description: |- - VolumeDeviceApplyConfiguration represents an declarative configuration of the VolumeDevice type for use - with apply. - properties: - devicePath: - type: string - name: - type: string - type: object - type: array - volumeMounts: - items: - description: |- - VolumeMountApplyConfiguration represents an declarative configuration of the VolumeMount type for use - with apply. - properties: - mountPath: - type: string - mountPropagation: - description: MountPropagationMode describes - mount propagation. - type: string - name: - type: string - readOnly: - type: boolean - recursiveReadOnly: - description: RecursiveReadOnlyMode describes - recursive-readonly mode. - type: string - subPath: - type: string - subPathExpr: - type: string - type: object - type: array - workingDir: - type: string - type: object - type: array - hostAliases: - items: - description: |- - HostAliasApplyConfiguration represents an declarative configuration of the HostAlias type for use - with apply. - properties: - hostnames: - items: - type: string - type: array - ip: - type: string - type: object - type: array - hostIPC: - type: boolean - hostNetwork: - type: boolean - hostPID: - type: boolean - hostUsers: - type: boolean - hostname: - type: string - imagePullSecrets: - items: - description: |- - LocalObjectReferenceApplyConfiguration represents an declarative configuration of the LocalObjectReference type for use - with apply. - properties: - name: - type: string - type: object - type: array - initContainers: - items: - description: |- - ContainerApplyConfiguration represents an declarative configuration of the Container type for use - with apply. - properties: - args: - items: - type: string - type: array - command: - items: - type: string - type: array - env: - items: - description: |- - EnvVarApplyConfiguration represents an declarative configuration of the EnvVar type for use - with apply. - properties: - name: - type: string - value: - type: string - valueFrom: - description: |- - EnvVarSourceApplyConfiguration represents an declarative configuration of the EnvVarSource type for use - with apply. - properties: - configMapKeyRef: - description: |- - ConfigMapKeySelectorApplyConfiguration represents an declarative configuration of the ConfigMapKeySelector type for use - with apply. - properties: - key: - type: string - name: - type: string - optional: - type: boolean - type: object - fieldRef: - description: |- - ObjectFieldSelectorApplyConfiguration represents an declarative configuration of the ObjectFieldSelector type for use - with apply. - properties: - apiVersion: - type: string - fieldPath: - type: string - type: object - resourceFieldRef: - description: |- - ResourceFieldSelectorApplyConfiguration represents an declarative configuration of the ResourceFieldSelector type for use - with apply. - properties: - containerName: - type: string - divisor: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - type: string - type: object - secretKeyRef: - description: |- - SecretKeySelectorApplyConfiguration represents an declarative configuration of the SecretKeySelector type for use - with apply. - properties: - key: - type: string - name: - type: string - optional: - type: boolean - type: object - type: object - type: object - type: array - envFrom: - items: - description: |- - EnvFromSourceApplyConfiguration represents an declarative configuration of the EnvFromSource type for use - with apply. - properties: - configMapRef: - description: |- - ConfigMapEnvSourceApplyConfiguration represents an declarative configuration of the ConfigMapEnvSource type for use - with apply. - properties: - name: - type: string - optional: - type: boolean - type: object - prefix: - type: string - secretRef: - description: |- - SecretEnvSourceApplyConfiguration represents an declarative configuration of the SecretEnvSource type for use - with apply. - properties: - name: - type: string - optional: - type: boolean - type: object - type: object - type: array - image: - type: string - imagePullPolicy: - description: PullPolicy describes a policy for - if/when to pull a container image - type: string - lifecycle: - description: |- - LifecycleApplyConfiguration represents an declarative configuration of the Lifecycle type for use - with apply. - properties: - postStart: - description: |- - LifecycleHandlerApplyConfiguration represents an declarative configuration of the LifecycleHandler type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies - the scheme used for connection - to a host for Get actions - type: string - type: object - sleep: - description: |- - SleepActionApplyConfiguration represents an declarative configuration of the SleepAction type for use - with apply. - properties: - seconds: - format: int64 - type: integer - type: object - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - type: object - preStop: - description: |- - LifecycleHandlerApplyConfiguration represents an declarative configuration of the LifecycleHandler type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies - the scheme used for connection - to a host for Get actions - type: string - type: object - sleep: - description: |- - SleepActionApplyConfiguration represents an declarative configuration of the SleepAction type for use - with apply. - properties: - seconds: - format: int64 - type: integer - type: object - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - type: object - type: object - livenessProbe: - description: |- - ProbeApplyConfiguration represents an declarative configuration of the Probe type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - description: |- - GRPCActionApplyConfiguration represents an declarative configuration of the GRPCAction type for use - with apply. - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies the - scheme used for connection to a host - for Get actions - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - name: - type: string - ports: - items: - description: |- - ContainerPortApplyConfiguration represents an declarative configuration of the ContainerPort type for use - with apply. - properties: - containerPort: - format: int32 - type: integer - hostIP: - type: string - hostPort: - format: int32 - type: integer - name: - type: string - protocol: - description: Protocol defines network - protocols supported for things like - container ports. - type: string - type: object - type: array - readinessProbe: - description: |- - ProbeApplyConfiguration represents an declarative configuration of the Probe type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - description: |- - GRPCActionApplyConfiguration represents an declarative configuration of the GRPCAction type for use - with apply. - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies the - scheme used for connection to a host - for Get actions - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - resizePolicy: - items: - description: |- - ContainerResizePolicyApplyConfiguration represents an declarative configuration of the ContainerResizePolicy type for use - with apply. - properties: - resourceName: - description: ResourceName is the name - identifying various resources in a ResourceList. - type: string - restartPolicy: - description: ResourceResizeRestartPolicy - specifies how to handle container resource - resize. - type: string - type: object - type: array - resources: - description: |- - ResourceRequirementsApplyConfiguration represents an declarative configuration of the ResourceRequirements type for use - with apply. - properties: - claims: - items: - description: |- - ResourceClaimApplyConfiguration represents an declarative configuration of the ResourceClaim type for use - with apply. - properties: - name: - type: string - type: object - type: array - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: ResourceList is a set of (resource - name, quantity) pairs. - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: ResourceList is a set of (resource - name, quantity) pairs. - type: object - type: object - restartPolicy: - description: |- - ContainerRestartPolicy is the restart policy for a single container. - This may only be set for init containers and only allowed value is "Always". - type: string - securityContext: - description: |- - SecurityContextApplyConfiguration represents an declarative configuration of the SecurityContext type for use - with apply. - properties: - allowPrivilegeEscalation: - type: boolean - appArmorProfile: - description: |- - AppArmorProfileApplyConfiguration represents an declarative configuration of the AppArmorProfile type for use - with apply. - properties: - localhostProfile: - type: string - type: - type: string - type: object - capabilities: - description: |- - CapabilitiesApplyConfiguration represents an declarative configuration of the Capabilities type for use - with apply. - properties: - add: - items: - description: Capability represent - POSIX capabilities type - type: string - type: array - drop: - items: - description: Capability represent - POSIX capabilities type - type: string - type: array - type: object - privileged: - type: boolean - procMount: - type: string - readOnlyRootFilesystem: - type: boolean - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - description: |- - SELinuxOptionsApplyConfiguration represents an declarative configuration of the SELinuxOptions type for use - with apply. - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - seccompProfile: - description: |- - SeccompProfileApplyConfiguration represents an declarative configuration of the SeccompProfile type for use - with apply. - properties: - localhostProfile: - type: string - type: - description: SeccompProfileType defines - the supported seccomp profile types. - type: string - type: object - windowsOptions: - description: |- - WindowsSecurityContextOptionsApplyConfiguration represents an declarative configuration of the WindowsSecurityContextOptions type for use - with apply. - properties: - gmsaCredentialSpec: - type: string - gmsaCredentialSpecName: - type: string - hostProcess: - type: boolean - runAsUserName: - type: string - type: object - type: object - startupProbe: - description: |- - ProbeApplyConfiguration represents an declarative configuration of the Probe type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - description: |- - GRPCActionApplyConfiguration represents an declarative configuration of the GRPCAction type for use - with apply. - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies the - scheme used for connection to a host - for Get actions - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - stdin: - type: boolean - stdinOnce: - type: boolean - terminationMessagePath: - type: string - terminationMessagePolicy: - description: TerminationMessagePolicy describes - how termination messages are retrieved from - a container. - type: string - tty: - type: boolean - volumeDevices: - items: - description: |- - VolumeDeviceApplyConfiguration represents an declarative configuration of the VolumeDevice type for use - with apply. - properties: - devicePath: - type: string - name: - type: string - type: object - type: array - volumeMounts: - items: - description: |- - VolumeMountApplyConfiguration represents an declarative configuration of the VolumeMount type for use - with apply. - properties: - mountPath: - type: string - mountPropagation: - description: MountPropagationMode describes - mount propagation. - type: string - name: - type: string - readOnly: - type: boolean - recursiveReadOnly: - description: RecursiveReadOnlyMode describes - recursive-readonly mode. - type: string - subPath: - type: string - subPathExpr: - type: string - type: object - type: array - workingDir: - type: string - type: object - type: array - nodeName: - type: string - nodeSelector: - additionalProperties: - type: string - type: object - os: - description: |- - PodOSApplyConfiguration represents an declarative configuration of the PodOS type for use - with apply. - properties: - name: - description: OSName is the set of OS'es that can - be used in OS. - type: string - type: object - overhead: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: ResourceList is a set of (resource name, - quantity) pairs. - type: object - preemptionPolicy: - description: PreemptionPolicy describes a policy for - if/when to preempt a pod. - type: string - priority: - format: int32 - type: integer - priorityClassName: - type: string - readinessGates: - items: - description: |- - PodReadinessGateApplyConfiguration represents an declarative configuration of the PodReadinessGate type for use - with apply. - properties: - conditionType: - description: PodConditionType is a valid value - for PodCondition.Type - type: string - type: object - type: array - resourceClaims: - items: - description: |- - PodResourceClaimApplyConfiguration represents an declarative configuration of the PodResourceClaim type for use - with apply. - properties: - name: - type: string - source: - description: |- - ClaimSourceApplyConfiguration represents an declarative configuration of the ClaimSource type for use - with apply. - properties: - resourceClaimName: - type: string - resourceClaimTemplateName: - type: string - type: object - type: object - type: array - restartPolicy: - description: |- - RestartPolicy describes how the container should be restarted. - Only one of the following restart policies may be specified. - If none of the following policies is specified, the default one - is RestartPolicyAlways. - type: string - runtimeClassName: - type: string - schedulerName: - type: string - schedulingGates: - items: - description: |- - PodSchedulingGateApplyConfiguration represents an declarative configuration of the PodSchedulingGate type for use - with apply. - properties: - name: - type: string - type: object - type: array - securityContext: - description: |- - PodSecurityContextApplyConfiguration represents an declarative configuration of the PodSecurityContext type for use - with apply. - properties: - appArmorProfile: - description: |- - AppArmorProfileApplyConfiguration represents an declarative configuration of the AppArmorProfile type for use - with apply. - properties: - localhostProfile: - type: string - type: - type: string - type: object - fsGroup: - format: int64 - type: integer - fsGroupChangePolicy: - description: |- - PodFSGroupChangePolicy holds policies that will be used for applying fsGroup to a volume - when volume is mounted. - type: string - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - description: |- - SELinuxOptionsApplyConfiguration represents an declarative configuration of the SELinuxOptions type for use - with apply. - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - seccompProfile: - description: |- - SeccompProfileApplyConfiguration represents an declarative configuration of the SeccompProfile type for use - with apply. - properties: - localhostProfile: - type: string - type: - description: SeccompProfileType defines the - supported seccomp profile types. - type: string - type: object - supplementalGroups: - items: - format: int64 - type: integer - type: array - sysctls: - items: - description: |- - SysctlApplyConfiguration represents an declarative configuration of the Sysctl type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - windowsOptions: - description: |- - WindowsSecurityContextOptionsApplyConfiguration represents an declarative configuration of the WindowsSecurityContextOptions type for use - with apply. - properties: - gmsaCredentialSpec: - type: string - gmsaCredentialSpecName: - type: string - hostProcess: - type: boolean - runAsUserName: - type: string - type: object - type: object - serviceAccount: - type: string - serviceAccountName: - type: string - setHostnameAsFQDN: - type: boolean - shareProcessNamespace: - type: boolean - subdomain: - type: string - terminationGracePeriodSeconds: - format: int64 - type: integer - tolerations: - items: - description: |- - TolerationApplyConfiguration represents an declarative configuration of the Toleration type for use - with apply. - properties: - effect: - type: string - key: - type: string - operator: - description: A toleration operator is the set - of operators that can be used in a toleration. - type: string - tolerationSeconds: - format: int64 - type: integer - value: - type: string - type: object - type: array - topologySpreadConstraints: - items: - description: |- - TopologySpreadConstraintApplyConfiguration represents an declarative configuration of the TopologySpreadConstraint type for use - with apply. - properties: - labelSelector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label selector operator - is the set of operators that can - be used in a selector requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - matchLabelKeys: - items: - type: string - type: array - maxSkew: - format: int32 - type: integer - minDomains: - format: int32 - type: integer - nodeAffinityPolicy: - description: NodeInclusionPolicy defines the - type of node inclusion policy - type: string - nodeTaintsPolicy: - description: NodeInclusionPolicy defines the - type of node inclusion policy - type: string - topologyKey: - type: string - whenUnsatisfiable: - type: string - type: object - type: array - volumes: - items: - description: |- - VolumeApplyConfiguration represents an declarative configuration of the Volume type for use - with apply. - properties: - awsElasticBlockStore: - description: |- - AWSElasticBlockStoreVolumeSourceApplyConfiguration represents an declarative configuration of the AWSElasticBlockStoreVolumeSource type for use - with apply. - properties: - fsType: - type: string - partition: - format: int32 - type: integer - readOnly: - type: boolean - volumeID: - type: string - type: object - azureDisk: - description: |- - AzureDiskVolumeSourceApplyConfiguration represents an declarative configuration of the AzureDiskVolumeSource type for use - with apply. - properties: - cachingMode: - type: string - diskName: - type: string - diskURI: - type: string - fsType: - type: string - kind: - type: string - readOnly: - type: boolean - type: object - azureFile: - description: |- - AzureFileVolumeSourceApplyConfiguration represents an declarative configuration of the AzureFileVolumeSource type for use - with apply. - properties: - readOnly: - type: boolean - secretName: - type: string - shareName: - type: string - type: object - cephfs: - description: |- - CephFSVolumeSourceApplyConfiguration represents an declarative configuration of the CephFSVolumeSource type for use - with apply. - properties: - monitors: - items: - type: string - type: array - path: - type: string - readOnly: - type: boolean - secretFile: - type: string - secretRef: - description: |- - LocalObjectReferenceApplyConfiguration represents an declarative configuration of the LocalObjectReference type for use - with apply. - properties: - name: - type: string - type: object - user: - type: string - type: object - cinder: - description: |- - CinderVolumeSourceApplyConfiguration represents an declarative configuration of the CinderVolumeSource type for use - with apply. - properties: - fsType: - type: string - readOnly: - type: boolean - secretRef: - description: |- - LocalObjectReferenceApplyConfiguration represents an declarative configuration of the LocalObjectReference type for use - with apply. - properties: - name: - type: string - type: object - volumeID: - type: string - type: object - configMap: - description: |- - ConfigMapVolumeSourceApplyConfiguration represents an declarative configuration of the ConfigMapVolumeSource type for use - with apply. - properties: - defaultMode: - format: int32 - type: integer - items: - items: - description: |- - KeyToPathApplyConfiguration represents an declarative configuration of the KeyToPath type for use - with apply. - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - type: object - type: array - name: - type: string - optional: - type: boolean - type: object - csi: - description: |- - CSIVolumeSourceApplyConfiguration represents an declarative configuration of the CSIVolumeSource type for use - with apply. - properties: - driver: - type: string - fsType: - type: string - nodePublishSecretRef: - description: |- - LocalObjectReferenceApplyConfiguration represents an declarative configuration of the LocalObjectReference type for use - with apply. - properties: - name: - type: string - type: object - readOnly: - type: boolean - volumeAttributes: - additionalProperties: - type: string - type: object - type: object - downwardAPI: - description: |- - DownwardAPIVolumeSourceApplyConfiguration represents an declarative configuration of the DownwardAPIVolumeSource type for use - with apply. - properties: - defaultMode: - format: int32 - type: integer - items: - items: - description: |- - DownwardAPIVolumeFileApplyConfiguration represents an declarative configuration of the DownwardAPIVolumeFile type for use - with apply. - properties: - fieldRef: - description: |- - ObjectFieldSelectorApplyConfiguration represents an declarative configuration of the ObjectFieldSelector type for use - with apply. - properties: - apiVersion: - type: string - fieldPath: - type: string - type: object - mode: - format: int32 - type: integer - path: - type: string - resourceFieldRef: - description: |- - ResourceFieldSelectorApplyConfiguration represents an declarative configuration of the ResourceFieldSelector type for use - with apply. - properties: - containerName: - type: string - divisor: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - type: string - type: object - type: object - type: array - type: object - emptyDir: - description: |- - EmptyDirVolumeSourceApplyConfiguration represents an declarative configuration of the EmptyDirVolumeSource type for use - with apply. - properties: - medium: - description: StorageMedium defines ways - that storage can be allocated to a volume. - type: string - sizeLimit: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - ephemeral: - description: |- - EphemeralVolumeSourceApplyConfiguration represents an declarative configuration of the EphemeralVolumeSource type for use - with apply. - properties: - volumeClaimTemplate: - description: |- - PersistentVolumeClaimTemplateApplyConfiguration represents an declarative configuration of the PersistentVolumeClaimTemplate type for use - with apply. - properties: - metadata: - description: |- - ObjectMetaApplyConfiguration represents an declarative configuration of the ObjectMeta type for use - with apply. - properties: - annotations: - additionalProperties: - type: string - type: object - creationTimestamp: - format: date-time - type: string - deletionGracePeriodSeconds: - format: int64 - type: integer - deletionTimestamp: - format: date-time - type: string - finalizers: - items: - type: string - type: array - generateName: - type: string - generation: - format: int64 - type: integer - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - ownerReferences: - items: - description: |- - OwnerReferenceApplyConfiguration represents an declarative configuration of the OwnerReference type for use - with apply. - properties: - apiVersion: - type: string - blockOwnerDeletion: - type: boolean - controller: - type: boolean - kind: - type: string - name: - type: string - uid: - description: |- - UID is a type that holds unique ID values, including UUIDs. Because we - don't ONLY use UUIDs, this is an alias to string. Being a type captures - intent and helps make sure that UIDs and names do not get conflated. - type: string - type: object - type: array - resourceVersion: - type: string - uid: - description: |- - UID is a type that holds unique ID values, including UUIDs. Because we - don't ONLY use UUIDs, this is an alias to string. Being a type captures - intent and helps make sure that UIDs and names do not get conflated. - type: string - type: object - spec: - description: |- - PersistentVolumeClaimSpecApplyConfiguration represents an declarative configuration of the PersistentVolumeClaimSpec type for use - with apply. - properties: - accessModes: - items: - type: string - type: array - dataSource: - description: |- - TypedLocalObjectReferenceApplyConfiguration represents an declarative configuration of the TypedLocalObjectReference type for use - with apply. - properties: - apiGroup: - type: string - kind: - type: string - name: - type: string - type: object - dataSourceRef: - description: |- - TypedObjectReferenceApplyConfiguration represents an declarative configuration of the TypedObjectReference type for use - with apply. - properties: - apiGroup: - type: string - kind: - type: string - name: - type: string - namespace: - type: string - type: object - resources: - description: |- - VolumeResourceRequirementsApplyConfiguration represents an declarative configuration of the VolumeResourceRequirements type for use - with apply. - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: ResourceList is - a set of (resource name, quantity) - pairs. - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: ResourceList is - a set of (resource name, quantity) - pairs. - type: object - type: object - selector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label selector - operator is the set - of operators that can - be used in a selector - requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - storageClassName: - type: string - volumeAttributesClassName: - type: string - volumeMode: - description: PersistentVolumeMode - describes how a volume is intended - to be consumed, either Block or - Filesystem. - type: string - volumeName: - type: string - type: object - type: object - type: object - fc: - description: |- - FCVolumeSourceApplyConfiguration represents an declarative configuration of the FCVolumeSource type for use - with apply. - properties: - fsType: - type: string - lun: - format: int32 - type: integer - readOnly: - type: boolean - targetWWNs: - items: - type: string - type: array - wwids: - items: - type: string - type: array - type: object - flexVolume: - description: |- - FlexVolumeSourceApplyConfiguration represents an declarative configuration of the FlexVolumeSource type for use - with apply. - properties: - driver: - type: string - fsType: - type: string - options: - additionalProperties: - type: string - type: object - readOnly: - type: boolean - secretRef: - description: |- - LocalObjectReferenceApplyConfiguration represents an declarative configuration of the LocalObjectReference type for use - with apply. - properties: - name: - type: string - type: object - type: object - flocker: - description: |- - FlockerVolumeSourceApplyConfiguration represents an declarative configuration of the FlockerVolumeSource type for use - with apply. - properties: - datasetName: - type: string - datasetUUID: - type: string - type: object - gcePersistentDisk: - description: |- - GCEPersistentDiskVolumeSourceApplyConfiguration represents an declarative configuration of the GCEPersistentDiskVolumeSource type for use - with apply. - properties: - fsType: - type: string - partition: - format: int32 - type: integer - pdName: - type: string - readOnly: - type: boolean - type: object - gitRepo: - description: |- - GitRepoVolumeSourceApplyConfiguration represents an declarative configuration of the GitRepoVolumeSource type for use - with apply. - properties: - directory: - type: string - repository: - type: string - revision: - type: string - type: object - glusterfs: - description: |- - GlusterfsVolumeSourceApplyConfiguration represents an declarative configuration of the GlusterfsVolumeSource type for use - with apply. - properties: - endpoints: - type: string - path: - type: string - readOnly: - type: boolean - type: object - hostPath: - description: |- - HostPathVolumeSourceApplyConfiguration represents an declarative configuration of the HostPathVolumeSource type for use - with apply. - properties: - path: - type: string - type: - type: string - type: object - iscsi: - description: |- - ISCSIVolumeSourceApplyConfiguration represents an declarative configuration of the ISCSIVolumeSource type for use - with apply. - properties: - chapAuthDiscovery: - type: boolean - chapAuthSession: - type: boolean - fsType: - type: string - initiatorName: - type: string - iqn: - type: string - iscsiInterface: - type: string - lun: - format: int32 - type: integer - portals: - items: - type: string - type: array - readOnly: - type: boolean - secretRef: - description: |- - LocalObjectReferenceApplyConfiguration represents an declarative configuration of the LocalObjectReference type for use - with apply. - properties: - name: - type: string - type: object - targetPortal: - type: string - type: object - name: - type: string - nfs: - description: |- - NFSVolumeSourceApplyConfiguration represents an declarative configuration of the NFSVolumeSource type for use - with apply. - properties: - path: - type: string - readOnly: - type: boolean - server: - type: string - type: object - persistentVolumeClaim: - description: |- - PersistentVolumeClaimVolumeSourceApplyConfiguration represents an declarative configuration of the PersistentVolumeClaimVolumeSource type for use - with apply. - properties: - claimName: - type: string - readOnly: - type: boolean - type: object - photonPersistentDisk: - description: |- - PhotonPersistentDiskVolumeSourceApplyConfiguration represents an declarative configuration of the PhotonPersistentDiskVolumeSource type for use - with apply. - properties: - fsType: - type: string - pdID: - type: string - type: object - portworxVolume: - description: |- - PortworxVolumeSourceApplyConfiguration represents an declarative configuration of the PortworxVolumeSource type for use - with apply. - properties: - fsType: - type: string - readOnly: - type: boolean - volumeID: - type: string - type: object - projected: - description: |- - ProjectedVolumeSourceApplyConfiguration represents an declarative configuration of the ProjectedVolumeSource type for use - with apply. - properties: - defaultMode: - format: int32 - type: integer - sources: - items: - description: |- - VolumeProjectionApplyConfiguration represents an declarative configuration of the VolumeProjection type for use - with apply. - properties: - clusterTrustBundle: - description: |- - ClusterTrustBundleProjectionApplyConfiguration represents an declarative configuration of the ClusterTrustBundleProjection type for use - with apply. - properties: - labelSelector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label - selector operator - is the set of operators - that can be used in - a selector requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - name: - type: string - optional: - type: boolean - path: - type: string - signerName: - type: string - type: object - configMap: - description: |- - ConfigMapProjectionApplyConfiguration represents an declarative configuration of the ConfigMapProjection type for use - with apply. - properties: - items: - items: - description: |- - KeyToPathApplyConfiguration represents an declarative configuration of the KeyToPath type for use - with apply. - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - type: object - type: array - name: - type: string - optional: - type: boolean - type: object - downwardAPI: - description: |- - DownwardAPIProjectionApplyConfiguration represents an declarative configuration of the DownwardAPIProjection type for use - with apply. - properties: - items: - items: - description: |- - DownwardAPIVolumeFileApplyConfiguration represents an declarative configuration of the DownwardAPIVolumeFile type for use - with apply. - properties: - fieldRef: - description: |- - ObjectFieldSelectorApplyConfiguration represents an declarative configuration of the ObjectFieldSelector type for use - with apply. - properties: - apiVersion: - type: string - fieldPath: - type: string - type: object - mode: - format: int32 - type: integer - path: - type: string - resourceFieldRef: - description: |- - ResourceFieldSelectorApplyConfiguration represents an declarative configuration of the ResourceFieldSelector type for use - with apply. - properties: - containerName: - type: string - divisor: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - type: string - type: object - type: object - type: array - type: object - secret: - description: |- - SecretProjectionApplyConfiguration represents an declarative configuration of the SecretProjection type for use - with apply. - properties: - items: - items: - description: |- - KeyToPathApplyConfiguration represents an declarative configuration of the KeyToPath type for use - with apply. - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - type: object - type: array - name: - type: string - optional: - type: boolean - type: object - serviceAccountToken: - description: |- - ServiceAccountTokenProjectionApplyConfiguration represents an declarative configuration of the ServiceAccountTokenProjection type for use - with apply. - properties: - audience: - type: string - expirationSeconds: - format: int64 - type: integer - path: - type: string - type: object - type: object - type: array - type: object - quobyte: - description: |- - QuobyteVolumeSourceApplyConfiguration represents an declarative configuration of the QuobyteVolumeSource type for use - with apply. - properties: - group: - type: string - readOnly: - type: boolean - registry: - type: string - tenant: - type: string - user: - type: string - volume: - type: string - type: object - rbd: - description: |- - RBDVolumeSourceApplyConfiguration represents an declarative configuration of the RBDVolumeSource type for use - with apply. - properties: - fsType: - type: string - image: - type: string - keyring: - type: string - monitors: - items: - type: string - type: array - pool: - type: string - readOnly: - type: boolean - secretRef: - description: |- - LocalObjectReferenceApplyConfiguration represents an declarative configuration of the LocalObjectReference type for use - with apply. - properties: - name: - type: string - type: object - user: - type: string - type: object - scaleIO: - description: |- - ScaleIOVolumeSourceApplyConfiguration represents an declarative configuration of the ScaleIOVolumeSource type for use - with apply. - properties: - fsType: - type: string - gateway: - type: string - protectionDomain: - type: string - readOnly: - type: boolean - secretRef: - description: |- - LocalObjectReferenceApplyConfiguration represents an declarative configuration of the LocalObjectReference type for use - with apply. - properties: - name: - type: string - type: object - sslEnabled: - type: boolean - storageMode: - type: string - storagePool: - type: string - system: - type: string - volumeName: - type: string - type: object - secret: - description: |- - SecretVolumeSourceApplyConfiguration represents an declarative configuration of the SecretVolumeSource type for use - with apply. - properties: - defaultMode: - format: int32 - type: integer - items: - items: - description: |- - KeyToPathApplyConfiguration represents an declarative configuration of the KeyToPath type for use - with apply. - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - type: object - type: array - optional: - type: boolean - secretName: - type: string - type: object - storageos: - description: |- - StorageOSVolumeSourceApplyConfiguration represents an declarative configuration of the StorageOSVolumeSource type for use - with apply. - properties: - fsType: - type: string - readOnly: - type: boolean - secretRef: - description: |- - LocalObjectReferenceApplyConfiguration represents an declarative configuration of the LocalObjectReference type for use - with apply. - properties: - name: - type: string - type: object - volumeName: - type: string - volumeNamespace: - type: string - type: object - vsphereVolume: - description: |- - VsphereVirtualDiskVolumeSourceApplyConfiguration represents an declarative configuration of the VsphereVirtualDiskVolumeSource type for use - with apply. - properties: - fsType: - type: string - storagePolicyID: - type: string - storagePolicyName: - type: string - volumePath: - type: string - type: object - type: object - type: array - type: object - type: object - resources: - description: Sets resource requirements (CPU, memory) for - the job to ensure proper allocation and limit resource usage. - properties: - claims: - description: |- - Claims lists the names of resources, defined in spec.resourceClaims, - that are used by this container. - - This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. - - This field is immutable. It can only be set for containers. - items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. - properties: - name: - description: |- - Name must match the name of one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes that resource available - inside a container. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - securityContext: - description: |- - SecurityContext is deprecated. Prefer [PodTemplate.Spec.SecurityContext] - or [PodTemplate.Spec.Containers[*].SecurityContext]. - properties: - allowPrivilegeEscalation: - description: |- - AllowPrivilegeEscalation controls whether a process can gain more - privileges than its parent process. This bool directly controls if - the no_new_privs flag will be set on the container process. - AllowPrivilegeEscalation is true always when the container is: - 1) run as Privileged - 2) has CAP_SYS_ADMIN - Note that this field cannot be set when spec.os.name is windows. - type: boolean - appArmorProfile: - description: |- - appArmorProfile is the AppArmor options to use by this container. If set, this profile - overrides the pod's appArmorProfile. - Note that this field cannot be set when spec.os.name is windows. - properties: - localhostProfile: - description: |- - localhostProfile indicates a profile loaded on the node that should be used. - The profile must be preconfigured on the node to work. - Must match the loaded name of the profile. - Must be set if and only if type is "Localhost". - type: string - type: - description: |- - type indicates which kind of AppArmor profile will be applied. - Valid options are: - Localhost - a profile pre-loaded on the node. - RuntimeDefault - the container runtime's default profile. - Unconfined - no AppArmor enforcement. - type: string - required: - - type - type: object - capabilities: - description: |- - The capabilities to add/drop when running containers. - Defaults to the default set of capabilities granted by the container runtime. - Note that this field cannot be set when spec.os.name is windows. - properties: - add: - description: Added capabilities - items: - description: Capability represent POSIX capabilities - type - type: string - type: array - x-kubernetes-list-type: atomic - drop: - description: Removed capabilities - items: - description: Capability represent POSIX capabilities - type - type: string - type: array - x-kubernetes-list-type: atomic - type: object - privileged: - description: |- - Run container in privileged mode. - Processes in privileged containers are essentially equivalent to root on the host. - Defaults to false. - Note that this field cannot be set when spec.os.name is windows. - type: boolean - procMount: - description: |- - procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for - readonly paths and masked paths. - This requires the ProcMountType feature flag to be enabled. - Note that this field cannot be set when spec.os.name is windows. - type: string - readOnlyRootFilesystem: - description: |- - Whether this container has a read-only root filesystem. - Default is false. - Note that this field cannot be set when spec.os.name is windows. - type: boolean - runAsGroup: - description: |- - The GID to run the entrypoint of the container process. - Uses runtime default if unset. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is windows. - format: int64 - type: integer - runAsNonRoot: - description: |- - Indicates that the container must run as a non-root user. - If true, the Kubelet will validate the image at runtime to ensure that it - does not run as UID 0 (root) and fail to start the container if it does. - If unset or false, no such validation will be performed. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - type: boolean - runAsUser: - description: |- - The UID to run the entrypoint of the container process. - Defaults to user specified in image metadata if unspecified. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is windows. - format: int64 - type: integer - seLinuxOptions: - description: |- - The SELinux context to be applied to the container. - If unspecified, the container runtime will allocate a random SELinux context for each - container. May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is windows. - properties: - level: - description: Level is SELinux level label that applies - to the container. - type: string - role: - description: Role is a SELinux role label that applies - to the container. - type: string - type: - description: Type is a SELinux type label that applies - to the container. - type: string - user: - description: User is a SELinux user label that applies - to the container. - type: string - type: object - seccompProfile: - description: |- - The seccomp options to use by this container. If seccomp options are - provided at both the pod & container level, the container options - override the pod options. - Note that this field cannot be set when spec.os.name is windows. - properties: - localhostProfile: - description: |- - localhostProfile indicates a profile defined in a file on the node should be used. - The profile must be preconfigured on the node to work. - Must be a descending path, relative to the kubelet's configured seccomp profile location. - Must be set if type is "Localhost". Must NOT be set for any other type. - type: string - type: - description: |- - type indicates which kind of seccomp profile will be applied. - Valid options are: - - Localhost - a profile defined in a file on the node should be used. - RuntimeDefault - the container runtime default profile should be used. - Unconfined - no profile should be applied. - type: string - required: - - type - type: object - windowsOptions: - description: |- - The Windows specific settings applied to all containers. - If unspecified, the options from the PodSecurityContext will be used. - If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is linux. - properties: - gmsaCredentialSpec: - description: |- - GMSACredentialSpec is where the GMSA admission webhook - (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the - GMSA credential spec named by the GMSACredentialSpecName field. - type: string - gmsaCredentialSpecName: - description: GMSACredentialSpecName is the name of - the GMSA credential spec to use. - type: string - hostProcess: - description: |- - HostProcess determines if a container should be run as a 'Host Process' container. - All of a Pod's containers must have the same effective HostProcess value - (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). - In addition, if HostProcess is true then HostNetwork must also be set to true. - type: boolean - runAsUserName: - description: |- - The UserName in Windows to run the entrypoint of the container process. - Defaults to the user specified in image metadata if unspecified. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - type: string - type: object - type: object - type: object - rackAwareness: - description: Defines rack awareness settings. - properties: - enabled: - description: Specifies whether rack awareness is enabled. - When enabled, Kubernetes failure zones are treated as racks. - Redpanda maps each rack to a failure zone and places partition - replicas across them. Requires `rbac.enabled` set to `true`. - type: boolean - nodeAnnotation: - description: Specifies the key in Node labels or annotations - to use to denote failure zones. - type: string - type: object - rbac: - description: Defines Role Based Access Control (RBAC) settings. - properties: - annotations: - additionalProperties: - type: string - description: Adds custom annotations to the RBAC resources. - type: object - enabled: - description: Whether RBAC is enabled. Enable for features - that need extra privileges, such as rack awareness. If you - use the Redpanda Operator, you must deploy it with the `--set - rbac.createRPKBundleCRs=true` flag to give it the required - ClusterRoles. - type: boolean - type: object - resources: - description: Defines container resource settings. - properties: - cpu: - description: Specifies the number of CPU cores. - properties: - cores: - anyOf: - - type: integer - - type: string - description: 'Specifies the number of CPU cores available - to the application. Redpanda makes use of a thread per - core model. For details, see https://docs.redpanda.com/current/get-started/architecture/#thread-per-core-model. - For this reason, Redpanda should only be given full - cores. Note: You can increase cores, but decreasing - cores is not currently supported. See the GitHub issue:https://github.com/redpanda-data/redpanda/issues/350. - This setting is equivalent to `--smp`, `resources.requests.cpu`, - and `resources.limits.cpu`. For production, use `4` - or greater.' - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - overprovisioned: - description: 'Specifies whether Redpanda assumes it has - all of the provisioned CPU. This should be `true` unless - the container has CPU affinity. Equivalent to: `--idle-poll-time-us - 0`, `--thread-affinity 0`, and `--poll-aio 0`. If the - value of full cores in `resources.cpu.cores` is less - than `1`, this setting is set to `true`.' - type: boolean - type: object - memory: - description: Specifies the amount of memory. - properties: - container: - description: Defines resource limits for containers. - properties: - max: - anyOf: - - type: integer - - type: string - description: Specifies the maximum resources that - can be allocated to a container. - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - min: - anyOf: - - type: integer - - type: string - description: Specifies the minimum resources required - for a container. - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - enable_memory_locking: - description: Enables memory locking. For production, set - to `true`. - type: boolean - redpanda: - description: Allows you to optionally specify the memory - size for both the Redpanda process and the underlying - reserved memory used by Seastar. - properties: - memory: - anyOf: - - type: integer - - type: string - description: Memory for the Redpanda process. This - must be lower than the container's memory (`resources.memory.container.min` - if provided, otherwise `resources.memory.container.max`). - Equivalent to `--memory`. For production, use 8Gi - or greater. - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - reserveMemory: - anyOf: - - type: integer - - type: string - description: Memory reserved for the OS. Any value - above 1Gi will provide diminishing performance benefits. - Equivalent to `--reserve-memory`. For production, - use 1Gi. - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - type: object - type: object - service: - description: Defines settings for the headless ClusterIP Service. - properties: - internal: - properties: - annotations: - additionalProperties: - type: string - type: object - type: object - name: - type: string - type: object - serviceAccount: - description: Defines Service account settings. - properties: - annotations: - additionalProperties: - type: string - description: Adds custom annotations to the ServiceAccount - resources. - type: object - automountServiceAccountToken: - description: Specifies whether a service account should automount - API-Credentials - type: boolean - create: - description: Specifies whether a ServiceAccount should be - created. - type: boolean - name: - description: Specifies the name of the ServiceAccount. - type: string - type: object - statefulset: - description: Defines settings for the StatefulSet that manages - Redpanda brokers. - properties: - additionalRedpandaCmdFlags: - description: Includes additional command flags for Redpanda - at startup to customize its runtime behavior. - items: - type: string - type: array - additionalSelectorLabels: - additionalProperties: - type: string - type: object - annotations: - additionalProperties: - type: string - description: |- - Adds annotations to the StatefulSet to provide additional information or metadata. - Please use PodTemplate to add additional annotation or labels for Pods managed by Statefulset. - type: object - budget: - description: Defines the management of disruptions affecting - the Pods in the StatefulSet. - properties: - maxUnavailable: - description: Defines the maximum number of Pods that can - be unavailable during a voluntary disruption. - type: integer - type: object - extraVolumeMounts: - description: Specifies extra volume mounts for the Pods. - type: string - extraVolumes: - description: Defines additional volumes for the Pods. - type: string - initContainerImage: - description: Defines the init container image used to perform - initial setup tasks before the main containers start. - properties: - repository: - type: string - tag: - type: string - type: object - initContainers: - description: Configures the init container used to perform - initial setup tasks before the main containers start. - properties: - configurator: - properties: - extraVolumeMounts: - type: string - resources: - description: ResourceRequirements describes the compute - resource requirements. - properties: - claims: - description: |- - Claims lists the names of resources, defined in spec.resourceClaims, - that are used by this container. - - This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. - - This field is immutable. It can only be set for containers. - items: - description: ResourceClaim references one entry - in PodSpec.ResourceClaims. - properties: - name: - description: |- - Name must match the name of one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes that resource available - inside a container. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - type: object - extraInitContainers: - type: string - fsValidator: - description: Defines the setting for init container that - not allow to start Redpanda until filesystem matches - properties: - enabled: - type: boolean - expectedFS: - type: string - extraVolumeMounts: - description: Adds extra volume mounts. - type: string - resources: - description: Specifies the resource requirements. - properties: - claims: - description: |- - Claims lists the names of resources, defined in spec.resourceClaims, - that are used by this container. - - This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. - - This field is immutable. It can only be set for containers. - items: - description: ResourceClaim references one entry - in PodSpec.ResourceClaims. - properties: - name: - description: |- - Name must match the name of one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes that resource available - inside a container. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - type: object - setDataDirOwnership: - description: Defines the settings related to ownership - of the Redpanda data directory in environments where - root access is restricted. - properties: - enabled: - description: Specifies whether to enable root access. - Enable only in environments where root access is - not allowed, such as minikube. - type: boolean - extraVolumeMounts: - description: Adds extra volume mounts. - type: string - resources: - description: Specifies the resource requirements. - properties: - claims: - description: |- - Claims lists the names of resources, defined in spec.resourceClaims, - that are used by this container. - - This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. - - This field is immutable. It can only be set for containers. - items: - description: ResourceClaim references one entry - in PodSpec.ResourceClaims. - properties: - name: - description: |- - Name must match the name of one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes that resource available - inside a container. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - type: object - setTieredStorageCacheDirOwnership: - description: Defines the settings related to ownership - of the Tiered Storage cache in environments where root - access is restricted. - properties: - extraVolumeMounts: - type: string - resources: - description: ResourceRequirements describes the compute - resource requirements. - properties: - claims: - description: |- - Claims lists the names of resources, defined in spec.resourceClaims, - that are used by this container. - - This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. - - This field is immutable. It can only be set for containers. - items: - description: ResourceClaim references one entry - in PodSpec.ResourceClaims. - properties: - name: - description: |- - Name must match the name of one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes that resource available - inside a container. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - type: object - tuning: - description: Defines settings for the autotuner tool in - Redpanda. The autotuner identifies the hardware configuration - in the container and optimizes the Linux kernel to give - you the best performance. - properties: - ballast_file_path: - description: Specifies the file path for ballast file. - A ballast file is an empty file that takes up disk - space. If Redpanda runs out of disk space and becomes - unavailable, you can delete the ballast file as - a last resort. This clears up some space and gives - you time to delete topics or records and change - your retention properties. - type: string - ballast_file_size: - description: Defines the size of the ballast file. - type: string - extraVolumeMounts: - description: Configures additional volume mounts for - the Pod. - type: string - resources: - description: Sets resource requirements such as CPU - and memory limits. - properties: - claims: - description: |- - Claims lists the names of resources, defined in spec.resourceClaims, - that are used by this container. - - This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. - - This field is immutable. It can only be set for containers. - items: - description: ResourceClaim references one entry - in PodSpec.ResourceClaims. - properties: - name: - description: |- - Name must match the name of one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes that resource available - inside a container. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - tune_aio_events: - description: Specifies whether to increase the number - of allowed asynchronous IO events. - type: boolean - tune_ballast_file: - description: Specifies whether to create the ballast - file. - type: boolean - tune_clocksource: - description: Specifies whether to synchronize NTP. - type: boolean - well_known_io: - description: Specifies the vendor, VM type, and storage - device type that Redpanda runs on, in the format - ::. This hints to Redpanda - which configuration values it should use for the - Redpanda IO scheduler. - type: string - type: object - type: object - livenessProbe: - description: Defines liveness probes to monitor the health - of the Pods and restart them if necessary. - properties: - failureThreshold: - description: Sets the number of consecutive failures required - to consider a Pod as not live. - type: integer - initialDelaySeconds: - description: Specifies the time in seconds to wait before - the first probe is initiated. - type: integer - periodSeconds: - description: Determines the frequency in seconds of performing - the probe. - type: integer - successThreshold: - type: integer - timeoutSeconds: - type: integer - type: object - nodeSelector: - additionalProperties: - type: string - description: Applies node selectors to schedule Pods on specific - nodes based on labels. - type: object - podAffinity: - description: Defines Pod affinity rules to influence the scheduling - and placement of Pods relative to other Pods. - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: |- - The scheduler will prefer to schedule pods to nodes that satisfy - the affinity expressions specified by this field, but it may choose - a node that violates one or more of the expressions. The node that is - most preferred is the one with the greatest sum of weights, i.e. - for each node that meets all of the scheduling requirements (resource - request, requiredDuringScheduling affinity expressions, etc.), - compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the - node(s) with the highest sum are the most preferred. - items: - description: The weights of all of the matched WeightedPodAffinityTerm - fields are added per-node to find the most preferred - node(s) - properties: - podAffinityTerm: - description: Required. A pod affinity term, associated - with the corresponding weight. - properties: - labelSelector: - description: |- - A label query over a set of resources, in this case pods. - If it's null, this PodAffinityTerm matches with no Pods. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The requirements - are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key - that the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - matchLabelKeys: - description: |- - MatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both matchLabelKeys and labelSelector. - Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - items: - type: string - type: array - x-kubernetes-list-type: atomic - mismatchLabelKeys: - description: |- - MismatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. - Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - items: - type: string - type: array - x-kubernetes-list-type: atomic - namespaceSelector: - description: |- - A label query over the set of namespaces that the term applies to. - The term is applied to the union of the namespaces selected by this field - and the ones listed in the namespaces field. - null selector and null or empty namespaces list means "this pod's namespace". - An empty selector ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The requirements - are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key - that the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - namespaces: - description: |- - namespaces specifies a static list of namespace names that the term applies to. - The term is applied to the union of the namespaces listed in this field - and the ones selected by namespaceSelector. - null or empty namespaces list and null namespaceSelector means "this pod's namespace". - items: - type: string - type: array - x-kubernetes-list-type: atomic - topologyKey: - description: |- - This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching - the labelSelector in the specified namespaces, where co-located is defined as running on a node - whose value of the label with key topologyKey matches that of any node on which any of the - selected pods is running. - Empty topologyKey is not allowed. - type: string - required: - - topologyKey - type: object - weight: - description: |- - weight associated with matching the corresponding podAffinityTerm, - in the range 1-100. - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - x-kubernetes-list-type: atomic - requiredDuringSchedulingIgnoredDuringExecution: - description: |- - If the affinity requirements specified by this field are not met at - scheduling time, the pod will not be scheduled onto the node. - If the affinity requirements specified by this field cease to be met - at some point during pod execution (e.g. due to a pod label update), the - system may or may not try to eventually evict the pod from its node. - When there are multiple elements, the lists of nodes corresponding to each - podAffinityTerm are intersected, i.e. all terms must be satisfied. - items: - description: |- - Defines a set of pods (namely those matching the labelSelector - relative to the given namespace(s)) that this pod should be - co-located (affinity) or not co-located (anti-affinity) with, - where co-located is defined as running on a node whose value of - the label with key matches that of any node on which - a pod of the set of pods is running - properties: - labelSelector: - description: |- - A label query over a set of resources, in this case pods. - If it's null, this PodAffinityTerm matches with no Pods. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are - ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that - the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - matchLabelKeys: - description: |- - MatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both matchLabelKeys and labelSelector. - Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - items: - type: string - type: array - x-kubernetes-list-type: atomic - mismatchLabelKeys: - description: |- - MismatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. - Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - items: - type: string - type: array - x-kubernetes-list-type: atomic - namespaceSelector: - description: |- - A label query over the set of namespaces that the term applies to. - The term is applied to the union of the namespaces selected by this field - and the ones listed in the namespaces field. - null selector and null or empty namespaces list means "this pod's namespace". - An empty selector ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are - ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that - the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - namespaces: - description: |- - namespaces specifies a static list of namespace names that the term applies to. - The term is applied to the union of the namespaces listed in this field - and the ones selected by namespaceSelector. - null or empty namespaces list and null namespaceSelector means "this pod's namespace". - items: - type: string - type: array - x-kubernetes-list-type: atomic - topologyKey: - description: |- - This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching - the labelSelector in the specified namespaces, where co-located is defined as running on a node - whose value of the label with key topologyKey matches that of any node on which any of the - selected pods is running. - Empty topologyKey is not allowed. - type: string - required: - - topologyKey - type: object - type: array - x-kubernetes-list-type: atomic - type: object - podAntiAffinity: - description: Defines Pod anti-affinity rules to prevent Pods - from being scheduled together on the same node. - properties: - custom: - description: Custom configures additional custom anti-affinity - rules. - type: object - x-kubernetes-preserve-unknown-fields: true - topologyKey: - description: TopologyKey specifies the topology key used - to spread Pods across different nodes or other topologies. - type: string - type: - description: Type defines the type of anti-affinity, such - as `soft` or `hard`. - type: string - weight: - description: Weight sets the weight associated with the - soft anti-affinity rule. - type: integer - type: object - podTemplate: - description: |- - PodTemplate is a subset of Kubernetes' PodTemplate that will be merged - into this StatefulSet's PodTemplate. - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - spec: - description: |- - PodSpecApplyConfiguration is a wrapper around - [applycorev1.PodSpecApplyConfiguration] that adds support for DeepCopying. - properties: - activeDeadlineSeconds: - format: int64 - type: integer - affinity: - description: |- - AffinityApplyConfiguration represents an declarative configuration of the Affinity type for use - with apply. - properties: - nodeAffinity: - description: |- - NodeAffinityApplyConfiguration represents an declarative configuration of the NodeAffinity type for use - with apply. - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - description: |- - PreferredSchedulingTermApplyConfiguration represents an declarative configuration of the PreferredSchedulingTerm type for use - with apply. - properties: - preference: - description: |- - NodeSelectorTermApplyConfiguration represents an declarative configuration of the NodeSelectorTerm type for use - with apply. - properties: - matchExpressions: - items: - description: |- - NodeSelectorRequirementApplyConfiguration represents an declarative configuration of the NodeSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: |- - A node selector operator is the set of operators that can be used in - a node selector requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchFields: - items: - description: |- - NodeSelectorRequirementApplyConfiguration represents an declarative configuration of the NodeSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: |- - A node selector operator is the set of operators that can be used in - a node selector requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - type: object - weight: - format: int32 - type: integer - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: |- - NodeSelectorApplyConfiguration represents an declarative configuration of the NodeSelector type for use - with apply. - properties: - nodeSelectorTerms: - items: - description: |- - NodeSelectorTermApplyConfiguration represents an declarative configuration of the NodeSelectorTerm type for use - with apply. - properties: - matchExpressions: - items: - description: |- - NodeSelectorRequirementApplyConfiguration represents an declarative configuration of the NodeSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: |- - A node selector operator is the set of operators that can be used in - a node selector requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchFields: - items: - description: |- - NodeSelectorRequirementApplyConfiguration represents an declarative configuration of the NodeSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: |- - A node selector operator is the set of operators that can be used in - a node selector requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - type: object - type: array - type: object - type: object - podAffinity: - description: |- - PodAffinityApplyConfiguration represents an declarative configuration of the PodAffinity type for use - with apply. - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - description: |- - WeightedPodAffinityTermApplyConfiguration represents an declarative configuration of the WeightedPodAffinityTerm type for use - with apply. - properties: - podAffinityTerm: - description: |- - PodAffinityTermApplyConfiguration represents an declarative configuration of the PodAffinityTerm type for use - with apply. - properties: - labelSelector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label selector - operator is the set - of operators that can - be used in a selector - requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - matchLabelKeys: - items: - type: string - type: array - mismatchLabelKeys: - items: - type: string - type: array - namespaceSelector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label selector - operator is the set - of operators that can - be used in a selector - requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - type: object - weight: - format: int32 - type: integer - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - items: - description: |- - PodAffinityTermApplyConfiguration represents an declarative configuration of the PodAffinityTerm type for use - with apply. - properties: - labelSelector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label selector - operator is the set of operators - that can be used in a selector - requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - matchLabelKeys: - items: - type: string - type: array - mismatchLabelKeys: - items: - type: string - type: array - namespaceSelector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label selector - operator is the set of operators - that can be used in a selector - requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - type: object - type: array - type: object - podAntiAffinity: - description: |- - PodAntiAffinityApplyConfiguration represents an declarative configuration of the PodAntiAffinity type for use - with apply. - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - description: |- - WeightedPodAffinityTermApplyConfiguration represents an declarative configuration of the WeightedPodAffinityTerm type for use - with apply. - properties: - podAffinityTerm: - description: |- - PodAffinityTermApplyConfiguration represents an declarative configuration of the PodAffinityTerm type for use - with apply. - properties: - labelSelector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label selector - operator is the set - of operators that can - be used in a selector - requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - matchLabelKeys: - items: - type: string - type: array - mismatchLabelKeys: - items: - type: string - type: array - namespaceSelector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label selector - operator is the set - of operators that can - be used in a selector - requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - type: object - weight: - format: int32 - type: integer - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - items: - description: |- - PodAffinityTermApplyConfiguration represents an declarative configuration of the PodAffinityTerm type for use - with apply. - properties: - labelSelector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label selector - operator is the set of operators - that can be used in a selector - requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - matchLabelKeys: - items: - type: string - type: array - mismatchLabelKeys: - items: - type: string - type: array - namespaceSelector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label selector - operator is the set of operators - that can be used in a selector - requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - type: object - type: array - type: object - type: object - automountServiceAccountToken: - type: boolean - containers: - items: - description: |- - ContainerApplyConfiguration represents an declarative configuration of the Container type for use - with apply. - properties: - args: - items: - type: string - type: array - command: - items: - type: string - type: array - env: - items: - description: |- - EnvVarApplyConfiguration represents an declarative configuration of the EnvVar type for use - with apply. - properties: - name: - type: string - value: - type: string - valueFrom: - description: |- - EnvVarSourceApplyConfiguration represents an declarative configuration of the EnvVarSource type for use - with apply. - properties: - configMapKeyRef: - description: |- - ConfigMapKeySelectorApplyConfiguration represents an declarative configuration of the ConfigMapKeySelector type for use - with apply. - properties: - key: - type: string - name: - type: string - optional: - type: boolean - type: object - fieldRef: - description: |- - ObjectFieldSelectorApplyConfiguration represents an declarative configuration of the ObjectFieldSelector type for use - with apply. - properties: - apiVersion: - type: string - fieldPath: - type: string - type: object - resourceFieldRef: - description: |- - ResourceFieldSelectorApplyConfiguration represents an declarative configuration of the ResourceFieldSelector type for use - with apply. - properties: - containerName: - type: string - divisor: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - type: string - type: object - secretKeyRef: - description: |- - SecretKeySelectorApplyConfiguration represents an declarative configuration of the SecretKeySelector type for use - with apply. - properties: - key: - type: string - name: - type: string - optional: - type: boolean - type: object - type: object - type: object - type: array - envFrom: - items: - description: |- - EnvFromSourceApplyConfiguration represents an declarative configuration of the EnvFromSource type for use - with apply. - properties: - configMapRef: - description: |- - ConfigMapEnvSourceApplyConfiguration represents an declarative configuration of the ConfigMapEnvSource type for use - with apply. - properties: - name: - type: string - optional: - type: boolean - type: object - prefix: - type: string - secretRef: - description: |- - SecretEnvSourceApplyConfiguration represents an declarative configuration of the SecretEnvSource type for use - with apply. - properties: - name: - type: string - optional: - type: boolean - type: object - type: object - type: array - image: - type: string - imagePullPolicy: - description: PullPolicy describes a policy for - if/when to pull a container image - type: string - lifecycle: - description: |- - LifecycleApplyConfiguration represents an declarative configuration of the Lifecycle type for use - with apply. - properties: - postStart: - description: |- - LifecycleHandlerApplyConfiguration represents an declarative configuration of the LifecycleHandler type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies - the scheme used for connection - to a host for Get actions - type: string - type: object - sleep: - description: |- - SleepActionApplyConfiguration represents an declarative configuration of the SleepAction type for use - with apply. - properties: - seconds: - format: int64 - type: integer - type: object - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - type: object - preStop: - description: |- - LifecycleHandlerApplyConfiguration represents an declarative configuration of the LifecycleHandler type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies - the scheme used for connection - to a host for Get actions - type: string - type: object - sleep: - description: |- - SleepActionApplyConfiguration represents an declarative configuration of the SleepAction type for use - with apply. - properties: - seconds: - format: int64 - type: integer - type: object - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - type: object - type: object - livenessProbe: - description: |- - ProbeApplyConfiguration represents an declarative configuration of the Probe type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - description: |- - GRPCActionApplyConfiguration represents an declarative configuration of the GRPCAction type for use - with apply. - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies the - scheme used for connection to a host - for Get actions - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - name: - type: string - ports: - items: - description: |- - ContainerPortApplyConfiguration represents an declarative configuration of the ContainerPort type for use - with apply. - properties: - containerPort: - format: int32 - type: integer - hostIP: - type: string - hostPort: - format: int32 - type: integer - name: - type: string - protocol: - description: Protocol defines network - protocols supported for things like - container ports. - type: string - type: object - type: array - readinessProbe: - description: |- - ProbeApplyConfiguration represents an declarative configuration of the Probe type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - description: |- - GRPCActionApplyConfiguration represents an declarative configuration of the GRPCAction type for use - with apply. - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies the - scheme used for connection to a host - for Get actions - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - resizePolicy: - items: - description: |- - ContainerResizePolicyApplyConfiguration represents an declarative configuration of the ContainerResizePolicy type for use - with apply. - properties: - resourceName: - description: ResourceName is the name - identifying various resources in a ResourceList. - type: string - restartPolicy: - description: ResourceResizeRestartPolicy - specifies how to handle container resource - resize. - type: string - type: object - type: array - resources: - description: |- - ResourceRequirementsApplyConfiguration represents an declarative configuration of the ResourceRequirements type for use - with apply. - properties: - claims: - items: - description: |- - ResourceClaimApplyConfiguration represents an declarative configuration of the ResourceClaim type for use - with apply. - properties: - name: - type: string - type: object - type: array - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: ResourceList is a set of (resource - name, quantity) pairs. - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: ResourceList is a set of (resource - name, quantity) pairs. - type: object - type: object - restartPolicy: - description: |- - ContainerRestartPolicy is the restart policy for a single container. - This may only be set for init containers and only allowed value is "Always". - type: string - securityContext: - description: |- - SecurityContextApplyConfiguration represents an declarative configuration of the SecurityContext type for use - with apply. - properties: - allowPrivilegeEscalation: - type: boolean - appArmorProfile: - description: |- - AppArmorProfileApplyConfiguration represents an declarative configuration of the AppArmorProfile type for use - with apply. - properties: - localhostProfile: - type: string - type: - type: string - type: object - capabilities: - description: |- - CapabilitiesApplyConfiguration represents an declarative configuration of the Capabilities type for use - with apply. - properties: - add: - items: - description: Capability represent - POSIX capabilities type - type: string - type: array - drop: - items: - description: Capability represent - POSIX capabilities type - type: string - type: array - type: object - privileged: - type: boolean - procMount: - type: string - readOnlyRootFilesystem: - type: boolean - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - description: |- - SELinuxOptionsApplyConfiguration represents an declarative configuration of the SELinuxOptions type for use - with apply. - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - seccompProfile: - description: |- - SeccompProfileApplyConfiguration represents an declarative configuration of the SeccompProfile type for use - with apply. - properties: - localhostProfile: - type: string - type: - description: SeccompProfileType defines - the supported seccomp profile types. - type: string - type: object - windowsOptions: - description: |- - WindowsSecurityContextOptionsApplyConfiguration represents an declarative configuration of the WindowsSecurityContextOptions type for use - with apply. - properties: - gmsaCredentialSpec: - type: string - gmsaCredentialSpecName: - type: string - hostProcess: - type: boolean - runAsUserName: - type: string - type: object - type: object - startupProbe: - description: |- - ProbeApplyConfiguration represents an declarative configuration of the Probe type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - description: |- - GRPCActionApplyConfiguration represents an declarative configuration of the GRPCAction type for use - with apply. - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies the - scheme used for connection to a host - for Get actions - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - stdin: - type: boolean - stdinOnce: - type: boolean - terminationMessagePath: - type: string - terminationMessagePolicy: - description: TerminationMessagePolicy describes - how termination messages are retrieved from - a container. - type: string - tty: - type: boolean - volumeDevices: - items: - description: |- - VolumeDeviceApplyConfiguration represents an declarative configuration of the VolumeDevice type for use - with apply. - properties: - devicePath: - type: string - name: - type: string - type: object - type: array - volumeMounts: - items: - description: |- - VolumeMountApplyConfiguration represents an declarative configuration of the VolumeMount type for use - with apply. - properties: - mountPath: - type: string - mountPropagation: - description: MountPropagationMode describes - mount propagation. - type: string - name: - type: string - readOnly: - type: boolean - recursiveReadOnly: - description: RecursiveReadOnlyMode describes - recursive-readonly mode. - type: string - subPath: - type: string - subPathExpr: - type: string - type: object - type: array - workingDir: - type: string - type: object - type: array - dnsConfig: - description: |- - PodDNSConfigApplyConfiguration represents an declarative configuration of the PodDNSConfig type for use - with apply. - properties: - nameservers: - items: - type: string - type: array - options: - items: - description: |- - PodDNSConfigOptionApplyConfiguration represents an declarative configuration of the PodDNSConfigOption type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - searches: - items: - type: string - type: array - type: object - dnsPolicy: - description: DNSPolicy defines how a pod's DNS will - be configured. - type: string - enableServiceLinks: - type: boolean - ephemeralContainers: - items: - description: |- - EphemeralContainerApplyConfiguration represents an declarative configuration of the EphemeralContainer type for use - with apply. - properties: - args: - items: - type: string - type: array - command: - items: - type: string - type: array - env: - items: - description: |- - EnvVarApplyConfiguration represents an declarative configuration of the EnvVar type for use - with apply. - properties: - name: - type: string - value: - type: string - valueFrom: - description: |- - EnvVarSourceApplyConfiguration represents an declarative configuration of the EnvVarSource type for use - with apply. - properties: - configMapKeyRef: - description: |- - ConfigMapKeySelectorApplyConfiguration represents an declarative configuration of the ConfigMapKeySelector type for use - with apply. - properties: - key: - type: string - name: - type: string - optional: - type: boolean - type: object - fieldRef: - description: |- - ObjectFieldSelectorApplyConfiguration represents an declarative configuration of the ObjectFieldSelector type for use - with apply. - properties: - apiVersion: - type: string - fieldPath: - type: string - type: object - resourceFieldRef: - description: |- - ResourceFieldSelectorApplyConfiguration represents an declarative configuration of the ResourceFieldSelector type for use - with apply. - properties: - containerName: - type: string - divisor: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - type: string - type: object - secretKeyRef: - description: |- - SecretKeySelectorApplyConfiguration represents an declarative configuration of the SecretKeySelector type for use - with apply. - properties: - key: - type: string - name: - type: string - optional: - type: boolean - type: object - type: object - type: object - type: array - envFrom: - items: - description: |- - EnvFromSourceApplyConfiguration represents an declarative configuration of the EnvFromSource type for use - with apply. - properties: - configMapRef: - description: |- - ConfigMapEnvSourceApplyConfiguration represents an declarative configuration of the ConfigMapEnvSource type for use - with apply. - properties: - name: - type: string - optional: - type: boolean - type: object - prefix: - type: string - secretRef: - description: |- - SecretEnvSourceApplyConfiguration represents an declarative configuration of the SecretEnvSource type for use - with apply. - properties: - name: - type: string - optional: - type: boolean - type: object - type: object - type: array - image: - type: string - imagePullPolicy: - description: PullPolicy describes a policy for - if/when to pull a container image - type: string - lifecycle: - description: |- - LifecycleApplyConfiguration represents an declarative configuration of the Lifecycle type for use - with apply. - properties: - postStart: - description: |- - LifecycleHandlerApplyConfiguration represents an declarative configuration of the LifecycleHandler type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies - the scheme used for connection - to a host for Get actions - type: string - type: object - sleep: - description: |- - SleepActionApplyConfiguration represents an declarative configuration of the SleepAction type for use - with apply. - properties: - seconds: - format: int64 - type: integer - type: object - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - type: object - preStop: - description: |- - LifecycleHandlerApplyConfiguration represents an declarative configuration of the LifecycleHandler type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies - the scheme used for connection - to a host for Get actions - type: string - type: object - sleep: - description: |- - SleepActionApplyConfiguration represents an declarative configuration of the SleepAction type for use - with apply. - properties: - seconds: - format: int64 - type: integer - type: object - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - type: object - type: object - livenessProbe: - description: |- - ProbeApplyConfiguration represents an declarative configuration of the Probe type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - description: |- - GRPCActionApplyConfiguration represents an declarative configuration of the GRPCAction type for use - with apply. - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies the - scheme used for connection to a host - for Get actions - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - name: - type: string - ports: - items: - description: |- - ContainerPortApplyConfiguration represents an declarative configuration of the ContainerPort type for use - with apply. - properties: - containerPort: - format: int32 - type: integer - hostIP: - type: string - hostPort: - format: int32 - type: integer - name: - type: string - protocol: - description: Protocol defines network - protocols supported for things like - container ports. - type: string - type: object - type: array - readinessProbe: - description: |- - ProbeApplyConfiguration represents an declarative configuration of the Probe type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - description: |- - GRPCActionApplyConfiguration represents an declarative configuration of the GRPCAction type for use - with apply. - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies the - scheme used for connection to a host - for Get actions - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - resizePolicy: - items: - description: |- - ContainerResizePolicyApplyConfiguration represents an declarative configuration of the ContainerResizePolicy type for use - with apply. - properties: - resourceName: - description: ResourceName is the name - identifying various resources in a ResourceList. - type: string - restartPolicy: - description: ResourceResizeRestartPolicy - specifies how to handle container resource - resize. - type: string - type: object - type: array - resources: - description: |- - ResourceRequirementsApplyConfiguration represents an declarative configuration of the ResourceRequirements type for use - with apply. - properties: - claims: - items: - description: |- - ResourceClaimApplyConfiguration represents an declarative configuration of the ResourceClaim type for use - with apply. - properties: - name: - type: string - type: object - type: array - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: ResourceList is a set of (resource - name, quantity) pairs. - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: ResourceList is a set of (resource - name, quantity) pairs. - type: object - type: object - restartPolicy: - description: |- - ContainerRestartPolicy is the restart policy for a single container. - This may only be set for init containers and only allowed value is "Always". - type: string - securityContext: - description: |- - SecurityContextApplyConfiguration represents an declarative configuration of the SecurityContext type for use - with apply. - properties: - allowPrivilegeEscalation: - type: boolean - appArmorProfile: - description: |- - AppArmorProfileApplyConfiguration represents an declarative configuration of the AppArmorProfile type for use - with apply. - properties: - localhostProfile: - type: string - type: - type: string - type: object - capabilities: - description: |- - CapabilitiesApplyConfiguration represents an declarative configuration of the Capabilities type for use - with apply. - properties: - add: - items: - description: Capability represent - POSIX capabilities type - type: string - type: array - drop: - items: - description: Capability represent - POSIX capabilities type - type: string - type: array - type: object - privileged: - type: boolean - procMount: - type: string - readOnlyRootFilesystem: - type: boolean - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - description: |- - SELinuxOptionsApplyConfiguration represents an declarative configuration of the SELinuxOptions type for use - with apply. - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - seccompProfile: - description: |- - SeccompProfileApplyConfiguration represents an declarative configuration of the SeccompProfile type for use - with apply. - properties: - localhostProfile: - type: string - type: - description: SeccompProfileType defines - the supported seccomp profile types. - type: string - type: object - windowsOptions: - description: |- - WindowsSecurityContextOptionsApplyConfiguration represents an declarative configuration of the WindowsSecurityContextOptions type for use - with apply. - properties: - gmsaCredentialSpec: - type: string - gmsaCredentialSpecName: - type: string - hostProcess: - type: boolean - runAsUserName: - type: string - type: object - type: object - startupProbe: - description: |- - ProbeApplyConfiguration represents an declarative configuration of the Probe type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - description: |- - GRPCActionApplyConfiguration represents an declarative configuration of the GRPCAction type for use - with apply. - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies the - scheme used for connection to a host - for Get actions - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - stdin: - type: boolean - stdinOnce: - type: boolean - targetContainerName: - type: string - terminationMessagePath: - type: string - terminationMessagePolicy: - description: TerminationMessagePolicy describes - how termination messages are retrieved from - a container. - type: string - tty: - type: boolean - volumeDevices: - items: - description: |- - VolumeDeviceApplyConfiguration represents an declarative configuration of the VolumeDevice type for use - with apply. - properties: - devicePath: - type: string - name: - type: string - type: object - type: array - volumeMounts: - items: - description: |- - VolumeMountApplyConfiguration represents an declarative configuration of the VolumeMount type for use - with apply. - properties: - mountPath: - type: string - mountPropagation: - description: MountPropagationMode describes - mount propagation. - type: string - name: - type: string - readOnly: - type: boolean - recursiveReadOnly: - description: RecursiveReadOnlyMode describes - recursive-readonly mode. - type: string - subPath: - type: string - subPathExpr: - type: string - type: object - type: array - workingDir: - type: string - type: object - type: array - hostAliases: - items: - description: |- - HostAliasApplyConfiguration represents an declarative configuration of the HostAlias type for use - with apply. - properties: - hostnames: - items: - type: string - type: array - ip: - type: string - type: object - type: array - hostIPC: - type: boolean - hostNetwork: - type: boolean - hostPID: - type: boolean - hostUsers: - type: boolean - hostname: - type: string - imagePullSecrets: - items: - description: |- - LocalObjectReferenceApplyConfiguration represents an declarative configuration of the LocalObjectReference type for use - with apply. - properties: - name: - type: string - type: object - type: array - initContainers: - items: - description: |- - ContainerApplyConfiguration represents an declarative configuration of the Container type for use - with apply. - properties: - args: - items: - type: string - type: array - command: - items: - type: string - type: array - env: - items: - description: |- - EnvVarApplyConfiguration represents an declarative configuration of the EnvVar type for use - with apply. - properties: - name: - type: string - value: - type: string - valueFrom: - description: |- - EnvVarSourceApplyConfiguration represents an declarative configuration of the EnvVarSource type for use - with apply. - properties: - configMapKeyRef: - description: |- - ConfigMapKeySelectorApplyConfiguration represents an declarative configuration of the ConfigMapKeySelector type for use - with apply. - properties: - key: - type: string - name: - type: string - optional: - type: boolean - type: object - fieldRef: - description: |- - ObjectFieldSelectorApplyConfiguration represents an declarative configuration of the ObjectFieldSelector type for use - with apply. - properties: - apiVersion: - type: string - fieldPath: - type: string - type: object - resourceFieldRef: - description: |- - ResourceFieldSelectorApplyConfiguration represents an declarative configuration of the ResourceFieldSelector type for use - with apply. - properties: - containerName: - type: string - divisor: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - type: string - type: object - secretKeyRef: - description: |- - SecretKeySelectorApplyConfiguration represents an declarative configuration of the SecretKeySelector type for use - with apply. - properties: - key: - type: string - name: - type: string - optional: - type: boolean - type: object - type: object - type: object - type: array - envFrom: - items: - description: |- - EnvFromSourceApplyConfiguration represents an declarative configuration of the EnvFromSource type for use - with apply. - properties: - configMapRef: - description: |- - ConfigMapEnvSourceApplyConfiguration represents an declarative configuration of the ConfigMapEnvSource type for use - with apply. - properties: - name: - type: string - optional: - type: boolean - type: object - prefix: - type: string - secretRef: - description: |- - SecretEnvSourceApplyConfiguration represents an declarative configuration of the SecretEnvSource type for use - with apply. - properties: - name: - type: string - optional: - type: boolean - type: object - type: object - type: array - image: - type: string - imagePullPolicy: - description: PullPolicy describes a policy for - if/when to pull a container image - type: string - lifecycle: - description: |- - LifecycleApplyConfiguration represents an declarative configuration of the Lifecycle type for use - with apply. - properties: - postStart: - description: |- - LifecycleHandlerApplyConfiguration represents an declarative configuration of the LifecycleHandler type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies - the scheme used for connection - to a host for Get actions - type: string - type: object - sleep: - description: |- - SleepActionApplyConfiguration represents an declarative configuration of the SleepAction type for use - with apply. - properties: - seconds: - format: int64 - type: integer - type: object - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - type: object - preStop: - description: |- - LifecycleHandlerApplyConfiguration represents an declarative configuration of the LifecycleHandler type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies - the scheme used for connection - to a host for Get actions - type: string - type: object - sleep: - description: |- - SleepActionApplyConfiguration represents an declarative configuration of the SleepAction type for use - with apply. - properties: - seconds: - format: int64 - type: integer - type: object - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - type: object - type: object - livenessProbe: - description: |- - ProbeApplyConfiguration represents an declarative configuration of the Probe type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - description: |- - GRPCActionApplyConfiguration represents an declarative configuration of the GRPCAction type for use - with apply. - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies the - scheme used for connection to a host - for Get actions - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - name: - type: string - ports: - items: - description: |- - ContainerPortApplyConfiguration represents an declarative configuration of the ContainerPort type for use - with apply. - properties: - containerPort: - format: int32 - type: integer - hostIP: - type: string - hostPort: - format: int32 - type: integer - name: - type: string - protocol: - description: Protocol defines network - protocols supported for things like - container ports. - type: string - type: object - type: array - readinessProbe: - description: |- - ProbeApplyConfiguration represents an declarative configuration of the Probe type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - description: |- - GRPCActionApplyConfiguration represents an declarative configuration of the GRPCAction type for use - with apply. - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies the - scheme used for connection to a host - for Get actions - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - resizePolicy: - items: - description: |- - ContainerResizePolicyApplyConfiguration represents an declarative configuration of the ContainerResizePolicy type for use - with apply. - properties: - resourceName: - description: ResourceName is the name - identifying various resources in a ResourceList. - type: string - restartPolicy: - description: ResourceResizeRestartPolicy - specifies how to handle container resource - resize. - type: string - type: object - type: array - resources: - description: |- - ResourceRequirementsApplyConfiguration represents an declarative configuration of the ResourceRequirements type for use - with apply. - properties: - claims: - items: - description: |- - ResourceClaimApplyConfiguration represents an declarative configuration of the ResourceClaim type for use - with apply. - properties: - name: - type: string - type: object - type: array - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: ResourceList is a set of (resource - name, quantity) pairs. - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: ResourceList is a set of (resource - name, quantity) pairs. - type: object - type: object - restartPolicy: - description: |- - ContainerRestartPolicy is the restart policy for a single container. - This may only be set for init containers and only allowed value is "Always". - type: string - securityContext: - description: |- - SecurityContextApplyConfiguration represents an declarative configuration of the SecurityContext type for use - with apply. - properties: - allowPrivilegeEscalation: - type: boolean - appArmorProfile: - description: |- - AppArmorProfileApplyConfiguration represents an declarative configuration of the AppArmorProfile type for use - with apply. - properties: - localhostProfile: - type: string - type: - type: string - type: object - capabilities: - description: |- - CapabilitiesApplyConfiguration represents an declarative configuration of the Capabilities type for use - with apply. - properties: - add: - items: - description: Capability represent - POSIX capabilities type - type: string - type: array - drop: - items: - description: Capability represent - POSIX capabilities type - type: string - type: array - type: object - privileged: - type: boolean - procMount: - type: string - readOnlyRootFilesystem: - type: boolean - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - description: |- - SELinuxOptionsApplyConfiguration represents an declarative configuration of the SELinuxOptions type for use - with apply. - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - seccompProfile: - description: |- - SeccompProfileApplyConfiguration represents an declarative configuration of the SeccompProfile type for use - with apply. - properties: - localhostProfile: - type: string - type: - description: SeccompProfileType defines - the supported seccomp profile types. - type: string - type: object - windowsOptions: - description: |- - WindowsSecurityContextOptionsApplyConfiguration represents an declarative configuration of the WindowsSecurityContextOptions type for use - with apply. - properties: - gmsaCredentialSpec: - type: string - gmsaCredentialSpecName: - type: string - hostProcess: - type: boolean - runAsUserName: - type: string - type: object - type: object - startupProbe: - description: |- - ProbeApplyConfiguration represents an declarative configuration of the Probe type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - description: |- - GRPCActionApplyConfiguration represents an declarative configuration of the GRPCAction type for use - with apply. - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies the - scheme used for connection to a host - for Get actions - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - stdin: - type: boolean - stdinOnce: - type: boolean - terminationMessagePath: - type: string - terminationMessagePolicy: - description: TerminationMessagePolicy describes - how termination messages are retrieved from - a container. - type: string - tty: - type: boolean - volumeDevices: - items: - description: |- - VolumeDeviceApplyConfiguration represents an declarative configuration of the VolumeDevice type for use - with apply. - properties: - devicePath: - type: string - name: - type: string - type: object - type: array - volumeMounts: - items: - description: |- - VolumeMountApplyConfiguration represents an declarative configuration of the VolumeMount type for use - with apply. - properties: - mountPath: - type: string - mountPropagation: - description: MountPropagationMode describes - mount propagation. - type: string - name: - type: string - readOnly: - type: boolean - recursiveReadOnly: - description: RecursiveReadOnlyMode describes - recursive-readonly mode. - type: string - subPath: - type: string - subPathExpr: - type: string - type: object - type: array - workingDir: - type: string - type: object - type: array - nodeName: - type: string - nodeSelector: - additionalProperties: - type: string - type: object - os: - description: |- - PodOSApplyConfiguration represents an declarative configuration of the PodOS type for use - with apply. - properties: - name: - description: OSName is the set of OS'es that can - be used in OS. - type: string - type: object - overhead: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: ResourceList is a set of (resource name, - quantity) pairs. - type: object - preemptionPolicy: - description: PreemptionPolicy describes a policy for - if/when to preempt a pod. - type: string - priority: - format: int32 - type: integer - priorityClassName: - type: string - readinessGates: - items: - description: |- - PodReadinessGateApplyConfiguration represents an declarative configuration of the PodReadinessGate type for use - with apply. - properties: - conditionType: - description: PodConditionType is a valid value - for PodCondition.Type - type: string - type: object - type: array - resourceClaims: - items: - description: |- - PodResourceClaimApplyConfiguration represents an declarative configuration of the PodResourceClaim type for use - with apply. - properties: - name: - type: string - source: - description: |- - ClaimSourceApplyConfiguration represents an declarative configuration of the ClaimSource type for use - with apply. - properties: - resourceClaimName: - type: string - resourceClaimTemplateName: - type: string - type: object - type: object - type: array - restartPolicy: - description: |- - RestartPolicy describes how the container should be restarted. - Only one of the following restart policies may be specified. - If none of the following policies is specified, the default one - is RestartPolicyAlways. - type: string - runtimeClassName: - type: string - schedulerName: - type: string - schedulingGates: - items: - description: |- - PodSchedulingGateApplyConfiguration represents an declarative configuration of the PodSchedulingGate type for use - with apply. - properties: - name: - type: string - type: object - type: array - securityContext: - description: |- - PodSecurityContextApplyConfiguration represents an declarative configuration of the PodSecurityContext type for use - with apply. - properties: - appArmorProfile: - description: |- - AppArmorProfileApplyConfiguration represents an declarative configuration of the AppArmorProfile type for use - with apply. - properties: - localhostProfile: - type: string - type: - type: string - type: object - fsGroup: - format: int64 - type: integer - fsGroupChangePolicy: - description: |- - PodFSGroupChangePolicy holds policies that will be used for applying fsGroup to a volume - when volume is mounted. - type: string - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - description: |- - SELinuxOptionsApplyConfiguration represents an declarative configuration of the SELinuxOptions type for use - with apply. - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - seccompProfile: - description: |- - SeccompProfileApplyConfiguration represents an declarative configuration of the SeccompProfile type for use - with apply. - properties: - localhostProfile: - type: string - type: - description: SeccompProfileType defines the - supported seccomp profile types. - type: string - type: object - supplementalGroups: - items: - format: int64 - type: integer - type: array - sysctls: - items: - description: |- - SysctlApplyConfiguration represents an declarative configuration of the Sysctl type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - windowsOptions: - description: |- - WindowsSecurityContextOptionsApplyConfiguration represents an declarative configuration of the WindowsSecurityContextOptions type for use - with apply. - properties: - gmsaCredentialSpec: - type: string - gmsaCredentialSpecName: - type: string - hostProcess: - type: boolean - runAsUserName: - type: string - type: object - type: object - serviceAccount: - type: string - serviceAccountName: - type: string - setHostnameAsFQDN: - type: boolean - shareProcessNamespace: - type: boolean - subdomain: - type: string - terminationGracePeriodSeconds: - format: int64 - type: integer - tolerations: - items: - description: |- - TolerationApplyConfiguration represents an declarative configuration of the Toleration type for use - with apply. - properties: - effect: - type: string - key: - type: string - operator: - description: A toleration operator is the set - of operators that can be used in a toleration. - type: string - tolerationSeconds: - format: int64 - type: integer - value: - type: string - type: object - type: array - topologySpreadConstraints: - items: - description: |- - TopologySpreadConstraintApplyConfiguration represents an declarative configuration of the TopologySpreadConstraint type for use - with apply. - properties: - labelSelector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label selector operator - is the set of operators that can - be used in a selector requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - matchLabelKeys: - items: - type: string - type: array - maxSkew: - format: int32 - type: integer - minDomains: - format: int32 - type: integer - nodeAffinityPolicy: - description: NodeInclusionPolicy defines the - type of node inclusion policy - type: string - nodeTaintsPolicy: - description: NodeInclusionPolicy defines the - type of node inclusion policy - type: string - topologyKey: - type: string - whenUnsatisfiable: - type: string - type: object - type: array - volumes: - items: - description: |- - VolumeApplyConfiguration represents an declarative configuration of the Volume type for use - with apply. - properties: - awsElasticBlockStore: - description: |- - AWSElasticBlockStoreVolumeSourceApplyConfiguration represents an declarative configuration of the AWSElasticBlockStoreVolumeSource type for use - with apply. - properties: - fsType: - type: string - partition: - format: int32 - type: integer - readOnly: - type: boolean - volumeID: - type: string - type: object - azureDisk: - description: |- - AzureDiskVolumeSourceApplyConfiguration represents an declarative configuration of the AzureDiskVolumeSource type for use - with apply. - properties: - cachingMode: - type: string - diskName: - type: string - diskURI: - type: string - fsType: - type: string - kind: - type: string - readOnly: - type: boolean - type: object - azureFile: - description: |- - AzureFileVolumeSourceApplyConfiguration represents an declarative configuration of the AzureFileVolumeSource type for use - with apply. - properties: - readOnly: - type: boolean - secretName: - type: string - shareName: - type: string - type: object - cephfs: - description: |- - CephFSVolumeSourceApplyConfiguration represents an declarative configuration of the CephFSVolumeSource type for use - with apply. - properties: - monitors: - items: - type: string - type: array - path: - type: string - readOnly: - type: boolean - secretFile: - type: string - secretRef: - description: |- - LocalObjectReferenceApplyConfiguration represents an declarative configuration of the LocalObjectReference type for use - with apply. - properties: - name: - type: string - type: object - user: - type: string - type: object - cinder: - description: |- - CinderVolumeSourceApplyConfiguration represents an declarative configuration of the CinderVolumeSource type for use - with apply. - properties: - fsType: - type: string - readOnly: - type: boolean - secretRef: - description: |- - LocalObjectReferenceApplyConfiguration represents an declarative configuration of the LocalObjectReference type for use - with apply. - properties: - name: - type: string - type: object - volumeID: - type: string - type: object - configMap: - description: |- - ConfigMapVolumeSourceApplyConfiguration represents an declarative configuration of the ConfigMapVolumeSource type for use - with apply. - properties: - defaultMode: - format: int32 - type: integer - items: - items: - description: |- - KeyToPathApplyConfiguration represents an declarative configuration of the KeyToPath type for use - with apply. - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - type: object - type: array - name: - type: string - optional: - type: boolean - type: object - csi: - description: |- - CSIVolumeSourceApplyConfiguration represents an declarative configuration of the CSIVolumeSource type for use - with apply. - properties: - driver: - type: string - fsType: - type: string - nodePublishSecretRef: - description: |- - LocalObjectReferenceApplyConfiguration represents an declarative configuration of the LocalObjectReference type for use - with apply. - properties: - name: - type: string - type: object - readOnly: - type: boolean - volumeAttributes: - additionalProperties: - type: string - type: object - type: object - downwardAPI: - description: |- - DownwardAPIVolumeSourceApplyConfiguration represents an declarative configuration of the DownwardAPIVolumeSource type for use - with apply. - properties: - defaultMode: - format: int32 - type: integer - items: - items: - description: |- - DownwardAPIVolumeFileApplyConfiguration represents an declarative configuration of the DownwardAPIVolumeFile type for use - with apply. - properties: - fieldRef: - description: |- - ObjectFieldSelectorApplyConfiguration represents an declarative configuration of the ObjectFieldSelector type for use - with apply. - properties: - apiVersion: - type: string - fieldPath: - type: string - type: object - mode: - format: int32 - type: integer - path: - type: string - resourceFieldRef: - description: |- - ResourceFieldSelectorApplyConfiguration represents an declarative configuration of the ResourceFieldSelector type for use - with apply. - properties: - containerName: - type: string - divisor: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - type: string - type: object - type: object - type: array - type: object - emptyDir: - description: |- - EmptyDirVolumeSourceApplyConfiguration represents an declarative configuration of the EmptyDirVolumeSource type for use - with apply. - properties: - medium: - description: StorageMedium defines ways - that storage can be allocated to a volume. - type: string - sizeLimit: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - ephemeral: - description: |- - EphemeralVolumeSourceApplyConfiguration represents an declarative configuration of the EphemeralVolumeSource type for use - with apply. - properties: - volumeClaimTemplate: - description: |- - PersistentVolumeClaimTemplateApplyConfiguration represents an declarative configuration of the PersistentVolumeClaimTemplate type for use - with apply. - properties: - metadata: - description: |- - ObjectMetaApplyConfiguration represents an declarative configuration of the ObjectMeta type for use - with apply. - properties: - annotations: - additionalProperties: - type: string - type: object - creationTimestamp: - format: date-time - type: string - deletionGracePeriodSeconds: - format: int64 - type: integer - deletionTimestamp: - format: date-time - type: string - finalizers: - items: - type: string - type: array - generateName: - type: string - generation: - format: int64 - type: integer - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - ownerReferences: - items: - description: |- - OwnerReferenceApplyConfiguration represents an declarative configuration of the OwnerReference type for use - with apply. - properties: - apiVersion: - type: string - blockOwnerDeletion: - type: boolean - controller: - type: boolean - kind: - type: string - name: - type: string - uid: - description: |- - UID is a type that holds unique ID values, including UUIDs. Because we - don't ONLY use UUIDs, this is an alias to string. Being a type captures - intent and helps make sure that UIDs and names do not get conflated. - type: string - type: object - type: array - resourceVersion: - type: string - uid: - description: |- - UID is a type that holds unique ID values, including UUIDs. Because we - don't ONLY use UUIDs, this is an alias to string. Being a type captures - intent and helps make sure that UIDs and names do not get conflated. - type: string - type: object - spec: - description: |- - PersistentVolumeClaimSpecApplyConfiguration represents an declarative configuration of the PersistentVolumeClaimSpec type for use - with apply. - properties: - accessModes: - items: - type: string - type: array - dataSource: - description: |- - TypedLocalObjectReferenceApplyConfiguration represents an declarative configuration of the TypedLocalObjectReference type for use - with apply. - properties: - apiGroup: - type: string - kind: - type: string - name: - type: string - type: object - dataSourceRef: - description: |- - TypedObjectReferenceApplyConfiguration represents an declarative configuration of the TypedObjectReference type for use - with apply. - properties: - apiGroup: - type: string - kind: - type: string - name: - type: string - namespace: - type: string - type: object - resources: - description: |- - VolumeResourceRequirementsApplyConfiguration represents an declarative configuration of the VolumeResourceRequirements type for use - with apply. - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: ResourceList is - a set of (resource name, quantity) - pairs. - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: ResourceList is - a set of (resource name, quantity) - pairs. - type: object - type: object - selector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label selector - operator is the set - of operators that can - be used in a selector - requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - storageClassName: - type: string - volumeAttributesClassName: - type: string - volumeMode: - description: PersistentVolumeMode - describes how a volume is intended - to be consumed, either Block or - Filesystem. - type: string - volumeName: - type: string - type: object - type: object - type: object - fc: - description: |- - FCVolumeSourceApplyConfiguration represents an declarative configuration of the FCVolumeSource type for use - with apply. - properties: - fsType: - type: string - lun: - format: int32 - type: integer - readOnly: - type: boolean - targetWWNs: - items: - type: string - type: array - wwids: - items: - type: string - type: array - type: object - flexVolume: - description: |- - FlexVolumeSourceApplyConfiguration represents an declarative configuration of the FlexVolumeSource type for use - with apply. - properties: - driver: - type: string - fsType: - type: string - options: - additionalProperties: - type: string - type: object - readOnly: - type: boolean - secretRef: - description: |- - LocalObjectReferenceApplyConfiguration represents an declarative configuration of the LocalObjectReference type for use - with apply. - properties: - name: - type: string - type: object - type: object - flocker: - description: |- - FlockerVolumeSourceApplyConfiguration represents an declarative configuration of the FlockerVolumeSource type for use - with apply. - properties: - datasetName: - type: string - datasetUUID: - type: string - type: object - gcePersistentDisk: - description: |- - GCEPersistentDiskVolumeSourceApplyConfiguration represents an declarative configuration of the GCEPersistentDiskVolumeSource type for use - with apply. - properties: - fsType: - type: string - partition: - format: int32 - type: integer - pdName: - type: string - readOnly: - type: boolean - type: object - gitRepo: - description: |- - GitRepoVolumeSourceApplyConfiguration represents an declarative configuration of the GitRepoVolumeSource type for use - with apply. - properties: - directory: - type: string - repository: - type: string - revision: - type: string - type: object - glusterfs: - description: |- - GlusterfsVolumeSourceApplyConfiguration represents an declarative configuration of the GlusterfsVolumeSource type for use - with apply. - properties: - endpoints: - type: string - path: - type: string - readOnly: - type: boolean - type: object - hostPath: - description: |- - HostPathVolumeSourceApplyConfiguration represents an declarative configuration of the HostPathVolumeSource type for use - with apply. - properties: - path: - type: string - type: - type: string - type: object - iscsi: - description: |- - ISCSIVolumeSourceApplyConfiguration represents an declarative configuration of the ISCSIVolumeSource type for use - with apply. - properties: - chapAuthDiscovery: - type: boolean - chapAuthSession: - type: boolean - fsType: - type: string - initiatorName: - type: string - iqn: - type: string - iscsiInterface: - type: string - lun: - format: int32 - type: integer - portals: - items: - type: string - type: array - readOnly: - type: boolean - secretRef: - description: |- - LocalObjectReferenceApplyConfiguration represents an declarative configuration of the LocalObjectReference type for use - with apply. - properties: - name: - type: string - type: object - targetPortal: - type: string - type: object - name: - type: string - nfs: - description: |- - NFSVolumeSourceApplyConfiguration represents an declarative configuration of the NFSVolumeSource type for use - with apply. - properties: - path: - type: string - readOnly: - type: boolean - server: - type: string - type: object - persistentVolumeClaim: - description: |- - PersistentVolumeClaimVolumeSourceApplyConfiguration represents an declarative configuration of the PersistentVolumeClaimVolumeSource type for use - with apply. - properties: - claimName: - type: string - readOnly: - type: boolean - type: object - photonPersistentDisk: - description: |- - PhotonPersistentDiskVolumeSourceApplyConfiguration represents an declarative configuration of the PhotonPersistentDiskVolumeSource type for use - with apply. - properties: - fsType: - type: string - pdID: - type: string - type: object - portworxVolume: - description: |- - PortworxVolumeSourceApplyConfiguration represents an declarative configuration of the PortworxVolumeSource type for use - with apply. - properties: - fsType: - type: string - readOnly: - type: boolean - volumeID: - type: string - type: object - projected: - description: |- - ProjectedVolumeSourceApplyConfiguration represents an declarative configuration of the ProjectedVolumeSource type for use - with apply. - properties: - defaultMode: - format: int32 - type: integer - sources: - items: - description: |- - VolumeProjectionApplyConfiguration represents an declarative configuration of the VolumeProjection type for use - with apply. - properties: - clusterTrustBundle: - description: |- - ClusterTrustBundleProjectionApplyConfiguration represents an declarative configuration of the ClusterTrustBundleProjection type for use - with apply. - properties: - labelSelector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label - selector operator - is the set of operators - that can be used in - a selector requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - name: - type: string - optional: - type: boolean - path: - type: string - signerName: - type: string - type: object - configMap: - description: |- - ConfigMapProjectionApplyConfiguration represents an declarative configuration of the ConfigMapProjection type for use - with apply. - properties: - items: - items: - description: |- - KeyToPathApplyConfiguration represents an declarative configuration of the KeyToPath type for use - with apply. - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - type: object - type: array - name: - type: string - optional: - type: boolean - type: object - downwardAPI: - description: |- - DownwardAPIProjectionApplyConfiguration represents an declarative configuration of the DownwardAPIProjection type for use - with apply. - properties: - items: - items: - description: |- - DownwardAPIVolumeFileApplyConfiguration represents an declarative configuration of the DownwardAPIVolumeFile type for use - with apply. - properties: - fieldRef: - description: |- - ObjectFieldSelectorApplyConfiguration represents an declarative configuration of the ObjectFieldSelector type for use - with apply. - properties: - apiVersion: - type: string - fieldPath: - type: string - type: object - mode: - format: int32 - type: integer - path: - type: string - resourceFieldRef: - description: |- - ResourceFieldSelectorApplyConfiguration represents an declarative configuration of the ResourceFieldSelector type for use - with apply. - properties: - containerName: - type: string - divisor: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - type: string - type: object - type: object - type: array - type: object - secret: - description: |- - SecretProjectionApplyConfiguration represents an declarative configuration of the SecretProjection type for use - with apply. - properties: - items: - items: - description: |- - KeyToPathApplyConfiguration represents an declarative configuration of the KeyToPath type for use - with apply. - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - type: object - type: array - name: - type: string - optional: - type: boolean - type: object - serviceAccountToken: - description: |- - ServiceAccountTokenProjectionApplyConfiguration represents an declarative configuration of the ServiceAccountTokenProjection type for use - with apply. - properties: - audience: - type: string - expirationSeconds: - format: int64 - type: integer - path: - type: string - type: object - type: object - type: array - type: object - quobyte: - description: |- - QuobyteVolumeSourceApplyConfiguration represents an declarative configuration of the QuobyteVolumeSource type for use - with apply. - properties: - group: - type: string - readOnly: - type: boolean - registry: - type: string - tenant: - type: string - user: - type: string - volume: - type: string - type: object - rbd: - description: |- - RBDVolumeSourceApplyConfiguration represents an declarative configuration of the RBDVolumeSource type for use - with apply. - properties: - fsType: - type: string - image: - type: string - keyring: - type: string - monitors: - items: - type: string - type: array - pool: - type: string - readOnly: - type: boolean - secretRef: - description: |- - LocalObjectReferenceApplyConfiguration represents an declarative configuration of the LocalObjectReference type for use - with apply. - properties: - name: - type: string - type: object - user: - type: string - type: object - scaleIO: - description: |- - ScaleIOVolumeSourceApplyConfiguration represents an declarative configuration of the ScaleIOVolumeSource type for use - with apply. - properties: - fsType: - type: string - gateway: - type: string - protectionDomain: - type: string - readOnly: - type: boolean - secretRef: - description: |- - LocalObjectReferenceApplyConfiguration represents an declarative configuration of the LocalObjectReference type for use - with apply. - properties: - name: - type: string - type: object - sslEnabled: - type: boolean - storageMode: - type: string - storagePool: - type: string - system: - type: string - volumeName: - type: string - type: object - secret: - description: |- - SecretVolumeSourceApplyConfiguration represents an declarative configuration of the SecretVolumeSource type for use - with apply. - properties: - defaultMode: - format: int32 - type: integer - items: - items: - description: |- - KeyToPathApplyConfiguration represents an declarative configuration of the KeyToPath type for use - with apply. - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - type: object - type: array - optional: - type: boolean - secretName: - type: string - type: object - storageos: - description: |- - StorageOSVolumeSourceApplyConfiguration represents an declarative configuration of the StorageOSVolumeSource type for use - with apply. - properties: - fsType: - type: string - readOnly: - type: boolean - secretRef: - description: |- - LocalObjectReferenceApplyConfiguration represents an declarative configuration of the LocalObjectReference type for use - with apply. - properties: - name: - type: string - type: object - volumeName: - type: string - volumeNamespace: - type: string - type: object - vsphereVolume: - description: |- - VsphereVirtualDiskVolumeSourceApplyConfiguration represents an declarative configuration of the VsphereVirtualDiskVolumeSource type for use - with apply. - properties: - fsType: - type: string - storagePolicyID: - type: string - storagePolicyName: - type: string - volumePath: - type: string - type: object - type: object - type: array - type: object - type: object - priorityClassName: - description: Defines the priority class name to assign priority - levels to the Pods, influencing their scheduling order. - type: string - readinessProbe: - description: Defines readiness probes to determine when a - Pod is ready to handle traffic. - properties: - failureThreshold: - description: Defines the threshold for how many times - the probe can fail before the Pod is marked Unready. - type: integer - initialDelaySeconds: - description: Sets the initial delay before the readiness - probe is initiated, in seconds. - type: integer - periodSeconds: - description: Configures the period, in seconds, between - each readiness check. - type: integer - successThreshold: - type: integer - timeoutSeconds: - type: integer - type: object - replicas: - description: Specifies the number of replicas to determine - the desired number of Pods (Redpanda brokers) in the StatefulSet. - type: integer - securityContext: - description: Sets a security context for the Pods to define - privilege and access control settings. - properties: - allowPrivilegeEscalation: - description: |- - AllowPrivilegeEscalation controls whether a process can gain more - privileges than its parent process. This bool directly controls if - the no_new_privs flag will be set on the container process. - AllowPrivilegeEscalation is true always when the container is: - 1) run as Privileged - 2) has CAP_SYS_ADMIN - Note that this field cannot be set when spec.os.name is windows. - type: boolean - appArmorProfile: - description: |- - appArmorProfile is the AppArmor options to use by this container. If set, this profile - overrides the pod's appArmorProfile. - Note that this field cannot be set when spec.os.name is windows. - properties: - localhostProfile: - description: |- - localhostProfile indicates a profile loaded on the node that should be used. - The profile must be preconfigured on the node to work. - Must match the loaded name of the profile. - Must be set if and only if type is "Localhost". - type: string - type: - description: |- - type indicates which kind of AppArmor profile will be applied. - Valid options are: - Localhost - a profile pre-loaded on the node. - RuntimeDefault - the container runtime's default profile. - Unconfined - no AppArmor enforcement. - type: string - required: - - type - type: object - capabilities: - description: |- - The capabilities to add/drop when running containers. - Defaults to the default set of capabilities granted by the container runtime. - Note that this field cannot be set when spec.os.name is windows. - properties: - add: - description: Added capabilities - items: - description: Capability represent POSIX capabilities - type - type: string - type: array - x-kubernetes-list-type: atomic - drop: - description: Removed capabilities - items: - description: Capability represent POSIX capabilities - type - type: string - type: array - x-kubernetes-list-type: atomic - type: object - privileged: - description: |- - Run container in privileged mode. - Processes in privileged containers are essentially equivalent to root on the host. - Defaults to false. - Note that this field cannot be set when spec.os.name is windows. - type: boolean - procMount: - description: |- - procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for - readonly paths and masked paths. - This requires the ProcMountType feature flag to be enabled. - Note that this field cannot be set when spec.os.name is windows. - type: string - readOnlyRootFilesystem: - description: |- - Whether this container has a read-only root filesystem. - Default is false. - Note that this field cannot be set when spec.os.name is windows. - type: boolean - runAsGroup: - description: |- - The GID to run the entrypoint of the container process. - Uses runtime default if unset. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is windows. - format: int64 - type: integer - runAsNonRoot: - description: |- - Indicates that the container must run as a non-root user. - If true, the Kubelet will validate the image at runtime to ensure that it - does not run as UID 0 (root) and fail to start the container if it does. - If unset or false, no such validation will be performed. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - type: boolean - runAsUser: - description: |- - The UID to run the entrypoint of the container process. - Defaults to user specified in image metadata if unspecified. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is windows. - format: int64 - type: integer - seLinuxOptions: - description: |- - The SELinux context to be applied to the container. - If unspecified, the container runtime will allocate a random SELinux context for each - container. May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is windows. - properties: - level: - description: Level is SELinux level label that applies - to the container. - type: string - role: - description: Role is a SELinux role label that applies - to the container. - type: string - type: - description: Type is a SELinux type label that applies - to the container. - type: string - user: - description: User is a SELinux user label that applies - to the container. - type: string - type: object - seccompProfile: - description: |- - The seccomp options to use by this container. If seccomp options are - provided at both the pod & container level, the container options - override the pod options. - Note that this field cannot be set when spec.os.name is windows. - properties: - localhostProfile: - description: |- - localhostProfile indicates a profile defined in a file on the node should be used. - The profile must be preconfigured on the node to work. - Must be a descending path, relative to the kubelet's configured seccomp profile location. - Must be set if type is "Localhost". Must NOT be set for any other type. - type: string - type: - description: |- - type indicates which kind of seccomp profile will be applied. - Valid options are: - - Localhost - a profile defined in a file on the node should be used. - RuntimeDefault - the container runtime default profile should be used. - Unconfined - no profile should be applied. - type: string - required: - - type - type: object - windowsOptions: - description: |- - The Windows specific settings applied to all containers. - If unspecified, the options from the PodSecurityContext will be used. - If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is linux. - properties: - gmsaCredentialSpec: - description: |- - GMSACredentialSpec is where the GMSA admission webhook - (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the - GMSA credential spec named by the GMSACredentialSpecName field. - type: string - gmsaCredentialSpecName: - description: GMSACredentialSpecName is the name of - the GMSA credential spec to use. - type: string - hostProcess: - description: |- - HostProcess determines if a container should be run as a 'Host Process' container. - All of a Pod's containers must have the same effective HostProcess value - (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). - In addition, if HostProcess is true then HostNetwork must also be set to true. - type: boolean - runAsUserName: - description: |- - The UserName in Windows to run the entrypoint of the container process. - Defaults to the user specified in image metadata if unspecified. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - type: string - type: object - type: object - sideCars: - description: Defines the additional sidecar containers that - run alongside the main Redpanda container in the Pod. - properties: - configWatcher: - description: Configures the `config-watcher` sidecar. - The `config-watcher` sidecar polls the Secret resource - in `auth.sasl.secretRef` for changes and triggers a - rolling upgrade to add the new superusers to the Redpanda - cluster. - properties: - enabled: - description: Specifies whether the sidecar is enabled. - type: boolean - extraVolumeMounts: - description: Specifies additional volumes to mount - to the sidecar. - type: string - resources: - description: Specifies resource requests for the sidecar - container. - properties: - claims: - description: |- - Claims lists the names of resources, defined in spec.resourceClaims, - that are used by this container. - - This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. - - This field is immutable. It can only be set for containers. - items: - description: ResourceClaim references one entry - in PodSpec.ResourceClaims. - properties: - name: - description: |- - Name must match the name of one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes that resource available - inside a container. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - securityContext: - description: Specifies the container's security context, - including privileges and access levels of the container - and its processes. - properties: - allowPrivilegeEscalation: - description: |- - AllowPrivilegeEscalation controls whether a process can gain more - privileges than its parent process. This bool directly controls if - the no_new_privs flag will be set on the container process. - AllowPrivilegeEscalation is true always when the container is: - 1) run as Privileged - 2) has CAP_SYS_ADMIN - Note that this field cannot be set when spec.os.name is windows. - type: boolean - appArmorProfile: - description: |- - appArmorProfile is the AppArmor options to use by this container. If set, this profile - overrides the pod's appArmorProfile. - Note that this field cannot be set when spec.os.name is windows. - properties: - localhostProfile: - description: |- - localhostProfile indicates a profile loaded on the node that should be used. - The profile must be preconfigured on the node to work. - Must match the loaded name of the profile. - Must be set if and only if type is "Localhost". - type: string - type: - description: |- - type indicates which kind of AppArmor profile will be applied. - Valid options are: - Localhost - a profile pre-loaded on the node. - RuntimeDefault - the container runtime's default profile. - Unconfined - no AppArmor enforcement. - type: string - required: - - type - type: object - capabilities: - description: |- - The capabilities to add/drop when running containers. - Defaults to the default set of capabilities granted by the container runtime. - Note that this field cannot be set when spec.os.name is windows. - properties: - add: - description: Added capabilities - items: - description: Capability represent POSIX - capabilities type - type: string - type: array - x-kubernetes-list-type: atomic - drop: - description: Removed capabilities - items: - description: Capability represent POSIX - capabilities type - type: string - type: array - x-kubernetes-list-type: atomic - type: object - privileged: - description: |- - Run container in privileged mode. - Processes in privileged containers are essentially equivalent to root on the host. - Defaults to false. - Note that this field cannot be set when spec.os.name is windows. - type: boolean - procMount: - description: |- - procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for - readonly paths and masked paths. - This requires the ProcMountType feature flag to be enabled. - Note that this field cannot be set when spec.os.name is windows. - type: string - readOnlyRootFilesystem: - description: |- - Whether this container has a read-only root filesystem. - Default is false. - Note that this field cannot be set when spec.os.name is windows. - type: boolean - runAsGroup: - description: |- - The GID to run the entrypoint of the container process. - Uses runtime default if unset. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is windows. - format: int64 - type: integer - runAsNonRoot: - description: |- - Indicates that the container must run as a non-root user. - If true, the Kubelet will validate the image at runtime to ensure that it - does not run as UID 0 (root) and fail to start the container if it does. - If unset or false, no such validation will be performed. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - type: boolean - runAsUser: - description: |- - The UID to run the entrypoint of the container process. - Defaults to user specified in image metadata if unspecified. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is windows. - format: int64 - type: integer - seLinuxOptions: - description: |- - The SELinux context to be applied to the container. - If unspecified, the container runtime will allocate a random SELinux context for each - container. May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is windows. - properties: - level: - description: Level is SELinux level label - that applies to the container. - type: string - role: - description: Role is a SELinux role label - that applies to the container. - type: string - type: - description: Type is a SELinux type label - that applies to the container. - type: string - user: - description: User is a SELinux user label - that applies to the container. - type: string - type: object - seccompProfile: - description: |- - The seccomp options to use by this container. If seccomp options are - provided at both the pod & container level, the container options - override the pod options. - Note that this field cannot be set when spec.os.name is windows. - properties: - localhostProfile: - description: |- - localhostProfile indicates a profile defined in a file on the node should be used. - The profile must be preconfigured on the node to work. - Must be a descending path, relative to the kubelet's configured seccomp profile location. - Must be set if type is "Localhost". Must NOT be set for any other type. - type: string - type: - description: |- - type indicates which kind of seccomp profile will be applied. - Valid options are: - - Localhost - a profile defined in a file on the node should be used. - RuntimeDefault - the container runtime default profile should be used. - Unconfined - no profile should be applied. - type: string - required: - - type - type: object - windowsOptions: - description: |- - The Windows specific settings applied to all containers. - If unspecified, the options from the PodSecurityContext will be used. - If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is linux. - properties: - gmsaCredentialSpec: - description: |- - GMSACredentialSpec is where the GMSA admission webhook - (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the - GMSA credential spec named by the GMSACredentialSpecName field. - type: string - gmsaCredentialSpecName: - description: GMSACredentialSpecName is the - name of the GMSA credential spec to use. - type: string - hostProcess: - description: |- - HostProcess determines if a container should be run as a 'Host Process' container. - All of a Pod's containers must have the same effective HostProcess value - (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). - In addition, if HostProcess is true then HostNetwork must also be set to true. - type: boolean - runAsUserName: - description: |- - The UserName in Windows to run the entrypoint of the container process. - Defaults to the user specified in image metadata if unspecified. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - type: string - type: object - type: object - type: object - controllers: - description: RPControllers configures additional controllers - that can be deployed as sidecars in rp helm - properties: - createRBAC: - type: boolean - enabled: - description: Specifies whether the Controllers are - enabled. - type: boolean - healthProbeAddress: - type: string - image: - description: RedpandaImage configures the Redpanda - container image settings in the Helm values. - properties: - pullPolicy: - description: Specifies the strategy used for pulling - images from the repository. For available values, - see https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy. - type: string - repository: - description: Specifies the image repository to - pull from. - type: string - tag: - description: Specifies the image tag. - type: string - type: object - metricsAddress: - type: string - resources: - description: ResourceRequirements describes the compute - resource requirements. - properties: - claims: - description: |- - Claims lists the names of resources, defined in spec.resourceClaims, - that are used by this container. - - This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. - - This field is immutable. It can only be set for containers. - items: - description: ResourceClaim references one entry - in PodSpec.ResourceClaims. - properties: - name: - description: |- - Name must match the name of one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes that resource available - inside a container. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - run: - items: - type: string - type: array - securityContext: - description: |- - SecurityContext holds security configuration that will be applied to a container. - Some fields are present in both SecurityContext and PodSecurityContext. When both - are set, the values in SecurityContext take precedence. - properties: - allowPrivilegeEscalation: - description: |- - AllowPrivilegeEscalation controls whether a process can gain more - privileges than its parent process. This bool directly controls if - the no_new_privs flag will be set on the container process. - AllowPrivilegeEscalation is true always when the container is: - 1) run as Privileged - 2) has CAP_SYS_ADMIN - Note that this field cannot be set when spec.os.name is windows. - type: boolean - appArmorProfile: - description: |- - appArmorProfile is the AppArmor options to use by this container. If set, this profile - overrides the pod's appArmorProfile. - Note that this field cannot be set when spec.os.name is windows. - properties: - localhostProfile: - description: |- - localhostProfile indicates a profile loaded on the node that should be used. - The profile must be preconfigured on the node to work. - Must match the loaded name of the profile. - Must be set if and only if type is "Localhost". - type: string - type: - description: |- - type indicates which kind of AppArmor profile will be applied. - Valid options are: - Localhost - a profile pre-loaded on the node. - RuntimeDefault - the container runtime's default profile. - Unconfined - no AppArmor enforcement. - type: string - required: - - type - type: object - capabilities: - description: |- - The capabilities to add/drop when running containers. - Defaults to the default set of capabilities granted by the container runtime. - Note that this field cannot be set when spec.os.name is windows. - properties: - add: - description: Added capabilities - items: - description: Capability represent POSIX - capabilities type - type: string - type: array - x-kubernetes-list-type: atomic - drop: - description: Removed capabilities - items: - description: Capability represent POSIX - capabilities type - type: string - type: array - x-kubernetes-list-type: atomic - type: object - privileged: - description: |- - Run container in privileged mode. - Processes in privileged containers are essentially equivalent to root on the host. - Defaults to false. - Note that this field cannot be set when spec.os.name is windows. - type: boolean - procMount: - description: |- - procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for - readonly paths and masked paths. - This requires the ProcMountType feature flag to be enabled. - Note that this field cannot be set when spec.os.name is windows. - type: string - readOnlyRootFilesystem: - description: |- - Whether this container has a read-only root filesystem. - Default is false. - Note that this field cannot be set when spec.os.name is windows. - type: boolean - runAsGroup: - description: |- - The GID to run the entrypoint of the container process. - Uses runtime default if unset. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is windows. - format: int64 - type: integer - runAsNonRoot: - description: |- - Indicates that the container must run as a non-root user. - If true, the Kubelet will validate the image at runtime to ensure that it - does not run as UID 0 (root) and fail to start the container if it does. - If unset or false, no such validation will be performed. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - type: boolean - runAsUser: - description: |- - The UID to run the entrypoint of the container process. - Defaults to user specified in image metadata if unspecified. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is windows. - format: int64 - type: integer - seLinuxOptions: - description: |- - The SELinux context to be applied to the container. - If unspecified, the container runtime will allocate a random SELinux context for each - container. May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is windows. - properties: - level: - description: Level is SELinux level label - that applies to the container. - type: string - role: - description: Role is a SELinux role label - that applies to the container. - type: string - type: - description: Type is a SELinux type label - that applies to the container. - type: string - user: - description: User is a SELinux user label - that applies to the container. - type: string - type: object - seccompProfile: - description: |- - The seccomp options to use by this container. If seccomp options are - provided at both the pod & container level, the container options - override the pod options. - Note that this field cannot be set when spec.os.name is windows. - properties: - localhostProfile: - description: |- - localhostProfile indicates a profile defined in a file on the node should be used. - The profile must be preconfigured on the node to work. - Must be a descending path, relative to the kubelet's configured seccomp profile location. - Must be set if type is "Localhost". Must NOT be set for any other type. - type: string - type: - description: |- - type indicates which kind of seccomp profile will be applied. - Valid options are: - - Localhost - a profile defined in a file on the node should be used. - RuntimeDefault - the container runtime default profile should be used. - Unconfined - no profile should be applied. - type: string - required: - - type - type: object - windowsOptions: - description: |- - The Windows specific settings applied to all containers. - If unspecified, the options from the PodSecurityContext will be used. - If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is linux. - properties: - gmsaCredentialSpec: - description: |- - GMSACredentialSpec is where the GMSA admission webhook - (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the - GMSA credential spec named by the GMSACredentialSpecName field. - type: string - gmsaCredentialSpecName: - description: GMSACredentialSpecName is the - name of the GMSA credential spec to use. - type: string - hostProcess: - description: |- - HostProcess determines if a container should be run as a 'Host Process' container. - All of a Pod's containers must have the same effective HostProcess value - (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). - In addition, if HostProcess is true then HostNetwork must also be set to true. - type: boolean - runAsUserName: - description: |- - The UserName in Windows to run the entrypoint of the container process. - Defaults to the user specified in image metadata if unspecified. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - type: string - type: object - type: object - type: object - rpkStatus: - description: SideCarObj represents a generic sidecar object. - This is a placeholder for now. - properties: - enabled: - type: boolean - resources: - description: ResourceRequirements describes the compute - resource requirements. - properties: - claims: - description: |- - Claims lists the names of resources, defined in spec.resourceClaims, - that are used by this container. - - This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. - - This field is immutable. It can only be set for containers. - items: - description: ResourceClaim references one entry - in PodSpec.ResourceClaims. - properties: - name: - description: |- - Name must match the name of one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes that resource available - inside a container. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - securityContext: - description: |- - SecurityContext holds security configuration that will be applied to a container. - Some fields are present in both SecurityContext and PodSecurityContext. When both - are set, the values in SecurityContext take precedence. - properties: - allowPrivilegeEscalation: - description: |- - AllowPrivilegeEscalation controls whether a process can gain more - privileges than its parent process. This bool directly controls if - the no_new_privs flag will be set on the container process. - AllowPrivilegeEscalation is true always when the container is: - 1) run as Privileged - 2) has CAP_SYS_ADMIN - Note that this field cannot be set when spec.os.name is windows. - type: boolean - appArmorProfile: - description: |- - appArmorProfile is the AppArmor options to use by this container. If set, this profile - overrides the pod's appArmorProfile. - Note that this field cannot be set when spec.os.name is windows. - properties: - localhostProfile: - description: |- - localhostProfile indicates a profile loaded on the node that should be used. - The profile must be preconfigured on the node to work. - Must match the loaded name of the profile. - Must be set if and only if type is "Localhost". - type: string - type: - description: |- - type indicates which kind of AppArmor profile will be applied. - Valid options are: - Localhost - a profile pre-loaded on the node. - RuntimeDefault - the container runtime's default profile. - Unconfined - no AppArmor enforcement. - type: string - required: - - type - type: object - capabilities: - description: |- - The capabilities to add/drop when running containers. - Defaults to the default set of capabilities granted by the container runtime. - Note that this field cannot be set when spec.os.name is windows. - properties: - add: - description: Added capabilities - items: - description: Capability represent POSIX - capabilities type - type: string - type: array - x-kubernetes-list-type: atomic - drop: - description: Removed capabilities - items: - description: Capability represent POSIX - capabilities type - type: string - type: array - x-kubernetes-list-type: atomic - type: object - privileged: - description: |- - Run container in privileged mode. - Processes in privileged containers are essentially equivalent to root on the host. - Defaults to false. - Note that this field cannot be set when spec.os.name is windows. - type: boolean - procMount: - description: |- - procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for - readonly paths and masked paths. - This requires the ProcMountType feature flag to be enabled. - Note that this field cannot be set when spec.os.name is windows. - type: string - readOnlyRootFilesystem: - description: |- - Whether this container has a read-only root filesystem. - Default is false. - Note that this field cannot be set when spec.os.name is windows. - type: boolean - runAsGroup: - description: |- - The GID to run the entrypoint of the container process. - Uses runtime default if unset. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is windows. - format: int64 - type: integer - runAsNonRoot: - description: |- - Indicates that the container must run as a non-root user. - If true, the Kubelet will validate the image at runtime to ensure that it - does not run as UID 0 (root) and fail to start the container if it does. - If unset or false, no such validation will be performed. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - type: boolean - runAsUser: - description: |- - The UID to run the entrypoint of the container process. - Defaults to user specified in image metadata if unspecified. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is windows. - format: int64 - type: integer - seLinuxOptions: - description: |- - The SELinux context to be applied to the container. - If unspecified, the container runtime will allocate a random SELinux context for each - container. May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is windows. - properties: - level: - description: Level is SELinux level label - that applies to the container. - type: string - role: - description: Role is a SELinux role label - that applies to the container. - type: string - type: - description: Type is a SELinux type label - that applies to the container. - type: string - user: - description: User is a SELinux user label - that applies to the container. - type: string - type: object - seccompProfile: - description: |- - The seccomp options to use by this container. If seccomp options are - provided at both the pod & container level, the container options - override the pod options. - Note that this field cannot be set when spec.os.name is windows. - properties: - localhostProfile: - description: |- - localhostProfile indicates a profile defined in a file on the node should be used. - The profile must be preconfigured on the node to work. - Must be a descending path, relative to the kubelet's configured seccomp profile location. - Must be set if type is "Localhost". Must NOT be set for any other type. - type: string - type: - description: |- - type indicates which kind of seccomp profile will be applied. - Valid options are: - - Localhost - a profile defined in a file on the node should be used. - RuntimeDefault - the container runtime default profile should be used. - Unconfined - no profile should be applied. - type: string - required: - - type - type: object - windowsOptions: - description: |- - The Windows specific settings applied to all containers. - If unspecified, the options from the PodSecurityContext will be used. - If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is linux. - properties: - gmsaCredentialSpec: - description: |- - GMSACredentialSpec is where the GMSA admission webhook - (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the - GMSA credential spec named by the GMSACredentialSpecName field. - type: string - gmsaCredentialSpecName: - description: GMSACredentialSpecName is the - name of the GMSA credential spec to use. - type: string - hostProcess: - description: |- - HostProcess determines if a container should be run as a 'Host Process' container. - All of a Pod's containers must have the same effective HostProcess value - (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). - In addition, if HostProcess is true then HostNetwork must also be set to true. - type: boolean - runAsUserName: - description: |- - The UserName in Windows to run the entrypoint of the container process. - Defaults to the user specified in image metadata if unspecified. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - type: string - type: object - type: object - type: object - type: object - skipChown: - description: Specifies whether to skip the changing of file - ownership (chown) during Pod initialization. - type: boolean - startupProbe: - description: Configures the startup probe to determine when - the Redpanda application within the Pod has started successfully. - properties: - failureThreshold: - description: Determines the failure threshold to mark - the application in the Pod as not started. - type: integer - initialDelaySeconds: - description: Specifies the delay in seconds before the - startup probe begins. - type: integer - periodSeconds: - description: Sets the period in seconds for conducting - subsequent probes. - type: integer - successThreshold: - type: integer - timeoutSeconds: - type: integer - type: object - terminationGracePeriodSeconds: - description: Specifies the termination grace period in seconds - to control the time delay before forcefully terminating - a Pod. - type: integer - tolerations: - description: Applies tolerations to allow Pods to be scheduled - on nodes with matching taints, enabling control over where - Pods can run. - items: - description: |- - The pod this Toleration is attached to tolerates any taint that matches - the triple using the matching operator . - properties: - effect: - description: |- - Effect indicates the taint effect to match. Empty means match all taint effects. - When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: |- - Key is the taint key that the toleration applies to. Empty means match all taint keys. - If the key is empty, operator must be Exists; this combination means to match all values and all keys. - type: string - operator: - description: |- - Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod can - tolerate all taints of a particular category. - type: string - tolerationSeconds: - description: |- - TolerationSeconds represents the period of time the toleration (which must be - of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, - it is not set, which means tolerate the taint forever (do not evict). Zero and - negative values will be treated as 0 (evict immediately) by the system. - format: int64 - type: integer - value: - description: |- - Value is the taint value the toleration matches to. - If the operator is Exists, the value should be empty, otherwise just a regular string. - type: string - type: object - type: array - topologySpreadConstraints: - description: Defines topology spread constraints to control - how Pods are spread across different topology domains. - items: - description: TopologySpreadConstraints configures topology - spread constraints to control how Pods are spread across - different topology domains. - properties: - maxSkew: - description: Defines the maximum skew between the number - of Pods in any two topology domains. - type: integer - topologyKey: - description: Specifies the topology key to use for spreading - Pods. - type: string - whenUnsatisfiable: - description: Sets the policy for how to handle unsatisfiable - constraints, such as `DoNotSchedule` or `ScheduleAnyway`. - type: string - type: object - type: array - updateStrategy: - description: Defines the update strategy for the StatefulSet - to manage how updates are rolled out to the Pods. - properties: - type: - description: Defines the strategy type for updating the - StatefulSet, such as `RollingUpdate` or `OnDelete`. - type: string - type: object - type: object - storage: - description: Defines storage settings for the Redpanda data directory - and the Tiered Storage cache. - properties: - hostPath: - description: Specifies the absolute path on the worker node - to store the Redpanda data directory. If unspecified, then - an `emptyDir` volume is used. If specified but `persistentVolume.enabled` - is true, `storage.hostPath` has no effect. - type: string - persistentVolume: - description: Configures a PersistentVolumeClaim (PVC) template - to create for each Pod. This PVC is used to store the Redpanda - data directory. - properties: - annotations: - additionalProperties: - type: string - description: Adds annotations to the PersistentVolumeClaims - to provide additional information or metadata that can - be used by other tools or libraries. - type: object - enabled: - description: Specifies whether to enable the Helm chart - to create PersistentVolumeClaims for Pods. - type: boolean - labels: - additionalProperties: - type: string - description: Applies labels to the PersistentVolumeClaims - to facilitate identification and selection based on - custom criteria. - type: object - nameOverwrite: - description: Option to change volume claim template name - for tiered storage persistent volume if tiered.mountType - is set to `persistentVolume` - type: string - size: - anyOf: - - type: integer - - type: string - description: Specifies the storage capacity required. - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - storageClass: - description: Specifies the StorageClass for the PersistentVolumeClaims - to determine how PersistentVolumes are provisioned and - managed. - type: string - type: object - tiered: - description: Configures storage for the Tiered Storage cache. - properties: - config: - description: Configures Tiered Storage, which requires - an Enterprise license configured in `enterprise.licenseKey` - or `enterprised.licenseSecretRef`. - properties: - cloud_storage_api_endpoint: - description: See https://docs.redpanda.com/docs/reference/cluster-properties/#cloud_storage_api_endpoint. - type: string - cloud_storage_api_endpoint_port: - description: See https://docs.redpanda.com/current/reference/cluster-properties/#cloud_storage_api_endpoint_port. - type: integer - cloud_storage_azure_adls_endpoint: - description: See https://docs.redpanda.com/docs/reference/cluster-properties/#cloud_storage_azure_adls_endpoint. - type: string - cloud_storage_azure_adls_port: - description: See https://docs.redpanda.com/docs/reference/cluster-properties/#cloud_storage_azure_adls_port. - type: integer - cloud_storage_azure_container: - description: See https://docs.redpanda.com/docs/reference/cluster-properties/#cloud_storage_azure_container. - type: string - cloud_storage_azure_managed_identity_id: - description: See https://docs.redpanda.com/docs/reference/cluster-properties/#cloud_storage_azure_managed_identity_id. - type: string - cloud_storage_azure_shared_key: - description: See https://docs.redpanda.com/docs/reference/cluster-properties/#cloud_storage_azure_shared_key. - type: string - cloud_storage_azure_storage_account: - description: See https://docs.redpanda.com/docs/reference/cluster-properties/#cloud_storage_azure_storage_account. - type: string - cloud_storage_bucket: - description: See https://docs.redpanda.com/current/reference/cluster-properties/#cloud_storage_bucket. - type: string - cloud_storage_cache_check_interval: - description: See https://docs.redpanda.com/current/reference/tunable-properties/#cloud_storage_cache_check_interval. - type: integer - cloud_storage_cache_directory: - description: See https://docs.redpanda.com/current/reference/node-properties/#cloud_storage_cache_directory. - type: string - cloud_storage_cache_size: - description: See https://docs.redpanda.com/current/reference/cluster-properties/#cloud_storage_cache_size. - type: string - cloud_storage_credentials_source: - description: See https://docs.redpanda.com/current/reference/cluster-properties/#cloud_storage_credentials_source. - type: string - cloud_storage_disable_tls: - description: See https://docs.redpanda.com/current/reference/cluster-properties/#cloud_storage_disable_tls. - type: boolean - cloud_storage_enable_remote_read: - description: See https://docs.redpanda.com/current/reference/tunable-properties/#cloud_storage_enable_remote_read. - type: boolean - cloud_storage_enable_remote_write: - description: See https://docs.redpanda.com/current/reference/tunable-properties/#cloud_storage_enable_remote_write. - type: boolean - cloud_storage_enabled: - description: Enables Tiered Storage, if a license - key is provided. See https://docs.redpanda.com/docs/reference/cluster-properties/#cloud_storage_enabled. - x-kubernetes-preserve-unknown-fields: true - cloud_storage_initial_backoff_ms: - description: See https://docs.redpanda.com/current/reference/tunable-properties/#cloud_storage_initial_backoff_ms. - type: integer - cloud_storage_manifest_upload_timeout_ms: - description: See https://docs.redpanda.com/current/reference/tunable-properties/#cloud_storage_manifest_upload_timeout_ms. - type: integer - cloud_storage_max_connection_idle_time_ms: - description: See https://docs.redpanda.com/current/reference/tunable-properties/#cloud_storage_max_connection_idle_time_ms. - type: integer - cloud_storage_max_connections: - description: See https://docs.redpanda.com/current/reference/cluster-properties/#cloud_storage_max_connections. - type: integer - cloud_storage_reconciliation_interval_ms: - description: 'Deprecated: See https://docs.redpanda.com/current/reference/tunable-properties/#cloud_storage_reconciliation_interval_ms.' - type: integer - cloud_storage_region: - description: See https://docs.redpanda.com/current/reference/cluster-properties/#cloud_storage_region. - type: string - cloud_storage_segment_max_upload_interval_sec: - description: See https://docs.redpanda.com/current/reference/tunable-properties/#cloud_storage_segment_max_upload_interval_sec. - type: integer - cloud_storage_segment_upload_timeout_ms: - description: See https://docs.redpanda.com/current/reference/tunable-properties/#cloud_storage_segment_upload_timeout_ms. - type: integer - cloud_storage_trust_file: - description: See https://docs.redpanda.com/current/reference/cluster-properties/#cloud_storage_trust_file. - type: string - cloud_storage_upload_ctrl_d_coeff: - description: See https://docs.redpanda.com/current/reference/tunable-properties/#cloud_storage_upload_ctrl_d_coeff. - type: integer - cloud_storage_upload_ctrl_max_shares: - description: See https://docs.redpanda.com/current/reference/tunable-properties/#cloud_storage_upload_ctrl_max_shares. - type: integer - cloud_storage_upload_ctrl_min_shares: - description: See https://docs.redpanda.com/current/reference/tunable-properties/#cloud_storage_upload_ctrl_min_shares. - type: integer - cloud_storage_upload_ctrl_p_coeff: - description: See https://docs.redpanda.com/current/reference/tunable-properties/#cloud_storage_upload_ctrl_p_coeff. - type: integer - cloud_storage_upload_ctrl_update_interval_ms: - description: See https://docs.redpanda.com/current/reference/tunable-properties/#cloud_storage_upload_ctrl_update_interval_ms. - type: integer - type: object - credentialsSecretRef: - description: CredentialSecretRef can be used to set `cloud_storage_secret_key` - and/or `cloud_storage_access_key` from referenced Kubernetes - Secret - properties: - accessKey: - properties: - configurationKey: - type: string - key: - type: string - name: - type: string - type: object - secretKey: - properties: - configurationKey: - type: string - key: - type: string - name: - type: string - type: object - type: object - hostPath: - description: Specifies the absolute path on the worker - node to store the Tiered Storage cache. - type: string - mountType: - description: |- - mountType can be one of: - - - `none`: Does not mount a volume. Tiered storage will use the same volume as the one defined for the Redpanda data directory. - - `hostPath`: Uses the path specified in `hostPath` on the worker node that the Pod is running on. - - `emptyDir`: Mounts an empty directory every time the Pod starts. - - `persistentVolume`: Creates and mounts a PersistentVolumeClaim using the template defined in `persistentVolume`. - type: string - persistentVolume: - description: Configures a PersistentVolumeClaim (PVC) - template to create for each Pod. This PVC is used to - store the Tiered Storage cache. - properties: - annotations: - additionalProperties: - type: string - description: Adds annotations to the PersistentVolumeClaims - to provide additional information or metadata that - can be used by other tools or libraries. - type: object - enabled: - description: Specifies whether to enable the Helm - chart to create PersistentVolumeClaims for Pods. - type: boolean - labels: - additionalProperties: - type: string - description: Applies labels to the PersistentVolumeClaims - to facilitate identification and selection based - on custom criteria. - type: object - nameOverwrite: - description: Option to change volume claim template - name for tiered storage persistent volume if tiered.mountType - is set to `persistentVolume` - type: string - size: - anyOf: - - type: integer - - type: string - description: Specifies the storage capacity required. - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - storageClass: - description: Specifies the StorageClass for the PersistentVolumeClaims - to determine how PersistentVolumes are provisioned - and managed. - type: string - type: object - type: object - type: object - tests: - properties: - enabled: - type: boolean - type: object - tls: - description: Defines TLS settings for listeners. - properties: - certs: - additionalProperties: - description: Certificate configures TLS certificates. - properties: - applyInternalDNSNames: - description: Specifies you wish to have Kubernetes internal - dns names (IE the headless service of the redpanda - StatefulSet) included in `dnsNames` of the certificate - even, when supplying an issuer. - type: boolean - caEnabled: - description: Specifies whether to include the `ca.crt` - file in the trust stores of all listeners. Set to - `true` only for certificates that are not authenticated - using public certificate authorities (CAs). - type: boolean - clientSecretRef: - description: Specify the name of an existing Secret - resource that contains your client TLS certificate. - properties: - name: - description: Specifies the name of the Secret resource. - type: string - type: object - duration: - description: Specifies the validity duration of certificates - generated with `issuerRef`. - type: string - enabled: - type: boolean - issuerRef: - description: Specify the name of an existing Issuer - or ClusterIssuer resource to use to generate certificates. - Requires cert-manager. See https://cert-manager.io/v1.1-docs. - properties: - group: - type: string - kind: - description: Specifies the kind of resource. One - of `Issuer` or `ClusterIssuer`. - type: string - name: - description: Specifies the name of the resource. - type: string - type: object - secretRef: - description: Specify the name of an existing Secret - resource that contains your TLS certificate. - properties: - name: - description: Specifies the name of the Secret resource. - type: string - type: object - type: object - description: Lists all available certificates in the cluster. - You can reference a specific certificate’s name in each - listener’s `listeners..tls.cert` setting. - type: object - enabled: - description: Enables TLS globally for all listeners. Each - listener must include a certificate name in its `.tls` - object. To allow you to enable TLS for individual listeners, - certificates are always loaded, even if TLS is disabled. - type: boolean - type: object - tolerations: - description: Specifies tolerations to allow Pods to be scheduled - onto nodes where they otherwise wouldn’t. - items: - description: |- - The pod this Toleration is attached to tolerates any taint that matches - the triple using the matching operator . - properties: - effect: - description: |- - Effect indicates the taint effect to match. Empty means match all taint effects. - When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: |- - Key is the taint key that the toleration applies to. Empty means match all taint keys. - If the key is empty, operator must be Exists; this combination means to match all values and all keys. - type: string - operator: - description: |- - Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod can - tolerate all taints of a particular category. - type: string - tolerationSeconds: - description: |- - TolerationSeconds represents the period of time the toleration (which must be - of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, - it is not set, which means tolerate the taint forever (do not evict). Zero and - negative values will be treated as 0 (evict immediately) by the system. - format: int64 - type: integer - value: - description: |- - Value is the taint value the toleration matches to. - If the operator is Exists, the value should be empty, otherwise just a regular string. - type: string - type: object - type: array - tuning: - description: Defines settings for the autotuner tool in Redpanda. - The autotuner identifies the hardware configuration in the container - and optimizes the Linux kernel to give you the best performance. - properties: - ballast_file_path: - description: Specifies the file path for ballast file. A ballast - file is an empty file that takes up disk space. If Redpanda - runs out of disk space and becomes unavailable, you can - delete the ballast file as a last resort. This clears up - some space and gives you time to delete topics or records - and change your retention properties. - type: string - ballast_file_size: - description: Defines the size of the ballast file. - type: string - extraVolumeMounts: - description: Configures additional volume mounts for the Pod. - type: string - resources: - description: Sets resource requirements such as CPU and memory - limits. - properties: - claims: - description: |- - Claims lists the names of resources, defined in spec.resourceClaims, - that are used by this container. - - This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. - - This field is immutable. It can only be set for containers. - items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. - properties: - name: - description: |- - Name must match the name of one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes that resource available - inside a container. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - tune_aio_events: - description: Specifies whether to increase the number of allowed - asynchronous IO events. - type: boolean - tune_ballast_file: - description: Specifies whether to create the ballast file. - type: boolean - tune_clocksource: - description: Specifies whether to synchronize NTP. - type: boolean - well_known_io: - description: Specifies the vendor, VM type, and storage device - type that Redpanda runs on, in the format ::. - This hints to Redpanda which configuration values it should - use for the Redpanda IO scheduler. - type: string - type: object - type: object - migration: - description: Deprecated and Removed in v2.2.3-24.2.X. Downgrade to - v2.2.2-24.2.4 perform the migration - properties: - clusterRef: - description: |- - ClusterRef by default will not be able to reach different namespaces, but it can be - overwritten by adding ClusterRole and ClusterRoleBinding to operator ServiceAccount. - properties: - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - namespace: - description: |- - Namespace of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ - type: string - required: - - name - - namespace - type: object - consoleRef: - description: |- - ConsoleRef by default will not be able to reach different namespaces, but it can be - overwritten by adding ClusterRole and ClusterRoleBinding to operator ServiceAccount. - properties: - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - namespace: - description: |- - Namespace of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ - type: string - required: - - name - - namespace - type: object - enabled: - type: boolean - required: - - clusterRef - - consoleRef - - enabled - type: object - type: object - status: - description: Represents the current status of the Redpanda cluster. - properties: - conditions: - description: Conditions holds the conditions for the Redpanda. - items: - description: Condition contains details for one aspect of the current - state of this API Resource. - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - decommissioningNode: - description: |- - ManagedDecommissioningNode indicates that a node is currently being - decommissioned from the cluster and provides its ordinal number. - format: int32 - type: integer - failures: - description: |- - Failures is the reconciliation failure count against the latest desired - state. It is reset after a successful reconciliation. - format: int64 - type: integer - helmRelease: - type: string - helmReleaseReady: - type: boolean - helmRepository: - type: string - helmRepositoryReady: - type: boolean - installFailures: - format: int64 - type: integer - lastAppliedRevision: - description: LastAppliedRevision is the revision of the last successfully - applied source. - type: string - lastAttemptedRevision: - description: LastAttemptedRevision is the revision of the last reconciliation - attempt. - type: string - lastHandledReconcileAt: - description: |- - LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value - can be detected. - type: string - license: - description: |- - LicenseStatus contains information about the current state of any - installed license in the Redpanda cluster. - properties: - expiration: - format: date-time - type: string - expired: - type: boolean - inUseFeatures: - items: - type: string - type: array - organization: - type: string - type: - type: string - violation: - type: boolean - required: - - inUseFeatures - - violation - type: object - observedGeneration: - description: Specifies the last observed generation. - format: int64 - type: integer - upgradeFailures: - format: int64 - type: integer - type: object - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=="ClusterLicenseValid")].message - name: License - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - name: v1alpha2 - schema: - openAPIV3Schema: - description: Redpanda defines the CRD for Redpanda clusters. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: Defines the desired state of the Redpanda cluster. - properties: - chartRef: - description: Defines chart details, including the version and repository. - properties: - chartName: - description: Specifies the name of the chart to deploy. - type: string - chartVersion: - description: Defines the version of the Redpanda Helm chart to - deploy. - type: string - helmRepositoryName: - description: Defines the chart repository to use. Defaults to - `redpanda` if not defined. - type: string - timeout: - description: |- - Specifies the time to wait for any individual Kubernetes operation (like Jobs - for hooks) during Helm actions. Defaults to `15m0s`. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - upgrade: - description: Defines how to handle upgrades, including failures. - properties: - cleanupOnFail: - description: Specifies whether to perform cleanup in case - of failed upgrades. - type: boolean - force: - description: Enables forceful updates during an upgrade. - type: boolean - preserveValues: - description: Specifies whether to preserve user-configured - values during an upgrade. - type: boolean - remediation: - description: Specifies the actions to take on upgrade failures. - See https://pkg.go.dev/github.com/fluxcd/helm-controller/api/v2beta1#UpgradeRemediation. - properties: - ignoreTestFailures: - description: |- - IgnoreTestFailures tells the controller to skip remediation when the Helm - tests are run after an upgrade action but fail. - Defaults to 'Test.IgnoreFailures'. - type: boolean - remediateLastFailure: - description: |- - RemediateLastFailure tells the controller to remediate the last failure, when - no retries remain. Defaults to 'false' unless 'Retries' is greater than 0. - type: boolean - retries: - description: |- - Retries is the number of retries that should be attempted on failures before - bailing. Remediation, using 'Strategy', is performed between each attempt. - Defaults to '0', a negative integer equals to unlimited retries. - type: integer - strategy: - description: Strategy to use for failure remediation. - Defaults to 'rollback'. - enum: - - rollback - - uninstall - type: string - type: object - type: object - useFlux: - description: |- - NOTE! Alpha feature - UseFlux flag set to `false` will prevent helm controller from reconciling helm chart. The operator would be - tight with `go` based Redpanda helm chart version. The rest of the ChartRef fields would be ignored. - - Before setting UseFlux flag to `false` please align your ChartVersion to `5.9.15` or `` - version of the Redpanda chart. - - RedpandaStatus might not be accurate if flag is set to `false` and HelmRelease is manually deleted. - - To achieve dynamic switch for Flux controllers (HelmRelease and HelmRepository) the resources - would not be removed, but they will be put in suspended mode (if flag is provided and set to `false`). - - https://fluxcd.io/flux/components/helm/helmreleases/#suspend - https://fluxcd.io/flux/components/source/helmrepositories/#suspend - type: boolean - type: object - clusterSpec: - description: Defines the Helm values to use to deploy the cluster. - properties: - affinity: - description: |- - Affinity constraints for scheduling Pods, can override this for - StatefulSets and Jobs. For details, see the [Kubernetes - documentation](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity). - properties: - nodeAffinity: - description: Describes node affinity scheduling rules for - the pod. - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: |- - The scheduler will prefer to schedule pods to nodes that satisfy - the affinity expressions specified by this field, but it may choose - a node that violates one or more of the expressions. The node that is - most preferred is the one with the greatest sum of weights, i.e. - for each node that meets all of the scheduling requirements (resource - request, requiredDuringScheduling affinity expressions, etc.), - compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node matches the corresponding matchExpressions; the - node(s) with the highest sum are the most preferred. - items: - description: |- - An empty preferred scheduling term matches all objects with implicit weight 0 - (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). - properties: - preference: - description: A node selector term, associated with - the corresponding weight. - properties: - matchExpressions: - description: A list of node selector requirements - by node's labels. - items: - description: |- - A node selector requirement is a selector that contains values, a key, and an operator - that relates the key and values. - properties: - key: - description: The label key that the selector - applies to. - type: string - operator: - description: |- - Represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - type: string - values: - description: |- - An array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. If the operator is Gt or Lt, the values - array must have a single element, which will be interpreted as an integer. - This array is replaced during a strategic merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchFields: - description: A list of node selector requirements - by node's fields. - items: - description: |- - A node selector requirement is a selector that contains values, a key, and an operator - that relates the key and values. - properties: - key: - description: The label key that the selector - applies to. - type: string - operator: - description: |- - Represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - type: string - values: - description: |- - An array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. If the operator is Gt or Lt, the values - array must have a single element, which will be interpreted as an integer. - This array is replaced during a strategic merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - type: object - x-kubernetes-map-type: atomic - weight: - description: Weight associated with matching the - corresponding nodeSelectorTerm, in the range 1-100. - format: int32 - type: integer - required: - - preference - - weight - type: object - type: array - x-kubernetes-list-type: atomic - requiredDuringSchedulingIgnoredDuringExecution: - description: |- - If the affinity requirements specified by this field are not met at - scheduling time, the pod will not be scheduled onto the node. - If the affinity requirements specified by this field cease to be met - at some point during pod execution (e.g. due to an update), the system - may or may not try to eventually evict the pod from its node. - properties: - nodeSelectorTerms: - description: Required. A list of node selector terms. - The terms are ORed. - items: - description: |- - A null or empty node selector term matches no objects. The requirements of - them are ANDed. - The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. - properties: - matchExpressions: - description: A list of node selector requirements - by node's labels. - items: - description: |- - A node selector requirement is a selector that contains values, a key, and an operator - that relates the key and values. - properties: - key: - description: The label key that the selector - applies to. - type: string - operator: - description: |- - Represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - type: string - values: - description: |- - An array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. If the operator is Gt or Lt, the values - array must have a single element, which will be interpreted as an integer. - This array is replaced during a strategic merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchFields: - description: A list of node selector requirements - by node's fields. - items: - description: |- - A node selector requirement is a selector that contains values, a key, and an operator - that relates the key and values. - properties: - key: - description: The label key that the selector - applies to. - type: string - operator: - description: |- - Represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - type: string - values: - description: |- - An array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. If the operator is Gt or Lt, the values - array must have a single element, which will be interpreted as an integer. - This array is replaced during a strategic merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - type: object - x-kubernetes-map-type: atomic - type: array - x-kubernetes-list-type: atomic - required: - - nodeSelectorTerms - type: object - x-kubernetes-map-type: atomic - type: object - podAffinity: - description: Describes pod affinity scheduling rules (e.g. - co-locate this pod in the same node, zone, etc. as some - other pod(s)). - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: |- - The scheduler will prefer to schedule pods to nodes that satisfy - the affinity expressions specified by this field, but it may choose - a node that violates one or more of the expressions. The node that is - most preferred is the one with the greatest sum of weights, i.e. - for each node that meets all of the scheduling requirements (resource - request, requiredDuringScheduling affinity expressions, etc.), - compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the - node(s) with the highest sum are the most preferred. - items: - description: The weights of all of the matched WeightedPodAffinityTerm - fields are added per-node to find the most preferred - node(s) - properties: - podAffinityTerm: - description: Required. A pod affinity term, associated - with the corresponding weight. - properties: - labelSelector: - description: |- - A label query over a set of resources, in this case pods. - If it's null, this PodAffinityTerm matches with no Pods. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The requirements - are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key - that the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - matchLabelKeys: - description: |- - MatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both matchLabelKeys and labelSelector. - Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - items: - type: string - type: array - x-kubernetes-list-type: atomic - mismatchLabelKeys: - description: |- - MismatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. - Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - items: - type: string - type: array - x-kubernetes-list-type: atomic - namespaceSelector: - description: |- - A label query over the set of namespaces that the term applies to. - The term is applied to the union of the namespaces selected by this field - and the ones listed in the namespaces field. - null selector and null or empty namespaces list means "this pod's namespace". - An empty selector ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The requirements - are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key - that the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - namespaces: - description: |- - namespaces specifies a static list of namespace names that the term applies to. - The term is applied to the union of the namespaces listed in this field - and the ones selected by namespaceSelector. - null or empty namespaces list and null namespaceSelector means "this pod's namespace". - items: - type: string - type: array - x-kubernetes-list-type: atomic - topologyKey: - description: |- - This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching - the labelSelector in the specified namespaces, where co-located is defined as running on a node - whose value of the label with key topologyKey matches that of any node on which any of the - selected pods is running. - Empty topologyKey is not allowed. - type: string - required: - - topologyKey - type: object - weight: - description: |- - weight associated with matching the corresponding podAffinityTerm, - in the range 1-100. - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - x-kubernetes-list-type: atomic - requiredDuringSchedulingIgnoredDuringExecution: - description: |- - If the affinity requirements specified by this field are not met at - scheduling time, the pod will not be scheduled onto the node. - If the affinity requirements specified by this field cease to be met - at some point during pod execution (e.g. due to a pod label update), the - system may or may not try to eventually evict the pod from its node. - When there are multiple elements, the lists of nodes corresponding to each - podAffinityTerm are intersected, i.e. all terms must be satisfied. - items: - description: |- - Defines a set of pods (namely those matching the labelSelector - relative to the given namespace(s)) that this pod should be - co-located (affinity) or not co-located (anti-affinity) with, - where co-located is defined as running on a node whose value of - the label with key matches that of any node on which - a pod of the set of pods is running - properties: - labelSelector: - description: |- - A label query over a set of resources, in this case pods. - If it's null, this PodAffinityTerm matches with no Pods. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are - ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that - the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - matchLabelKeys: - description: |- - MatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both matchLabelKeys and labelSelector. - Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - items: - type: string - type: array - x-kubernetes-list-type: atomic - mismatchLabelKeys: - description: |- - MismatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. - Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - items: - type: string - type: array - x-kubernetes-list-type: atomic - namespaceSelector: - description: |- - A label query over the set of namespaces that the term applies to. - The term is applied to the union of the namespaces selected by this field - and the ones listed in the namespaces field. - null selector and null or empty namespaces list means "this pod's namespace". - An empty selector ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are - ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that - the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - namespaces: - description: |- - namespaces specifies a static list of namespace names that the term applies to. - The term is applied to the union of the namespaces listed in this field - and the ones selected by namespaceSelector. - null or empty namespaces list and null namespaceSelector means "this pod's namespace". - items: - type: string - type: array - x-kubernetes-list-type: atomic - topologyKey: - description: |- - This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching - the labelSelector in the specified namespaces, where co-located is defined as running on a node - whose value of the label with key topologyKey matches that of any node on which any of the - selected pods is running. - Empty topologyKey is not allowed. - type: string - required: - - topologyKey - type: object - type: array - x-kubernetes-list-type: atomic - type: object - podAntiAffinity: - description: Describes pod anti-affinity scheduling rules - (e.g. avoid putting this pod in the same node, zone, etc. - as some other pod(s)). - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: |- - The scheduler will prefer to schedule pods to nodes that satisfy - the anti-affinity expressions specified by this field, but it may choose - a node that violates one or more of the expressions. The node that is - most preferred is the one with the greatest sum of weights, i.e. - for each node that meets all of the scheduling requirements (resource - request, requiredDuringScheduling anti-affinity expressions, etc.), - compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the - node(s) with the highest sum are the most preferred. - items: - description: The weights of all of the matched WeightedPodAffinityTerm - fields are added per-node to find the most preferred - node(s) - properties: - podAffinityTerm: - description: Required. A pod affinity term, associated - with the corresponding weight. - properties: - labelSelector: - description: |- - A label query over a set of resources, in this case pods. - If it's null, this PodAffinityTerm matches with no Pods. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The requirements - are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key - that the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - matchLabelKeys: - description: |- - MatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both matchLabelKeys and labelSelector. - Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - items: - type: string - type: array - x-kubernetes-list-type: atomic - mismatchLabelKeys: - description: |- - MismatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. - Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - items: - type: string - type: array - x-kubernetes-list-type: atomic - namespaceSelector: - description: |- - A label query over the set of namespaces that the term applies to. - The term is applied to the union of the namespaces selected by this field - and the ones listed in the namespaces field. - null selector and null or empty namespaces list means "this pod's namespace". - An empty selector ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The requirements - are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key - that the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - namespaces: - description: |- - namespaces specifies a static list of namespace names that the term applies to. - The term is applied to the union of the namespaces listed in this field - and the ones selected by namespaceSelector. - null or empty namespaces list and null namespaceSelector means "this pod's namespace". - items: - type: string - type: array - x-kubernetes-list-type: atomic - topologyKey: - description: |- - This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching - the labelSelector in the specified namespaces, where co-located is defined as running on a node - whose value of the label with key topologyKey matches that of any node on which any of the - selected pods is running. - Empty topologyKey is not allowed. - type: string - required: - - topologyKey - type: object - weight: - description: |- - weight associated with matching the corresponding podAffinityTerm, - in the range 1-100. - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - x-kubernetes-list-type: atomic - requiredDuringSchedulingIgnoredDuringExecution: - description: |- - If the anti-affinity requirements specified by this field are not met at - scheduling time, the pod will not be scheduled onto the node. - If the anti-affinity requirements specified by this field cease to be met - at some point during pod execution (e.g. due to a pod label update), the - system may or may not try to eventually evict the pod from its node. - When there are multiple elements, the lists of nodes corresponding to each - podAffinityTerm are intersected, i.e. all terms must be satisfied. - items: - description: |- - Defines a set of pods (namely those matching the labelSelector - relative to the given namespace(s)) that this pod should be - co-located (affinity) or not co-located (anti-affinity) with, - where co-located is defined as running on a node whose value of - the label with key matches that of any node on which - a pod of the set of pods is running - properties: - labelSelector: - description: |- - A label query over a set of resources, in this case pods. - If it's null, this PodAffinityTerm matches with no Pods. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are - ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that - the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - matchLabelKeys: - description: |- - MatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both matchLabelKeys and labelSelector. - Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - items: - type: string - type: array - x-kubernetes-list-type: atomic - mismatchLabelKeys: - description: |- - MismatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. - Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - items: - type: string - type: array - x-kubernetes-list-type: atomic - namespaceSelector: - description: |- - A label query over the set of namespaces that the term applies to. - The term is applied to the union of the namespaces selected by this field - and the ones listed in the namespaces field. - null selector and null or empty namespaces list means "this pod's namespace". - An empty selector ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are - ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that - the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - namespaces: - description: |- - namespaces specifies a static list of namespace names that the term applies to. - The term is applied to the union of the namespaces listed in this field - and the ones selected by namespaceSelector. - null or empty namespaces list and null namespaceSelector means "this pod's namespace". - items: - type: string - type: array - x-kubernetes-list-type: atomic - topologyKey: - description: |- - This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching - the labelSelector in the specified namespaces, where co-located is defined as running on a node - whose value of the label with key topologyKey matches that of any node on which any of the - selected pods is running. - Empty topologyKey is not allowed. - type: string - required: - - topologyKey - type: object - type: array - x-kubernetes-list-type: atomic - type: object - type: object - auditLogging: - description: Defines the log level settings. - properties: - clientMaxBufferSize: - description: Defines the number of bytes (in bytes) allocated - by the internal audit client for audit messages. - type: integer - enabled: - description: Specifies whether to enable audit logging or - not - type: boolean - enabledEventTypes: - description: Event types that should be captured by audit - logs - items: - type: string - type: array - excludedPrincipals: - description: List of principals to exclude from auditing - items: - type: string - type: array - excludedTopics: - description: List of topics to exclude from auditing - items: - type: string - type: array - listener: - description: Kafka external listener name, note that it must - have `authenticationMethod` set to sasl - type: string - partitions: - description: Integer value defining the number of partitions - used by a newly created audit topic - type: integer - queueDrainIntervalMs: - description: In ms, frequency in which per shard audit logs - are batched to client for write to audit log. - type: integer - queueMaxBufferSizePerShard: - description: Defines the maximum amount of memory used (in - bytes) by the audit buffer in each shard - type: integer - replicationFactor: - description: |- - Defines the replication factor for a newly created audit log topic. This configuration applies - only to the audit log topic and may be different from the cluster or other topic configurations. - This cannot be altered for existing audit log topics. Setting this value is optional. If a value is not provided, - Redpanda will use the `internal_topic_replication_factor` cluster config value. Default is `null` - type: integer - type: object - auth: - description: Defines authentication settings for listeners. - properties: - sasl: - description: Configures SASL authentication in the Helm values. - properties: - bootstrapUser: - description: Specifies configuration about the bootstrap - user. - properties: - mechanism: - description: Specifies the authentication mechanism - to use for the bootstrap user. Options are `SCRAM-SHA-256` - and `SCRAM-SHA-512`. - type: string - name: - description: |- - Name specifies the name of the bootstrap user created for the cluster, if unspecified - defaults to "kubernetes-controller". - type: string - secretKeyRef: - description: |- - Specifies the location where the generated password will be written or a pre-existing - password will be read from. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - enabled: - description: Enables SASL authentication. If you enable - SASL authentication, you must provide a Secret name - in `secretRef`. - type: boolean - mechanism: - description: Specifies the default authentication mechanism - to use for superusers. Options are `SCRAM-SHA-256` and - `SCRAM-SHA-512`. - type: string - secretRef: - description: If `users` is empty, `secretRef` specifies - the name of the Secret that contains your superuser - credentials in the format ::. - Otherwise, `secretRef` specifies the name of the Secret - that the chart creates to store the credentials in `users`. - type: string - users: - description: Specifies a list of superuser credentials. - items: - description: UsersItems configures a list of superusers - in the Helm values. - properties: - mechanism: - description: Specifies the authentication mechanism - to use for superusers. Overrides the default in - `SASL`. Options are `SCRAM-SHA-256` and `SCRAM-SHA-512`. - type: string - name: - description: Specifies the name of the superuser. - type: string - password: - description: Specifies the superuser password. - type: string - type: object - type: array - type: object - type: object - clusterDomain: - description: Customizes the Kubernetes cluster domain. This domain - is used to generate the internal domains of the StatefulSet - Pods. For details, see https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#stable-network-id. - The default is the `cluster.local` domain. - type: string - commonLabels: - additionalProperties: - type: string - description: Assigns custom labels to all resources generated - by the Redpanda Helm chart. Specify labels as key/value pairs. - type: object - config: - description: Defines configuration properties supported by Redpanda - that may not work correctly in a Kubernetes cluster. Changing - these values from the defaults comes with some risk. Use these - properties to customize various Redpanda configurations that - are not available in the `RedpandaClusterSpec`. These values - have no impact on the configuration or behavior of the Kubernetes - objects deployed by Helm, and therefore should not be modified - for the purpose of configuring those objects. Instead, these - settings get passed directly to the Redpanda binary at startup. - properties: - cluster: - description: Specifies cluster configuration properties. See - https://docs.redpanda.com/current/reference/cluster-properties/. - type: object - x-kubernetes-preserve-unknown-fields: true - node: - description: Specifies broker configuration properties. See - https://docs.redpanda.com/current/reference/node-properties/. - type: object - x-kubernetes-preserve-unknown-fields: true - pandaproxy_client: - description: Specifies tunable configuration properties. See - https://docs.redpanda.com/current/reference/tunable-properties/. - type: object - x-kubernetes-preserve-unknown-fields: true - rpk: - description: Specifies cluster configuration properties. See - https://docs.redpanda.com/current/reference/cluster-properties/. - type: object - x-kubernetes-preserve-unknown-fields: true - schema_registry_client: - description: Specifies tunable configuration properties. See - https://docs.redpanda.com/current/reference/tunable-properties/. - type: object - x-kubernetes-preserve-unknown-fields: true - tunable: - description: Specifies tunable configuration properties. See - https://docs.redpanda.com/current/reference/tunable-properties/. - type: object - x-kubernetes-preserve-unknown-fields: true - type: object - connectors: - description: Defines Redpanda Connector settings. - properties: - auth: - description: Specifies superuser credentials - type: object - x-kubernetes-preserve-unknown-fields: true - commonLabels: - additionalProperties: - type: string - description: Assigns custom labels to all resources generated - by the Connector Helm chart. Specify labels as key/value - pairs. - type: object - connectors: - description: Connectors specified manual configurations - type: object - x-kubernetes-preserve-unknown-fields: true - container: - description: Specifies container information - type: object - x-kubernetes-preserve-unknown-fields: true - deployment: - description: Connectors specified manual configurations - type: object - x-kubernetes-preserve-unknown-fields: true - enabled: - type: boolean - fullnameOverride: - description: Specifies a full custom name, which overrides - the entire naming convention including release name and - chart name. - type: string - image: - description: Defines the container image settings to use for - the Redpanda cluster. - properties: - pullPolicy: - description: Specifies the strategy used for pulling images - from the repository. For available values, see https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy. - type: string - repository: - description: Specifies the image repository to pull from. - type: string - tag: - description: Specifies the image tag. - type: string - type: object - imagePullSecrets: - description: Specifies credentials for a private image repository. - For details, see https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/. - items: - description: |- - LocalObjectReference contains enough information to let you locate the - referenced object inside the same namespace. - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - type: object - x-kubernetes-map-type: atomic - type: array - logging: - description: Specifies logging details - type: object - x-kubernetes-preserve-unknown-fields: true - monitoring: - description: Specifies monitoring resources - properties: - annotations: - additionalProperties: - type: string - description: Adds custom Annotations to the ServiceMonitor - resource. - type: object - enabled: - description: Specifies whether to create a ServiceMonitor - that can be used by Prometheus Operator or VictoriaMetrics - Operator to scrape the metrics. - type: boolean - labels: - additionalProperties: - type: string - description: Adds custom labels to the ServiceMonitor - resource. - type: object - namespaceSelector: - description: Adds custom namespaceSelector to monitoring - resources - properties: - any: - description: |- - Boolean describing whether all namespaces are selected in contrast to a - list restricting them. - type: boolean - matchNames: - description: List of namespace names to select from. - items: - type: string - type: array - type: object - x-kubernetes-preserve-unknown-fields: true - scrapeInterval: - description: Specifies how often to scrape metrics. - type: string - type: object - nameOverride: - description: Specifies a custom name for the Redpanda Console - resources, overriding the default naming convention. - type: string - service: - description: Specifies service details - type: object - x-kubernetes-preserve-unknown-fields: true - serviceAccount: - description: Specifies service account details - type: object - x-kubernetes-preserve-unknown-fields: true - storage: - description: Specifies storage information - type: object - x-kubernetes-preserve-unknown-fields: true - test: - description: Specifies whether to create Helm tests. - properties: - create: - description: Specifies whether to create the resource. - type: boolean - enabled: - description: |- - Deprecated: this field exists for storage backwards compatibility and is - never used. Prefer Create. - type: boolean - type: object - tolerations: - description: Applies tolerations to allow Pods to be scheduled - on nodes with matching taints, enabling control over where - Pods can run. - items: - description: |- - The pod this Toleration is attached to tolerates any taint that matches - the triple using the matching operator . - properties: - effect: - description: |- - Effect indicates the taint effect to match. Empty means match all taint effects. - When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: |- - Key is the taint key that the toleration applies to. Empty means match all taint keys. - If the key is empty, operator must be Exists; this combination means to match all values and all keys. - type: string - operator: - description: |- - Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod can - tolerate all taints of a particular category. - type: string - tolerationSeconds: - description: |- - TolerationSeconds represents the period of time the toleration (which must be - of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, - it is not set, which means tolerate the taint forever (do not evict). Zero and - negative values will be treated as 0 (evict immediately) by the system. - format: int64 - type: integer - value: - description: |- - Value is the taint value the toleration matches to. - If the operator is Exists, the value should be empty, otherwise just a regular string. - type: string - type: object - type: array - type: object - console: - description: Defines Redpanda Console settings. - properties: - affinity: - description: Defines affinity rules for Pod assignment. - type: object - x-kubernetes-preserve-unknown-fields: true - annotations: - type: object - x-kubernetes-preserve-unknown-fields: true - automountServiceAccountToken: - description: Automount API credentials for the Service Account - into the pod. - type: boolean - autoscaling: - description: Configures Horizontal Pod Autoscaling (HPA) for - Redpanda Console. - type: object - x-kubernetes-preserve-unknown-fields: true - commonLabels: - additionalProperties: - type: string - type: object - configMap: - description: Specifies whether a ConfigMap should be created - for Redpanda Console. - properties: - create: - description: Indicates whether the corresponding Kubernetes - object (ConfigMap, Secret, or Deployment) should be - created. - type: boolean - type: object - configmap: - description: |- - Deprecated: this field exists for storage backwards compatibility and is - never used. Prefer ConfigMap (configmap). - properties: - create: - description: Indicates whether the corresponding Kubernetes - object (ConfigMap, Secret, or Deployment) should be - created. - type: boolean - type: object - console: - description: Configures custom settings for Redpanda Console. - type: object - x-kubernetes-preserve-unknown-fields: true - deployment: - description: Specifies whether a Deployment should be created - for Redpanda Console. - type: object - x-kubernetes-preserve-unknown-fields: true - enabled: - description: Specifies whether the Redpanda Console subchart - should be deployed. - type: boolean - enterprise: - description: |- - Settings for license key, as an alternative to secret.enterprise when a - license secret is available - type: object - x-kubernetes-preserve-unknown-fields: true - extraContainers: - description: Adds extra containers to the Pods that run Redpanda - Console. - items: - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - x-kubernetes-preserve-unknown-fields: true - extraEnv: - description: Adds extra environment variables to the Pods - that run Redpanda Console. - items: - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - x-kubernetes-preserve-unknown-fields: true - extraEnvFrom: - description: Allows you to add extra environment variables - from external resources to the Pods that run Redpanda Console. - items: - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - x-kubernetes-preserve-unknown-fields: true - extraVolumeMounts: - description: Mounts additional volumes inside the containers - that run Redpanda Console. - items: - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - x-kubernetes-preserve-unknown-fields: true - extraVolumes: - description: Adds extra volumes to the Pods that run Redpanda - Console. - items: - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - x-kubernetes-preserve-unknown-fields: true - fullnameOverride: - description: Specifies a full custom name, which overrides - the entire naming convention including release name and - chart name. - type: string - image: - description: Defines the container image for the Redpanda - Console, including the repository, name, and tag. - type: object - x-kubernetes-preserve-unknown-fields: true - imagePullSecrets: - description: Defines Secrets used to pull the container images - from a private registry. - items: - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - x-kubernetes-preserve-unknown-fields: true - ingress: - description: Configures the Kubernetes Ingress resource for - Redpanda Console. - type: object - x-kubernetes-preserve-unknown-fields: true - initContainers: - description: Specifies init containers for the Pods that run - Redpanda Console. - type: object - x-kubernetes-preserve-unknown-fields: true - livenessProbe: - description: Settings for console's Deployment's liveness - probe. - properties: - failureThreshold: - description: Sets the number of consecutive failures required - to consider a Pod as not live. - type: integer - initialDelaySeconds: - description: Specifies the time in seconds to wait before - the first probe is initiated. - type: integer - periodSeconds: - description: Determines the frequency in seconds of performing - the probe. - type: integer - successThreshold: - type: integer - timeoutSeconds: - type: integer - type: object - nameOverride: - description: Specifies a custom name for the Redpanda Console - resources, overriding the default naming convention. - type: string - nodeSelector: - description: Specifies Node labels for Pod assignment. - type: object - x-kubernetes-preserve-unknown-fields: true - podAnnotations: - description: Adds custom annotations to the Pods that run - Redpanda Console. - type: object - x-kubernetes-preserve-unknown-fields: true - podLabels: - description: Adds custom labels to the Pods that run Redpanda - Console. - type: object - x-kubernetes-preserve-unknown-fields: true - podSecurityContext: - type: object - x-kubernetes-preserve-unknown-fields: true - priorityClassName: - description: Specifies the priority class name for the Pods - that run Redpanda Console. - type: string - readinessProbe: - description: Settings for console's Deployment's readiness - probe. - properties: - failureThreshold: - description: Defines the threshold for how many times - the probe can fail before the Pod is marked Unready. - type: integer - initialDelaySeconds: - description: Sets the initial delay before the readiness - probe is initiated, in seconds. - type: integer - periodSeconds: - description: Configures the period, in seconds, between - each readiness check. - type: integer - successThreshold: - type: integer - timeoutSeconds: - type: integer - type: object - replicaCount: - description: Sets the number of replicas for the Redpanda - Console Deployment resource. - type: integer - resources: - description: Configures resource requests and limits for the - Pods that run Redpanda Console. - type: object - x-kubernetes-preserve-unknown-fields: true - secret: - description: Specifies whether a Secret should be created - for Redpanda Console. - type: object - x-kubernetes-preserve-unknown-fields: true - secretMounts: - description: Mounts additional Secret resources inside the - containers that run Redpanda Console. - items: - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - x-kubernetes-preserve-unknown-fields: true - securityContext: - description: Sets the security context for the Pods that run - Redpanda Console. - type: object - x-kubernetes-preserve-unknown-fields: true - service: - description: Configures the Kubernetes Service for Redpanda - Console. - type: object - x-kubernetes-preserve-unknown-fields: true - serviceAccount: - description: Configures the ServiceAccount used by the Pods - that run Redpanda Console. - type: object - x-kubernetes-preserve-unknown-fields: true - strategy: - description: Configures console's Deployment's update strategy. - type: object - x-kubernetes-preserve-unknown-fields: true - tests: - description: Controls the creation of helm tests for console. - properties: - enabled: - type: boolean - type: object - tolerations: - description: Specifies tolerations for scheduling Pods onto - Nodes with taints. - items: - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - x-kubernetes-preserve-unknown-fields: true - topologySpreadConstraints: - description: Specifies topology spread constraints for Pod - placement. - type: object - x-kubernetes-preserve-unknown-fields: true - type: object - enterprise: - description: Defines an Enterprise license. - properties: - license: - description: Specifies the Enterprise license key. - type: string - licenseSecretRef: - description: Defines a reference to a Secret resource that - contains the Enterprise license key. - properties: - key: - description: Specifies the key that is contains the Enterprise - license in the Secret. - type: string - name: - description: Specifies the name of the Secret resource - to use. - type: string - type: object - type: object - external: - description: Defines external access settings. - properties: - addresses: - description: Specifies addresses for the external listeners - to advertise.Provide one entry for each broker in order - of StatefulSet replicas. The number of brokers is defined - in `statefulset.replicas`. The values can be IP addresses - or DNS names. If `external.domain` is set, the domain is - appended to these values. - items: - type: string - type: array - annotations: - additionalProperties: - type: string - description: Adds custom annotations to the external Service. - type: object - domain: - description: Specifies the domain to advertise to external - clients. If specified, then it will be appended to the `external.addresses` - values as each broker's advertised address. - type: string - enabled: - description: Specifies whether the external access is enabled. - type: boolean - externalDns: - description: Defines externalDNS configurations. - properties: - enabled: - description: Specifies whether externalDNS annotations - are added to LoadBalancer Services. If you enable externalDns, - each LoadBalancer Service defined in `external.type` - will be annotated with an external-dns hostname that - matches `external.addresses[i]`.`external.domain`. - type: boolean - type: object - prefixTemplate: - description: Specifies a naming prefix template for external - Services. - type: string - service: - description: Configures the external Service resource. - properties: - enabled: - description: Specifies whether to create the external - Service. If set to `false`, the external Service type - is not created. You can still set your cluster with - external access but not create the supporting Service. - Set this to `false` to manage your own Service. - type: boolean - type: object - sourceRanges: - description: Source range for external access. Only applicable - when `external.type` is LoadBalancer. - items: - type: string - type: array - type: - description: Specifies the external Service type. Only NodePort - and LoadBalancer are supported. If undefined, then advertised - listeners will be configured in Redpanda, but the Helm chart - will not create a Service. NodePort is recommended in cases - where latency is a priority. - type: string - type: object - force: - description: |- - Adds the `--force` flag in `helm upgrade` commands. Used for allowing a change of TLS configuration for the RPC listener. - Setting `force` to `true` will result in a short period of downtime. - type: boolean - fullNameOverride: - description: 'Deprecated: use FullnameOverride (fullnameOverride).' - type: string - fullnameOverride: - description: Customizes the name of the StatefulSet and Services. - The default is `redpanda`. - type: string - image: - description: Defines the container image settings to use for the - Redpanda cluster. - properties: - pullPolicy: - description: Specifies the strategy used for pulling images - from the repository. For available values, see https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy. - type: string - repository: - description: Specifies the image repository to pull from. - type: string - tag: - description: Specifies the image tag. - type: string - type: object - imagePullSecrets: - description: Specifies credentials for a private image repository. - For details, see https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/. - items: - description: |- - LocalObjectReference contains enough information to let you locate the - referenced object inside the same namespace. - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - type: object - x-kubernetes-map-type: atomic - type: array - license_key: - description: 'Deprecated: Use `Enterprise` instead.' - type: string - license_secret_ref: - description: 'Deprecated: Use `EnterpriseLicenseSecretRef` instead.' - properties: - secret_key: - description: Specifies the key that is contains the Enterprise - license in the Secret. - type: string - secret_name: - description: Specifies the name of the Secret. - type: string - type: object - listeners: - description: Defines settings for listeners, including HTTP Proxy, - Schema Registry, the Admin API and the Kafka API. - properties: - admin: - description: Configures settings for the Admin API listeners. - properties: - appProtocol: - type: string - external: - additionalProperties: - description: ExternalListener configures settings for - the external listeners. - properties: - advertisedPorts: - description: Specifies the network port that the - external Service listens on. - items: - type: integer - type: array - authenticationMethod: - description: Specifies the authentication method - for the external listener. For example, 'mtls_identity' - or `sasl`. - type: string - enabled: - type: boolean - nodePort: - format: int32 - type: integer - port: - description: Specifies the container port number - for the external listener. - type: integer - prefixTemplate: - description: Specifies the template used for generating - the advertised addresses of Services. This field - accepts a string template that dynamically constructs - Service addresses based on various parameters - such as Service name and port number. - type: string - tls: - description: Configures TLS settings for the external - listener. - properties: - cert: - description: References a specific certificate - for the listener. - type: string - enabled: - description: Specifies whether TLS is enabled - for the listener. - type: boolean - requireClientAuth: - description: Indicates whether client authentication - (mTLS) is required. - type: boolean - secretRef: - description: |- - References a Secret resource containing TLS credentials for the listener. - - Deprecated: Setting SecretRef has no affect and will be removed in - future releases. - type: string - trustStore: - description: |- - TrustStore allows setting the `truststore_path` on this listener. If - specified, this field takes precedence over [Certificate.CAEnabled]. - maxProperties: 1 - minProperties: 1 - properties: - configMapKeyRef: - description: Selects a key from a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secretKeyRef: - description: SecretKeySelector selects a - key of a Secret. - properties: - key: - description: The key of the secret to - select from. Must be a valid secret - key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - type: object - type: object - description: Defines settings for the external listener. - type: object - port: - description: Specifies the container port number for the - internal listener. - type: integer - tls: - description: Configures TLS settings for the internal - listener. - properties: - cert: - description: References a specific certificate for - the listener. - type: string - enabled: - description: Specifies whether TLS is enabled for - the listener. - type: boolean - requireClientAuth: - description: Indicates whether client authentication - (mTLS) is required. - type: boolean - secretRef: - description: |- - References a Secret resource containing TLS credentials for the listener. - - Deprecated: Setting SecretRef has no affect and will be removed in - future releases. - type: string - trustStore: - description: |- - TrustStore allows setting the `truststore_path` on this listener. If - specified, this field takes precedence over [Certificate.CAEnabled]. - maxProperties: 1 - minProperties: 1 - properties: - configMapKeyRef: - description: Selects a key from a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secretKeyRef: - description: SecretKeySelector selects a key of - a Secret. - properties: - key: - description: The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or - its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - type: object - type: object - http: - description: Configures settings for the HTTP Proxy listeners. - properties: - authenticationMethod: - description: Specifies the authentication method for the - external listener. For example, 'mtls_identity' or `sasl`. - type: string - enabled: - description: Specifies whether the HTTP Proxy is enabled. - type: boolean - external: - additionalProperties: - description: ExternalListener configures settings for - the external listeners. - properties: - advertisedPorts: - description: Specifies the network port that the - external Service listens on. - items: - type: integer - type: array - authenticationMethod: - description: Specifies the authentication method - for the external listener. For example, 'mtls_identity' - or `sasl`. - type: string - enabled: - type: boolean - nodePort: - format: int32 - type: integer - port: - description: Specifies the container port number - for the external listener. - type: integer - prefixTemplate: - description: Specifies the template used for generating - the advertised addresses of Services. This field - accepts a string template that dynamically constructs - Service addresses based on various parameters - such as Service name and port number. - type: string - tls: - description: Configures TLS settings for the external - listener. - properties: - cert: - description: References a specific certificate - for the listener. - type: string - enabled: - description: Specifies whether TLS is enabled - for the listener. - type: boolean - requireClientAuth: - description: Indicates whether client authentication - (mTLS) is required. - type: boolean - secretRef: - description: |- - References a Secret resource containing TLS credentials for the listener. - - Deprecated: Setting SecretRef has no affect and will be removed in - future releases. - type: string - trustStore: - description: |- - TrustStore allows setting the `truststore_path` on this listener. If - specified, this field takes precedence over [Certificate.CAEnabled]. - maxProperties: 1 - minProperties: 1 - properties: - configMapKeyRef: - description: Selects a key from a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secretKeyRef: - description: SecretKeySelector selects a - key of a Secret. - properties: - key: - description: The key of the secret to - select from. Must be a valid secret - key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - type: object - type: object - description: Defines settings for the external listener. - type: object - kafkaEndpoint: - description: Configures the listener to use for HTTP connections. - For example `default` for the internal listener. - type: string - port: - description: Specifies the container port number for the - internal listener. - type: integer - prefixTemplate: - description: Specifies the template used for generating - the advertised addresses of Services. This field accepts - a string template that dynamically constructs Service - addresses based on various parameters such as Service - name and port number. - type: string - tls: - description: Configures TLS settings for the internal - listener. - properties: - cert: - description: References a specific certificate for - the listener. - type: string - enabled: - description: Specifies whether TLS is enabled for - the listener. - type: boolean - requireClientAuth: - description: Indicates whether client authentication - (mTLS) is required. - type: boolean - secretRef: - description: |- - References a Secret resource containing TLS credentials for the listener. - - Deprecated: Setting SecretRef has no affect and will be removed in - future releases. - type: string - trustStore: - description: |- - TrustStore allows setting the `truststore_path` on this listener. If - specified, this field takes precedence over [Certificate.CAEnabled]. - maxProperties: 1 - minProperties: 1 - properties: - configMapKeyRef: - description: Selects a key from a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secretKeyRef: - description: SecretKeySelector selects a key of - a Secret. - properties: - key: - description: The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or - its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - type: object - type: object - kafka: - description: Configures settings for the Kafka API listeners. - properties: - authenticationMethod: - description: Specifies the authentication method for the - external listener. For example, 'mtls_identity' or `sasl`. - type: string - external: - additionalProperties: - description: ExternalListener configures settings for - the external listeners. - properties: - advertisedPorts: - description: Specifies the network port that the - external Service listens on. - items: - type: integer - type: array - authenticationMethod: - description: Specifies the authentication method - for the external listener. For example, 'mtls_identity' - or `sasl`. - type: string - enabled: - type: boolean - nodePort: - format: int32 - type: integer - port: - description: Specifies the container port number - for the external listener. - type: integer - prefixTemplate: - description: Specifies the template used for generating - the advertised addresses of Services. This field - accepts a string template that dynamically constructs - Service addresses based on various parameters - such as Service name and port number. - type: string - tls: - description: Configures TLS settings for the external - listener. - properties: - cert: - description: References a specific certificate - for the listener. - type: string - enabled: - description: Specifies whether TLS is enabled - for the listener. - type: boolean - requireClientAuth: - description: Indicates whether client authentication - (mTLS) is required. - type: boolean - secretRef: - description: |- - References a Secret resource containing TLS credentials for the listener. - - Deprecated: Setting SecretRef has no affect and will be removed in - future releases. - type: string - trustStore: - description: |- - TrustStore allows setting the `truststore_path` on this listener. If - specified, this field takes precedence over [Certificate.CAEnabled]. - maxProperties: 1 - minProperties: 1 - properties: - configMapKeyRef: - description: Selects a key from a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secretKeyRef: - description: SecretKeySelector selects a - key of a Secret. - properties: - key: - description: The key of the secret to - select from. Must be a valid secret - key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - type: object - type: object - description: Defines settings for the external listener. - type: object - port: - description: Specifies the container port number for the - internal listener. - type: integer - prefixTemplate: - description: Specifies the template used for generating - the advertised addresses of Services. This field accepts - a string template that dynamically constructs Service - addresses based on various parameters such as Service - name and port number. - type: string - tls: - description: Configures TLS settings for the internal - listener. - properties: - cert: - description: References a specific certificate for - the listener. - type: string - enabled: - description: Specifies whether TLS is enabled for - the listener. - type: boolean - requireClientAuth: - description: Indicates whether client authentication - (mTLS) is required. - type: boolean - secretRef: - description: |- - References a Secret resource containing TLS credentials for the listener. - - Deprecated: Setting SecretRef has no affect and will be removed in - future releases. - type: string - trustStore: - description: |- - TrustStore allows setting the `truststore_path` on this listener. If - specified, this field takes precedence over [Certificate.CAEnabled]. - maxProperties: 1 - minProperties: 1 - properties: - configMapKeyRef: - description: Selects a key from a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secretKeyRef: - description: SecretKeySelector selects a key of - a Secret. - properties: - key: - description: The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or - its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - type: object - type: object - rpc: - description: Configures settings for the RPC API listener. - properties: - port: - description: Specifies the container port number for the - internal listener. - type: integer - tls: - description: Configures TLS settings for the internal - listener. - properties: - cert: - description: References a specific certificate for - the listener. - type: string - enabled: - description: Specifies whether TLS is enabled for - the listener. - type: boolean - requireClientAuth: - description: Indicates whether client authentication - (mTLS) is required. - type: boolean - secretRef: - description: |- - References a Secret resource containing TLS credentials for the listener. - - Deprecated: Setting SecretRef has no affect and will be removed in - future releases. - type: string - trustStore: - description: |- - TrustStore allows setting the `truststore_path` on this listener. If - specified, this field takes precedence over [Certificate.CAEnabled]. - maxProperties: 1 - minProperties: 1 - properties: - configMapKeyRef: - description: Selects a key from a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secretKeyRef: - description: SecretKeySelector selects a key of - a Secret. - properties: - key: - description: The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or - its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - type: object - type: object - schemaRegistry: - description: Configures settings for the Schema Registry listeners. - properties: - authenticationMethod: - description: Specifies the authentication method for the - external listener. For example, 'mtls_identity' or `sasl`. - type: string - enabled: - description: Specifies whether the Schema Registry is - enabled. - type: boolean - external: - additionalProperties: - description: ExternalListener configures settings for - the external listeners. - properties: - advertisedPorts: - description: Specifies the network port that the - external Service listens on. - items: - type: integer - type: array - authenticationMethod: - description: Specifies the authentication method - for the external listener. For example, 'mtls_identity' - or `sasl`. - type: string - enabled: - type: boolean - nodePort: - format: int32 - type: integer - port: - description: Specifies the container port number - for the external listener. - type: integer - prefixTemplate: - description: Specifies the template used for generating - the advertised addresses of Services. This field - accepts a string template that dynamically constructs - Service addresses based on various parameters - such as Service name and port number. - type: string - tls: - description: Configures TLS settings for the external - listener. - properties: - cert: - description: References a specific certificate - for the listener. - type: string - enabled: - description: Specifies whether TLS is enabled - for the listener. - type: boolean - requireClientAuth: - description: Indicates whether client authentication - (mTLS) is required. - type: boolean - secretRef: - description: |- - References a Secret resource containing TLS credentials for the listener. - - Deprecated: Setting SecretRef has no affect and will be removed in - future releases. - type: string - trustStore: - description: |- - TrustStore allows setting the `truststore_path` on this listener. If - specified, this field takes precedence over [Certificate.CAEnabled]. - maxProperties: 1 - minProperties: 1 - properties: - configMapKeyRef: - description: Selects a key from a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secretKeyRef: - description: SecretKeySelector selects a - key of a Secret. - properties: - key: - description: The key of the secret to - select from. Must be a valid secret - key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - type: object - type: object - description: Defines settings for the external listener. - type: object - kafkaEndpoint: - description: Configures the listener to use for HTTP connections. - For example `default` for the internal listener. - type: string - port: - description: Specifies the container port number for the - internal listener. - type: integer - tls: - description: Configures TLS settings for the internal - listener. - properties: - cert: - description: References a specific certificate for - the listener. - type: string - enabled: - description: Specifies whether TLS is enabled for - the listener. - type: boolean - requireClientAuth: - description: Indicates whether client authentication - (mTLS) is required. - type: boolean - secretRef: - description: |- - References a Secret resource containing TLS credentials for the listener. - - Deprecated: Setting SecretRef has no affect and will be removed in - future releases. - type: string - trustStore: - description: |- - TrustStore allows setting the `truststore_path` on this listener. If - specified, this field takes precedence over [Certificate.CAEnabled]. - maxProperties: 1 - minProperties: 1 - properties: - configMapKeyRef: - description: Selects a key from a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secretKeyRef: - description: SecretKeySelector selects a key of - a Secret. - properties: - key: - description: The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or - its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - type: object - type: object - type: object - logging: - description: Defines the log level settings. - properties: - logLevel: - description: Sets the verbosity level of logs. - type: string - usageStats: - description: Specifies whether to send usage statistics to - Redpanda Data. - properties: - clusterId: - description: Specifies the ID of your Redpanda cluster. - type: string - enabled: - description: Specifies whether usage reporting is enabled. - type: boolean - organization: - description: |- - Specifies the name of the organization using the software. This can be useful for identifying and segmenting usage data by organization, if usage reporting is enabled. - Deprecated: This value is no longer respected in the redpanda helm chart - and will be removed in a future version. - type: string - type: object - type: object - monitoring: - description: Defines settings for monitoring Redpanda. - properties: - enableHttp2: - type: boolean - enabled: - description: Specifies whether to create a ServiceMonitor - that can be used by Prometheus Operator or VictoriaMetrics - Operator to scrape the metrics. - type: boolean - labels: - additionalProperties: - type: string - description: Adds custom labels to the ServiceMonitor resource. - type: object - scrapeInterval: - description: Specifies how often to scrape metrics. - type: string - tlsConfig: - description: Specifies tls configuration properties. - type: object - x-kubernetes-preserve-unknown-fields: true - type: object - nameOverride: - description: Customizes the labels `app.kubernetes.io/component=-statefulset` - and `app.kubernetes.io/name=` on the StatefulSet - Pods. The default is `redpanda`. - type: string - nodeSelector: - additionalProperties: - type: string - description: Specifies on which nodes a Pod should be scheduled. - These key/value pairs ensure that Pods are scheduled onto nodes - with the specified labels. - type: object - post_install_job: - description: Defines settings for the post-install hook, which - runs after each install or upgrade. For example, this job is - responsible for setting the Enterprise license, if specified. - properties: - affinity: - description: |- - Affinity constraints for scheduling Pods. For details, see the - [Kubernetes documentation](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity). - properties: - nodeAffinity: - description: Describes node affinity scheduling rules - for the pod. - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: |- - The scheduler will prefer to schedule pods to nodes that satisfy - the affinity expressions specified by this field, but it may choose - a node that violates one or more of the expressions. The node that is - most preferred is the one with the greatest sum of weights, i.e. - for each node that meets all of the scheduling requirements (resource - request, requiredDuringScheduling affinity expressions, etc.), - compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node matches the corresponding matchExpressions; the - node(s) with the highest sum are the most preferred. - items: - description: |- - An empty preferred scheduling term matches all objects with implicit weight 0 - (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). - properties: - preference: - description: A node selector term, associated - with the corresponding weight. - properties: - matchExpressions: - description: A list of node selector requirements - by node's labels. - items: - description: |- - A node selector requirement is a selector that contains values, a key, and an operator - that relates the key and values. - properties: - key: - description: The label key that the - selector applies to. - type: string - operator: - description: |- - Represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - type: string - values: - description: |- - An array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. If the operator is Gt or Lt, the values - array must have a single element, which will be interpreted as an integer. - This array is replaced during a strategic merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchFields: - description: A list of node selector requirements - by node's fields. - items: - description: |- - A node selector requirement is a selector that contains values, a key, and an operator - that relates the key and values. - properties: - key: - description: The label key that the - selector applies to. - type: string - operator: - description: |- - Represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - type: string - values: - description: |- - An array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. If the operator is Gt or Lt, the values - array must have a single element, which will be interpreted as an integer. - This array is replaced during a strategic merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - type: object - x-kubernetes-map-type: atomic - weight: - description: Weight associated with matching - the corresponding nodeSelectorTerm, in the - range 1-100. - format: int32 - type: integer - required: - - preference - - weight - type: object - type: array - x-kubernetes-list-type: atomic - requiredDuringSchedulingIgnoredDuringExecution: - description: |- - If the affinity requirements specified by this field are not met at - scheduling time, the pod will not be scheduled onto the node. - If the affinity requirements specified by this field cease to be met - at some point during pod execution (e.g. due to an update), the system - may or may not try to eventually evict the pod from its node. - properties: - nodeSelectorTerms: - description: Required. A list of node selector - terms. The terms are ORed. - items: - description: |- - A null or empty node selector term matches no objects. The requirements of - them are ANDed. - The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. - properties: - matchExpressions: - description: A list of node selector requirements - by node's labels. - items: - description: |- - A node selector requirement is a selector that contains values, a key, and an operator - that relates the key and values. - properties: - key: - description: The label key that the - selector applies to. - type: string - operator: - description: |- - Represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - type: string - values: - description: |- - An array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. If the operator is Gt or Lt, the values - array must have a single element, which will be interpreted as an integer. - This array is replaced during a strategic merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchFields: - description: A list of node selector requirements - by node's fields. - items: - description: |- - A node selector requirement is a selector that contains values, a key, and an operator - that relates the key and values. - properties: - key: - description: The label key that the - selector applies to. - type: string - operator: - description: |- - Represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - type: string - values: - description: |- - An array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. If the operator is Gt or Lt, the values - array must have a single element, which will be interpreted as an integer. - This array is replaced during a strategic merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - type: object - x-kubernetes-map-type: atomic - type: array - x-kubernetes-list-type: atomic - required: - - nodeSelectorTerms - type: object - x-kubernetes-map-type: atomic - type: object - podAffinity: - description: Describes pod affinity scheduling rules (e.g. - co-locate this pod in the same node, zone, etc. as some - other pod(s)). - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: |- - The scheduler will prefer to schedule pods to nodes that satisfy - the affinity expressions specified by this field, but it may choose - a node that violates one or more of the expressions. The node that is - most preferred is the one with the greatest sum of weights, i.e. - for each node that meets all of the scheduling requirements (resource - request, requiredDuringScheduling affinity expressions, etc.), - compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the - node(s) with the highest sum are the most preferred. - items: - description: The weights of all of the matched WeightedPodAffinityTerm - fields are added per-node to find the most preferred - node(s) - properties: - podAffinityTerm: - description: Required. A pod affinity term, - associated with the corresponding weight. - properties: - labelSelector: - description: |- - A label query over a set of resources, in this case pods. - If it's null, this PodAffinityTerm matches with no Pods. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The - requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label - key that the selector applies - to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - matchLabelKeys: - description: |- - MatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both matchLabelKeys and labelSelector. - Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - items: - type: string - type: array - x-kubernetes-list-type: atomic - mismatchLabelKeys: - description: |- - MismatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. - Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - items: - type: string - type: array - x-kubernetes-list-type: atomic - namespaceSelector: - description: |- - A label query over the set of namespaces that the term applies to. - The term is applied to the union of the namespaces selected by this field - and the ones listed in the namespaces field. - null selector and null or empty namespaces list means "this pod's namespace". - An empty selector ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The - requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label - key that the selector applies - to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - namespaces: - description: |- - namespaces specifies a static list of namespace names that the term applies to. - The term is applied to the union of the namespaces listed in this field - and the ones selected by namespaceSelector. - null or empty namespaces list and null namespaceSelector means "this pod's namespace". - items: - type: string - type: array - x-kubernetes-list-type: atomic - topologyKey: - description: |- - This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching - the labelSelector in the specified namespaces, where co-located is defined as running on a node - whose value of the label with key topologyKey matches that of any node on which any of the - selected pods is running. - Empty topologyKey is not allowed. - type: string - required: - - topologyKey - type: object - weight: - description: |- - weight associated with matching the corresponding podAffinityTerm, - in the range 1-100. - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - x-kubernetes-list-type: atomic - requiredDuringSchedulingIgnoredDuringExecution: - description: |- - If the affinity requirements specified by this field are not met at - scheduling time, the pod will not be scheduled onto the node. - If the affinity requirements specified by this field cease to be met - at some point during pod execution (e.g. due to a pod label update), the - system may or may not try to eventually evict the pod from its node. - When there are multiple elements, the lists of nodes corresponding to each - podAffinityTerm are intersected, i.e. all terms must be satisfied. - items: - description: |- - Defines a set of pods (namely those matching the labelSelector - relative to the given namespace(s)) that this pod should be - co-located (affinity) or not co-located (anti-affinity) with, - where co-located is defined as running on a node whose value of - the label with key matches that of any node on which - a pod of the set of pods is running - properties: - labelSelector: - description: |- - A label query over a set of resources, in this case pods. - If it's null, this PodAffinityTerm matches with no Pods. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The requirements - are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key - that the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - matchLabelKeys: - description: |- - MatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both matchLabelKeys and labelSelector. - Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - items: - type: string - type: array - x-kubernetes-list-type: atomic - mismatchLabelKeys: - description: |- - MismatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. - Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - items: - type: string - type: array - x-kubernetes-list-type: atomic - namespaceSelector: - description: |- - A label query over the set of namespaces that the term applies to. - The term is applied to the union of the namespaces selected by this field - and the ones listed in the namespaces field. - null selector and null or empty namespaces list means "this pod's namespace". - An empty selector ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The requirements - are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key - that the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - namespaces: - description: |- - namespaces specifies a static list of namespace names that the term applies to. - The term is applied to the union of the namespaces listed in this field - and the ones selected by namespaceSelector. - null or empty namespaces list and null namespaceSelector means "this pod's namespace". - items: - type: string - type: array - x-kubernetes-list-type: atomic - topologyKey: - description: |- - This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching - the labelSelector in the specified namespaces, where co-located is defined as running on a node - whose value of the label with key topologyKey matches that of any node on which any of the - selected pods is running. - Empty topologyKey is not allowed. - type: string - required: - - topologyKey - type: object - type: array - x-kubernetes-list-type: atomic - type: object - podAntiAffinity: - description: Describes pod anti-affinity scheduling rules - (e.g. avoid putting this pod in the same node, zone, - etc. as some other pod(s)). - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: |- - The scheduler will prefer to schedule pods to nodes that satisfy - the anti-affinity expressions specified by this field, but it may choose - a node that violates one or more of the expressions. The node that is - most preferred is the one with the greatest sum of weights, i.e. - for each node that meets all of the scheduling requirements (resource - request, requiredDuringScheduling anti-affinity expressions, etc.), - compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the - node(s) with the highest sum are the most preferred. - items: - description: The weights of all of the matched WeightedPodAffinityTerm - fields are added per-node to find the most preferred - node(s) - properties: - podAffinityTerm: - description: Required. A pod affinity term, - associated with the corresponding weight. - properties: - labelSelector: - description: |- - A label query over a set of resources, in this case pods. - If it's null, this PodAffinityTerm matches with no Pods. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The - requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label - key that the selector applies - to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - matchLabelKeys: - description: |- - MatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both matchLabelKeys and labelSelector. - Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - items: - type: string - type: array - x-kubernetes-list-type: atomic - mismatchLabelKeys: - description: |- - MismatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. - Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - items: - type: string - type: array - x-kubernetes-list-type: atomic - namespaceSelector: - description: |- - A label query over the set of namespaces that the term applies to. - The term is applied to the union of the namespaces selected by this field - and the ones listed in the namespaces field. - null selector and null or empty namespaces list means "this pod's namespace". - An empty selector ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The - requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label - key that the selector applies - to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - namespaces: - description: |- - namespaces specifies a static list of namespace names that the term applies to. - The term is applied to the union of the namespaces listed in this field - and the ones selected by namespaceSelector. - null or empty namespaces list and null namespaceSelector means "this pod's namespace". - items: - type: string - type: array - x-kubernetes-list-type: atomic - topologyKey: - description: |- - This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching - the labelSelector in the specified namespaces, where co-located is defined as running on a node - whose value of the label with key topologyKey matches that of any node on which any of the - selected pods is running. - Empty topologyKey is not allowed. - type: string - required: - - topologyKey - type: object - weight: - description: |- - weight associated with matching the corresponding podAffinityTerm, - in the range 1-100. - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - x-kubernetes-list-type: atomic - requiredDuringSchedulingIgnoredDuringExecution: - description: |- - If the anti-affinity requirements specified by this field are not met at - scheduling time, the pod will not be scheduled onto the node. - If the anti-affinity requirements specified by this field cease to be met - at some point during pod execution (e.g. due to a pod label update), the - system may or may not try to eventually evict the pod from its node. - When there are multiple elements, the lists of nodes corresponding to each - podAffinityTerm are intersected, i.e. all terms must be satisfied. - items: - description: |- - Defines a set of pods (namely those matching the labelSelector - relative to the given namespace(s)) that this pod should be - co-located (affinity) or not co-located (anti-affinity) with, - where co-located is defined as running on a node whose value of - the label with key matches that of any node on which - a pod of the set of pods is running - properties: - labelSelector: - description: |- - A label query over a set of resources, in this case pods. - If it's null, this PodAffinityTerm matches with no Pods. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The requirements - are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key - that the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - matchLabelKeys: - description: |- - MatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both matchLabelKeys and labelSelector. - Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - items: - type: string - type: array - x-kubernetes-list-type: atomic - mismatchLabelKeys: - description: |- - MismatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. - Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - items: - type: string - type: array - x-kubernetes-list-type: atomic - namespaceSelector: - description: |- - A label query over the set of namespaces that the term applies to. - The term is applied to the union of the namespaces selected by this field - and the ones listed in the namespaces field. - null selector and null or empty namespaces list means "this pod's namespace". - An empty selector ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The requirements - are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key - that the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - namespaces: - description: |- - namespaces specifies a static list of namespace names that the term applies to. - The term is applied to the union of the namespaces listed in this field - and the ones selected by namespaceSelector. - null or empty namespaces list and null namespaceSelector means "this pod's namespace". - items: - type: string - type: array - x-kubernetes-list-type: atomic - topologyKey: - description: |- - This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching - the labelSelector in the specified namespaces, where co-located is defined as running on a node - whose value of the label with key topologyKey matches that of any node on which any of the - selected pods is running. - Empty topologyKey is not allowed. - type: string - required: - - topologyKey - type: object - type: array - x-kubernetes-list-type: atomic - type: object - type: object - annotations: - additionalProperties: - type: string - description: Adds annotations to the job to provide additional - information or metadata that can be used by other tools - or libraries. - type: object - enabled: - description: Specifies whether the job is deployed. - type: boolean - labels: - additionalProperties: - type: string - description: Applies labels to the job to facilitate identification - and selection based on custom criteria. - type: object - podTemplate: - description: |- - PodTemplate is a subset of Kubernetes' PodTemplate that will be merged - into this Job's PodTemplate. - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - spec: - description: |- - PodSpecApplyConfiguration is a wrapper around - [applycorev1.PodSpecApplyConfiguration] that adds support for DeepCopying. - properties: - activeDeadlineSeconds: - format: int64 - type: integer - affinity: - description: |- - AffinityApplyConfiguration represents an declarative configuration of the Affinity type for use - with apply. - properties: - nodeAffinity: - description: |- - NodeAffinityApplyConfiguration represents an declarative configuration of the NodeAffinity type for use - with apply. - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - description: |- - PreferredSchedulingTermApplyConfiguration represents an declarative configuration of the PreferredSchedulingTerm type for use - with apply. - properties: - preference: - description: |- - NodeSelectorTermApplyConfiguration represents an declarative configuration of the NodeSelectorTerm type for use - with apply. - properties: - matchExpressions: - items: - description: |- - NodeSelectorRequirementApplyConfiguration represents an declarative configuration of the NodeSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: |- - A node selector operator is the set of operators that can be used in - a node selector requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchFields: - items: - description: |- - NodeSelectorRequirementApplyConfiguration represents an declarative configuration of the NodeSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: |- - A node selector operator is the set of operators that can be used in - a node selector requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - type: object - weight: - format: int32 - type: integer - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: |- - NodeSelectorApplyConfiguration represents an declarative configuration of the NodeSelector type for use - with apply. - properties: - nodeSelectorTerms: - items: - description: |- - NodeSelectorTermApplyConfiguration represents an declarative configuration of the NodeSelectorTerm type for use - with apply. - properties: - matchExpressions: - items: - description: |- - NodeSelectorRequirementApplyConfiguration represents an declarative configuration of the NodeSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: |- - A node selector operator is the set of operators that can be used in - a node selector requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchFields: - items: - description: |- - NodeSelectorRequirementApplyConfiguration represents an declarative configuration of the NodeSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: |- - A node selector operator is the set of operators that can be used in - a node selector requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - type: object - type: array - type: object - type: object - podAffinity: - description: |- - PodAffinityApplyConfiguration represents an declarative configuration of the PodAffinity type for use - with apply. - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - description: |- - WeightedPodAffinityTermApplyConfiguration represents an declarative configuration of the WeightedPodAffinityTerm type for use - with apply. - properties: - podAffinityTerm: - description: |- - PodAffinityTermApplyConfiguration represents an declarative configuration of the PodAffinityTerm type for use - with apply. - properties: - labelSelector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label selector - operator is the set - of operators that can - be used in a selector - requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - matchLabelKeys: - items: - type: string - type: array - mismatchLabelKeys: - items: - type: string - type: array - namespaceSelector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label selector - operator is the set - of operators that can - be used in a selector - requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - type: object - weight: - format: int32 - type: integer - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - items: - description: |- - PodAffinityTermApplyConfiguration represents an declarative configuration of the PodAffinityTerm type for use - with apply. - properties: - labelSelector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label selector - operator is the set of operators - that can be used in a selector - requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - matchLabelKeys: - items: - type: string - type: array - mismatchLabelKeys: - items: - type: string - type: array - namespaceSelector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label selector - operator is the set of operators - that can be used in a selector - requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - type: object - type: array - type: object - podAntiAffinity: - description: |- - PodAntiAffinityApplyConfiguration represents an declarative configuration of the PodAntiAffinity type for use - with apply. - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - description: |- - WeightedPodAffinityTermApplyConfiguration represents an declarative configuration of the WeightedPodAffinityTerm type for use - with apply. - properties: - podAffinityTerm: - description: |- - PodAffinityTermApplyConfiguration represents an declarative configuration of the PodAffinityTerm type for use - with apply. - properties: - labelSelector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label selector - operator is the set - of operators that can - be used in a selector - requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - matchLabelKeys: - items: - type: string - type: array - mismatchLabelKeys: - items: - type: string - type: array - namespaceSelector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label selector - operator is the set - of operators that can - be used in a selector - requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - type: object - weight: - format: int32 - type: integer - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - items: - description: |- - PodAffinityTermApplyConfiguration represents an declarative configuration of the PodAffinityTerm type for use - with apply. - properties: - labelSelector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label selector - operator is the set of operators - that can be used in a selector - requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - matchLabelKeys: - items: - type: string - type: array - mismatchLabelKeys: - items: - type: string - type: array - namespaceSelector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label selector - operator is the set of operators - that can be used in a selector - requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - type: object - type: array - type: object - type: object - automountServiceAccountToken: - type: boolean - containers: - items: - description: |- - ContainerApplyConfiguration represents an declarative configuration of the Container type for use - with apply. - properties: - args: - items: - type: string - type: array - command: - items: - type: string - type: array - env: - items: - description: |- - EnvVarApplyConfiguration represents an declarative configuration of the EnvVar type for use - with apply. - properties: - name: - type: string - value: - type: string - valueFrom: - description: |- - EnvVarSourceApplyConfiguration represents an declarative configuration of the EnvVarSource type for use - with apply. - properties: - configMapKeyRef: - description: |- - ConfigMapKeySelectorApplyConfiguration represents an declarative configuration of the ConfigMapKeySelector type for use - with apply. - properties: - key: - type: string - name: - type: string - optional: - type: boolean - type: object - fieldRef: - description: |- - ObjectFieldSelectorApplyConfiguration represents an declarative configuration of the ObjectFieldSelector type for use - with apply. - properties: - apiVersion: - type: string - fieldPath: - type: string - type: object - resourceFieldRef: - description: |- - ResourceFieldSelectorApplyConfiguration represents an declarative configuration of the ResourceFieldSelector type for use - with apply. - properties: - containerName: - type: string - divisor: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - type: string - type: object - secretKeyRef: - description: |- - SecretKeySelectorApplyConfiguration represents an declarative configuration of the SecretKeySelector type for use - with apply. - properties: - key: - type: string - name: - type: string - optional: - type: boolean - type: object - type: object - type: object - type: array - envFrom: - items: - description: |- - EnvFromSourceApplyConfiguration represents an declarative configuration of the EnvFromSource type for use - with apply. - properties: - configMapRef: - description: |- - ConfigMapEnvSourceApplyConfiguration represents an declarative configuration of the ConfigMapEnvSource type for use - with apply. - properties: - name: - type: string - optional: - type: boolean - type: object - prefix: - type: string - secretRef: - description: |- - SecretEnvSourceApplyConfiguration represents an declarative configuration of the SecretEnvSource type for use - with apply. - properties: - name: - type: string - optional: - type: boolean - type: object - type: object - type: array - image: - type: string - imagePullPolicy: - description: PullPolicy describes a policy for - if/when to pull a container image - type: string - lifecycle: - description: |- - LifecycleApplyConfiguration represents an declarative configuration of the Lifecycle type for use - with apply. - properties: - postStart: - description: |- - LifecycleHandlerApplyConfiguration represents an declarative configuration of the LifecycleHandler type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies - the scheme used for connection - to a host for Get actions - type: string - type: object - sleep: - description: |- - SleepActionApplyConfiguration represents an declarative configuration of the SleepAction type for use - with apply. - properties: - seconds: - format: int64 - type: integer - type: object - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - type: object - preStop: - description: |- - LifecycleHandlerApplyConfiguration represents an declarative configuration of the LifecycleHandler type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies - the scheme used for connection - to a host for Get actions - type: string - type: object - sleep: - description: |- - SleepActionApplyConfiguration represents an declarative configuration of the SleepAction type for use - with apply. - properties: - seconds: - format: int64 - type: integer - type: object - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - type: object - type: object - livenessProbe: - description: |- - ProbeApplyConfiguration represents an declarative configuration of the Probe type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - description: |- - GRPCActionApplyConfiguration represents an declarative configuration of the GRPCAction type for use - with apply. - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies the - scheme used for connection to a host - for Get actions - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - name: - type: string - ports: - items: - description: |- - ContainerPortApplyConfiguration represents an declarative configuration of the ContainerPort type for use - with apply. - properties: - containerPort: - format: int32 - type: integer - hostIP: - type: string - hostPort: - format: int32 - type: integer - name: - type: string - protocol: - description: Protocol defines network - protocols supported for things like - container ports. - type: string - type: object - type: array - readinessProbe: - description: |- - ProbeApplyConfiguration represents an declarative configuration of the Probe type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - description: |- - GRPCActionApplyConfiguration represents an declarative configuration of the GRPCAction type for use - with apply. - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies the - scheme used for connection to a host - for Get actions - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - resizePolicy: - items: - description: |- - ContainerResizePolicyApplyConfiguration represents an declarative configuration of the ContainerResizePolicy type for use - with apply. - properties: - resourceName: - description: ResourceName is the name - identifying various resources in a ResourceList. - type: string - restartPolicy: - description: ResourceResizeRestartPolicy - specifies how to handle container resource - resize. - type: string - type: object - type: array - resources: - description: |- - ResourceRequirementsApplyConfiguration represents an declarative configuration of the ResourceRequirements type for use - with apply. - properties: - claims: - items: - description: |- - ResourceClaimApplyConfiguration represents an declarative configuration of the ResourceClaim type for use - with apply. - properties: - name: - type: string - type: object - type: array - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: ResourceList is a set of (resource - name, quantity) pairs. - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: ResourceList is a set of (resource - name, quantity) pairs. - type: object - type: object - restartPolicy: - description: |- - ContainerRestartPolicy is the restart policy for a single container. - This may only be set for init containers and only allowed value is "Always". - type: string - securityContext: - description: |- - SecurityContextApplyConfiguration represents an declarative configuration of the SecurityContext type for use - with apply. - properties: - allowPrivilegeEscalation: - type: boolean - appArmorProfile: - description: |- - AppArmorProfileApplyConfiguration represents an declarative configuration of the AppArmorProfile type for use - with apply. - properties: - localhostProfile: - type: string - type: - type: string - type: object - capabilities: - description: |- - CapabilitiesApplyConfiguration represents an declarative configuration of the Capabilities type for use - with apply. - properties: - add: - items: - description: Capability represent - POSIX capabilities type - type: string - type: array - drop: - items: - description: Capability represent - POSIX capabilities type - type: string - type: array - type: object - privileged: - type: boolean - procMount: - type: string - readOnlyRootFilesystem: - type: boolean - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - description: |- - SELinuxOptionsApplyConfiguration represents an declarative configuration of the SELinuxOptions type for use - with apply. - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - seccompProfile: - description: |- - SeccompProfileApplyConfiguration represents an declarative configuration of the SeccompProfile type for use - with apply. - properties: - localhostProfile: - type: string - type: - description: SeccompProfileType defines - the supported seccomp profile types. - type: string - type: object - windowsOptions: - description: |- - WindowsSecurityContextOptionsApplyConfiguration represents an declarative configuration of the WindowsSecurityContextOptions type for use - with apply. - properties: - gmsaCredentialSpec: - type: string - gmsaCredentialSpecName: - type: string - hostProcess: - type: boolean - runAsUserName: - type: string - type: object - type: object - startupProbe: - description: |- - ProbeApplyConfiguration represents an declarative configuration of the Probe type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - description: |- - GRPCActionApplyConfiguration represents an declarative configuration of the GRPCAction type for use - with apply. - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies the - scheme used for connection to a host - for Get actions - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - stdin: - type: boolean - stdinOnce: - type: boolean - terminationMessagePath: - type: string - terminationMessagePolicy: - description: TerminationMessagePolicy describes - how termination messages are retrieved from - a container. - type: string - tty: - type: boolean - volumeDevices: - items: - description: |- - VolumeDeviceApplyConfiguration represents an declarative configuration of the VolumeDevice type for use - with apply. - properties: - devicePath: - type: string - name: - type: string - type: object - type: array - volumeMounts: - items: - description: |- - VolumeMountApplyConfiguration represents an declarative configuration of the VolumeMount type for use - with apply. - properties: - mountPath: - type: string - mountPropagation: - description: MountPropagationMode describes - mount propagation. - type: string - name: - type: string - readOnly: - type: boolean - recursiveReadOnly: - description: RecursiveReadOnlyMode describes - recursive-readonly mode. - type: string - subPath: - type: string - subPathExpr: - type: string - type: object - type: array - workingDir: - type: string - type: object - type: array - dnsConfig: - description: |- - PodDNSConfigApplyConfiguration represents an declarative configuration of the PodDNSConfig type for use - with apply. - properties: - nameservers: - items: - type: string - type: array - options: - items: - description: |- - PodDNSConfigOptionApplyConfiguration represents an declarative configuration of the PodDNSConfigOption type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - searches: - items: - type: string - type: array - type: object - dnsPolicy: - description: DNSPolicy defines how a pod's DNS will - be configured. - type: string - enableServiceLinks: - type: boolean - ephemeralContainers: - items: - description: |- - EphemeralContainerApplyConfiguration represents an declarative configuration of the EphemeralContainer type for use - with apply. - properties: - args: - items: - type: string - type: array - command: - items: - type: string - type: array - env: - items: - description: |- - EnvVarApplyConfiguration represents an declarative configuration of the EnvVar type for use - with apply. - properties: - name: - type: string - value: - type: string - valueFrom: - description: |- - EnvVarSourceApplyConfiguration represents an declarative configuration of the EnvVarSource type for use - with apply. - properties: - configMapKeyRef: - description: |- - ConfigMapKeySelectorApplyConfiguration represents an declarative configuration of the ConfigMapKeySelector type for use - with apply. - properties: - key: - type: string - name: - type: string - optional: - type: boolean - type: object - fieldRef: - description: |- - ObjectFieldSelectorApplyConfiguration represents an declarative configuration of the ObjectFieldSelector type for use - with apply. - properties: - apiVersion: - type: string - fieldPath: - type: string - type: object - resourceFieldRef: - description: |- - ResourceFieldSelectorApplyConfiguration represents an declarative configuration of the ResourceFieldSelector type for use - with apply. - properties: - containerName: - type: string - divisor: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - type: string - type: object - secretKeyRef: - description: |- - SecretKeySelectorApplyConfiguration represents an declarative configuration of the SecretKeySelector type for use - with apply. - properties: - key: - type: string - name: - type: string - optional: - type: boolean - type: object - type: object - type: object - type: array - envFrom: - items: - description: |- - EnvFromSourceApplyConfiguration represents an declarative configuration of the EnvFromSource type for use - with apply. - properties: - configMapRef: - description: |- - ConfigMapEnvSourceApplyConfiguration represents an declarative configuration of the ConfigMapEnvSource type for use - with apply. - properties: - name: - type: string - optional: - type: boolean - type: object - prefix: - type: string - secretRef: - description: |- - SecretEnvSourceApplyConfiguration represents an declarative configuration of the SecretEnvSource type for use - with apply. - properties: - name: - type: string - optional: - type: boolean - type: object - type: object - type: array - image: - type: string - imagePullPolicy: - description: PullPolicy describes a policy for - if/when to pull a container image - type: string - lifecycle: - description: |- - LifecycleApplyConfiguration represents an declarative configuration of the Lifecycle type for use - with apply. - properties: - postStart: - description: |- - LifecycleHandlerApplyConfiguration represents an declarative configuration of the LifecycleHandler type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies - the scheme used for connection - to a host for Get actions - type: string - type: object - sleep: - description: |- - SleepActionApplyConfiguration represents an declarative configuration of the SleepAction type for use - with apply. - properties: - seconds: - format: int64 - type: integer - type: object - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - type: object - preStop: - description: |- - LifecycleHandlerApplyConfiguration represents an declarative configuration of the LifecycleHandler type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies - the scheme used for connection - to a host for Get actions - type: string - type: object - sleep: - description: |- - SleepActionApplyConfiguration represents an declarative configuration of the SleepAction type for use - with apply. - properties: - seconds: - format: int64 - type: integer - type: object - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - type: object - type: object - livenessProbe: - description: |- - ProbeApplyConfiguration represents an declarative configuration of the Probe type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - description: |- - GRPCActionApplyConfiguration represents an declarative configuration of the GRPCAction type for use - with apply. - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies the - scheme used for connection to a host - for Get actions - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - name: - type: string - ports: - items: - description: |- - ContainerPortApplyConfiguration represents an declarative configuration of the ContainerPort type for use - with apply. - properties: - containerPort: - format: int32 - type: integer - hostIP: - type: string - hostPort: - format: int32 - type: integer - name: - type: string - protocol: - description: Protocol defines network - protocols supported for things like - container ports. - type: string - type: object - type: array - readinessProbe: - description: |- - ProbeApplyConfiguration represents an declarative configuration of the Probe type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - description: |- - GRPCActionApplyConfiguration represents an declarative configuration of the GRPCAction type for use - with apply. - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies the - scheme used for connection to a host - for Get actions - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - resizePolicy: - items: - description: |- - ContainerResizePolicyApplyConfiguration represents an declarative configuration of the ContainerResizePolicy type for use - with apply. - properties: - resourceName: - description: ResourceName is the name - identifying various resources in a ResourceList. - type: string - restartPolicy: - description: ResourceResizeRestartPolicy - specifies how to handle container resource - resize. - type: string - type: object - type: array - resources: - description: |- - ResourceRequirementsApplyConfiguration represents an declarative configuration of the ResourceRequirements type for use - with apply. - properties: - claims: - items: - description: |- - ResourceClaimApplyConfiguration represents an declarative configuration of the ResourceClaim type for use - with apply. - properties: - name: - type: string - type: object - type: array - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: ResourceList is a set of (resource - name, quantity) pairs. - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: ResourceList is a set of (resource - name, quantity) pairs. - type: object - type: object - restartPolicy: - description: |- - ContainerRestartPolicy is the restart policy for a single container. - This may only be set for init containers and only allowed value is "Always". - type: string - securityContext: - description: |- - SecurityContextApplyConfiguration represents an declarative configuration of the SecurityContext type for use - with apply. - properties: - allowPrivilegeEscalation: - type: boolean - appArmorProfile: - description: |- - AppArmorProfileApplyConfiguration represents an declarative configuration of the AppArmorProfile type for use - with apply. - properties: - localhostProfile: - type: string - type: - type: string - type: object - capabilities: - description: |- - CapabilitiesApplyConfiguration represents an declarative configuration of the Capabilities type for use - with apply. - properties: - add: - items: - description: Capability represent - POSIX capabilities type - type: string - type: array - drop: - items: - description: Capability represent - POSIX capabilities type - type: string - type: array - type: object - privileged: - type: boolean - procMount: - type: string - readOnlyRootFilesystem: - type: boolean - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - description: |- - SELinuxOptionsApplyConfiguration represents an declarative configuration of the SELinuxOptions type for use - with apply. - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - seccompProfile: - description: |- - SeccompProfileApplyConfiguration represents an declarative configuration of the SeccompProfile type for use - with apply. - properties: - localhostProfile: - type: string - type: - description: SeccompProfileType defines - the supported seccomp profile types. - type: string - type: object - windowsOptions: - description: |- - WindowsSecurityContextOptionsApplyConfiguration represents an declarative configuration of the WindowsSecurityContextOptions type for use - with apply. - properties: - gmsaCredentialSpec: - type: string - gmsaCredentialSpecName: - type: string - hostProcess: - type: boolean - runAsUserName: - type: string - type: object - type: object - startupProbe: - description: |- - ProbeApplyConfiguration represents an declarative configuration of the Probe type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - description: |- - GRPCActionApplyConfiguration represents an declarative configuration of the GRPCAction type for use - with apply. - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies the - scheme used for connection to a host - for Get actions - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - stdin: - type: boolean - stdinOnce: - type: boolean - targetContainerName: - type: string - terminationMessagePath: - type: string - terminationMessagePolicy: - description: TerminationMessagePolicy describes - how termination messages are retrieved from - a container. - type: string - tty: - type: boolean - volumeDevices: - items: - description: |- - VolumeDeviceApplyConfiguration represents an declarative configuration of the VolumeDevice type for use - with apply. - properties: - devicePath: - type: string - name: - type: string - type: object - type: array - volumeMounts: - items: - description: |- - VolumeMountApplyConfiguration represents an declarative configuration of the VolumeMount type for use - with apply. - properties: - mountPath: - type: string - mountPropagation: - description: MountPropagationMode describes - mount propagation. - type: string - name: - type: string - readOnly: - type: boolean - recursiveReadOnly: - description: RecursiveReadOnlyMode describes - recursive-readonly mode. - type: string - subPath: - type: string - subPathExpr: - type: string - type: object - type: array - workingDir: - type: string - type: object - type: array - hostAliases: - items: - description: |- - HostAliasApplyConfiguration represents an declarative configuration of the HostAlias type for use - with apply. - properties: - hostnames: - items: - type: string - type: array - ip: - type: string - type: object - type: array - hostIPC: - type: boolean - hostNetwork: - type: boolean - hostPID: - type: boolean - hostUsers: - type: boolean - hostname: - type: string - imagePullSecrets: - items: - description: |- - LocalObjectReferenceApplyConfiguration represents an declarative configuration of the LocalObjectReference type for use - with apply. - properties: - name: - type: string - type: object - type: array - initContainers: - items: - description: |- - ContainerApplyConfiguration represents an declarative configuration of the Container type for use - with apply. - properties: - args: - items: - type: string - type: array - command: - items: - type: string - type: array - env: - items: - description: |- - EnvVarApplyConfiguration represents an declarative configuration of the EnvVar type for use - with apply. - properties: - name: - type: string - value: - type: string - valueFrom: - description: |- - EnvVarSourceApplyConfiguration represents an declarative configuration of the EnvVarSource type for use - with apply. - properties: - configMapKeyRef: - description: |- - ConfigMapKeySelectorApplyConfiguration represents an declarative configuration of the ConfigMapKeySelector type for use - with apply. - properties: - key: - type: string - name: - type: string - optional: - type: boolean - type: object - fieldRef: - description: |- - ObjectFieldSelectorApplyConfiguration represents an declarative configuration of the ObjectFieldSelector type for use - with apply. - properties: - apiVersion: - type: string - fieldPath: - type: string - type: object - resourceFieldRef: - description: |- - ResourceFieldSelectorApplyConfiguration represents an declarative configuration of the ResourceFieldSelector type for use - with apply. - properties: - containerName: - type: string - divisor: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - type: string - type: object - secretKeyRef: - description: |- - SecretKeySelectorApplyConfiguration represents an declarative configuration of the SecretKeySelector type for use - with apply. - properties: - key: - type: string - name: - type: string - optional: - type: boolean - type: object - type: object - type: object - type: array - envFrom: - items: - description: |- - EnvFromSourceApplyConfiguration represents an declarative configuration of the EnvFromSource type for use - with apply. - properties: - configMapRef: - description: |- - ConfigMapEnvSourceApplyConfiguration represents an declarative configuration of the ConfigMapEnvSource type for use - with apply. - properties: - name: - type: string - optional: - type: boolean - type: object - prefix: - type: string - secretRef: - description: |- - SecretEnvSourceApplyConfiguration represents an declarative configuration of the SecretEnvSource type for use - with apply. - properties: - name: - type: string - optional: - type: boolean - type: object - type: object - type: array - image: - type: string - imagePullPolicy: - description: PullPolicy describes a policy for - if/when to pull a container image - type: string - lifecycle: - description: |- - LifecycleApplyConfiguration represents an declarative configuration of the Lifecycle type for use - with apply. - properties: - postStart: - description: |- - LifecycleHandlerApplyConfiguration represents an declarative configuration of the LifecycleHandler type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies - the scheme used for connection - to a host for Get actions - type: string - type: object - sleep: - description: |- - SleepActionApplyConfiguration represents an declarative configuration of the SleepAction type for use - with apply. - properties: - seconds: - format: int64 - type: integer - type: object - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - type: object - preStop: - description: |- - LifecycleHandlerApplyConfiguration represents an declarative configuration of the LifecycleHandler type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies - the scheme used for connection - to a host for Get actions - type: string - type: object - sleep: - description: |- - SleepActionApplyConfiguration represents an declarative configuration of the SleepAction type for use - with apply. - properties: - seconds: - format: int64 - type: integer - type: object - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - type: object - type: object - livenessProbe: - description: |- - ProbeApplyConfiguration represents an declarative configuration of the Probe type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - description: |- - GRPCActionApplyConfiguration represents an declarative configuration of the GRPCAction type for use - with apply. - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies the - scheme used for connection to a host - for Get actions - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - name: - type: string - ports: - items: - description: |- - ContainerPortApplyConfiguration represents an declarative configuration of the ContainerPort type for use - with apply. - properties: - containerPort: - format: int32 - type: integer - hostIP: - type: string - hostPort: - format: int32 - type: integer - name: - type: string - protocol: - description: Protocol defines network - protocols supported for things like - container ports. - type: string - type: object - type: array - readinessProbe: - description: |- - ProbeApplyConfiguration represents an declarative configuration of the Probe type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - description: |- - GRPCActionApplyConfiguration represents an declarative configuration of the GRPCAction type for use - with apply. - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies the - scheme used for connection to a host - for Get actions - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - resizePolicy: - items: - description: |- - ContainerResizePolicyApplyConfiguration represents an declarative configuration of the ContainerResizePolicy type for use - with apply. - properties: - resourceName: - description: ResourceName is the name - identifying various resources in a ResourceList. - type: string - restartPolicy: - description: ResourceResizeRestartPolicy - specifies how to handle container resource - resize. - type: string - type: object - type: array - resources: - description: |- - ResourceRequirementsApplyConfiguration represents an declarative configuration of the ResourceRequirements type for use - with apply. - properties: - claims: - items: - description: |- - ResourceClaimApplyConfiguration represents an declarative configuration of the ResourceClaim type for use - with apply. - properties: - name: - type: string - type: object - type: array - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: ResourceList is a set of (resource - name, quantity) pairs. - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: ResourceList is a set of (resource - name, quantity) pairs. - type: object - type: object - restartPolicy: - description: |- - ContainerRestartPolicy is the restart policy for a single container. - This may only be set for init containers and only allowed value is "Always". - type: string - securityContext: - description: |- - SecurityContextApplyConfiguration represents an declarative configuration of the SecurityContext type for use - with apply. - properties: - allowPrivilegeEscalation: - type: boolean - appArmorProfile: - description: |- - AppArmorProfileApplyConfiguration represents an declarative configuration of the AppArmorProfile type for use - with apply. - properties: - localhostProfile: - type: string - type: - type: string - type: object - capabilities: - description: |- - CapabilitiesApplyConfiguration represents an declarative configuration of the Capabilities type for use - with apply. - properties: - add: - items: - description: Capability represent - POSIX capabilities type - type: string - type: array - drop: - items: - description: Capability represent - POSIX capabilities type - type: string - type: array - type: object - privileged: - type: boolean - procMount: - type: string - readOnlyRootFilesystem: - type: boolean - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - description: |- - SELinuxOptionsApplyConfiguration represents an declarative configuration of the SELinuxOptions type for use - with apply. - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - seccompProfile: - description: |- - SeccompProfileApplyConfiguration represents an declarative configuration of the SeccompProfile type for use - with apply. - properties: - localhostProfile: - type: string - type: - description: SeccompProfileType defines - the supported seccomp profile types. - type: string - type: object - windowsOptions: - description: |- - WindowsSecurityContextOptionsApplyConfiguration represents an declarative configuration of the WindowsSecurityContextOptions type for use - with apply. - properties: - gmsaCredentialSpec: - type: string - gmsaCredentialSpecName: - type: string - hostProcess: - type: boolean - runAsUserName: - type: string - type: object - type: object - startupProbe: - description: |- - ProbeApplyConfiguration represents an declarative configuration of the Probe type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - description: |- - GRPCActionApplyConfiguration represents an declarative configuration of the GRPCAction type for use - with apply. - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies the - scheme used for connection to a host - for Get actions - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - stdin: - type: boolean - stdinOnce: - type: boolean - terminationMessagePath: - type: string - terminationMessagePolicy: - description: TerminationMessagePolicy describes - how termination messages are retrieved from - a container. - type: string - tty: - type: boolean - volumeDevices: - items: - description: |- - VolumeDeviceApplyConfiguration represents an declarative configuration of the VolumeDevice type for use - with apply. - properties: - devicePath: - type: string - name: - type: string - type: object - type: array - volumeMounts: - items: - description: |- - VolumeMountApplyConfiguration represents an declarative configuration of the VolumeMount type for use - with apply. - properties: - mountPath: - type: string - mountPropagation: - description: MountPropagationMode describes - mount propagation. - type: string - name: - type: string - readOnly: - type: boolean - recursiveReadOnly: - description: RecursiveReadOnlyMode describes - recursive-readonly mode. - type: string - subPath: - type: string - subPathExpr: - type: string - type: object - type: array - workingDir: - type: string - type: object - type: array - nodeName: - type: string - nodeSelector: - additionalProperties: - type: string - type: object - os: - description: |- - PodOSApplyConfiguration represents an declarative configuration of the PodOS type for use - with apply. - properties: - name: - description: OSName is the set of OS'es that can - be used in OS. - type: string - type: object - overhead: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: ResourceList is a set of (resource name, - quantity) pairs. - type: object - preemptionPolicy: - description: PreemptionPolicy describes a policy for - if/when to preempt a pod. - type: string - priority: - format: int32 - type: integer - priorityClassName: - type: string - readinessGates: - items: - description: |- - PodReadinessGateApplyConfiguration represents an declarative configuration of the PodReadinessGate type for use - with apply. - properties: - conditionType: - description: PodConditionType is a valid value - for PodCondition.Type - type: string - type: object - type: array - resourceClaims: - items: - description: |- - PodResourceClaimApplyConfiguration represents an declarative configuration of the PodResourceClaim type for use - with apply. - properties: - name: - type: string - source: - description: |- - ClaimSourceApplyConfiguration represents an declarative configuration of the ClaimSource type for use - with apply. - properties: - resourceClaimName: - type: string - resourceClaimTemplateName: - type: string - type: object - type: object - type: array - restartPolicy: - description: |- - RestartPolicy describes how the container should be restarted. - Only one of the following restart policies may be specified. - If none of the following policies is specified, the default one - is RestartPolicyAlways. - type: string - runtimeClassName: - type: string - schedulerName: - type: string - schedulingGates: - items: - description: |- - PodSchedulingGateApplyConfiguration represents an declarative configuration of the PodSchedulingGate type for use - with apply. - properties: - name: - type: string - type: object - type: array - securityContext: - description: |- - PodSecurityContextApplyConfiguration represents an declarative configuration of the PodSecurityContext type for use - with apply. - properties: - appArmorProfile: - description: |- - AppArmorProfileApplyConfiguration represents an declarative configuration of the AppArmorProfile type for use - with apply. - properties: - localhostProfile: - type: string - type: - type: string - type: object - fsGroup: - format: int64 - type: integer - fsGroupChangePolicy: - description: |- - PodFSGroupChangePolicy holds policies that will be used for applying fsGroup to a volume - when volume is mounted. - type: string - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - description: |- - SELinuxOptionsApplyConfiguration represents an declarative configuration of the SELinuxOptions type for use - with apply. - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - seccompProfile: - description: |- - SeccompProfileApplyConfiguration represents an declarative configuration of the SeccompProfile type for use - with apply. - properties: - localhostProfile: - type: string - type: - description: SeccompProfileType defines the - supported seccomp profile types. - type: string - type: object - supplementalGroups: - items: - format: int64 - type: integer - type: array - sysctls: - items: - description: |- - SysctlApplyConfiguration represents an declarative configuration of the Sysctl type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - windowsOptions: - description: |- - WindowsSecurityContextOptionsApplyConfiguration represents an declarative configuration of the WindowsSecurityContextOptions type for use - with apply. - properties: - gmsaCredentialSpec: - type: string - gmsaCredentialSpecName: - type: string - hostProcess: - type: boolean - runAsUserName: - type: string - type: object - type: object - serviceAccount: - type: string - serviceAccountName: - type: string - setHostnameAsFQDN: - type: boolean - shareProcessNamespace: - type: boolean - subdomain: - type: string - terminationGracePeriodSeconds: - format: int64 - type: integer - tolerations: - items: - description: |- - TolerationApplyConfiguration represents an declarative configuration of the Toleration type for use - with apply. - properties: - effect: - type: string - key: - type: string - operator: - description: A toleration operator is the set - of operators that can be used in a toleration. - type: string - tolerationSeconds: - format: int64 - type: integer - value: - type: string - type: object - type: array - topologySpreadConstraints: - items: - description: |- - TopologySpreadConstraintApplyConfiguration represents an declarative configuration of the TopologySpreadConstraint type for use - with apply. - properties: - labelSelector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label selector operator - is the set of operators that can - be used in a selector requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - matchLabelKeys: - items: - type: string - type: array - maxSkew: - format: int32 - type: integer - minDomains: - format: int32 - type: integer - nodeAffinityPolicy: - description: NodeInclusionPolicy defines the - type of node inclusion policy - type: string - nodeTaintsPolicy: - description: NodeInclusionPolicy defines the - type of node inclusion policy - type: string - topologyKey: - type: string - whenUnsatisfiable: - type: string - type: object - type: array - volumes: - items: - description: |- - VolumeApplyConfiguration represents an declarative configuration of the Volume type for use - with apply. - properties: - awsElasticBlockStore: - description: |- - AWSElasticBlockStoreVolumeSourceApplyConfiguration represents an declarative configuration of the AWSElasticBlockStoreVolumeSource type for use - with apply. - properties: - fsType: - type: string - partition: - format: int32 - type: integer - readOnly: - type: boolean - volumeID: - type: string - type: object - azureDisk: - description: |- - AzureDiskVolumeSourceApplyConfiguration represents an declarative configuration of the AzureDiskVolumeSource type for use - with apply. - properties: - cachingMode: - type: string - diskName: - type: string - diskURI: - type: string - fsType: - type: string - kind: - type: string - readOnly: - type: boolean - type: object - azureFile: - description: |- - AzureFileVolumeSourceApplyConfiguration represents an declarative configuration of the AzureFileVolumeSource type for use - with apply. - properties: - readOnly: - type: boolean - secretName: - type: string - shareName: - type: string - type: object - cephfs: - description: |- - CephFSVolumeSourceApplyConfiguration represents an declarative configuration of the CephFSVolumeSource type for use - with apply. - properties: - monitors: - items: - type: string - type: array - path: - type: string - readOnly: - type: boolean - secretFile: - type: string - secretRef: - description: |- - LocalObjectReferenceApplyConfiguration represents an declarative configuration of the LocalObjectReference type for use - with apply. - properties: - name: - type: string - type: object - user: - type: string - type: object - cinder: - description: |- - CinderVolumeSourceApplyConfiguration represents an declarative configuration of the CinderVolumeSource type for use - with apply. - properties: - fsType: - type: string - readOnly: - type: boolean - secretRef: - description: |- - LocalObjectReferenceApplyConfiguration represents an declarative configuration of the LocalObjectReference type for use - with apply. - properties: - name: - type: string - type: object - volumeID: - type: string - type: object - configMap: - description: |- - ConfigMapVolumeSourceApplyConfiguration represents an declarative configuration of the ConfigMapVolumeSource type for use - with apply. - properties: - defaultMode: - format: int32 - type: integer - items: - items: - description: |- - KeyToPathApplyConfiguration represents an declarative configuration of the KeyToPath type for use - with apply. - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - type: object - type: array - name: - type: string - optional: - type: boolean - type: object - csi: - description: |- - CSIVolumeSourceApplyConfiguration represents an declarative configuration of the CSIVolumeSource type for use - with apply. - properties: - driver: - type: string - fsType: - type: string - nodePublishSecretRef: - description: |- - LocalObjectReferenceApplyConfiguration represents an declarative configuration of the LocalObjectReference type for use - with apply. - properties: - name: - type: string - type: object - readOnly: - type: boolean - volumeAttributes: - additionalProperties: - type: string - type: object - type: object - downwardAPI: - description: |- - DownwardAPIVolumeSourceApplyConfiguration represents an declarative configuration of the DownwardAPIVolumeSource type for use - with apply. - properties: - defaultMode: - format: int32 - type: integer - items: - items: - description: |- - DownwardAPIVolumeFileApplyConfiguration represents an declarative configuration of the DownwardAPIVolumeFile type for use - with apply. - properties: - fieldRef: - description: |- - ObjectFieldSelectorApplyConfiguration represents an declarative configuration of the ObjectFieldSelector type for use - with apply. - properties: - apiVersion: - type: string - fieldPath: - type: string - type: object - mode: - format: int32 - type: integer - path: - type: string - resourceFieldRef: - description: |- - ResourceFieldSelectorApplyConfiguration represents an declarative configuration of the ResourceFieldSelector type for use - with apply. - properties: - containerName: - type: string - divisor: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - type: string - type: object - type: object - type: array - type: object - emptyDir: - description: |- - EmptyDirVolumeSourceApplyConfiguration represents an declarative configuration of the EmptyDirVolumeSource type for use - with apply. - properties: - medium: - description: StorageMedium defines ways - that storage can be allocated to a volume. - type: string - sizeLimit: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - ephemeral: - description: |- - EphemeralVolumeSourceApplyConfiguration represents an declarative configuration of the EphemeralVolumeSource type for use - with apply. - properties: - volumeClaimTemplate: - description: |- - PersistentVolumeClaimTemplateApplyConfiguration represents an declarative configuration of the PersistentVolumeClaimTemplate type for use - with apply. - properties: - metadata: - description: |- - ObjectMetaApplyConfiguration represents an declarative configuration of the ObjectMeta type for use - with apply. - properties: - annotations: - additionalProperties: - type: string - type: object - creationTimestamp: - format: date-time - type: string - deletionGracePeriodSeconds: - format: int64 - type: integer - deletionTimestamp: - format: date-time - type: string - finalizers: - items: - type: string - type: array - generateName: - type: string - generation: - format: int64 - type: integer - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - ownerReferences: - items: - description: |- - OwnerReferenceApplyConfiguration represents an declarative configuration of the OwnerReference type for use - with apply. - properties: - apiVersion: - type: string - blockOwnerDeletion: - type: boolean - controller: - type: boolean - kind: - type: string - name: - type: string - uid: - description: |- - UID is a type that holds unique ID values, including UUIDs. Because we - don't ONLY use UUIDs, this is an alias to string. Being a type captures - intent and helps make sure that UIDs and names do not get conflated. - type: string - type: object - type: array - resourceVersion: - type: string - uid: - description: |- - UID is a type that holds unique ID values, including UUIDs. Because we - don't ONLY use UUIDs, this is an alias to string. Being a type captures - intent and helps make sure that UIDs and names do not get conflated. - type: string - type: object - spec: - description: |- - PersistentVolumeClaimSpecApplyConfiguration represents an declarative configuration of the PersistentVolumeClaimSpec type for use - with apply. - properties: - accessModes: - items: - type: string - type: array - dataSource: - description: |- - TypedLocalObjectReferenceApplyConfiguration represents an declarative configuration of the TypedLocalObjectReference type for use - with apply. - properties: - apiGroup: - type: string - kind: - type: string - name: - type: string - type: object - dataSourceRef: - description: |- - TypedObjectReferenceApplyConfiguration represents an declarative configuration of the TypedObjectReference type for use - with apply. - properties: - apiGroup: - type: string - kind: - type: string - name: - type: string - namespace: - type: string - type: object - resources: - description: |- - VolumeResourceRequirementsApplyConfiguration represents an declarative configuration of the VolumeResourceRequirements type for use - with apply. - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: ResourceList is - a set of (resource name, quantity) - pairs. - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: ResourceList is - a set of (resource name, quantity) - pairs. - type: object - type: object - selector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label selector - operator is the set - of operators that can - be used in a selector - requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - storageClassName: - type: string - volumeAttributesClassName: - type: string - volumeMode: - description: PersistentVolumeMode - describes how a volume is intended - to be consumed, either Block or - Filesystem. - type: string - volumeName: - type: string - type: object - type: object - type: object - fc: - description: |- - FCVolumeSourceApplyConfiguration represents an declarative configuration of the FCVolumeSource type for use - with apply. - properties: - fsType: - type: string - lun: - format: int32 - type: integer - readOnly: - type: boolean - targetWWNs: - items: - type: string - type: array - wwids: - items: - type: string - type: array - type: object - flexVolume: - description: |- - FlexVolumeSourceApplyConfiguration represents an declarative configuration of the FlexVolumeSource type for use - with apply. - properties: - driver: - type: string - fsType: - type: string - options: - additionalProperties: - type: string - type: object - readOnly: - type: boolean - secretRef: - description: |- - LocalObjectReferenceApplyConfiguration represents an declarative configuration of the LocalObjectReference type for use - with apply. - properties: - name: - type: string - type: object - type: object - flocker: - description: |- - FlockerVolumeSourceApplyConfiguration represents an declarative configuration of the FlockerVolumeSource type for use - with apply. - properties: - datasetName: - type: string - datasetUUID: - type: string - type: object - gcePersistentDisk: - description: |- - GCEPersistentDiskVolumeSourceApplyConfiguration represents an declarative configuration of the GCEPersistentDiskVolumeSource type for use - with apply. - properties: - fsType: - type: string - partition: - format: int32 - type: integer - pdName: - type: string - readOnly: - type: boolean - type: object - gitRepo: - description: |- - GitRepoVolumeSourceApplyConfiguration represents an declarative configuration of the GitRepoVolumeSource type for use - with apply. - properties: - directory: - type: string - repository: - type: string - revision: - type: string - type: object - glusterfs: - description: |- - GlusterfsVolumeSourceApplyConfiguration represents an declarative configuration of the GlusterfsVolumeSource type for use - with apply. - properties: - endpoints: - type: string - path: - type: string - readOnly: - type: boolean - type: object - hostPath: - description: |- - HostPathVolumeSourceApplyConfiguration represents an declarative configuration of the HostPathVolumeSource type for use - with apply. - properties: - path: - type: string - type: - type: string - type: object - iscsi: - description: |- - ISCSIVolumeSourceApplyConfiguration represents an declarative configuration of the ISCSIVolumeSource type for use - with apply. - properties: - chapAuthDiscovery: - type: boolean - chapAuthSession: - type: boolean - fsType: - type: string - initiatorName: - type: string - iqn: - type: string - iscsiInterface: - type: string - lun: - format: int32 - type: integer - portals: - items: - type: string - type: array - readOnly: - type: boolean - secretRef: - description: |- - LocalObjectReferenceApplyConfiguration represents an declarative configuration of the LocalObjectReference type for use - with apply. - properties: - name: - type: string - type: object - targetPortal: - type: string - type: object - name: - type: string - nfs: - description: |- - NFSVolumeSourceApplyConfiguration represents an declarative configuration of the NFSVolumeSource type for use - with apply. - properties: - path: - type: string - readOnly: - type: boolean - server: - type: string - type: object - persistentVolumeClaim: - description: |- - PersistentVolumeClaimVolumeSourceApplyConfiguration represents an declarative configuration of the PersistentVolumeClaimVolumeSource type for use - with apply. - properties: - claimName: - type: string - readOnly: - type: boolean - type: object - photonPersistentDisk: - description: |- - PhotonPersistentDiskVolumeSourceApplyConfiguration represents an declarative configuration of the PhotonPersistentDiskVolumeSource type for use - with apply. - properties: - fsType: - type: string - pdID: - type: string - type: object - portworxVolume: - description: |- - PortworxVolumeSourceApplyConfiguration represents an declarative configuration of the PortworxVolumeSource type for use - with apply. - properties: - fsType: - type: string - readOnly: - type: boolean - volumeID: - type: string - type: object - projected: - description: |- - ProjectedVolumeSourceApplyConfiguration represents an declarative configuration of the ProjectedVolumeSource type for use - with apply. - properties: - defaultMode: - format: int32 - type: integer - sources: - items: - description: |- - VolumeProjectionApplyConfiguration represents an declarative configuration of the VolumeProjection type for use - with apply. - properties: - clusterTrustBundle: - description: |- - ClusterTrustBundleProjectionApplyConfiguration represents an declarative configuration of the ClusterTrustBundleProjection type for use - with apply. - properties: - labelSelector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label - selector operator - is the set of operators - that can be used in - a selector requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - name: - type: string - optional: - type: boolean - path: - type: string - signerName: - type: string - type: object - configMap: - description: |- - ConfigMapProjectionApplyConfiguration represents an declarative configuration of the ConfigMapProjection type for use - with apply. - properties: - items: - items: - description: |- - KeyToPathApplyConfiguration represents an declarative configuration of the KeyToPath type for use - with apply. - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - type: object - type: array - name: - type: string - optional: - type: boolean - type: object - downwardAPI: - description: |- - DownwardAPIProjectionApplyConfiguration represents an declarative configuration of the DownwardAPIProjection type for use - with apply. - properties: - items: - items: - description: |- - DownwardAPIVolumeFileApplyConfiguration represents an declarative configuration of the DownwardAPIVolumeFile type for use - with apply. - properties: - fieldRef: - description: |- - ObjectFieldSelectorApplyConfiguration represents an declarative configuration of the ObjectFieldSelector type for use - with apply. - properties: - apiVersion: - type: string - fieldPath: - type: string - type: object - mode: - format: int32 - type: integer - path: - type: string - resourceFieldRef: - description: |- - ResourceFieldSelectorApplyConfiguration represents an declarative configuration of the ResourceFieldSelector type for use - with apply. - properties: - containerName: - type: string - divisor: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - type: string - type: object - type: object - type: array - type: object - secret: - description: |- - SecretProjectionApplyConfiguration represents an declarative configuration of the SecretProjection type for use - with apply. - properties: - items: - items: - description: |- - KeyToPathApplyConfiguration represents an declarative configuration of the KeyToPath type for use - with apply. - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - type: object - type: array - name: - type: string - optional: - type: boolean - type: object - serviceAccountToken: - description: |- - ServiceAccountTokenProjectionApplyConfiguration represents an declarative configuration of the ServiceAccountTokenProjection type for use - with apply. - properties: - audience: - type: string - expirationSeconds: - format: int64 - type: integer - path: - type: string - type: object - type: object - type: array - type: object - quobyte: - description: |- - QuobyteVolumeSourceApplyConfiguration represents an declarative configuration of the QuobyteVolumeSource type for use - with apply. - properties: - group: - type: string - readOnly: - type: boolean - registry: - type: string - tenant: - type: string - user: - type: string - volume: - type: string - type: object - rbd: - description: |- - RBDVolumeSourceApplyConfiguration represents an declarative configuration of the RBDVolumeSource type for use - with apply. - properties: - fsType: - type: string - image: - type: string - keyring: - type: string - monitors: - items: - type: string - type: array - pool: - type: string - readOnly: - type: boolean - secretRef: - description: |- - LocalObjectReferenceApplyConfiguration represents an declarative configuration of the LocalObjectReference type for use - with apply. - properties: - name: - type: string - type: object - user: - type: string - type: object - scaleIO: - description: |- - ScaleIOVolumeSourceApplyConfiguration represents an declarative configuration of the ScaleIOVolumeSource type for use - with apply. - properties: - fsType: - type: string - gateway: - type: string - protectionDomain: - type: string - readOnly: - type: boolean - secretRef: - description: |- - LocalObjectReferenceApplyConfiguration represents an declarative configuration of the LocalObjectReference type for use - with apply. - properties: - name: - type: string - type: object - sslEnabled: - type: boolean - storageMode: - type: string - storagePool: - type: string - system: - type: string - volumeName: - type: string - type: object - secret: - description: |- - SecretVolumeSourceApplyConfiguration represents an declarative configuration of the SecretVolumeSource type for use - with apply. - properties: - defaultMode: - format: int32 - type: integer - items: - items: - description: |- - KeyToPathApplyConfiguration represents an declarative configuration of the KeyToPath type for use - with apply. - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - type: object - type: array - optional: - type: boolean - secretName: - type: string - type: object - storageos: - description: |- - StorageOSVolumeSourceApplyConfiguration represents an declarative configuration of the StorageOSVolumeSource type for use - with apply. - properties: - fsType: - type: string - readOnly: - type: boolean - secretRef: - description: |- - LocalObjectReferenceApplyConfiguration represents an declarative configuration of the LocalObjectReference type for use - with apply. - properties: - name: - type: string - type: object - volumeName: - type: string - volumeNamespace: - type: string - type: object - vsphereVolume: - description: |- - VsphereVirtualDiskVolumeSourceApplyConfiguration represents an declarative configuration of the VsphereVirtualDiskVolumeSource type for use - with apply. - properties: - fsType: - type: string - storagePolicyID: - type: string - storagePolicyName: - type: string - volumePath: - type: string - type: object - type: object - type: array - type: object - type: object - resources: - description: Sets resource requirements (CPU, memory) for - the job to ensure proper allocation and limit resource usage. - properties: - claims: - description: |- - Claims lists the names of resources, defined in spec.resourceClaims, - that are used by this container. - - This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. - - This field is immutable. It can only be set for containers. - items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. - properties: - name: - description: |- - Name must match the name of one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes that resource available - inside a container. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - securityContext: - description: |- - SecurityContext is deprecated. Prefer [PodTemplate.Spec.SecurityContext] - or [PodTemplate.Spec.Containers[*].SecurityContext]. - properties: - allowPrivilegeEscalation: - description: |- - AllowPrivilegeEscalation controls whether a process can gain more - privileges than its parent process. This bool directly controls if - the no_new_privs flag will be set on the container process. - AllowPrivilegeEscalation is true always when the container is: - 1) run as Privileged - 2) has CAP_SYS_ADMIN - Note that this field cannot be set when spec.os.name is windows. - type: boolean - appArmorProfile: - description: |- - appArmorProfile is the AppArmor options to use by this container. If set, this profile - overrides the pod's appArmorProfile. - Note that this field cannot be set when spec.os.name is windows. - properties: - localhostProfile: - description: |- - localhostProfile indicates a profile loaded on the node that should be used. - The profile must be preconfigured on the node to work. - Must match the loaded name of the profile. - Must be set if and only if type is "Localhost". - type: string - type: - description: |- - type indicates which kind of AppArmor profile will be applied. - Valid options are: - Localhost - a profile pre-loaded on the node. - RuntimeDefault - the container runtime's default profile. - Unconfined - no AppArmor enforcement. - type: string - required: - - type - type: object - capabilities: - description: |- - The capabilities to add/drop when running containers. - Defaults to the default set of capabilities granted by the container runtime. - Note that this field cannot be set when spec.os.name is windows. - properties: - add: - description: Added capabilities - items: - description: Capability represent POSIX capabilities - type - type: string - type: array - x-kubernetes-list-type: atomic - drop: - description: Removed capabilities - items: - description: Capability represent POSIX capabilities - type - type: string - type: array - x-kubernetes-list-type: atomic - type: object - privileged: - description: |- - Run container in privileged mode. - Processes in privileged containers are essentially equivalent to root on the host. - Defaults to false. - Note that this field cannot be set when spec.os.name is windows. - type: boolean - procMount: - description: |- - procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for - readonly paths and masked paths. - This requires the ProcMountType feature flag to be enabled. - Note that this field cannot be set when spec.os.name is windows. - type: string - readOnlyRootFilesystem: - description: |- - Whether this container has a read-only root filesystem. - Default is false. - Note that this field cannot be set when spec.os.name is windows. - type: boolean - runAsGroup: - description: |- - The GID to run the entrypoint of the container process. - Uses runtime default if unset. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is windows. - format: int64 - type: integer - runAsNonRoot: - description: |- - Indicates that the container must run as a non-root user. - If true, the Kubelet will validate the image at runtime to ensure that it - does not run as UID 0 (root) and fail to start the container if it does. - If unset or false, no such validation will be performed. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - type: boolean - runAsUser: - description: |- - The UID to run the entrypoint of the container process. - Defaults to user specified in image metadata if unspecified. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is windows. - format: int64 - type: integer - seLinuxOptions: - description: |- - The SELinux context to be applied to the container. - If unspecified, the container runtime will allocate a random SELinux context for each - container. May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is windows. - properties: - level: - description: Level is SELinux level label that applies - to the container. - type: string - role: - description: Role is a SELinux role label that applies - to the container. - type: string - type: - description: Type is a SELinux type label that applies - to the container. - type: string - user: - description: User is a SELinux user label that applies - to the container. - type: string - type: object - seccompProfile: - description: |- - The seccomp options to use by this container. If seccomp options are - provided at both the pod & container level, the container options - override the pod options. - Note that this field cannot be set when spec.os.name is windows. - properties: - localhostProfile: - description: |- - localhostProfile indicates a profile defined in a file on the node should be used. - The profile must be preconfigured on the node to work. - Must be a descending path, relative to the kubelet's configured seccomp profile location. - Must be set if type is "Localhost". Must NOT be set for any other type. - type: string - type: - description: |- - type indicates which kind of seccomp profile will be applied. - Valid options are: - - Localhost - a profile defined in a file on the node should be used. - RuntimeDefault - the container runtime default profile should be used. - Unconfined - no profile should be applied. - type: string - required: - - type - type: object - windowsOptions: - description: |- - The Windows specific settings applied to all containers. - If unspecified, the options from the PodSecurityContext will be used. - If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is linux. - properties: - gmsaCredentialSpec: - description: |- - GMSACredentialSpec is where the GMSA admission webhook - (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the - GMSA credential spec named by the GMSACredentialSpecName field. - type: string - gmsaCredentialSpecName: - description: GMSACredentialSpecName is the name of - the GMSA credential spec to use. - type: string - hostProcess: - description: |- - HostProcess determines if a container should be run as a 'Host Process' container. - All of a Pod's containers must have the same effective HostProcess value - (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). - In addition, if HostProcess is true then HostNetwork must also be set to true. - type: boolean - runAsUserName: - description: |- - The UserName in Windows to run the entrypoint of the container process. - Defaults to the user specified in image metadata if unspecified. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - type: string - type: object - type: object - type: object - post_upgrade_job: - description: Defines settings for the post-upgrade hook, which - runs after each update. For example, this job is responsible - for setting cluster configuration properties and restarting - services such as Schema Registry, if required. - properties: - affinity: - description: |- - Affinity constraints for scheduling Pods. For details, see the - [Kubernetes documentation](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity). - properties: - nodeAffinity: - description: Describes node affinity scheduling rules - for the pod. - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: |- - The scheduler will prefer to schedule pods to nodes that satisfy - the affinity expressions specified by this field, but it may choose - a node that violates one or more of the expressions. The node that is - most preferred is the one with the greatest sum of weights, i.e. - for each node that meets all of the scheduling requirements (resource - request, requiredDuringScheduling affinity expressions, etc.), - compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node matches the corresponding matchExpressions; the - node(s) with the highest sum are the most preferred. - items: - description: |- - An empty preferred scheduling term matches all objects with implicit weight 0 - (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). - properties: - preference: - description: A node selector term, associated - with the corresponding weight. - properties: - matchExpressions: - description: A list of node selector requirements - by node's labels. - items: - description: |- - A node selector requirement is a selector that contains values, a key, and an operator - that relates the key and values. - properties: - key: - description: The label key that the - selector applies to. - type: string - operator: - description: |- - Represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - type: string - values: - description: |- - An array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. If the operator is Gt or Lt, the values - array must have a single element, which will be interpreted as an integer. - This array is replaced during a strategic merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchFields: - description: A list of node selector requirements - by node's fields. - items: - description: |- - A node selector requirement is a selector that contains values, a key, and an operator - that relates the key and values. - properties: - key: - description: The label key that the - selector applies to. - type: string - operator: - description: |- - Represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - type: string - values: - description: |- - An array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. If the operator is Gt or Lt, the values - array must have a single element, which will be interpreted as an integer. - This array is replaced during a strategic merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - type: object - x-kubernetes-map-type: atomic - weight: - description: Weight associated with matching - the corresponding nodeSelectorTerm, in the - range 1-100. - format: int32 - type: integer - required: - - preference - - weight - type: object - type: array - x-kubernetes-list-type: atomic - requiredDuringSchedulingIgnoredDuringExecution: - description: |- - If the affinity requirements specified by this field are not met at - scheduling time, the pod will not be scheduled onto the node. - If the affinity requirements specified by this field cease to be met - at some point during pod execution (e.g. due to an update), the system - may or may not try to eventually evict the pod from its node. - properties: - nodeSelectorTerms: - description: Required. A list of node selector - terms. The terms are ORed. - items: - description: |- - A null or empty node selector term matches no objects. The requirements of - them are ANDed. - The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. - properties: - matchExpressions: - description: A list of node selector requirements - by node's labels. - items: - description: |- - A node selector requirement is a selector that contains values, a key, and an operator - that relates the key and values. - properties: - key: - description: The label key that the - selector applies to. - type: string - operator: - description: |- - Represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - type: string - values: - description: |- - An array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. If the operator is Gt or Lt, the values - array must have a single element, which will be interpreted as an integer. - This array is replaced during a strategic merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchFields: - description: A list of node selector requirements - by node's fields. - items: - description: |- - A node selector requirement is a selector that contains values, a key, and an operator - that relates the key and values. - properties: - key: - description: The label key that the - selector applies to. - type: string - operator: - description: |- - Represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - type: string - values: - description: |- - An array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. If the operator is Gt or Lt, the values - array must have a single element, which will be interpreted as an integer. - This array is replaced during a strategic merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - type: object - x-kubernetes-map-type: atomic - type: array - x-kubernetes-list-type: atomic - required: - - nodeSelectorTerms - type: object - x-kubernetes-map-type: atomic - type: object - podAffinity: - description: Describes pod affinity scheduling rules (e.g. - co-locate this pod in the same node, zone, etc. as some - other pod(s)). - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: |- - The scheduler will prefer to schedule pods to nodes that satisfy - the affinity expressions specified by this field, but it may choose - a node that violates one or more of the expressions. The node that is - most preferred is the one with the greatest sum of weights, i.e. - for each node that meets all of the scheduling requirements (resource - request, requiredDuringScheduling affinity expressions, etc.), - compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the - node(s) with the highest sum are the most preferred. - items: - description: The weights of all of the matched WeightedPodAffinityTerm - fields are added per-node to find the most preferred - node(s) - properties: - podAffinityTerm: - description: Required. A pod affinity term, - associated with the corresponding weight. - properties: - labelSelector: - description: |- - A label query over a set of resources, in this case pods. - If it's null, this PodAffinityTerm matches with no Pods. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The - requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label - key that the selector applies - to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - matchLabelKeys: - description: |- - MatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both matchLabelKeys and labelSelector. - Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - items: - type: string - type: array - x-kubernetes-list-type: atomic - mismatchLabelKeys: - description: |- - MismatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. - Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - items: - type: string - type: array - x-kubernetes-list-type: atomic - namespaceSelector: - description: |- - A label query over the set of namespaces that the term applies to. - The term is applied to the union of the namespaces selected by this field - and the ones listed in the namespaces field. - null selector and null or empty namespaces list means "this pod's namespace". - An empty selector ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The - requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label - key that the selector applies - to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - namespaces: - description: |- - namespaces specifies a static list of namespace names that the term applies to. - The term is applied to the union of the namespaces listed in this field - and the ones selected by namespaceSelector. - null or empty namespaces list and null namespaceSelector means "this pod's namespace". - items: - type: string - type: array - x-kubernetes-list-type: atomic - topologyKey: - description: |- - This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching - the labelSelector in the specified namespaces, where co-located is defined as running on a node - whose value of the label with key topologyKey matches that of any node on which any of the - selected pods is running. - Empty topologyKey is not allowed. - type: string - required: - - topologyKey - type: object - weight: - description: |- - weight associated with matching the corresponding podAffinityTerm, - in the range 1-100. - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - x-kubernetes-list-type: atomic - requiredDuringSchedulingIgnoredDuringExecution: - description: |- - If the affinity requirements specified by this field are not met at - scheduling time, the pod will not be scheduled onto the node. - If the affinity requirements specified by this field cease to be met - at some point during pod execution (e.g. due to a pod label update), the - system may or may not try to eventually evict the pod from its node. - When there are multiple elements, the lists of nodes corresponding to each - podAffinityTerm are intersected, i.e. all terms must be satisfied. - items: - description: |- - Defines a set of pods (namely those matching the labelSelector - relative to the given namespace(s)) that this pod should be - co-located (affinity) or not co-located (anti-affinity) with, - where co-located is defined as running on a node whose value of - the label with key matches that of any node on which - a pod of the set of pods is running - properties: - labelSelector: - description: |- - A label query over a set of resources, in this case pods. - If it's null, this PodAffinityTerm matches with no Pods. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The requirements - are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key - that the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - matchLabelKeys: - description: |- - MatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both matchLabelKeys and labelSelector. - Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - items: - type: string - type: array - x-kubernetes-list-type: atomic - mismatchLabelKeys: - description: |- - MismatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. - Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - items: - type: string - type: array - x-kubernetes-list-type: atomic - namespaceSelector: - description: |- - A label query over the set of namespaces that the term applies to. - The term is applied to the union of the namespaces selected by this field - and the ones listed in the namespaces field. - null selector and null or empty namespaces list means "this pod's namespace". - An empty selector ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The requirements - are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key - that the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - namespaces: - description: |- - namespaces specifies a static list of namespace names that the term applies to. - The term is applied to the union of the namespaces listed in this field - and the ones selected by namespaceSelector. - null or empty namespaces list and null namespaceSelector means "this pod's namespace". - items: - type: string - type: array - x-kubernetes-list-type: atomic - topologyKey: - description: |- - This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching - the labelSelector in the specified namespaces, where co-located is defined as running on a node - whose value of the label with key topologyKey matches that of any node on which any of the - selected pods is running. - Empty topologyKey is not allowed. - type: string - required: - - topologyKey - type: object - type: array - x-kubernetes-list-type: atomic - type: object - podAntiAffinity: - description: Describes pod anti-affinity scheduling rules - (e.g. avoid putting this pod in the same node, zone, - etc. as some other pod(s)). - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: |- - The scheduler will prefer to schedule pods to nodes that satisfy - the anti-affinity expressions specified by this field, but it may choose - a node that violates one or more of the expressions. The node that is - most preferred is the one with the greatest sum of weights, i.e. - for each node that meets all of the scheduling requirements (resource - request, requiredDuringScheduling anti-affinity expressions, etc.), - compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the - node(s) with the highest sum are the most preferred. - items: - description: The weights of all of the matched WeightedPodAffinityTerm - fields are added per-node to find the most preferred - node(s) - properties: - podAffinityTerm: - description: Required. A pod affinity term, - associated with the corresponding weight. - properties: - labelSelector: - description: |- - A label query over a set of resources, in this case pods. - If it's null, this PodAffinityTerm matches with no Pods. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The - requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label - key that the selector applies - to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - matchLabelKeys: - description: |- - MatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both matchLabelKeys and labelSelector. - Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - items: - type: string - type: array - x-kubernetes-list-type: atomic - mismatchLabelKeys: - description: |- - MismatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. - Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - items: - type: string - type: array - x-kubernetes-list-type: atomic - namespaceSelector: - description: |- - A label query over the set of namespaces that the term applies to. - The term is applied to the union of the namespaces selected by this field - and the ones listed in the namespaces field. - null selector and null or empty namespaces list means "this pod's namespace". - An empty selector ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The - requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label - key that the selector applies - to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - namespaces: - description: |- - namespaces specifies a static list of namespace names that the term applies to. - The term is applied to the union of the namespaces listed in this field - and the ones selected by namespaceSelector. - null or empty namespaces list and null namespaceSelector means "this pod's namespace". - items: - type: string - type: array - x-kubernetes-list-type: atomic - topologyKey: - description: |- - This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching - the labelSelector in the specified namespaces, where co-located is defined as running on a node - whose value of the label with key topologyKey matches that of any node on which any of the - selected pods is running. - Empty topologyKey is not allowed. - type: string - required: - - topologyKey - type: object - weight: - description: |- - weight associated with matching the corresponding podAffinityTerm, - in the range 1-100. - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - x-kubernetes-list-type: atomic - requiredDuringSchedulingIgnoredDuringExecution: - description: |- - If the anti-affinity requirements specified by this field are not met at - scheduling time, the pod will not be scheduled onto the node. - If the anti-affinity requirements specified by this field cease to be met - at some point during pod execution (e.g. due to a pod label update), the - system may or may not try to eventually evict the pod from its node. - When there are multiple elements, the lists of nodes corresponding to each - podAffinityTerm are intersected, i.e. all terms must be satisfied. - items: - description: |- - Defines a set of pods (namely those matching the labelSelector - relative to the given namespace(s)) that this pod should be - co-located (affinity) or not co-located (anti-affinity) with, - where co-located is defined as running on a node whose value of - the label with key matches that of any node on which - a pod of the set of pods is running - properties: - labelSelector: - description: |- - A label query over a set of resources, in this case pods. - If it's null, this PodAffinityTerm matches with no Pods. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The requirements - are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key - that the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - matchLabelKeys: - description: |- - MatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both matchLabelKeys and labelSelector. - Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - items: - type: string - type: array - x-kubernetes-list-type: atomic - mismatchLabelKeys: - description: |- - MismatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. - Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - items: - type: string - type: array - x-kubernetes-list-type: atomic - namespaceSelector: - description: |- - A label query over the set of namespaces that the term applies to. - The term is applied to the union of the namespaces selected by this field - and the ones listed in the namespaces field. - null selector and null or empty namespaces list means "this pod's namespace". - An empty selector ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The requirements - are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key - that the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - namespaces: - description: |- - namespaces specifies a static list of namespace names that the term applies to. - The term is applied to the union of the namespaces listed in this field - and the ones selected by namespaceSelector. - null or empty namespaces list and null namespaceSelector means "this pod's namespace". - items: - type: string - type: array - x-kubernetes-list-type: atomic - topologyKey: - description: |- - This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching - the labelSelector in the specified namespaces, where co-located is defined as running on a node - whose value of the label with key topologyKey matches that of any node on which any of the - selected pods is running. - Empty topologyKey is not allowed. - type: string - required: - - topologyKey - type: object - type: array - x-kubernetes-list-type: atomic - type: object - type: object - annotations: - additionalProperties: - type: string - description: Adds annotations to the job to provide additional - information or metadata that can be used by other tools - or libraries. - type: object - backoffLimit: - format: int32 - type: integer - enabled: - description: Specifies whether the job is deployed. - type: boolean - extraEnv: - description: Adds environment variables to the job container - to configure its runtime behavior. - items: - description: EnvVar represents an environment variable present - in a Container. - properties: - name: - description: Name of the environment variable. Must - be a C_IDENTIFIER. - type: string - value: - description: |- - Variable references $(VAR_NAME) are expanded - using the previously defined environment variables in the container and - any service environment variables. If a variable cannot be resolved, - the reference in the input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. - "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, regardless of whether the variable - exists or not. - Defaults to "". - type: string - valueFrom: - description: Source for the environment variable's value. - Cannot be used if value is not empty. - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap or - its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - fieldRef: - description: |- - Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, - spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. - properties: - apiVersion: - description: Version of the schema the FieldPath - is written in terms of, defaults to "v1". - type: string - fieldPath: - description: Path of the field to select in - the specified API version. - type: string - required: - - fieldPath - type: object - x-kubernetes-map-type: atomic - resourceFieldRef: - description: |- - Selects a resource of the container: only resources limits and requests - (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. - properties: - containerName: - description: 'Container name: required for volumes, - optional for env vars' - type: string - divisor: - anyOf: - - type: integer - - type: string - description: Specifies the output format of - the exposed resources, defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: 'Required: resource to select' - type: string - required: - - resource - type: object - x-kubernetes-map-type: atomic - secretKeyRef: - description: Selects a key of a secret in the pod's - namespace - properties: - key: - description: The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - required: - - name - type: object - type: array - extraEnvFrom: - description: Specifies environment variables from external - sources, such as ConfigMap resources, or Secret resources, - to dynamically configure the job. - items: - description: EnvFromSource represents the source of a set - of ConfigMaps - properties: - configMapRef: - description: The ConfigMap to select from - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap must - be defined - type: boolean - type: object - x-kubernetes-map-type: atomic - prefix: - description: An optional identifier to prepend to each - key in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret must be - defined - type: boolean - type: object - x-kubernetes-map-type: atomic - type: object - type: array - labels: - additionalProperties: - type: string - description: Applies labels to the job to facilitate identification - and selection based on custom criteria. - type: object - podTemplate: - description: |- - PodTemplate is a subset of Kubernetes' PodTemplate that will be merged - into this Job's PodTemplate. - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - spec: - description: |- - PodSpecApplyConfiguration is a wrapper around - [applycorev1.PodSpecApplyConfiguration] that adds support for DeepCopying. - properties: - activeDeadlineSeconds: - format: int64 - type: integer - affinity: - description: |- - AffinityApplyConfiguration represents an declarative configuration of the Affinity type for use - with apply. - properties: - nodeAffinity: - description: |- - NodeAffinityApplyConfiguration represents an declarative configuration of the NodeAffinity type for use - with apply. - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - description: |- - PreferredSchedulingTermApplyConfiguration represents an declarative configuration of the PreferredSchedulingTerm type for use - with apply. - properties: - preference: - description: |- - NodeSelectorTermApplyConfiguration represents an declarative configuration of the NodeSelectorTerm type for use - with apply. - properties: - matchExpressions: - items: - description: |- - NodeSelectorRequirementApplyConfiguration represents an declarative configuration of the NodeSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: |- - A node selector operator is the set of operators that can be used in - a node selector requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchFields: - items: - description: |- - NodeSelectorRequirementApplyConfiguration represents an declarative configuration of the NodeSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: |- - A node selector operator is the set of operators that can be used in - a node selector requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - type: object - weight: - format: int32 - type: integer - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: |- - NodeSelectorApplyConfiguration represents an declarative configuration of the NodeSelector type for use - with apply. - properties: - nodeSelectorTerms: - items: - description: |- - NodeSelectorTermApplyConfiguration represents an declarative configuration of the NodeSelectorTerm type for use - with apply. - properties: - matchExpressions: - items: - description: |- - NodeSelectorRequirementApplyConfiguration represents an declarative configuration of the NodeSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: |- - A node selector operator is the set of operators that can be used in - a node selector requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchFields: - items: - description: |- - NodeSelectorRequirementApplyConfiguration represents an declarative configuration of the NodeSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: |- - A node selector operator is the set of operators that can be used in - a node selector requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - type: object - type: array - type: object - type: object - podAffinity: - description: |- - PodAffinityApplyConfiguration represents an declarative configuration of the PodAffinity type for use - with apply. - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - description: |- - WeightedPodAffinityTermApplyConfiguration represents an declarative configuration of the WeightedPodAffinityTerm type for use - with apply. - properties: - podAffinityTerm: - description: |- - PodAffinityTermApplyConfiguration represents an declarative configuration of the PodAffinityTerm type for use - with apply. - properties: - labelSelector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label selector - operator is the set - of operators that can - be used in a selector - requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - matchLabelKeys: - items: - type: string - type: array - mismatchLabelKeys: - items: - type: string - type: array - namespaceSelector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label selector - operator is the set - of operators that can - be used in a selector - requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - type: object - weight: - format: int32 - type: integer - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - items: - description: |- - PodAffinityTermApplyConfiguration represents an declarative configuration of the PodAffinityTerm type for use - with apply. - properties: - labelSelector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label selector - operator is the set of operators - that can be used in a selector - requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - matchLabelKeys: - items: - type: string - type: array - mismatchLabelKeys: - items: - type: string - type: array - namespaceSelector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label selector - operator is the set of operators - that can be used in a selector - requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - type: object - type: array - type: object - podAntiAffinity: - description: |- - PodAntiAffinityApplyConfiguration represents an declarative configuration of the PodAntiAffinity type for use - with apply. - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - description: |- - WeightedPodAffinityTermApplyConfiguration represents an declarative configuration of the WeightedPodAffinityTerm type for use - with apply. - properties: - podAffinityTerm: - description: |- - PodAffinityTermApplyConfiguration represents an declarative configuration of the PodAffinityTerm type for use - with apply. - properties: - labelSelector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label selector - operator is the set - of operators that can - be used in a selector - requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - matchLabelKeys: - items: - type: string - type: array - mismatchLabelKeys: - items: - type: string - type: array - namespaceSelector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label selector - operator is the set - of operators that can - be used in a selector - requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - type: object - weight: - format: int32 - type: integer - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - items: - description: |- - PodAffinityTermApplyConfiguration represents an declarative configuration of the PodAffinityTerm type for use - with apply. - properties: - labelSelector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label selector - operator is the set of operators - that can be used in a selector - requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - matchLabelKeys: - items: - type: string - type: array - mismatchLabelKeys: - items: - type: string - type: array - namespaceSelector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label selector - operator is the set of operators - that can be used in a selector - requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - type: object - type: array - type: object - type: object - automountServiceAccountToken: - type: boolean - containers: - items: - description: |- - ContainerApplyConfiguration represents an declarative configuration of the Container type for use - with apply. - properties: - args: - items: - type: string - type: array - command: - items: - type: string - type: array - env: - items: - description: |- - EnvVarApplyConfiguration represents an declarative configuration of the EnvVar type for use - with apply. - properties: - name: - type: string - value: - type: string - valueFrom: - description: |- - EnvVarSourceApplyConfiguration represents an declarative configuration of the EnvVarSource type for use - with apply. - properties: - configMapKeyRef: - description: |- - ConfigMapKeySelectorApplyConfiguration represents an declarative configuration of the ConfigMapKeySelector type for use - with apply. - properties: - key: - type: string - name: - type: string - optional: - type: boolean - type: object - fieldRef: - description: |- - ObjectFieldSelectorApplyConfiguration represents an declarative configuration of the ObjectFieldSelector type for use - with apply. - properties: - apiVersion: - type: string - fieldPath: - type: string - type: object - resourceFieldRef: - description: |- - ResourceFieldSelectorApplyConfiguration represents an declarative configuration of the ResourceFieldSelector type for use - with apply. - properties: - containerName: - type: string - divisor: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - type: string - type: object - secretKeyRef: - description: |- - SecretKeySelectorApplyConfiguration represents an declarative configuration of the SecretKeySelector type for use - with apply. - properties: - key: - type: string - name: - type: string - optional: - type: boolean - type: object - type: object - type: object - type: array - envFrom: - items: - description: |- - EnvFromSourceApplyConfiguration represents an declarative configuration of the EnvFromSource type for use - with apply. - properties: - configMapRef: - description: |- - ConfigMapEnvSourceApplyConfiguration represents an declarative configuration of the ConfigMapEnvSource type for use - with apply. - properties: - name: - type: string - optional: - type: boolean - type: object - prefix: - type: string - secretRef: - description: |- - SecretEnvSourceApplyConfiguration represents an declarative configuration of the SecretEnvSource type for use - with apply. - properties: - name: - type: string - optional: - type: boolean - type: object - type: object - type: array - image: - type: string - imagePullPolicy: - description: PullPolicy describes a policy for - if/when to pull a container image - type: string - lifecycle: - description: |- - LifecycleApplyConfiguration represents an declarative configuration of the Lifecycle type for use - with apply. - properties: - postStart: - description: |- - LifecycleHandlerApplyConfiguration represents an declarative configuration of the LifecycleHandler type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies - the scheme used for connection - to a host for Get actions - type: string - type: object - sleep: - description: |- - SleepActionApplyConfiguration represents an declarative configuration of the SleepAction type for use - with apply. - properties: - seconds: - format: int64 - type: integer - type: object - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - type: object - preStop: - description: |- - LifecycleHandlerApplyConfiguration represents an declarative configuration of the LifecycleHandler type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies - the scheme used for connection - to a host for Get actions - type: string - type: object - sleep: - description: |- - SleepActionApplyConfiguration represents an declarative configuration of the SleepAction type for use - with apply. - properties: - seconds: - format: int64 - type: integer - type: object - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - type: object - type: object - livenessProbe: - description: |- - ProbeApplyConfiguration represents an declarative configuration of the Probe type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - description: |- - GRPCActionApplyConfiguration represents an declarative configuration of the GRPCAction type for use - with apply. - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies the - scheme used for connection to a host - for Get actions - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - name: - type: string - ports: - items: - description: |- - ContainerPortApplyConfiguration represents an declarative configuration of the ContainerPort type for use - with apply. - properties: - containerPort: - format: int32 - type: integer - hostIP: - type: string - hostPort: - format: int32 - type: integer - name: - type: string - protocol: - description: Protocol defines network - protocols supported for things like - container ports. - type: string - type: object - type: array - readinessProbe: - description: |- - ProbeApplyConfiguration represents an declarative configuration of the Probe type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - description: |- - GRPCActionApplyConfiguration represents an declarative configuration of the GRPCAction type for use - with apply. - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies the - scheme used for connection to a host - for Get actions - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - resizePolicy: - items: - description: |- - ContainerResizePolicyApplyConfiguration represents an declarative configuration of the ContainerResizePolicy type for use - with apply. - properties: - resourceName: - description: ResourceName is the name - identifying various resources in a ResourceList. - type: string - restartPolicy: - description: ResourceResizeRestartPolicy - specifies how to handle container resource - resize. - type: string - type: object - type: array - resources: - description: |- - ResourceRequirementsApplyConfiguration represents an declarative configuration of the ResourceRequirements type for use - with apply. - properties: - claims: - items: - description: |- - ResourceClaimApplyConfiguration represents an declarative configuration of the ResourceClaim type for use - with apply. - properties: - name: - type: string - type: object - type: array - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: ResourceList is a set of (resource - name, quantity) pairs. - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: ResourceList is a set of (resource - name, quantity) pairs. - type: object - type: object - restartPolicy: - description: |- - ContainerRestartPolicy is the restart policy for a single container. - This may only be set for init containers and only allowed value is "Always". - type: string - securityContext: - description: |- - SecurityContextApplyConfiguration represents an declarative configuration of the SecurityContext type for use - with apply. - properties: - allowPrivilegeEscalation: - type: boolean - appArmorProfile: - description: |- - AppArmorProfileApplyConfiguration represents an declarative configuration of the AppArmorProfile type for use - with apply. - properties: - localhostProfile: - type: string - type: - type: string - type: object - capabilities: - description: |- - CapabilitiesApplyConfiguration represents an declarative configuration of the Capabilities type for use - with apply. - properties: - add: - items: - description: Capability represent - POSIX capabilities type - type: string - type: array - drop: - items: - description: Capability represent - POSIX capabilities type - type: string - type: array - type: object - privileged: - type: boolean - procMount: - type: string - readOnlyRootFilesystem: - type: boolean - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - description: |- - SELinuxOptionsApplyConfiguration represents an declarative configuration of the SELinuxOptions type for use - with apply. - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - seccompProfile: - description: |- - SeccompProfileApplyConfiguration represents an declarative configuration of the SeccompProfile type for use - with apply. - properties: - localhostProfile: - type: string - type: - description: SeccompProfileType defines - the supported seccomp profile types. - type: string - type: object - windowsOptions: - description: |- - WindowsSecurityContextOptionsApplyConfiguration represents an declarative configuration of the WindowsSecurityContextOptions type for use - with apply. - properties: - gmsaCredentialSpec: - type: string - gmsaCredentialSpecName: - type: string - hostProcess: - type: boolean - runAsUserName: - type: string - type: object - type: object - startupProbe: - description: |- - ProbeApplyConfiguration represents an declarative configuration of the Probe type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - description: |- - GRPCActionApplyConfiguration represents an declarative configuration of the GRPCAction type for use - with apply. - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies the - scheme used for connection to a host - for Get actions - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - stdin: - type: boolean - stdinOnce: - type: boolean - terminationMessagePath: - type: string - terminationMessagePolicy: - description: TerminationMessagePolicy describes - how termination messages are retrieved from - a container. - type: string - tty: - type: boolean - volumeDevices: - items: - description: |- - VolumeDeviceApplyConfiguration represents an declarative configuration of the VolumeDevice type for use - with apply. - properties: - devicePath: - type: string - name: - type: string - type: object - type: array - volumeMounts: - items: - description: |- - VolumeMountApplyConfiguration represents an declarative configuration of the VolumeMount type for use - with apply. - properties: - mountPath: - type: string - mountPropagation: - description: MountPropagationMode describes - mount propagation. - type: string - name: - type: string - readOnly: - type: boolean - recursiveReadOnly: - description: RecursiveReadOnlyMode describes - recursive-readonly mode. - type: string - subPath: - type: string - subPathExpr: - type: string - type: object - type: array - workingDir: - type: string - type: object - type: array - dnsConfig: - description: |- - PodDNSConfigApplyConfiguration represents an declarative configuration of the PodDNSConfig type for use - with apply. - properties: - nameservers: - items: - type: string - type: array - options: - items: - description: |- - PodDNSConfigOptionApplyConfiguration represents an declarative configuration of the PodDNSConfigOption type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - searches: - items: - type: string - type: array - type: object - dnsPolicy: - description: DNSPolicy defines how a pod's DNS will - be configured. - type: string - enableServiceLinks: - type: boolean - ephemeralContainers: - items: - description: |- - EphemeralContainerApplyConfiguration represents an declarative configuration of the EphemeralContainer type for use - with apply. - properties: - args: - items: - type: string - type: array - command: - items: - type: string - type: array - env: - items: - description: |- - EnvVarApplyConfiguration represents an declarative configuration of the EnvVar type for use - with apply. - properties: - name: - type: string - value: - type: string - valueFrom: - description: |- - EnvVarSourceApplyConfiguration represents an declarative configuration of the EnvVarSource type for use - with apply. - properties: - configMapKeyRef: - description: |- - ConfigMapKeySelectorApplyConfiguration represents an declarative configuration of the ConfigMapKeySelector type for use - with apply. - properties: - key: - type: string - name: - type: string - optional: - type: boolean - type: object - fieldRef: - description: |- - ObjectFieldSelectorApplyConfiguration represents an declarative configuration of the ObjectFieldSelector type for use - with apply. - properties: - apiVersion: - type: string - fieldPath: - type: string - type: object - resourceFieldRef: - description: |- - ResourceFieldSelectorApplyConfiguration represents an declarative configuration of the ResourceFieldSelector type for use - with apply. - properties: - containerName: - type: string - divisor: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - type: string - type: object - secretKeyRef: - description: |- - SecretKeySelectorApplyConfiguration represents an declarative configuration of the SecretKeySelector type for use - with apply. - properties: - key: - type: string - name: - type: string - optional: - type: boolean - type: object - type: object - type: object - type: array - envFrom: - items: - description: |- - EnvFromSourceApplyConfiguration represents an declarative configuration of the EnvFromSource type for use - with apply. - properties: - configMapRef: - description: |- - ConfigMapEnvSourceApplyConfiguration represents an declarative configuration of the ConfigMapEnvSource type for use - with apply. - properties: - name: - type: string - optional: - type: boolean - type: object - prefix: - type: string - secretRef: - description: |- - SecretEnvSourceApplyConfiguration represents an declarative configuration of the SecretEnvSource type for use - with apply. - properties: - name: - type: string - optional: - type: boolean - type: object - type: object - type: array - image: - type: string - imagePullPolicy: - description: PullPolicy describes a policy for - if/when to pull a container image - type: string - lifecycle: - description: |- - LifecycleApplyConfiguration represents an declarative configuration of the Lifecycle type for use - with apply. - properties: - postStart: - description: |- - LifecycleHandlerApplyConfiguration represents an declarative configuration of the LifecycleHandler type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies - the scheme used for connection - to a host for Get actions - type: string - type: object - sleep: - description: |- - SleepActionApplyConfiguration represents an declarative configuration of the SleepAction type for use - with apply. - properties: - seconds: - format: int64 - type: integer - type: object - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - type: object - preStop: - description: |- - LifecycleHandlerApplyConfiguration represents an declarative configuration of the LifecycleHandler type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies - the scheme used for connection - to a host for Get actions - type: string - type: object - sleep: - description: |- - SleepActionApplyConfiguration represents an declarative configuration of the SleepAction type for use - with apply. - properties: - seconds: - format: int64 - type: integer - type: object - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - type: object - type: object - livenessProbe: - description: |- - ProbeApplyConfiguration represents an declarative configuration of the Probe type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - description: |- - GRPCActionApplyConfiguration represents an declarative configuration of the GRPCAction type for use - with apply. - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies the - scheme used for connection to a host - for Get actions - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - name: - type: string - ports: - items: - description: |- - ContainerPortApplyConfiguration represents an declarative configuration of the ContainerPort type for use - with apply. - properties: - containerPort: - format: int32 - type: integer - hostIP: - type: string - hostPort: - format: int32 - type: integer - name: - type: string - protocol: - description: Protocol defines network - protocols supported for things like - container ports. - type: string - type: object - type: array - readinessProbe: - description: |- - ProbeApplyConfiguration represents an declarative configuration of the Probe type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - description: |- - GRPCActionApplyConfiguration represents an declarative configuration of the GRPCAction type for use - with apply. - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies the - scheme used for connection to a host - for Get actions - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - resizePolicy: - items: - description: |- - ContainerResizePolicyApplyConfiguration represents an declarative configuration of the ContainerResizePolicy type for use - with apply. - properties: - resourceName: - description: ResourceName is the name - identifying various resources in a ResourceList. - type: string - restartPolicy: - description: ResourceResizeRestartPolicy - specifies how to handle container resource - resize. - type: string - type: object - type: array - resources: - description: |- - ResourceRequirementsApplyConfiguration represents an declarative configuration of the ResourceRequirements type for use - with apply. - properties: - claims: - items: - description: |- - ResourceClaimApplyConfiguration represents an declarative configuration of the ResourceClaim type for use - with apply. - properties: - name: - type: string - type: object - type: array - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: ResourceList is a set of (resource - name, quantity) pairs. - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: ResourceList is a set of (resource - name, quantity) pairs. - type: object - type: object - restartPolicy: - description: |- - ContainerRestartPolicy is the restart policy for a single container. - This may only be set for init containers and only allowed value is "Always". - type: string - securityContext: - description: |- - SecurityContextApplyConfiguration represents an declarative configuration of the SecurityContext type for use - with apply. - properties: - allowPrivilegeEscalation: - type: boolean - appArmorProfile: - description: |- - AppArmorProfileApplyConfiguration represents an declarative configuration of the AppArmorProfile type for use - with apply. - properties: - localhostProfile: - type: string - type: - type: string - type: object - capabilities: - description: |- - CapabilitiesApplyConfiguration represents an declarative configuration of the Capabilities type for use - with apply. - properties: - add: - items: - description: Capability represent - POSIX capabilities type - type: string - type: array - drop: - items: - description: Capability represent - POSIX capabilities type - type: string - type: array - type: object - privileged: - type: boolean - procMount: - type: string - readOnlyRootFilesystem: - type: boolean - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - description: |- - SELinuxOptionsApplyConfiguration represents an declarative configuration of the SELinuxOptions type for use - with apply. - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - seccompProfile: - description: |- - SeccompProfileApplyConfiguration represents an declarative configuration of the SeccompProfile type for use - with apply. - properties: - localhostProfile: - type: string - type: - description: SeccompProfileType defines - the supported seccomp profile types. - type: string - type: object - windowsOptions: - description: |- - WindowsSecurityContextOptionsApplyConfiguration represents an declarative configuration of the WindowsSecurityContextOptions type for use - with apply. - properties: - gmsaCredentialSpec: - type: string - gmsaCredentialSpecName: - type: string - hostProcess: - type: boolean - runAsUserName: - type: string - type: object - type: object - startupProbe: - description: |- - ProbeApplyConfiguration represents an declarative configuration of the Probe type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - description: |- - GRPCActionApplyConfiguration represents an declarative configuration of the GRPCAction type for use - with apply. - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies the - scheme used for connection to a host - for Get actions - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - stdin: - type: boolean - stdinOnce: - type: boolean - targetContainerName: - type: string - terminationMessagePath: - type: string - terminationMessagePolicy: - description: TerminationMessagePolicy describes - how termination messages are retrieved from - a container. - type: string - tty: - type: boolean - volumeDevices: - items: - description: |- - VolumeDeviceApplyConfiguration represents an declarative configuration of the VolumeDevice type for use - with apply. - properties: - devicePath: - type: string - name: - type: string - type: object - type: array - volumeMounts: - items: - description: |- - VolumeMountApplyConfiguration represents an declarative configuration of the VolumeMount type for use - with apply. - properties: - mountPath: - type: string - mountPropagation: - description: MountPropagationMode describes - mount propagation. - type: string - name: - type: string - readOnly: - type: boolean - recursiveReadOnly: - description: RecursiveReadOnlyMode describes - recursive-readonly mode. - type: string - subPath: - type: string - subPathExpr: - type: string - type: object - type: array - workingDir: - type: string - type: object - type: array - hostAliases: - items: - description: |- - HostAliasApplyConfiguration represents an declarative configuration of the HostAlias type for use - with apply. - properties: - hostnames: - items: - type: string - type: array - ip: - type: string - type: object - type: array - hostIPC: - type: boolean - hostNetwork: - type: boolean - hostPID: - type: boolean - hostUsers: - type: boolean - hostname: - type: string - imagePullSecrets: - items: - description: |- - LocalObjectReferenceApplyConfiguration represents an declarative configuration of the LocalObjectReference type for use - with apply. - properties: - name: - type: string - type: object - type: array - initContainers: - items: - description: |- - ContainerApplyConfiguration represents an declarative configuration of the Container type for use - with apply. - properties: - args: - items: - type: string - type: array - command: - items: - type: string - type: array - env: - items: - description: |- - EnvVarApplyConfiguration represents an declarative configuration of the EnvVar type for use - with apply. - properties: - name: - type: string - value: - type: string - valueFrom: - description: |- - EnvVarSourceApplyConfiguration represents an declarative configuration of the EnvVarSource type for use - with apply. - properties: - configMapKeyRef: - description: |- - ConfigMapKeySelectorApplyConfiguration represents an declarative configuration of the ConfigMapKeySelector type for use - with apply. - properties: - key: - type: string - name: - type: string - optional: - type: boolean - type: object - fieldRef: - description: |- - ObjectFieldSelectorApplyConfiguration represents an declarative configuration of the ObjectFieldSelector type for use - with apply. - properties: - apiVersion: - type: string - fieldPath: - type: string - type: object - resourceFieldRef: - description: |- - ResourceFieldSelectorApplyConfiguration represents an declarative configuration of the ResourceFieldSelector type for use - with apply. - properties: - containerName: - type: string - divisor: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - type: string - type: object - secretKeyRef: - description: |- - SecretKeySelectorApplyConfiguration represents an declarative configuration of the SecretKeySelector type for use - with apply. - properties: - key: - type: string - name: - type: string - optional: - type: boolean - type: object - type: object - type: object - type: array - envFrom: - items: - description: |- - EnvFromSourceApplyConfiguration represents an declarative configuration of the EnvFromSource type for use - with apply. - properties: - configMapRef: - description: |- - ConfigMapEnvSourceApplyConfiguration represents an declarative configuration of the ConfigMapEnvSource type for use - with apply. - properties: - name: - type: string - optional: - type: boolean - type: object - prefix: - type: string - secretRef: - description: |- - SecretEnvSourceApplyConfiguration represents an declarative configuration of the SecretEnvSource type for use - with apply. - properties: - name: - type: string - optional: - type: boolean - type: object - type: object - type: array - image: - type: string - imagePullPolicy: - description: PullPolicy describes a policy for - if/when to pull a container image - type: string - lifecycle: - description: |- - LifecycleApplyConfiguration represents an declarative configuration of the Lifecycle type for use - with apply. - properties: - postStart: - description: |- - LifecycleHandlerApplyConfiguration represents an declarative configuration of the LifecycleHandler type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies - the scheme used for connection - to a host for Get actions - type: string - type: object - sleep: - description: |- - SleepActionApplyConfiguration represents an declarative configuration of the SleepAction type for use - with apply. - properties: - seconds: - format: int64 - type: integer - type: object - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - type: object - preStop: - description: |- - LifecycleHandlerApplyConfiguration represents an declarative configuration of the LifecycleHandler type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies - the scheme used for connection - to a host for Get actions - type: string - type: object - sleep: - description: |- - SleepActionApplyConfiguration represents an declarative configuration of the SleepAction type for use - with apply. - properties: - seconds: - format: int64 - type: integer - type: object - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - type: object - type: object - livenessProbe: - description: |- - ProbeApplyConfiguration represents an declarative configuration of the Probe type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - description: |- - GRPCActionApplyConfiguration represents an declarative configuration of the GRPCAction type for use - with apply. - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies the - scheme used for connection to a host - for Get actions - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - name: - type: string - ports: - items: - description: |- - ContainerPortApplyConfiguration represents an declarative configuration of the ContainerPort type for use - with apply. - properties: - containerPort: - format: int32 - type: integer - hostIP: - type: string - hostPort: - format: int32 - type: integer - name: - type: string - protocol: - description: Protocol defines network - protocols supported for things like - container ports. - type: string - type: object - type: array - readinessProbe: - description: |- - ProbeApplyConfiguration represents an declarative configuration of the Probe type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - description: |- - GRPCActionApplyConfiguration represents an declarative configuration of the GRPCAction type for use - with apply. - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies the - scheme used for connection to a host - for Get actions - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - resizePolicy: - items: - description: |- - ContainerResizePolicyApplyConfiguration represents an declarative configuration of the ContainerResizePolicy type for use - with apply. - properties: - resourceName: - description: ResourceName is the name - identifying various resources in a ResourceList. - type: string - restartPolicy: - description: ResourceResizeRestartPolicy - specifies how to handle container resource - resize. - type: string - type: object - type: array - resources: - description: |- - ResourceRequirementsApplyConfiguration represents an declarative configuration of the ResourceRequirements type for use - with apply. - properties: - claims: - items: - description: |- - ResourceClaimApplyConfiguration represents an declarative configuration of the ResourceClaim type for use - with apply. - properties: - name: - type: string - type: object - type: array - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: ResourceList is a set of (resource - name, quantity) pairs. - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: ResourceList is a set of (resource - name, quantity) pairs. - type: object - type: object - restartPolicy: - description: |- - ContainerRestartPolicy is the restart policy for a single container. - This may only be set for init containers and only allowed value is "Always". - type: string - securityContext: - description: |- - SecurityContextApplyConfiguration represents an declarative configuration of the SecurityContext type for use - with apply. - properties: - allowPrivilegeEscalation: - type: boolean - appArmorProfile: - description: |- - AppArmorProfileApplyConfiguration represents an declarative configuration of the AppArmorProfile type for use - with apply. - properties: - localhostProfile: - type: string - type: - type: string - type: object - capabilities: - description: |- - CapabilitiesApplyConfiguration represents an declarative configuration of the Capabilities type for use - with apply. - properties: - add: - items: - description: Capability represent - POSIX capabilities type - type: string - type: array - drop: - items: - description: Capability represent - POSIX capabilities type - type: string - type: array - type: object - privileged: - type: boolean - procMount: - type: string - readOnlyRootFilesystem: - type: boolean - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - description: |- - SELinuxOptionsApplyConfiguration represents an declarative configuration of the SELinuxOptions type for use - with apply. - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - seccompProfile: - description: |- - SeccompProfileApplyConfiguration represents an declarative configuration of the SeccompProfile type for use - with apply. - properties: - localhostProfile: - type: string - type: - description: SeccompProfileType defines - the supported seccomp profile types. - type: string - type: object - windowsOptions: - description: |- - WindowsSecurityContextOptionsApplyConfiguration represents an declarative configuration of the WindowsSecurityContextOptions type for use - with apply. - properties: - gmsaCredentialSpec: - type: string - gmsaCredentialSpecName: - type: string - hostProcess: - type: boolean - runAsUserName: - type: string - type: object - type: object - startupProbe: - description: |- - ProbeApplyConfiguration represents an declarative configuration of the Probe type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - description: |- - GRPCActionApplyConfiguration represents an declarative configuration of the GRPCAction type for use - with apply. - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies the - scheme used for connection to a host - for Get actions - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - stdin: - type: boolean - stdinOnce: - type: boolean - terminationMessagePath: - type: string - terminationMessagePolicy: - description: TerminationMessagePolicy describes - how termination messages are retrieved from - a container. - type: string - tty: - type: boolean - volumeDevices: - items: - description: |- - VolumeDeviceApplyConfiguration represents an declarative configuration of the VolumeDevice type for use - with apply. - properties: - devicePath: - type: string - name: - type: string - type: object - type: array - volumeMounts: - items: - description: |- - VolumeMountApplyConfiguration represents an declarative configuration of the VolumeMount type for use - with apply. - properties: - mountPath: - type: string - mountPropagation: - description: MountPropagationMode describes - mount propagation. - type: string - name: - type: string - readOnly: - type: boolean - recursiveReadOnly: - description: RecursiveReadOnlyMode describes - recursive-readonly mode. - type: string - subPath: - type: string - subPathExpr: - type: string - type: object - type: array - workingDir: - type: string - type: object - type: array - nodeName: - type: string - nodeSelector: - additionalProperties: - type: string - type: object - os: - description: |- - PodOSApplyConfiguration represents an declarative configuration of the PodOS type for use - with apply. - properties: - name: - description: OSName is the set of OS'es that can - be used in OS. - type: string - type: object - overhead: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: ResourceList is a set of (resource name, - quantity) pairs. - type: object - preemptionPolicy: - description: PreemptionPolicy describes a policy for - if/when to preempt a pod. - type: string - priority: - format: int32 - type: integer - priorityClassName: - type: string - readinessGates: - items: - description: |- - PodReadinessGateApplyConfiguration represents an declarative configuration of the PodReadinessGate type for use - with apply. - properties: - conditionType: - description: PodConditionType is a valid value - for PodCondition.Type - type: string - type: object - type: array - resourceClaims: - items: - description: |- - PodResourceClaimApplyConfiguration represents an declarative configuration of the PodResourceClaim type for use - with apply. - properties: - name: - type: string - source: - description: |- - ClaimSourceApplyConfiguration represents an declarative configuration of the ClaimSource type for use - with apply. - properties: - resourceClaimName: - type: string - resourceClaimTemplateName: - type: string - type: object - type: object - type: array - restartPolicy: - description: |- - RestartPolicy describes how the container should be restarted. - Only one of the following restart policies may be specified. - If none of the following policies is specified, the default one - is RestartPolicyAlways. - type: string - runtimeClassName: - type: string - schedulerName: - type: string - schedulingGates: - items: - description: |- - PodSchedulingGateApplyConfiguration represents an declarative configuration of the PodSchedulingGate type for use - with apply. - properties: - name: - type: string - type: object - type: array - securityContext: - description: |- - PodSecurityContextApplyConfiguration represents an declarative configuration of the PodSecurityContext type for use - with apply. - properties: - appArmorProfile: - description: |- - AppArmorProfileApplyConfiguration represents an declarative configuration of the AppArmorProfile type for use - with apply. - properties: - localhostProfile: - type: string - type: - type: string - type: object - fsGroup: - format: int64 - type: integer - fsGroupChangePolicy: - description: |- - PodFSGroupChangePolicy holds policies that will be used for applying fsGroup to a volume - when volume is mounted. - type: string - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - description: |- - SELinuxOptionsApplyConfiguration represents an declarative configuration of the SELinuxOptions type for use - with apply. - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - seccompProfile: - description: |- - SeccompProfileApplyConfiguration represents an declarative configuration of the SeccompProfile type for use - with apply. - properties: - localhostProfile: - type: string - type: - description: SeccompProfileType defines the - supported seccomp profile types. - type: string - type: object - supplementalGroups: - items: - format: int64 - type: integer - type: array - sysctls: - items: - description: |- - SysctlApplyConfiguration represents an declarative configuration of the Sysctl type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - windowsOptions: - description: |- - WindowsSecurityContextOptionsApplyConfiguration represents an declarative configuration of the WindowsSecurityContextOptions type for use - with apply. - properties: - gmsaCredentialSpec: - type: string - gmsaCredentialSpecName: - type: string - hostProcess: - type: boolean - runAsUserName: - type: string - type: object - type: object - serviceAccount: - type: string - serviceAccountName: - type: string - setHostnameAsFQDN: - type: boolean - shareProcessNamespace: - type: boolean - subdomain: - type: string - terminationGracePeriodSeconds: - format: int64 - type: integer - tolerations: - items: - description: |- - TolerationApplyConfiguration represents an declarative configuration of the Toleration type for use - with apply. - properties: - effect: - type: string - key: - type: string - operator: - description: A toleration operator is the set - of operators that can be used in a toleration. - type: string - tolerationSeconds: - format: int64 - type: integer - value: - type: string - type: object - type: array - topologySpreadConstraints: - items: - description: |- - TopologySpreadConstraintApplyConfiguration represents an declarative configuration of the TopologySpreadConstraint type for use - with apply. - properties: - labelSelector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label selector operator - is the set of operators that can - be used in a selector requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - matchLabelKeys: - items: - type: string - type: array - maxSkew: - format: int32 - type: integer - minDomains: - format: int32 - type: integer - nodeAffinityPolicy: - description: NodeInclusionPolicy defines the - type of node inclusion policy - type: string - nodeTaintsPolicy: - description: NodeInclusionPolicy defines the - type of node inclusion policy - type: string - topologyKey: - type: string - whenUnsatisfiable: - type: string - type: object - type: array - volumes: - items: - description: |- - VolumeApplyConfiguration represents an declarative configuration of the Volume type for use - with apply. - properties: - awsElasticBlockStore: - description: |- - AWSElasticBlockStoreVolumeSourceApplyConfiguration represents an declarative configuration of the AWSElasticBlockStoreVolumeSource type for use - with apply. - properties: - fsType: - type: string - partition: - format: int32 - type: integer - readOnly: - type: boolean - volumeID: - type: string - type: object - azureDisk: - description: |- - AzureDiskVolumeSourceApplyConfiguration represents an declarative configuration of the AzureDiskVolumeSource type for use - with apply. - properties: - cachingMode: - type: string - diskName: - type: string - diskURI: - type: string - fsType: - type: string - kind: - type: string - readOnly: - type: boolean - type: object - azureFile: - description: |- - AzureFileVolumeSourceApplyConfiguration represents an declarative configuration of the AzureFileVolumeSource type for use - with apply. - properties: - readOnly: - type: boolean - secretName: - type: string - shareName: - type: string - type: object - cephfs: - description: |- - CephFSVolumeSourceApplyConfiguration represents an declarative configuration of the CephFSVolumeSource type for use - with apply. - properties: - monitors: - items: - type: string - type: array - path: - type: string - readOnly: - type: boolean - secretFile: - type: string - secretRef: - description: |- - LocalObjectReferenceApplyConfiguration represents an declarative configuration of the LocalObjectReference type for use - with apply. - properties: - name: - type: string - type: object - user: - type: string - type: object - cinder: - description: |- - CinderVolumeSourceApplyConfiguration represents an declarative configuration of the CinderVolumeSource type for use - with apply. - properties: - fsType: - type: string - readOnly: - type: boolean - secretRef: - description: |- - LocalObjectReferenceApplyConfiguration represents an declarative configuration of the LocalObjectReference type for use - with apply. - properties: - name: - type: string - type: object - volumeID: - type: string - type: object - configMap: - description: |- - ConfigMapVolumeSourceApplyConfiguration represents an declarative configuration of the ConfigMapVolumeSource type for use - with apply. - properties: - defaultMode: - format: int32 - type: integer - items: - items: - description: |- - KeyToPathApplyConfiguration represents an declarative configuration of the KeyToPath type for use - with apply. - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - type: object - type: array - name: - type: string - optional: - type: boolean - type: object - csi: - description: |- - CSIVolumeSourceApplyConfiguration represents an declarative configuration of the CSIVolumeSource type for use - with apply. - properties: - driver: - type: string - fsType: - type: string - nodePublishSecretRef: - description: |- - LocalObjectReferenceApplyConfiguration represents an declarative configuration of the LocalObjectReference type for use - with apply. - properties: - name: - type: string - type: object - readOnly: - type: boolean - volumeAttributes: - additionalProperties: - type: string - type: object - type: object - downwardAPI: - description: |- - DownwardAPIVolumeSourceApplyConfiguration represents an declarative configuration of the DownwardAPIVolumeSource type for use - with apply. - properties: - defaultMode: - format: int32 - type: integer - items: - items: - description: |- - DownwardAPIVolumeFileApplyConfiguration represents an declarative configuration of the DownwardAPIVolumeFile type for use - with apply. - properties: - fieldRef: - description: |- - ObjectFieldSelectorApplyConfiguration represents an declarative configuration of the ObjectFieldSelector type for use - with apply. - properties: - apiVersion: - type: string - fieldPath: - type: string - type: object - mode: - format: int32 - type: integer - path: - type: string - resourceFieldRef: - description: |- - ResourceFieldSelectorApplyConfiguration represents an declarative configuration of the ResourceFieldSelector type for use - with apply. - properties: - containerName: - type: string - divisor: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - type: string - type: object - type: object - type: array - type: object - emptyDir: - description: |- - EmptyDirVolumeSourceApplyConfiguration represents an declarative configuration of the EmptyDirVolumeSource type for use - with apply. - properties: - medium: - description: StorageMedium defines ways - that storage can be allocated to a volume. - type: string - sizeLimit: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - ephemeral: - description: |- - EphemeralVolumeSourceApplyConfiguration represents an declarative configuration of the EphemeralVolumeSource type for use - with apply. - properties: - volumeClaimTemplate: - description: |- - PersistentVolumeClaimTemplateApplyConfiguration represents an declarative configuration of the PersistentVolumeClaimTemplate type for use - with apply. - properties: - metadata: - description: |- - ObjectMetaApplyConfiguration represents an declarative configuration of the ObjectMeta type for use - with apply. - properties: - annotations: - additionalProperties: - type: string - type: object - creationTimestamp: - format: date-time - type: string - deletionGracePeriodSeconds: - format: int64 - type: integer - deletionTimestamp: - format: date-time - type: string - finalizers: - items: - type: string - type: array - generateName: - type: string - generation: - format: int64 - type: integer - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - ownerReferences: - items: - description: |- - OwnerReferenceApplyConfiguration represents an declarative configuration of the OwnerReference type for use - with apply. - properties: - apiVersion: - type: string - blockOwnerDeletion: - type: boolean - controller: - type: boolean - kind: - type: string - name: - type: string - uid: - description: |- - UID is a type that holds unique ID values, including UUIDs. Because we - don't ONLY use UUIDs, this is an alias to string. Being a type captures - intent and helps make sure that UIDs and names do not get conflated. - type: string - type: object - type: array - resourceVersion: - type: string - uid: - description: |- - UID is a type that holds unique ID values, including UUIDs. Because we - don't ONLY use UUIDs, this is an alias to string. Being a type captures - intent and helps make sure that UIDs and names do not get conflated. - type: string - type: object - spec: - description: |- - PersistentVolumeClaimSpecApplyConfiguration represents an declarative configuration of the PersistentVolumeClaimSpec type for use - with apply. - properties: - accessModes: - items: - type: string - type: array - dataSource: - description: |- - TypedLocalObjectReferenceApplyConfiguration represents an declarative configuration of the TypedLocalObjectReference type for use - with apply. - properties: - apiGroup: - type: string - kind: - type: string - name: - type: string - type: object - dataSourceRef: - description: |- - TypedObjectReferenceApplyConfiguration represents an declarative configuration of the TypedObjectReference type for use - with apply. - properties: - apiGroup: - type: string - kind: - type: string - name: - type: string - namespace: - type: string - type: object - resources: - description: |- - VolumeResourceRequirementsApplyConfiguration represents an declarative configuration of the VolumeResourceRequirements type for use - with apply. - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: ResourceList is - a set of (resource name, quantity) - pairs. - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: ResourceList is - a set of (resource name, quantity) - pairs. - type: object - type: object - selector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label selector - operator is the set - of operators that can - be used in a selector - requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - storageClassName: - type: string - volumeAttributesClassName: - type: string - volumeMode: - description: PersistentVolumeMode - describes how a volume is intended - to be consumed, either Block or - Filesystem. - type: string - volumeName: - type: string - type: object - type: object - type: object - fc: - description: |- - FCVolumeSourceApplyConfiguration represents an declarative configuration of the FCVolumeSource type for use - with apply. - properties: - fsType: - type: string - lun: - format: int32 - type: integer - readOnly: - type: boolean - targetWWNs: - items: - type: string - type: array - wwids: - items: - type: string - type: array - type: object - flexVolume: - description: |- - FlexVolumeSourceApplyConfiguration represents an declarative configuration of the FlexVolumeSource type for use - with apply. - properties: - driver: - type: string - fsType: - type: string - options: - additionalProperties: - type: string - type: object - readOnly: - type: boolean - secretRef: - description: |- - LocalObjectReferenceApplyConfiguration represents an declarative configuration of the LocalObjectReference type for use - with apply. - properties: - name: - type: string - type: object - type: object - flocker: - description: |- - FlockerVolumeSourceApplyConfiguration represents an declarative configuration of the FlockerVolumeSource type for use - with apply. - properties: - datasetName: - type: string - datasetUUID: - type: string - type: object - gcePersistentDisk: - description: |- - GCEPersistentDiskVolumeSourceApplyConfiguration represents an declarative configuration of the GCEPersistentDiskVolumeSource type for use - with apply. - properties: - fsType: - type: string - partition: - format: int32 - type: integer - pdName: - type: string - readOnly: - type: boolean - type: object - gitRepo: - description: |- - GitRepoVolumeSourceApplyConfiguration represents an declarative configuration of the GitRepoVolumeSource type for use - with apply. - properties: - directory: - type: string - repository: - type: string - revision: - type: string - type: object - glusterfs: - description: |- - GlusterfsVolumeSourceApplyConfiguration represents an declarative configuration of the GlusterfsVolumeSource type for use - with apply. - properties: - endpoints: - type: string - path: - type: string - readOnly: - type: boolean - type: object - hostPath: - description: |- - HostPathVolumeSourceApplyConfiguration represents an declarative configuration of the HostPathVolumeSource type for use - with apply. - properties: - path: - type: string - type: - type: string - type: object - iscsi: - description: |- - ISCSIVolumeSourceApplyConfiguration represents an declarative configuration of the ISCSIVolumeSource type for use - with apply. - properties: - chapAuthDiscovery: - type: boolean - chapAuthSession: - type: boolean - fsType: - type: string - initiatorName: - type: string - iqn: - type: string - iscsiInterface: - type: string - lun: - format: int32 - type: integer - portals: - items: - type: string - type: array - readOnly: - type: boolean - secretRef: - description: |- - LocalObjectReferenceApplyConfiguration represents an declarative configuration of the LocalObjectReference type for use - with apply. - properties: - name: - type: string - type: object - targetPortal: - type: string - type: object - name: - type: string - nfs: - description: |- - NFSVolumeSourceApplyConfiguration represents an declarative configuration of the NFSVolumeSource type for use - with apply. - properties: - path: - type: string - readOnly: - type: boolean - server: - type: string - type: object - persistentVolumeClaim: - description: |- - PersistentVolumeClaimVolumeSourceApplyConfiguration represents an declarative configuration of the PersistentVolumeClaimVolumeSource type for use - with apply. - properties: - claimName: - type: string - readOnly: - type: boolean - type: object - photonPersistentDisk: - description: |- - PhotonPersistentDiskVolumeSourceApplyConfiguration represents an declarative configuration of the PhotonPersistentDiskVolumeSource type for use - with apply. - properties: - fsType: - type: string - pdID: - type: string - type: object - portworxVolume: - description: |- - PortworxVolumeSourceApplyConfiguration represents an declarative configuration of the PortworxVolumeSource type for use - with apply. - properties: - fsType: - type: string - readOnly: - type: boolean - volumeID: - type: string - type: object - projected: - description: |- - ProjectedVolumeSourceApplyConfiguration represents an declarative configuration of the ProjectedVolumeSource type for use - with apply. - properties: - defaultMode: - format: int32 - type: integer - sources: - items: - description: |- - VolumeProjectionApplyConfiguration represents an declarative configuration of the VolumeProjection type for use - with apply. - properties: - clusterTrustBundle: - description: |- - ClusterTrustBundleProjectionApplyConfiguration represents an declarative configuration of the ClusterTrustBundleProjection type for use - with apply. - properties: - labelSelector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label - selector operator - is the set of operators - that can be used in - a selector requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - name: - type: string - optional: - type: boolean - path: - type: string - signerName: - type: string - type: object - configMap: - description: |- - ConfigMapProjectionApplyConfiguration represents an declarative configuration of the ConfigMapProjection type for use - with apply. - properties: - items: - items: - description: |- - KeyToPathApplyConfiguration represents an declarative configuration of the KeyToPath type for use - with apply. - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - type: object - type: array - name: - type: string - optional: - type: boolean - type: object - downwardAPI: - description: |- - DownwardAPIProjectionApplyConfiguration represents an declarative configuration of the DownwardAPIProjection type for use - with apply. - properties: - items: - items: - description: |- - DownwardAPIVolumeFileApplyConfiguration represents an declarative configuration of the DownwardAPIVolumeFile type for use - with apply. - properties: - fieldRef: - description: |- - ObjectFieldSelectorApplyConfiguration represents an declarative configuration of the ObjectFieldSelector type for use - with apply. - properties: - apiVersion: - type: string - fieldPath: - type: string - type: object - mode: - format: int32 - type: integer - path: - type: string - resourceFieldRef: - description: |- - ResourceFieldSelectorApplyConfiguration represents an declarative configuration of the ResourceFieldSelector type for use - with apply. - properties: - containerName: - type: string - divisor: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - type: string - type: object - type: object - type: array - type: object - secret: - description: |- - SecretProjectionApplyConfiguration represents an declarative configuration of the SecretProjection type for use - with apply. - properties: - items: - items: - description: |- - KeyToPathApplyConfiguration represents an declarative configuration of the KeyToPath type for use - with apply. - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - type: object - type: array - name: - type: string - optional: - type: boolean - type: object - serviceAccountToken: - description: |- - ServiceAccountTokenProjectionApplyConfiguration represents an declarative configuration of the ServiceAccountTokenProjection type for use - with apply. - properties: - audience: - type: string - expirationSeconds: - format: int64 - type: integer - path: - type: string - type: object - type: object - type: array - type: object - quobyte: - description: |- - QuobyteVolumeSourceApplyConfiguration represents an declarative configuration of the QuobyteVolumeSource type for use - with apply. - properties: - group: - type: string - readOnly: - type: boolean - registry: - type: string - tenant: - type: string - user: - type: string - volume: - type: string - type: object - rbd: - description: |- - RBDVolumeSourceApplyConfiguration represents an declarative configuration of the RBDVolumeSource type for use - with apply. - properties: - fsType: - type: string - image: - type: string - keyring: - type: string - monitors: - items: - type: string - type: array - pool: - type: string - readOnly: - type: boolean - secretRef: - description: |- - LocalObjectReferenceApplyConfiguration represents an declarative configuration of the LocalObjectReference type for use - with apply. - properties: - name: - type: string - type: object - user: - type: string - type: object - scaleIO: - description: |- - ScaleIOVolumeSourceApplyConfiguration represents an declarative configuration of the ScaleIOVolumeSource type for use - with apply. - properties: - fsType: - type: string - gateway: - type: string - protectionDomain: - type: string - readOnly: - type: boolean - secretRef: - description: |- - LocalObjectReferenceApplyConfiguration represents an declarative configuration of the LocalObjectReference type for use - with apply. - properties: - name: - type: string - type: object - sslEnabled: - type: boolean - storageMode: - type: string - storagePool: - type: string - system: - type: string - volumeName: - type: string - type: object - secret: - description: |- - SecretVolumeSourceApplyConfiguration represents an declarative configuration of the SecretVolumeSource type for use - with apply. - properties: - defaultMode: - format: int32 - type: integer - items: - items: - description: |- - KeyToPathApplyConfiguration represents an declarative configuration of the KeyToPath type for use - with apply. - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - type: object - type: array - optional: - type: boolean - secretName: - type: string - type: object - storageos: - description: |- - StorageOSVolumeSourceApplyConfiguration represents an declarative configuration of the StorageOSVolumeSource type for use - with apply. - properties: - fsType: - type: string - readOnly: - type: boolean - secretRef: - description: |- - LocalObjectReferenceApplyConfiguration represents an declarative configuration of the LocalObjectReference type for use - with apply. - properties: - name: - type: string - type: object - volumeName: - type: string - volumeNamespace: - type: string - type: object - vsphereVolume: - description: |- - VsphereVirtualDiskVolumeSourceApplyConfiguration represents an declarative configuration of the VsphereVirtualDiskVolumeSource type for use - with apply. - properties: - fsType: - type: string - storagePolicyID: - type: string - storagePolicyName: - type: string - volumePath: - type: string - type: object - type: object - type: array - type: object - type: object - resources: - description: Sets resource requirements (CPU, memory) for - the job to ensure proper allocation and limit resource usage. - properties: - claims: - description: |- - Claims lists the names of resources, defined in spec.resourceClaims, - that are used by this container. - - This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. - - This field is immutable. It can only be set for containers. - items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. - properties: - name: - description: |- - Name must match the name of one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes that resource available - inside a container. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - securityContext: - description: |- - SecurityContext is deprecated. Prefer [PodTemplate.Spec.SecurityContext] - or [PodTemplate.Spec.Containers[*].SecurityContext]. - properties: - allowPrivilegeEscalation: - description: |- - AllowPrivilegeEscalation controls whether a process can gain more - privileges than its parent process. This bool directly controls if - the no_new_privs flag will be set on the container process. - AllowPrivilegeEscalation is true always when the container is: - 1) run as Privileged - 2) has CAP_SYS_ADMIN - Note that this field cannot be set when spec.os.name is windows. - type: boolean - appArmorProfile: - description: |- - appArmorProfile is the AppArmor options to use by this container. If set, this profile - overrides the pod's appArmorProfile. - Note that this field cannot be set when spec.os.name is windows. - properties: - localhostProfile: - description: |- - localhostProfile indicates a profile loaded on the node that should be used. - The profile must be preconfigured on the node to work. - Must match the loaded name of the profile. - Must be set if and only if type is "Localhost". - type: string - type: - description: |- - type indicates which kind of AppArmor profile will be applied. - Valid options are: - Localhost - a profile pre-loaded on the node. - RuntimeDefault - the container runtime's default profile. - Unconfined - no AppArmor enforcement. - type: string - required: - - type - type: object - capabilities: - description: |- - The capabilities to add/drop when running containers. - Defaults to the default set of capabilities granted by the container runtime. - Note that this field cannot be set when spec.os.name is windows. - properties: - add: - description: Added capabilities - items: - description: Capability represent POSIX capabilities - type - type: string - type: array - x-kubernetes-list-type: atomic - drop: - description: Removed capabilities - items: - description: Capability represent POSIX capabilities - type - type: string - type: array - x-kubernetes-list-type: atomic - type: object - privileged: - description: |- - Run container in privileged mode. - Processes in privileged containers are essentially equivalent to root on the host. - Defaults to false. - Note that this field cannot be set when spec.os.name is windows. - type: boolean - procMount: - description: |- - procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for - readonly paths and masked paths. - This requires the ProcMountType feature flag to be enabled. - Note that this field cannot be set when spec.os.name is windows. - type: string - readOnlyRootFilesystem: - description: |- - Whether this container has a read-only root filesystem. - Default is false. - Note that this field cannot be set when spec.os.name is windows. - type: boolean - runAsGroup: - description: |- - The GID to run the entrypoint of the container process. - Uses runtime default if unset. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is windows. - format: int64 - type: integer - runAsNonRoot: - description: |- - Indicates that the container must run as a non-root user. - If true, the Kubelet will validate the image at runtime to ensure that it - does not run as UID 0 (root) and fail to start the container if it does. - If unset or false, no such validation will be performed. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - type: boolean - runAsUser: - description: |- - The UID to run the entrypoint of the container process. - Defaults to user specified in image metadata if unspecified. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is windows. - format: int64 - type: integer - seLinuxOptions: - description: |- - The SELinux context to be applied to the container. - If unspecified, the container runtime will allocate a random SELinux context for each - container. May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is windows. - properties: - level: - description: Level is SELinux level label that applies - to the container. - type: string - role: - description: Role is a SELinux role label that applies - to the container. - type: string - type: - description: Type is a SELinux type label that applies - to the container. - type: string - user: - description: User is a SELinux user label that applies - to the container. - type: string - type: object - seccompProfile: - description: |- - The seccomp options to use by this container. If seccomp options are - provided at both the pod & container level, the container options - override the pod options. - Note that this field cannot be set when spec.os.name is windows. - properties: - localhostProfile: - description: |- - localhostProfile indicates a profile defined in a file on the node should be used. - The profile must be preconfigured on the node to work. - Must be a descending path, relative to the kubelet's configured seccomp profile location. - Must be set if type is "Localhost". Must NOT be set for any other type. - type: string - type: - description: |- - type indicates which kind of seccomp profile will be applied. - Valid options are: - - Localhost - a profile defined in a file on the node should be used. - RuntimeDefault - the container runtime default profile should be used. - Unconfined - no profile should be applied. - type: string - required: - - type - type: object - windowsOptions: - description: |- - The Windows specific settings applied to all containers. - If unspecified, the options from the PodSecurityContext will be used. - If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is linux. - properties: - gmsaCredentialSpec: - description: |- - GMSACredentialSpec is where the GMSA admission webhook - (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the - GMSA credential spec named by the GMSACredentialSpecName field. - type: string - gmsaCredentialSpecName: - description: GMSACredentialSpecName is the name of - the GMSA credential spec to use. - type: string - hostProcess: - description: |- - HostProcess determines if a container should be run as a 'Host Process' container. - All of a Pod's containers must have the same effective HostProcess value - (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). - In addition, if HostProcess is true then HostNetwork must also be set to true. - type: boolean - runAsUserName: - description: |- - The UserName in Windows to run the entrypoint of the container process. - Defaults to the user specified in image metadata if unspecified. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - type: string - type: object - type: object - type: object - rackAwareness: - description: Defines rack awareness settings. - properties: - enabled: - description: Specifies whether rack awareness is enabled. - When enabled, Kubernetes failure zones are treated as racks. - Redpanda maps each rack to a failure zone and places partition - replicas across them. Requires `rbac.enabled` set to `true`. - type: boolean - nodeAnnotation: - description: Specifies the key in Node labels or annotations - to use to denote failure zones. - type: string - type: object - rbac: - description: Defines Role Based Access Control (RBAC) settings. - properties: - annotations: - additionalProperties: - type: string - description: Adds custom annotations to the RBAC resources. - type: object - enabled: - description: Whether RBAC is enabled. Enable for features - that need extra privileges, such as rack awareness. If you - use the Redpanda Operator, you must deploy it with the `--set - rbac.createRPKBundleCRs=true` flag to give it the required - ClusterRoles. - type: boolean - type: object - resources: - description: Defines container resource settings. - properties: - cpu: - description: Specifies the number of CPU cores. - properties: - cores: - anyOf: - - type: integer - - type: string - description: 'Specifies the number of CPU cores available - to the application. Redpanda makes use of a thread per - core model. For details, see https://docs.redpanda.com/current/get-started/architecture/#thread-per-core-model. - For this reason, Redpanda should only be given full - cores. Note: You can increase cores, but decreasing - cores is not currently supported. See the GitHub issue:https://github.com/redpanda-data/redpanda/issues/350. - This setting is equivalent to `--smp`, `resources.requests.cpu`, - and `resources.limits.cpu`. For production, use `4` - or greater.' - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - overprovisioned: - description: 'Specifies whether Redpanda assumes it has - all of the provisioned CPU. This should be `true` unless - the container has CPU affinity. Equivalent to: `--idle-poll-time-us - 0`, `--thread-affinity 0`, and `--poll-aio 0`. If the - value of full cores in `resources.cpu.cores` is less - than `1`, this setting is set to `true`.' - type: boolean - type: object - memory: - description: Specifies the amount of memory. - properties: - container: - description: Defines resource limits for containers. - properties: - max: - anyOf: - - type: integer - - type: string - description: Specifies the maximum resources that - can be allocated to a container. - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - min: - anyOf: - - type: integer - - type: string - description: Specifies the minimum resources required - for a container. - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - enable_memory_locking: - description: Enables memory locking. For production, set - to `true`. - type: boolean - redpanda: - description: Allows you to optionally specify the memory - size for both the Redpanda process and the underlying - reserved memory used by Seastar. - properties: - memory: - anyOf: - - type: integer - - type: string - description: Memory for the Redpanda process. This - must be lower than the container's memory (`resources.memory.container.min` - if provided, otherwise `resources.memory.container.max`). - Equivalent to `--memory`. For production, use 8Gi - or greater. - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - reserveMemory: - anyOf: - - type: integer - - type: string - description: Memory reserved for the OS. Any value - above 1Gi will provide diminishing performance benefits. - Equivalent to `--reserve-memory`. For production, - use 1Gi. - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - type: object - type: object - service: - description: Defines settings for the headless ClusterIP Service. - properties: - internal: - properties: - annotations: - additionalProperties: - type: string - type: object - type: object - name: - type: string - type: object - serviceAccount: - description: Defines Service account settings. - properties: - annotations: - additionalProperties: - type: string - description: Adds custom annotations to the ServiceAccount - resources. - type: object - automountServiceAccountToken: - description: Specifies whether a service account should automount - API-Credentials - type: boolean - create: - description: Specifies whether a ServiceAccount should be - created. - type: boolean - name: - description: Specifies the name of the ServiceAccount. - type: string - type: object - statefulset: - description: Defines settings for the StatefulSet that manages - Redpanda brokers. - properties: - additionalRedpandaCmdFlags: - description: Includes additional command flags for Redpanda - at startup to customize its runtime behavior. - items: - type: string - type: array - additionalSelectorLabels: - additionalProperties: - type: string - type: object - annotations: - additionalProperties: - type: string - description: |- - Adds annotations to the StatefulSet to provide additional information or metadata. - Please use PodTemplate to add additional annotation or labels for Pods managed by Statefulset. - type: object - budget: - description: Defines the management of disruptions affecting - the Pods in the StatefulSet. - properties: - maxUnavailable: - description: Defines the maximum number of Pods that can - be unavailable during a voluntary disruption. - type: integer - type: object - extraVolumeMounts: - description: Specifies extra volume mounts for the Pods. - type: string - extraVolumes: - description: Defines additional volumes for the Pods. - type: string - initContainerImage: - description: Defines the init container image used to perform - initial setup tasks before the main containers start. - properties: - repository: - type: string - tag: - type: string - type: object - initContainers: - description: Configures the init container used to perform - initial setup tasks before the main containers start. - properties: - configurator: - properties: - extraVolumeMounts: - type: string - resources: - description: ResourceRequirements describes the compute - resource requirements. - properties: - claims: - description: |- - Claims lists the names of resources, defined in spec.resourceClaims, - that are used by this container. - - This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. - - This field is immutable. It can only be set for containers. - items: - description: ResourceClaim references one entry - in PodSpec.ResourceClaims. - properties: - name: - description: |- - Name must match the name of one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes that resource available - inside a container. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - type: object - extraInitContainers: - type: string - fsValidator: - description: Defines the setting for init container that - not allow to start Redpanda until filesystem matches - properties: - enabled: - type: boolean - expectedFS: - type: string - extraVolumeMounts: - description: Adds extra volume mounts. - type: string - resources: - description: Specifies the resource requirements. - properties: - claims: - description: |- - Claims lists the names of resources, defined in spec.resourceClaims, - that are used by this container. - - This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. - - This field is immutable. It can only be set for containers. - items: - description: ResourceClaim references one entry - in PodSpec.ResourceClaims. - properties: - name: - description: |- - Name must match the name of one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes that resource available - inside a container. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - type: object - setDataDirOwnership: - description: Defines the settings related to ownership - of the Redpanda data directory in environments where - root access is restricted. - properties: - enabled: - description: Specifies whether to enable root access. - Enable only in environments where root access is - not allowed, such as minikube. - type: boolean - extraVolumeMounts: - description: Adds extra volume mounts. - type: string - resources: - description: Specifies the resource requirements. - properties: - claims: - description: |- - Claims lists the names of resources, defined in spec.resourceClaims, - that are used by this container. - - This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. - - This field is immutable. It can only be set for containers. - items: - description: ResourceClaim references one entry - in PodSpec.ResourceClaims. - properties: - name: - description: |- - Name must match the name of one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes that resource available - inside a container. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - type: object - setTieredStorageCacheDirOwnership: - description: Defines the settings related to ownership - of the Tiered Storage cache in environments where root - access is restricted. - properties: - extraVolumeMounts: - type: string - resources: - description: ResourceRequirements describes the compute - resource requirements. - properties: - claims: - description: |- - Claims lists the names of resources, defined in spec.resourceClaims, - that are used by this container. - - This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. - - This field is immutable. It can only be set for containers. - items: - description: ResourceClaim references one entry - in PodSpec.ResourceClaims. - properties: - name: - description: |- - Name must match the name of one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes that resource available - inside a container. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - type: object - tuning: - description: Defines settings for the autotuner tool in - Redpanda. The autotuner identifies the hardware configuration - in the container and optimizes the Linux kernel to give - you the best performance. - properties: - ballast_file_path: - description: Specifies the file path for ballast file. - A ballast file is an empty file that takes up disk - space. If Redpanda runs out of disk space and becomes - unavailable, you can delete the ballast file as - a last resort. This clears up some space and gives - you time to delete topics or records and change - your retention properties. - type: string - ballast_file_size: - description: Defines the size of the ballast file. - type: string - extraVolumeMounts: - description: Configures additional volume mounts for - the Pod. - type: string - resources: - description: Sets resource requirements such as CPU - and memory limits. - properties: - claims: - description: |- - Claims lists the names of resources, defined in spec.resourceClaims, - that are used by this container. - - This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. - - This field is immutable. It can only be set for containers. - items: - description: ResourceClaim references one entry - in PodSpec.ResourceClaims. - properties: - name: - description: |- - Name must match the name of one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes that resource available - inside a container. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - tune_aio_events: - description: Specifies whether to increase the number - of allowed asynchronous IO events. - type: boolean - tune_ballast_file: - description: Specifies whether to create the ballast - file. - type: boolean - tune_clocksource: - description: Specifies whether to synchronize NTP. - type: boolean - well_known_io: - description: Specifies the vendor, VM type, and storage - device type that Redpanda runs on, in the format - ::. This hints to Redpanda - which configuration values it should use for the - Redpanda IO scheduler. - type: string - type: object - type: object - livenessProbe: - description: Defines liveness probes to monitor the health - of the Pods and restart them if necessary. - properties: - failureThreshold: - description: Sets the number of consecutive failures required - to consider a Pod as not live. - type: integer - initialDelaySeconds: - description: Specifies the time in seconds to wait before - the first probe is initiated. - type: integer - periodSeconds: - description: Determines the frequency in seconds of performing - the probe. - type: integer - successThreshold: - type: integer - timeoutSeconds: - type: integer - type: object - nodeSelector: - additionalProperties: - type: string - description: Applies node selectors to schedule Pods on specific - nodes based on labels. - type: object - podAffinity: - description: Defines Pod affinity rules to influence the scheduling - and placement of Pods relative to other Pods. - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: |- - The scheduler will prefer to schedule pods to nodes that satisfy - the affinity expressions specified by this field, but it may choose - a node that violates one or more of the expressions. The node that is - most preferred is the one with the greatest sum of weights, i.e. - for each node that meets all of the scheduling requirements (resource - request, requiredDuringScheduling affinity expressions, etc.), - compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the - node(s) with the highest sum are the most preferred. - items: - description: The weights of all of the matched WeightedPodAffinityTerm - fields are added per-node to find the most preferred - node(s) - properties: - podAffinityTerm: - description: Required. A pod affinity term, associated - with the corresponding weight. - properties: - labelSelector: - description: |- - A label query over a set of resources, in this case pods. - If it's null, this PodAffinityTerm matches with no Pods. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The requirements - are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key - that the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - matchLabelKeys: - description: |- - MatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both matchLabelKeys and labelSelector. - Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - items: - type: string - type: array - x-kubernetes-list-type: atomic - mismatchLabelKeys: - description: |- - MismatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. - Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - items: - type: string - type: array - x-kubernetes-list-type: atomic - namespaceSelector: - description: |- - A label query over the set of namespaces that the term applies to. - The term is applied to the union of the namespaces selected by this field - and the ones listed in the namespaces field. - null selector and null or empty namespaces list means "this pod's namespace". - An empty selector ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The requirements - are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key - that the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - namespaces: - description: |- - namespaces specifies a static list of namespace names that the term applies to. - The term is applied to the union of the namespaces listed in this field - and the ones selected by namespaceSelector. - null or empty namespaces list and null namespaceSelector means "this pod's namespace". - items: - type: string - type: array - x-kubernetes-list-type: atomic - topologyKey: - description: |- - This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching - the labelSelector in the specified namespaces, where co-located is defined as running on a node - whose value of the label with key topologyKey matches that of any node on which any of the - selected pods is running. - Empty topologyKey is not allowed. - type: string - required: - - topologyKey - type: object - weight: - description: |- - weight associated with matching the corresponding podAffinityTerm, - in the range 1-100. - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - x-kubernetes-list-type: atomic - requiredDuringSchedulingIgnoredDuringExecution: - description: |- - If the affinity requirements specified by this field are not met at - scheduling time, the pod will not be scheduled onto the node. - If the affinity requirements specified by this field cease to be met - at some point during pod execution (e.g. due to a pod label update), the - system may or may not try to eventually evict the pod from its node. - When there are multiple elements, the lists of nodes corresponding to each - podAffinityTerm are intersected, i.e. all terms must be satisfied. - items: - description: |- - Defines a set of pods (namely those matching the labelSelector - relative to the given namespace(s)) that this pod should be - co-located (affinity) or not co-located (anti-affinity) with, - where co-located is defined as running on a node whose value of - the label with key matches that of any node on which - a pod of the set of pods is running - properties: - labelSelector: - description: |- - A label query over a set of resources, in this case pods. - If it's null, this PodAffinityTerm matches with no Pods. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are - ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that - the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - matchLabelKeys: - description: |- - MatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both matchLabelKeys and labelSelector. - Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - items: - type: string - type: array - x-kubernetes-list-type: atomic - mismatchLabelKeys: - description: |- - MismatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. - Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - items: - type: string - type: array - x-kubernetes-list-type: atomic - namespaceSelector: - description: |- - A label query over the set of namespaces that the term applies to. - The term is applied to the union of the namespaces selected by this field - and the ones listed in the namespaces field. - null selector and null or empty namespaces list means "this pod's namespace". - An empty selector ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are - ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that - the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - namespaces: - description: |- - namespaces specifies a static list of namespace names that the term applies to. - The term is applied to the union of the namespaces listed in this field - and the ones selected by namespaceSelector. - null or empty namespaces list and null namespaceSelector means "this pod's namespace". - items: - type: string - type: array - x-kubernetes-list-type: atomic - topologyKey: - description: |- - This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching - the labelSelector in the specified namespaces, where co-located is defined as running on a node - whose value of the label with key topologyKey matches that of any node on which any of the - selected pods is running. - Empty topologyKey is not allowed. - type: string - required: - - topologyKey - type: object - type: array - x-kubernetes-list-type: atomic - type: object - podAntiAffinity: - description: Defines Pod anti-affinity rules to prevent Pods - from being scheduled together on the same node. - properties: - custom: - description: Custom configures additional custom anti-affinity - rules. - type: object - x-kubernetes-preserve-unknown-fields: true - topologyKey: - description: TopologyKey specifies the topology key used - to spread Pods across different nodes or other topologies. - type: string - type: - description: Type defines the type of anti-affinity, such - as `soft` or `hard`. - type: string - weight: - description: Weight sets the weight associated with the - soft anti-affinity rule. - type: integer - type: object - podTemplate: - description: |- - PodTemplate is a subset of Kubernetes' PodTemplate that will be merged - into this StatefulSet's PodTemplate. - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - spec: - description: |- - PodSpecApplyConfiguration is a wrapper around - [applycorev1.PodSpecApplyConfiguration] that adds support for DeepCopying. - properties: - activeDeadlineSeconds: - format: int64 - type: integer - affinity: - description: |- - AffinityApplyConfiguration represents an declarative configuration of the Affinity type for use - with apply. - properties: - nodeAffinity: - description: |- - NodeAffinityApplyConfiguration represents an declarative configuration of the NodeAffinity type for use - with apply. - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - description: |- - PreferredSchedulingTermApplyConfiguration represents an declarative configuration of the PreferredSchedulingTerm type for use - with apply. - properties: - preference: - description: |- - NodeSelectorTermApplyConfiguration represents an declarative configuration of the NodeSelectorTerm type for use - with apply. - properties: - matchExpressions: - items: - description: |- - NodeSelectorRequirementApplyConfiguration represents an declarative configuration of the NodeSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: |- - A node selector operator is the set of operators that can be used in - a node selector requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchFields: - items: - description: |- - NodeSelectorRequirementApplyConfiguration represents an declarative configuration of the NodeSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: |- - A node selector operator is the set of operators that can be used in - a node selector requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - type: object - weight: - format: int32 - type: integer - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: |- - NodeSelectorApplyConfiguration represents an declarative configuration of the NodeSelector type for use - with apply. - properties: - nodeSelectorTerms: - items: - description: |- - NodeSelectorTermApplyConfiguration represents an declarative configuration of the NodeSelectorTerm type for use - with apply. - properties: - matchExpressions: - items: - description: |- - NodeSelectorRequirementApplyConfiguration represents an declarative configuration of the NodeSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: |- - A node selector operator is the set of operators that can be used in - a node selector requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchFields: - items: - description: |- - NodeSelectorRequirementApplyConfiguration represents an declarative configuration of the NodeSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: |- - A node selector operator is the set of operators that can be used in - a node selector requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - type: object - type: array - type: object - type: object - podAffinity: - description: |- - PodAffinityApplyConfiguration represents an declarative configuration of the PodAffinity type for use - with apply. - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - description: |- - WeightedPodAffinityTermApplyConfiguration represents an declarative configuration of the WeightedPodAffinityTerm type for use - with apply. - properties: - podAffinityTerm: - description: |- - PodAffinityTermApplyConfiguration represents an declarative configuration of the PodAffinityTerm type for use - with apply. - properties: - labelSelector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label selector - operator is the set - of operators that can - be used in a selector - requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - matchLabelKeys: - items: - type: string - type: array - mismatchLabelKeys: - items: - type: string - type: array - namespaceSelector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label selector - operator is the set - of operators that can - be used in a selector - requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - type: object - weight: - format: int32 - type: integer - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - items: - description: |- - PodAffinityTermApplyConfiguration represents an declarative configuration of the PodAffinityTerm type for use - with apply. - properties: - labelSelector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label selector - operator is the set of operators - that can be used in a selector - requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - matchLabelKeys: - items: - type: string - type: array - mismatchLabelKeys: - items: - type: string - type: array - namespaceSelector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label selector - operator is the set of operators - that can be used in a selector - requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - type: object - type: array - type: object - podAntiAffinity: - description: |- - PodAntiAffinityApplyConfiguration represents an declarative configuration of the PodAntiAffinity type for use - with apply. - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - description: |- - WeightedPodAffinityTermApplyConfiguration represents an declarative configuration of the WeightedPodAffinityTerm type for use - with apply. - properties: - podAffinityTerm: - description: |- - PodAffinityTermApplyConfiguration represents an declarative configuration of the PodAffinityTerm type for use - with apply. - properties: - labelSelector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label selector - operator is the set - of operators that can - be used in a selector - requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - matchLabelKeys: - items: - type: string - type: array - mismatchLabelKeys: - items: - type: string - type: array - namespaceSelector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label selector - operator is the set - of operators that can - be used in a selector - requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - type: object - weight: - format: int32 - type: integer - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - items: - description: |- - PodAffinityTermApplyConfiguration represents an declarative configuration of the PodAffinityTerm type for use - with apply. - properties: - labelSelector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label selector - operator is the set of operators - that can be used in a selector - requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - matchLabelKeys: - items: - type: string - type: array - mismatchLabelKeys: - items: - type: string - type: array - namespaceSelector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label selector - operator is the set of operators - that can be used in a selector - requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - type: object - type: array - type: object - type: object - automountServiceAccountToken: - type: boolean - containers: - items: - description: |- - ContainerApplyConfiguration represents an declarative configuration of the Container type for use - with apply. - properties: - args: - items: - type: string - type: array - command: - items: - type: string - type: array - env: - items: - description: |- - EnvVarApplyConfiguration represents an declarative configuration of the EnvVar type for use - with apply. - properties: - name: - type: string - value: - type: string - valueFrom: - description: |- - EnvVarSourceApplyConfiguration represents an declarative configuration of the EnvVarSource type for use - with apply. - properties: - configMapKeyRef: - description: |- - ConfigMapKeySelectorApplyConfiguration represents an declarative configuration of the ConfigMapKeySelector type for use - with apply. - properties: - key: - type: string - name: - type: string - optional: - type: boolean - type: object - fieldRef: - description: |- - ObjectFieldSelectorApplyConfiguration represents an declarative configuration of the ObjectFieldSelector type for use - with apply. - properties: - apiVersion: - type: string - fieldPath: - type: string - type: object - resourceFieldRef: - description: |- - ResourceFieldSelectorApplyConfiguration represents an declarative configuration of the ResourceFieldSelector type for use - with apply. - properties: - containerName: - type: string - divisor: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - type: string - type: object - secretKeyRef: - description: |- - SecretKeySelectorApplyConfiguration represents an declarative configuration of the SecretKeySelector type for use - with apply. - properties: - key: - type: string - name: - type: string - optional: - type: boolean - type: object - type: object - type: object - type: array - envFrom: - items: - description: |- - EnvFromSourceApplyConfiguration represents an declarative configuration of the EnvFromSource type for use - with apply. - properties: - configMapRef: - description: |- - ConfigMapEnvSourceApplyConfiguration represents an declarative configuration of the ConfigMapEnvSource type for use - with apply. - properties: - name: - type: string - optional: - type: boolean - type: object - prefix: - type: string - secretRef: - description: |- - SecretEnvSourceApplyConfiguration represents an declarative configuration of the SecretEnvSource type for use - with apply. - properties: - name: - type: string - optional: - type: boolean - type: object - type: object - type: array - image: - type: string - imagePullPolicy: - description: PullPolicy describes a policy for - if/when to pull a container image - type: string - lifecycle: - description: |- - LifecycleApplyConfiguration represents an declarative configuration of the Lifecycle type for use - with apply. - properties: - postStart: - description: |- - LifecycleHandlerApplyConfiguration represents an declarative configuration of the LifecycleHandler type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies - the scheme used for connection - to a host for Get actions - type: string - type: object - sleep: - description: |- - SleepActionApplyConfiguration represents an declarative configuration of the SleepAction type for use - with apply. - properties: - seconds: - format: int64 - type: integer - type: object - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - type: object - preStop: - description: |- - LifecycleHandlerApplyConfiguration represents an declarative configuration of the LifecycleHandler type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies - the scheme used for connection - to a host for Get actions - type: string - type: object - sleep: - description: |- - SleepActionApplyConfiguration represents an declarative configuration of the SleepAction type for use - with apply. - properties: - seconds: - format: int64 - type: integer - type: object - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - type: object - type: object - livenessProbe: - description: |- - ProbeApplyConfiguration represents an declarative configuration of the Probe type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - description: |- - GRPCActionApplyConfiguration represents an declarative configuration of the GRPCAction type for use - with apply. - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies the - scheme used for connection to a host - for Get actions - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - name: - type: string - ports: - items: - description: |- - ContainerPortApplyConfiguration represents an declarative configuration of the ContainerPort type for use - with apply. - properties: - containerPort: - format: int32 - type: integer - hostIP: - type: string - hostPort: - format: int32 - type: integer - name: - type: string - protocol: - description: Protocol defines network - protocols supported for things like - container ports. - type: string - type: object - type: array - readinessProbe: - description: |- - ProbeApplyConfiguration represents an declarative configuration of the Probe type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - description: |- - GRPCActionApplyConfiguration represents an declarative configuration of the GRPCAction type for use - with apply. - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies the - scheme used for connection to a host - for Get actions - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - resizePolicy: - items: - description: |- - ContainerResizePolicyApplyConfiguration represents an declarative configuration of the ContainerResizePolicy type for use - with apply. - properties: - resourceName: - description: ResourceName is the name - identifying various resources in a ResourceList. - type: string - restartPolicy: - description: ResourceResizeRestartPolicy - specifies how to handle container resource - resize. - type: string - type: object - type: array - resources: - description: |- - ResourceRequirementsApplyConfiguration represents an declarative configuration of the ResourceRequirements type for use - with apply. - properties: - claims: - items: - description: |- - ResourceClaimApplyConfiguration represents an declarative configuration of the ResourceClaim type for use - with apply. - properties: - name: - type: string - type: object - type: array - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: ResourceList is a set of (resource - name, quantity) pairs. - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: ResourceList is a set of (resource - name, quantity) pairs. - type: object - type: object - restartPolicy: - description: |- - ContainerRestartPolicy is the restart policy for a single container. - This may only be set for init containers and only allowed value is "Always". - type: string - securityContext: - description: |- - SecurityContextApplyConfiguration represents an declarative configuration of the SecurityContext type for use - with apply. - properties: - allowPrivilegeEscalation: - type: boolean - appArmorProfile: - description: |- - AppArmorProfileApplyConfiguration represents an declarative configuration of the AppArmorProfile type for use - with apply. - properties: - localhostProfile: - type: string - type: - type: string - type: object - capabilities: - description: |- - CapabilitiesApplyConfiguration represents an declarative configuration of the Capabilities type for use - with apply. - properties: - add: - items: - description: Capability represent - POSIX capabilities type - type: string - type: array - drop: - items: - description: Capability represent - POSIX capabilities type - type: string - type: array - type: object - privileged: - type: boolean - procMount: - type: string - readOnlyRootFilesystem: - type: boolean - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - description: |- - SELinuxOptionsApplyConfiguration represents an declarative configuration of the SELinuxOptions type for use - with apply. - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - seccompProfile: - description: |- - SeccompProfileApplyConfiguration represents an declarative configuration of the SeccompProfile type for use - with apply. - properties: - localhostProfile: - type: string - type: - description: SeccompProfileType defines - the supported seccomp profile types. - type: string - type: object - windowsOptions: - description: |- - WindowsSecurityContextOptionsApplyConfiguration represents an declarative configuration of the WindowsSecurityContextOptions type for use - with apply. - properties: - gmsaCredentialSpec: - type: string - gmsaCredentialSpecName: - type: string - hostProcess: - type: boolean - runAsUserName: - type: string - type: object - type: object - startupProbe: - description: |- - ProbeApplyConfiguration represents an declarative configuration of the Probe type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - description: |- - GRPCActionApplyConfiguration represents an declarative configuration of the GRPCAction type for use - with apply. - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies the - scheme used for connection to a host - for Get actions - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - stdin: - type: boolean - stdinOnce: - type: boolean - terminationMessagePath: - type: string - terminationMessagePolicy: - description: TerminationMessagePolicy describes - how termination messages are retrieved from - a container. - type: string - tty: - type: boolean - volumeDevices: - items: - description: |- - VolumeDeviceApplyConfiguration represents an declarative configuration of the VolumeDevice type for use - with apply. - properties: - devicePath: - type: string - name: - type: string - type: object - type: array - volumeMounts: - items: - description: |- - VolumeMountApplyConfiguration represents an declarative configuration of the VolumeMount type for use - with apply. - properties: - mountPath: - type: string - mountPropagation: - description: MountPropagationMode describes - mount propagation. - type: string - name: - type: string - readOnly: - type: boolean - recursiveReadOnly: - description: RecursiveReadOnlyMode describes - recursive-readonly mode. - type: string - subPath: - type: string - subPathExpr: - type: string - type: object - type: array - workingDir: - type: string - type: object - type: array - dnsConfig: - description: |- - PodDNSConfigApplyConfiguration represents an declarative configuration of the PodDNSConfig type for use - with apply. - properties: - nameservers: - items: - type: string - type: array - options: - items: - description: |- - PodDNSConfigOptionApplyConfiguration represents an declarative configuration of the PodDNSConfigOption type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - searches: - items: - type: string - type: array - type: object - dnsPolicy: - description: DNSPolicy defines how a pod's DNS will - be configured. - type: string - enableServiceLinks: - type: boolean - ephemeralContainers: - items: - description: |- - EphemeralContainerApplyConfiguration represents an declarative configuration of the EphemeralContainer type for use - with apply. - properties: - args: - items: - type: string - type: array - command: - items: - type: string - type: array - env: - items: - description: |- - EnvVarApplyConfiguration represents an declarative configuration of the EnvVar type for use - with apply. - properties: - name: - type: string - value: - type: string - valueFrom: - description: |- - EnvVarSourceApplyConfiguration represents an declarative configuration of the EnvVarSource type for use - with apply. - properties: - configMapKeyRef: - description: |- - ConfigMapKeySelectorApplyConfiguration represents an declarative configuration of the ConfigMapKeySelector type for use - with apply. - properties: - key: - type: string - name: - type: string - optional: - type: boolean - type: object - fieldRef: - description: |- - ObjectFieldSelectorApplyConfiguration represents an declarative configuration of the ObjectFieldSelector type for use - with apply. - properties: - apiVersion: - type: string - fieldPath: - type: string - type: object - resourceFieldRef: - description: |- - ResourceFieldSelectorApplyConfiguration represents an declarative configuration of the ResourceFieldSelector type for use - with apply. - properties: - containerName: - type: string - divisor: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - type: string - type: object - secretKeyRef: - description: |- - SecretKeySelectorApplyConfiguration represents an declarative configuration of the SecretKeySelector type for use - with apply. - properties: - key: - type: string - name: - type: string - optional: - type: boolean - type: object - type: object - type: object - type: array - envFrom: - items: - description: |- - EnvFromSourceApplyConfiguration represents an declarative configuration of the EnvFromSource type for use - with apply. - properties: - configMapRef: - description: |- - ConfigMapEnvSourceApplyConfiguration represents an declarative configuration of the ConfigMapEnvSource type for use - with apply. - properties: - name: - type: string - optional: - type: boolean - type: object - prefix: - type: string - secretRef: - description: |- - SecretEnvSourceApplyConfiguration represents an declarative configuration of the SecretEnvSource type for use - with apply. - properties: - name: - type: string - optional: - type: boolean - type: object - type: object - type: array - image: - type: string - imagePullPolicy: - description: PullPolicy describes a policy for - if/when to pull a container image - type: string - lifecycle: - description: |- - LifecycleApplyConfiguration represents an declarative configuration of the Lifecycle type for use - with apply. - properties: - postStart: - description: |- - LifecycleHandlerApplyConfiguration represents an declarative configuration of the LifecycleHandler type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies - the scheme used for connection - to a host for Get actions - type: string - type: object - sleep: - description: |- - SleepActionApplyConfiguration represents an declarative configuration of the SleepAction type for use - with apply. - properties: - seconds: - format: int64 - type: integer - type: object - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - type: object - preStop: - description: |- - LifecycleHandlerApplyConfiguration represents an declarative configuration of the LifecycleHandler type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies - the scheme used for connection - to a host for Get actions - type: string - type: object - sleep: - description: |- - SleepActionApplyConfiguration represents an declarative configuration of the SleepAction type for use - with apply. - properties: - seconds: - format: int64 - type: integer - type: object - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - type: object - type: object - livenessProbe: - description: |- - ProbeApplyConfiguration represents an declarative configuration of the Probe type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - description: |- - GRPCActionApplyConfiguration represents an declarative configuration of the GRPCAction type for use - with apply. - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies the - scheme used for connection to a host - for Get actions - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - name: - type: string - ports: - items: - description: |- - ContainerPortApplyConfiguration represents an declarative configuration of the ContainerPort type for use - with apply. - properties: - containerPort: - format: int32 - type: integer - hostIP: - type: string - hostPort: - format: int32 - type: integer - name: - type: string - protocol: - description: Protocol defines network - protocols supported for things like - container ports. - type: string - type: object - type: array - readinessProbe: - description: |- - ProbeApplyConfiguration represents an declarative configuration of the Probe type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - description: |- - GRPCActionApplyConfiguration represents an declarative configuration of the GRPCAction type for use - with apply. - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies the - scheme used for connection to a host - for Get actions - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - resizePolicy: - items: - description: |- - ContainerResizePolicyApplyConfiguration represents an declarative configuration of the ContainerResizePolicy type for use - with apply. - properties: - resourceName: - description: ResourceName is the name - identifying various resources in a ResourceList. - type: string - restartPolicy: - description: ResourceResizeRestartPolicy - specifies how to handle container resource - resize. - type: string - type: object - type: array - resources: - description: |- - ResourceRequirementsApplyConfiguration represents an declarative configuration of the ResourceRequirements type for use - with apply. - properties: - claims: - items: - description: |- - ResourceClaimApplyConfiguration represents an declarative configuration of the ResourceClaim type for use - with apply. - properties: - name: - type: string - type: object - type: array - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: ResourceList is a set of (resource - name, quantity) pairs. - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: ResourceList is a set of (resource - name, quantity) pairs. - type: object - type: object - restartPolicy: - description: |- - ContainerRestartPolicy is the restart policy for a single container. - This may only be set for init containers and only allowed value is "Always". - type: string - securityContext: - description: |- - SecurityContextApplyConfiguration represents an declarative configuration of the SecurityContext type for use - with apply. - properties: - allowPrivilegeEscalation: - type: boolean - appArmorProfile: - description: |- - AppArmorProfileApplyConfiguration represents an declarative configuration of the AppArmorProfile type for use - with apply. - properties: - localhostProfile: - type: string - type: - type: string - type: object - capabilities: - description: |- - CapabilitiesApplyConfiguration represents an declarative configuration of the Capabilities type for use - with apply. - properties: - add: - items: - description: Capability represent - POSIX capabilities type - type: string - type: array - drop: - items: - description: Capability represent - POSIX capabilities type - type: string - type: array - type: object - privileged: - type: boolean - procMount: - type: string - readOnlyRootFilesystem: - type: boolean - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - description: |- - SELinuxOptionsApplyConfiguration represents an declarative configuration of the SELinuxOptions type for use - with apply. - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - seccompProfile: - description: |- - SeccompProfileApplyConfiguration represents an declarative configuration of the SeccompProfile type for use - with apply. - properties: - localhostProfile: - type: string - type: - description: SeccompProfileType defines - the supported seccomp profile types. - type: string - type: object - windowsOptions: - description: |- - WindowsSecurityContextOptionsApplyConfiguration represents an declarative configuration of the WindowsSecurityContextOptions type for use - with apply. - properties: - gmsaCredentialSpec: - type: string - gmsaCredentialSpecName: - type: string - hostProcess: - type: boolean - runAsUserName: - type: string - type: object - type: object - startupProbe: - description: |- - ProbeApplyConfiguration represents an declarative configuration of the Probe type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - description: |- - GRPCActionApplyConfiguration represents an declarative configuration of the GRPCAction type for use - with apply. - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies the - scheme used for connection to a host - for Get actions - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - stdin: - type: boolean - stdinOnce: - type: boolean - targetContainerName: - type: string - terminationMessagePath: - type: string - terminationMessagePolicy: - description: TerminationMessagePolicy describes - how termination messages are retrieved from - a container. - type: string - tty: - type: boolean - volumeDevices: - items: - description: |- - VolumeDeviceApplyConfiguration represents an declarative configuration of the VolumeDevice type for use - with apply. - properties: - devicePath: - type: string - name: - type: string - type: object - type: array - volumeMounts: - items: - description: |- - VolumeMountApplyConfiguration represents an declarative configuration of the VolumeMount type for use - with apply. - properties: - mountPath: - type: string - mountPropagation: - description: MountPropagationMode describes - mount propagation. - type: string - name: - type: string - readOnly: - type: boolean - recursiveReadOnly: - description: RecursiveReadOnlyMode describes - recursive-readonly mode. - type: string - subPath: - type: string - subPathExpr: - type: string - type: object - type: array - workingDir: - type: string - type: object - type: array - hostAliases: - items: - description: |- - HostAliasApplyConfiguration represents an declarative configuration of the HostAlias type for use - with apply. - properties: - hostnames: - items: - type: string - type: array - ip: - type: string - type: object - type: array - hostIPC: - type: boolean - hostNetwork: - type: boolean - hostPID: - type: boolean - hostUsers: - type: boolean - hostname: - type: string - imagePullSecrets: - items: - description: |- - LocalObjectReferenceApplyConfiguration represents an declarative configuration of the LocalObjectReference type for use - with apply. - properties: - name: - type: string - type: object - type: array - initContainers: - items: - description: |- - ContainerApplyConfiguration represents an declarative configuration of the Container type for use - with apply. - properties: - args: - items: - type: string - type: array - command: - items: - type: string - type: array - env: - items: - description: |- - EnvVarApplyConfiguration represents an declarative configuration of the EnvVar type for use - with apply. - properties: - name: - type: string - value: - type: string - valueFrom: - description: |- - EnvVarSourceApplyConfiguration represents an declarative configuration of the EnvVarSource type for use - with apply. - properties: - configMapKeyRef: - description: |- - ConfigMapKeySelectorApplyConfiguration represents an declarative configuration of the ConfigMapKeySelector type for use - with apply. - properties: - key: - type: string - name: - type: string - optional: - type: boolean - type: object - fieldRef: - description: |- - ObjectFieldSelectorApplyConfiguration represents an declarative configuration of the ObjectFieldSelector type for use - with apply. - properties: - apiVersion: - type: string - fieldPath: - type: string - type: object - resourceFieldRef: - description: |- - ResourceFieldSelectorApplyConfiguration represents an declarative configuration of the ResourceFieldSelector type for use - with apply. - properties: - containerName: - type: string - divisor: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - type: string - type: object - secretKeyRef: - description: |- - SecretKeySelectorApplyConfiguration represents an declarative configuration of the SecretKeySelector type for use - with apply. - properties: - key: - type: string - name: - type: string - optional: - type: boolean - type: object - type: object - type: object - type: array - envFrom: - items: - description: |- - EnvFromSourceApplyConfiguration represents an declarative configuration of the EnvFromSource type for use - with apply. - properties: - configMapRef: - description: |- - ConfigMapEnvSourceApplyConfiguration represents an declarative configuration of the ConfigMapEnvSource type for use - with apply. - properties: - name: - type: string - optional: - type: boolean - type: object - prefix: - type: string - secretRef: - description: |- - SecretEnvSourceApplyConfiguration represents an declarative configuration of the SecretEnvSource type for use - with apply. - properties: - name: - type: string - optional: - type: boolean - type: object - type: object - type: array - image: - type: string - imagePullPolicy: - description: PullPolicy describes a policy for - if/when to pull a container image - type: string - lifecycle: - description: |- - LifecycleApplyConfiguration represents an declarative configuration of the Lifecycle type for use - with apply. - properties: - postStart: - description: |- - LifecycleHandlerApplyConfiguration represents an declarative configuration of the LifecycleHandler type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies - the scheme used for connection - to a host for Get actions - type: string - type: object - sleep: - description: |- - SleepActionApplyConfiguration represents an declarative configuration of the SleepAction type for use - with apply. - properties: - seconds: - format: int64 - type: integer - type: object - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - type: object - preStop: - description: |- - LifecycleHandlerApplyConfiguration represents an declarative configuration of the LifecycleHandler type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies - the scheme used for connection - to a host for Get actions - type: string - type: object - sleep: - description: |- - SleepActionApplyConfiguration represents an declarative configuration of the SleepAction type for use - with apply. - properties: - seconds: - format: int64 - type: integer - type: object - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - type: object - type: object - livenessProbe: - description: |- - ProbeApplyConfiguration represents an declarative configuration of the Probe type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - description: |- - GRPCActionApplyConfiguration represents an declarative configuration of the GRPCAction type for use - with apply. - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies the - scheme used for connection to a host - for Get actions - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - name: - type: string - ports: - items: - description: |- - ContainerPortApplyConfiguration represents an declarative configuration of the ContainerPort type for use - with apply. - properties: - containerPort: - format: int32 - type: integer - hostIP: - type: string - hostPort: - format: int32 - type: integer - name: - type: string - protocol: - description: Protocol defines network - protocols supported for things like - container ports. - type: string - type: object - type: array - readinessProbe: - description: |- - ProbeApplyConfiguration represents an declarative configuration of the Probe type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - description: |- - GRPCActionApplyConfiguration represents an declarative configuration of the GRPCAction type for use - with apply. - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies the - scheme used for connection to a host - for Get actions - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - resizePolicy: - items: - description: |- - ContainerResizePolicyApplyConfiguration represents an declarative configuration of the ContainerResizePolicy type for use - with apply. - properties: - resourceName: - description: ResourceName is the name - identifying various resources in a ResourceList. - type: string - restartPolicy: - description: ResourceResizeRestartPolicy - specifies how to handle container resource - resize. - type: string - type: object - type: array - resources: - description: |- - ResourceRequirementsApplyConfiguration represents an declarative configuration of the ResourceRequirements type for use - with apply. - properties: - claims: - items: - description: |- - ResourceClaimApplyConfiguration represents an declarative configuration of the ResourceClaim type for use - with apply. - properties: - name: - type: string - type: object - type: array - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: ResourceList is a set of (resource - name, quantity) pairs. - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: ResourceList is a set of (resource - name, quantity) pairs. - type: object - type: object - restartPolicy: - description: |- - ContainerRestartPolicy is the restart policy for a single container. - This may only be set for init containers and only allowed value is "Always". - type: string - securityContext: - description: |- - SecurityContextApplyConfiguration represents an declarative configuration of the SecurityContext type for use - with apply. - properties: - allowPrivilegeEscalation: - type: boolean - appArmorProfile: - description: |- - AppArmorProfileApplyConfiguration represents an declarative configuration of the AppArmorProfile type for use - with apply. - properties: - localhostProfile: - type: string - type: - type: string - type: object - capabilities: - description: |- - CapabilitiesApplyConfiguration represents an declarative configuration of the Capabilities type for use - with apply. - properties: - add: - items: - description: Capability represent - POSIX capabilities type - type: string - type: array - drop: - items: - description: Capability represent - POSIX capabilities type - type: string - type: array - type: object - privileged: - type: boolean - procMount: - type: string - readOnlyRootFilesystem: - type: boolean - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - description: |- - SELinuxOptionsApplyConfiguration represents an declarative configuration of the SELinuxOptions type for use - with apply. - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - seccompProfile: - description: |- - SeccompProfileApplyConfiguration represents an declarative configuration of the SeccompProfile type for use - with apply. - properties: - localhostProfile: - type: string - type: - description: SeccompProfileType defines - the supported seccomp profile types. - type: string - type: object - windowsOptions: - description: |- - WindowsSecurityContextOptionsApplyConfiguration represents an declarative configuration of the WindowsSecurityContextOptions type for use - with apply. - properties: - gmsaCredentialSpec: - type: string - gmsaCredentialSpecName: - type: string - hostProcess: - type: boolean - runAsUserName: - type: string - type: object - type: object - startupProbe: - description: |- - ProbeApplyConfiguration represents an declarative configuration of the Probe type for use - with apply. - properties: - exec: - description: |- - ExecActionApplyConfiguration represents an declarative configuration of the ExecAction type for use - with apply. - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - description: |- - GRPCActionApplyConfiguration represents an declarative configuration of the GRPCAction type for use - with apply. - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - description: |- - HTTPGetActionApplyConfiguration represents an declarative configuration of the HTTPGetAction type for use - with apply. - properties: - host: - type: string - httpHeaders: - items: - description: |- - HTTPHeaderApplyConfiguration represents an declarative configuration of the HTTPHeader type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: URIScheme identifies the - scheme used for connection to a host - for Get actions - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - description: |- - TCPSocketActionApplyConfiguration represents an declarative configuration of the TCPSocketAction type for use - with apply. - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - stdin: - type: boolean - stdinOnce: - type: boolean - terminationMessagePath: - type: string - terminationMessagePolicy: - description: TerminationMessagePolicy describes - how termination messages are retrieved from - a container. - type: string - tty: - type: boolean - volumeDevices: - items: - description: |- - VolumeDeviceApplyConfiguration represents an declarative configuration of the VolumeDevice type for use - with apply. - properties: - devicePath: - type: string - name: - type: string - type: object - type: array - volumeMounts: - items: - description: |- - VolumeMountApplyConfiguration represents an declarative configuration of the VolumeMount type for use - with apply. - properties: - mountPath: - type: string - mountPropagation: - description: MountPropagationMode describes - mount propagation. - type: string - name: - type: string - readOnly: - type: boolean - recursiveReadOnly: - description: RecursiveReadOnlyMode describes - recursive-readonly mode. - type: string - subPath: - type: string - subPathExpr: - type: string - type: object - type: array - workingDir: - type: string - type: object - type: array - nodeName: - type: string - nodeSelector: - additionalProperties: - type: string - type: object - os: - description: |- - PodOSApplyConfiguration represents an declarative configuration of the PodOS type for use - with apply. - properties: - name: - description: OSName is the set of OS'es that can - be used in OS. - type: string - type: object - overhead: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: ResourceList is a set of (resource name, - quantity) pairs. - type: object - preemptionPolicy: - description: PreemptionPolicy describes a policy for - if/when to preempt a pod. - type: string - priority: - format: int32 - type: integer - priorityClassName: - type: string - readinessGates: - items: - description: |- - PodReadinessGateApplyConfiguration represents an declarative configuration of the PodReadinessGate type for use - with apply. - properties: - conditionType: - description: PodConditionType is a valid value - for PodCondition.Type - type: string - type: object - type: array - resourceClaims: - items: - description: |- - PodResourceClaimApplyConfiguration represents an declarative configuration of the PodResourceClaim type for use - with apply. - properties: - name: - type: string - source: - description: |- - ClaimSourceApplyConfiguration represents an declarative configuration of the ClaimSource type for use - with apply. - properties: - resourceClaimName: - type: string - resourceClaimTemplateName: - type: string - type: object - type: object - type: array - restartPolicy: - description: |- - RestartPolicy describes how the container should be restarted. - Only one of the following restart policies may be specified. - If none of the following policies is specified, the default one - is RestartPolicyAlways. - type: string - runtimeClassName: - type: string - schedulerName: - type: string - schedulingGates: - items: - description: |- - PodSchedulingGateApplyConfiguration represents an declarative configuration of the PodSchedulingGate type for use - with apply. - properties: - name: - type: string - type: object - type: array - securityContext: - description: |- - PodSecurityContextApplyConfiguration represents an declarative configuration of the PodSecurityContext type for use - with apply. - properties: - appArmorProfile: - description: |- - AppArmorProfileApplyConfiguration represents an declarative configuration of the AppArmorProfile type for use - with apply. - properties: - localhostProfile: - type: string - type: - type: string - type: object - fsGroup: - format: int64 - type: integer - fsGroupChangePolicy: - description: |- - PodFSGroupChangePolicy holds policies that will be used for applying fsGroup to a volume - when volume is mounted. - type: string - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - description: |- - SELinuxOptionsApplyConfiguration represents an declarative configuration of the SELinuxOptions type for use - with apply. - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - seccompProfile: - description: |- - SeccompProfileApplyConfiguration represents an declarative configuration of the SeccompProfile type for use - with apply. - properties: - localhostProfile: - type: string - type: - description: SeccompProfileType defines the - supported seccomp profile types. - type: string - type: object - supplementalGroups: - items: - format: int64 - type: integer - type: array - sysctls: - items: - description: |- - SysctlApplyConfiguration represents an declarative configuration of the Sysctl type for use - with apply. - properties: - name: - type: string - value: - type: string - type: object - type: array - windowsOptions: - description: |- - WindowsSecurityContextOptionsApplyConfiguration represents an declarative configuration of the WindowsSecurityContextOptions type for use - with apply. - properties: - gmsaCredentialSpec: - type: string - gmsaCredentialSpecName: - type: string - hostProcess: - type: boolean - runAsUserName: - type: string - type: object - type: object - serviceAccount: - type: string - serviceAccountName: - type: string - setHostnameAsFQDN: - type: boolean - shareProcessNamespace: - type: boolean - subdomain: - type: string - terminationGracePeriodSeconds: - format: int64 - type: integer - tolerations: - items: - description: |- - TolerationApplyConfiguration represents an declarative configuration of the Toleration type for use - with apply. - properties: - effect: - type: string - key: - type: string - operator: - description: A toleration operator is the set - of operators that can be used in a toleration. - type: string - tolerationSeconds: - format: int64 - type: integer - value: - type: string - type: object - type: array - topologySpreadConstraints: - items: - description: |- - TopologySpreadConstraintApplyConfiguration represents an declarative configuration of the TopologySpreadConstraint type for use - with apply. - properties: - labelSelector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label selector operator - is the set of operators that can - be used in a selector requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - matchLabelKeys: - items: - type: string - type: array - maxSkew: - format: int32 - type: integer - minDomains: - format: int32 - type: integer - nodeAffinityPolicy: - description: NodeInclusionPolicy defines the - type of node inclusion policy - type: string - nodeTaintsPolicy: - description: NodeInclusionPolicy defines the - type of node inclusion policy - type: string - topologyKey: - type: string - whenUnsatisfiable: - type: string - type: object - type: array - volumes: - items: - description: |- - VolumeApplyConfiguration represents an declarative configuration of the Volume type for use - with apply. - properties: - awsElasticBlockStore: - description: |- - AWSElasticBlockStoreVolumeSourceApplyConfiguration represents an declarative configuration of the AWSElasticBlockStoreVolumeSource type for use - with apply. - properties: - fsType: - type: string - partition: - format: int32 - type: integer - readOnly: - type: boolean - volumeID: - type: string - type: object - azureDisk: - description: |- - AzureDiskVolumeSourceApplyConfiguration represents an declarative configuration of the AzureDiskVolumeSource type for use - with apply. - properties: - cachingMode: - type: string - diskName: - type: string - diskURI: - type: string - fsType: - type: string - kind: - type: string - readOnly: - type: boolean - type: object - azureFile: - description: |- - AzureFileVolumeSourceApplyConfiguration represents an declarative configuration of the AzureFileVolumeSource type for use - with apply. - properties: - readOnly: - type: boolean - secretName: - type: string - shareName: - type: string - type: object - cephfs: - description: |- - CephFSVolumeSourceApplyConfiguration represents an declarative configuration of the CephFSVolumeSource type for use - with apply. - properties: - monitors: - items: - type: string - type: array - path: - type: string - readOnly: - type: boolean - secretFile: - type: string - secretRef: - description: |- - LocalObjectReferenceApplyConfiguration represents an declarative configuration of the LocalObjectReference type for use - with apply. - properties: - name: - type: string - type: object - user: - type: string - type: object - cinder: - description: |- - CinderVolumeSourceApplyConfiguration represents an declarative configuration of the CinderVolumeSource type for use - with apply. - properties: - fsType: - type: string - readOnly: - type: boolean - secretRef: - description: |- - LocalObjectReferenceApplyConfiguration represents an declarative configuration of the LocalObjectReference type for use - with apply. - properties: - name: - type: string - type: object - volumeID: - type: string - type: object - configMap: - description: |- - ConfigMapVolumeSourceApplyConfiguration represents an declarative configuration of the ConfigMapVolumeSource type for use - with apply. - properties: - defaultMode: - format: int32 - type: integer - items: - items: - description: |- - KeyToPathApplyConfiguration represents an declarative configuration of the KeyToPath type for use - with apply. - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - type: object - type: array - name: - type: string - optional: - type: boolean - type: object - csi: - description: |- - CSIVolumeSourceApplyConfiguration represents an declarative configuration of the CSIVolumeSource type for use - with apply. - properties: - driver: - type: string - fsType: - type: string - nodePublishSecretRef: - description: |- - LocalObjectReferenceApplyConfiguration represents an declarative configuration of the LocalObjectReference type for use - with apply. - properties: - name: - type: string - type: object - readOnly: - type: boolean - volumeAttributes: - additionalProperties: - type: string - type: object - type: object - downwardAPI: - description: |- - DownwardAPIVolumeSourceApplyConfiguration represents an declarative configuration of the DownwardAPIVolumeSource type for use - with apply. - properties: - defaultMode: - format: int32 - type: integer - items: - items: - description: |- - DownwardAPIVolumeFileApplyConfiguration represents an declarative configuration of the DownwardAPIVolumeFile type for use - with apply. - properties: - fieldRef: - description: |- - ObjectFieldSelectorApplyConfiguration represents an declarative configuration of the ObjectFieldSelector type for use - with apply. - properties: - apiVersion: - type: string - fieldPath: - type: string - type: object - mode: - format: int32 - type: integer - path: - type: string - resourceFieldRef: - description: |- - ResourceFieldSelectorApplyConfiguration represents an declarative configuration of the ResourceFieldSelector type for use - with apply. - properties: - containerName: - type: string - divisor: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - type: string - type: object - type: object - type: array - type: object - emptyDir: - description: |- - EmptyDirVolumeSourceApplyConfiguration represents an declarative configuration of the EmptyDirVolumeSource type for use - with apply. - properties: - medium: - description: StorageMedium defines ways - that storage can be allocated to a volume. - type: string - sizeLimit: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - ephemeral: - description: |- - EphemeralVolumeSourceApplyConfiguration represents an declarative configuration of the EphemeralVolumeSource type for use - with apply. - properties: - volumeClaimTemplate: - description: |- - PersistentVolumeClaimTemplateApplyConfiguration represents an declarative configuration of the PersistentVolumeClaimTemplate type for use - with apply. - properties: - metadata: - description: |- - ObjectMetaApplyConfiguration represents an declarative configuration of the ObjectMeta type for use - with apply. - properties: - annotations: - additionalProperties: - type: string - type: object - creationTimestamp: - format: date-time - type: string - deletionGracePeriodSeconds: - format: int64 - type: integer - deletionTimestamp: - format: date-time - type: string - finalizers: - items: - type: string - type: array - generateName: - type: string - generation: - format: int64 - type: integer - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - ownerReferences: - items: - description: |- - OwnerReferenceApplyConfiguration represents an declarative configuration of the OwnerReference type for use - with apply. - properties: - apiVersion: - type: string - blockOwnerDeletion: - type: boolean - controller: - type: boolean - kind: - type: string - name: - type: string - uid: - description: |- - UID is a type that holds unique ID values, including UUIDs. Because we - don't ONLY use UUIDs, this is an alias to string. Being a type captures - intent and helps make sure that UIDs and names do not get conflated. - type: string - type: object - type: array - resourceVersion: - type: string - uid: - description: |- - UID is a type that holds unique ID values, including UUIDs. Because we - don't ONLY use UUIDs, this is an alias to string. Being a type captures - intent and helps make sure that UIDs and names do not get conflated. - type: string - type: object - spec: - description: |- - PersistentVolumeClaimSpecApplyConfiguration represents an declarative configuration of the PersistentVolumeClaimSpec type for use - with apply. - properties: - accessModes: - items: - type: string - type: array - dataSource: - description: |- - TypedLocalObjectReferenceApplyConfiguration represents an declarative configuration of the TypedLocalObjectReference type for use - with apply. - properties: - apiGroup: - type: string - kind: - type: string - name: - type: string - type: object - dataSourceRef: - description: |- - TypedObjectReferenceApplyConfiguration represents an declarative configuration of the TypedObjectReference type for use - with apply. - properties: - apiGroup: - type: string - kind: - type: string - name: - type: string - namespace: - type: string - type: object - resources: - description: |- - VolumeResourceRequirementsApplyConfiguration represents an declarative configuration of the VolumeResourceRequirements type for use - with apply. - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: ResourceList is - a set of (resource name, quantity) - pairs. - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: ResourceList is - a set of (resource name, quantity) - pairs. - type: object - type: object - selector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label selector - operator is the set - of operators that can - be used in a selector - requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - storageClassName: - type: string - volumeAttributesClassName: - type: string - volumeMode: - description: PersistentVolumeMode - describes how a volume is intended - to be consumed, either Block or - Filesystem. - type: string - volumeName: - type: string - type: object - type: object - type: object - fc: - description: |- - FCVolumeSourceApplyConfiguration represents an declarative configuration of the FCVolumeSource type for use - with apply. - properties: - fsType: - type: string - lun: - format: int32 - type: integer - readOnly: - type: boolean - targetWWNs: - items: - type: string - type: array - wwids: - items: - type: string - type: array - type: object - flexVolume: - description: |- - FlexVolumeSourceApplyConfiguration represents an declarative configuration of the FlexVolumeSource type for use - with apply. - properties: - driver: - type: string - fsType: - type: string - options: - additionalProperties: - type: string - type: object - readOnly: - type: boolean - secretRef: - description: |- - LocalObjectReferenceApplyConfiguration represents an declarative configuration of the LocalObjectReference type for use - with apply. - properties: - name: - type: string - type: object - type: object - flocker: - description: |- - FlockerVolumeSourceApplyConfiguration represents an declarative configuration of the FlockerVolumeSource type for use - with apply. - properties: - datasetName: - type: string - datasetUUID: - type: string - type: object - gcePersistentDisk: - description: |- - GCEPersistentDiskVolumeSourceApplyConfiguration represents an declarative configuration of the GCEPersistentDiskVolumeSource type for use - with apply. - properties: - fsType: - type: string - partition: - format: int32 - type: integer - pdName: - type: string - readOnly: - type: boolean - type: object - gitRepo: - description: |- - GitRepoVolumeSourceApplyConfiguration represents an declarative configuration of the GitRepoVolumeSource type for use - with apply. - properties: - directory: - type: string - repository: - type: string - revision: - type: string - type: object - glusterfs: - description: |- - GlusterfsVolumeSourceApplyConfiguration represents an declarative configuration of the GlusterfsVolumeSource type for use - with apply. - properties: - endpoints: - type: string - path: - type: string - readOnly: - type: boolean - type: object - hostPath: - description: |- - HostPathVolumeSourceApplyConfiguration represents an declarative configuration of the HostPathVolumeSource type for use - with apply. - properties: - path: - type: string - type: - type: string - type: object - iscsi: - description: |- - ISCSIVolumeSourceApplyConfiguration represents an declarative configuration of the ISCSIVolumeSource type for use - with apply. - properties: - chapAuthDiscovery: - type: boolean - chapAuthSession: - type: boolean - fsType: - type: string - initiatorName: - type: string - iqn: - type: string - iscsiInterface: - type: string - lun: - format: int32 - type: integer - portals: - items: - type: string - type: array - readOnly: - type: boolean - secretRef: - description: |- - LocalObjectReferenceApplyConfiguration represents an declarative configuration of the LocalObjectReference type for use - with apply. - properties: - name: - type: string - type: object - targetPortal: - type: string - type: object - name: - type: string - nfs: - description: |- - NFSVolumeSourceApplyConfiguration represents an declarative configuration of the NFSVolumeSource type for use - with apply. - properties: - path: - type: string - readOnly: - type: boolean - server: - type: string - type: object - persistentVolumeClaim: - description: |- - PersistentVolumeClaimVolumeSourceApplyConfiguration represents an declarative configuration of the PersistentVolumeClaimVolumeSource type for use - with apply. - properties: - claimName: - type: string - readOnly: - type: boolean - type: object - photonPersistentDisk: - description: |- - PhotonPersistentDiskVolumeSourceApplyConfiguration represents an declarative configuration of the PhotonPersistentDiskVolumeSource type for use - with apply. - properties: - fsType: - type: string - pdID: - type: string - type: object - portworxVolume: - description: |- - PortworxVolumeSourceApplyConfiguration represents an declarative configuration of the PortworxVolumeSource type for use - with apply. - properties: - fsType: - type: string - readOnly: - type: boolean - volumeID: - type: string - type: object - projected: - description: |- - ProjectedVolumeSourceApplyConfiguration represents an declarative configuration of the ProjectedVolumeSource type for use - with apply. - properties: - defaultMode: - format: int32 - type: integer - sources: - items: - description: |- - VolumeProjectionApplyConfiguration represents an declarative configuration of the VolumeProjection type for use - with apply. - properties: - clusterTrustBundle: - description: |- - ClusterTrustBundleProjectionApplyConfiguration represents an declarative configuration of the ClusterTrustBundleProjection type for use - with apply. - properties: - labelSelector: - description: |- - LabelSelectorApplyConfiguration represents an declarative configuration of the LabelSelector type for use - with apply. - properties: - matchExpressions: - items: - description: |- - LabelSelectorRequirementApplyConfiguration represents an declarative configuration of the LabelSelectorRequirement type for use - with apply. - properties: - key: - type: string - operator: - description: A label - selector operator - is the set of operators - that can be used in - a selector requirement. - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - name: - type: string - optional: - type: boolean - path: - type: string - signerName: - type: string - type: object - configMap: - description: |- - ConfigMapProjectionApplyConfiguration represents an declarative configuration of the ConfigMapProjection type for use - with apply. - properties: - items: - items: - description: |- - KeyToPathApplyConfiguration represents an declarative configuration of the KeyToPath type for use - with apply. - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - type: object - type: array - name: - type: string - optional: - type: boolean - type: object - downwardAPI: - description: |- - DownwardAPIProjectionApplyConfiguration represents an declarative configuration of the DownwardAPIProjection type for use - with apply. - properties: - items: - items: - description: |- - DownwardAPIVolumeFileApplyConfiguration represents an declarative configuration of the DownwardAPIVolumeFile type for use - with apply. - properties: - fieldRef: - description: |- - ObjectFieldSelectorApplyConfiguration represents an declarative configuration of the ObjectFieldSelector type for use - with apply. - properties: - apiVersion: - type: string - fieldPath: - type: string - type: object - mode: - format: int32 - type: integer - path: - type: string - resourceFieldRef: - description: |- - ResourceFieldSelectorApplyConfiguration represents an declarative configuration of the ResourceFieldSelector type for use - with apply. - properties: - containerName: - type: string - divisor: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - type: string - type: object - type: object - type: array - type: object - secret: - description: |- - SecretProjectionApplyConfiguration represents an declarative configuration of the SecretProjection type for use - with apply. - properties: - items: - items: - description: |- - KeyToPathApplyConfiguration represents an declarative configuration of the KeyToPath type for use - with apply. - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - type: object - type: array - name: - type: string - optional: - type: boolean - type: object - serviceAccountToken: - description: |- - ServiceAccountTokenProjectionApplyConfiguration represents an declarative configuration of the ServiceAccountTokenProjection type for use - with apply. - properties: - audience: - type: string - expirationSeconds: - format: int64 - type: integer - path: - type: string - type: object - type: object - type: array - type: object - quobyte: - description: |- - QuobyteVolumeSourceApplyConfiguration represents an declarative configuration of the QuobyteVolumeSource type for use - with apply. - properties: - group: - type: string - readOnly: - type: boolean - registry: - type: string - tenant: - type: string - user: - type: string - volume: - type: string - type: object - rbd: - description: |- - RBDVolumeSourceApplyConfiguration represents an declarative configuration of the RBDVolumeSource type for use - with apply. - properties: - fsType: - type: string - image: - type: string - keyring: - type: string - monitors: - items: - type: string - type: array - pool: - type: string - readOnly: - type: boolean - secretRef: - description: |- - LocalObjectReferenceApplyConfiguration represents an declarative configuration of the LocalObjectReference type for use - with apply. - properties: - name: - type: string - type: object - user: - type: string - type: object - scaleIO: - description: |- - ScaleIOVolumeSourceApplyConfiguration represents an declarative configuration of the ScaleIOVolumeSource type for use - with apply. - properties: - fsType: - type: string - gateway: - type: string - protectionDomain: - type: string - readOnly: - type: boolean - secretRef: - description: |- - LocalObjectReferenceApplyConfiguration represents an declarative configuration of the LocalObjectReference type for use - with apply. - properties: - name: - type: string - type: object - sslEnabled: - type: boolean - storageMode: - type: string - storagePool: - type: string - system: - type: string - volumeName: - type: string - type: object - secret: - description: |- - SecretVolumeSourceApplyConfiguration represents an declarative configuration of the SecretVolumeSource type for use - with apply. - properties: - defaultMode: - format: int32 - type: integer - items: - items: - description: |- - KeyToPathApplyConfiguration represents an declarative configuration of the KeyToPath type for use - with apply. - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - type: object - type: array - optional: - type: boolean - secretName: - type: string - type: object - storageos: - description: |- - StorageOSVolumeSourceApplyConfiguration represents an declarative configuration of the StorageOSVolumeSource type for use - with apply. - properties: - fsType: - type: string - readOnly: - type: boolean - secretRef: - description: |- - LocalObjectReferenceApplyConfiguration represents an declarative configuration of the LocalObjectReference type for use - with apply. - properties: - name: - type: string - type: object - volumeName: - type: string - volumeNamespace: - type: string - type: object - vsphereVolume: - description: |- - VsphereVirtualDiskVolumeSourceApplyConfiguration represents an declarative configuration of the VsphereVirtualDiskVolumeSource type for use - with apply. - properties: - fsType: - type: string - storagePolicyID: - type: string - storagePolicyName: - type: string - volumePath: - type: string - type: object - type: object - type: array - type: object - type: object - priorityClassName: - description: Defines the priority class name to assign priority - levels to the Pods, influencing their scheduling order. - type: string - readinessProbe: - description: Defines readiness probes to determine when a - Pod is ready to handle traffic. - properties: - failureThreshold: - description: Defines the threshold for how many times - the probe can fail before the Pod is marked Unready. - type: integer - initialDelaySeconds: - description: Sets the initial delay before the readiness - probe is initiated, in seconds. - type: integer - periodSeconds: - description: Configures the period, in seconds, between - each readiness check. - type: integer - successThreshold: - type: integer - timeoutSeconds: - type: integer - type: object - replicas: - description: Specifies the number of replicas to determine - the desired number of Pods (Redpanda brokers) in the StatefulSet. - type: integer - securityContext: - description: Sets a security context for the Pods to define - privilege and access control settings. - properties: - allowPrivilegeEscalation: - description: |- - AllowPrivilegeEscalation controls whether a process can gain more - privileges than its parent process. This bool directly controls if - the no_new_privs flag will be set on the container process. - AllowPrivilegeEscalation is true always when the container is: - 1) run as Privileged - 2) has CAP_SYS_ADMIN - Note that this field cannot be set when spec.os.name is windows. - type: boolean - appArmorProfile: - description: |- - appArmorProfile is the AppArmor options to use by this container. If set, this profile - overrides the pod's appArmorProfile. - Note that this field cannot be set when spec.os.name is windows. - properties: - localhostProfile: - description: |- - localhostProfile indicates a profile loaded on the node that should be used. - The profile must be preconfigured on the node to work. - Must match the loaded name of the profile. - Must be set if and only if type is "Localhost". - type: string - type: - description: |- - type indicates which kind of AppArmor profile will be applied. - Valid options are: - Localhost - a profile pre-loaded on the node. - RuntimeDefault - the container runtime's default profile. - Unconfined - no AppArmor enforcement. - type: string - required: - - type - type: object - capabilities: - description: |- - The capabilities to add/drop when running containers. - Defaults to the default set of capabilities granted by the container runtime. - Note that this field cannot be set when spec.os.name is windows. - properties: - add: - description: Added capabilities - items: - description: Capability represent POSIX capabilities - type - type: string - type: array - x-kubernetes-list-type: atomic - drop: - description: Removed capabilities - items: - description: Capability represent POSIX capabilities - type - type: string - type: array - x-kubernetes-list-type: atomic - type: object - privileged: - description: |- - Run container in privileged mode. - Processes in privileged containers are essentially equivalent to root on the host. - Defaults to false. - Note that this field cannot be set when spec.os.name is windows. - type: boolean - procMount: - description: |- - procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for - readonly paths and masked paths. - This requires the ProcMountType feature flag to be enabled. - Note that this field cannot be set when spec.os.name is windows. - type: string - readOnlyRootFilesystem: - description: |- - Whether this container has a read-only root filesystem. - Default is false. - Note that this field cannot be set when spec.os.name is windows. - type: boolean - runAsGroup: - description: |- - The GID to run the entrypoint of the container process. - Uses runtime default if unset. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is windows. - format: int64 - type: integer - runAsNonRoot: - description: |- - Indicates that the container must run as a non-root user. - If true, the Kubelet will validate the image at runtime to ensure that it - does not run as UID 0 (root) and fail to start the container if it does. - If unset or false, no such validation will be performed. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - type: boolean - runAsUser: - description: |- - The UID to run the entrypoint of the container process. - Defaults to user specified in image metadata if unspecified. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is windows. - format: int64 - type: integer - seLinuxOptions: - description: |- - The SELinux context to be applied to the container. - If unspecified, the container runtime will allocate a random SELinux context for each - container. May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is windows. - properties: - level: - description: Level is SELinux level label that applies - to the container. - type: string - role: - description: Role is a SELinux role label that applies - to the container. - type: string - type: - description: Type is a SELinux type label that applies - to the container. - type: string - user: - description: User is a SELinux user label that applies - to the container. - type: string - type: object - seccompProfile: - description: |- - The seccomp options to use by this container. If seccomp options are - provided at both the pod & container level, the container options - override the pod options. - Note that this field cannot be set when spec.os.name is windows. - properties: - localhostProfile: - description: |- - localhostProfile indicates a profile defined in a file on the node should be used. - The profile must be preconfigured on the node to work. - Must be a descending path, relative to the kubelet's configured seccomp profile location. - Must be set if type is "Localhost". Must NOT be set for any other type. - type: string - type: - description: |- - type indicates which kind of seccomp profile will be applied. - Valid options are: - - Localhost - a profile defined in a file on the node should be used. - RuntimeDefault - the container runtime default profile should be used. - Unconfined - no profile should be applied. - type: string - required: - - type - type: object - windowsOptions: - description: |- - The Windows specific settings applied to all containers. - If unspecified, the options from the PodSecurityContext will be used. - If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is linux. - properties: - gmsaCredentialSpec: - description: |- - GMSACredentialSpec is where the GMSA admission webhook - (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the - GMSA credential spec named by the GMSACredentialSpecName field. - type: string - gmsaCredentialSpecName: - description: GMSACredentialSpecName is the name of - the GMSA credential spec to use. - type: string - hostProcess: - description: |- - HostProcess determines if a container should be run as a 'Host Process' container. - All of a Pod's containers must have the same effective HostProcess value - (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). - In addition, if HostProcess is true then HostNetwork must also be set to true. - type: boolean - runAsUserName: - description: |- - The UserName in Windows to run the entrypoint of the container process. - Defaults to the user specified in image metadata if unspecified. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - type: string - type: object - type: object - sideCars: - description: Defines the additional sidecar containers that - run alongside the main Redpanda container in the Pod. - properties: - configWatcher: - description: Configures the `config-watcher` sidecar. - The `config-watcher` sidecar polls the Secret resource - in `auth.sasl.secretRef` for changes and triggers a - rolling upgrade to add the new superusers to the Redpanda - cluster. - properties: - enabled: - description: Specifies whether the sidecar is enabled. - type: boolean - extraVolumeMounts: - description: Specifies additional volumes to mount - to the sidecar. - type: string - resources: - description: Specifies resource requests for the sidecar - container. - properties: - claims: - description: |- - Claims lists the names of resources, defined in spec.resourceClaims, - that are used by this container. - - This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. - - This field is immutable. It can only be set for containers. - items: - description: ResourceClaim references one entry - in PodSpec.ResourceClaims. - properties: - name: - description: |- - Name must match the name of one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes that resource available - inside a container. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - securityContext: - description: Specifies the container's security context, - including privileges and access levels of the container - and its processes. - properties: - allowPrivilegeEscalation: - description: |- - AllowPrivilegeEscalation controls whether a process can gain more - privileges than its parent process. This bool directly controls if - the no_new_privs flag will be set on the container process. - AllowPrivilegeEscalation is true always when the container is: - 1) run as Privileged - 2) has CAP_SYS_ADMIN - Note that this field cannot be set when spec.os.name is windows. - type: boolean - appArmorProfile: - description: |- - appArmorProfile is the AppArmor options to use by this container. If set, this profile - overrides the pod's appArmorProfile. - Note that this field cannot be set when spec.os.name is windows. - properties: - localhostProfile: - description: |- - localhostProfile indicates a profile loaded on the node that should be used. - The profile must be preconfigured on the node to work. - Must match the loaded name of the profile. - Must be set if and only if type is "Localhost". - type: string - type: - description: |- - type indicates which kind of AppArmor profile will be applied. - Valid options are: - Localhost - a profile pre-loaded on the node. - RuntimeDefault - the container runtime's default profile. - Unconfined - no AppArmor enforcement. - type: string - required: - - type - type: object - capabilities: - description: |- - The capabilities to add/drop when running containers. - Defaults to the default set of capabilities granted by the container runtime. - Note that this field cannot be set when spec.os.name is windows. - properties: - add: - description: Added capabilities - items: - description: Capability represent POSIX - capabilities type - type: string - type: array - x-kubernetes-list-type: atomic - drop: - description: Removed capabilities - items: - description: Capability represent POSIX - capabilities type - type: string - type: array - x-kubernetes-list-type: atomic - type: object - privileged: - description: |- - Run container in privileged mode. - Processes in privileged containers are essentially equivalent to root on the host. - Defaults to false. - Note that this field cannot be set when spec.os.name is windows. - type: boolean - procMount: - description: |- - procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for - readonly paths and masked paths. - This requires the ProcMountType feature flag to be enabled. - Note that this field cannot be set when spec.os.name is windows. - type: string - readOnlyRootFilesystem: - description: |- - Whether this container has a read-only root filesystem. - Default is false. - Note that this field cannot be set when spec.os.name is windows. - type: boolean - runAsGroup: - description: |- - The GID to run the entrypoint of the container process. - Uses runtime default if unset. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is windows. - format: int64 - type: integer - runAsNonRoot: - description: |- - Indicates that the container must run as a non-root user. - If true, the Kubelet will validate the image at runtime to ensure that it - does not run as UID 0 (root) and fail to start the container if it does. - If unset or false, no such validation will be performed. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - type: boolean - runAsUser: - description: |- - The UID to run the entrypoint of the container process. - Defaults to user specified in image metadata if unspecified. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is windows. - format: int64 - type: integer - seLinuxOptions: - description: |- - The SELinux context to be applied to the container. - If unspecified, the container runtime will allocate a random SELinux context for each - container. May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is windows. - properties: - level: - description: Level is SELinux level label - that applies to the container. - type: string - role: - description: Role is a SELinux role label - that applies to the container. - type: string - type: - description: Type is a SELinux type label - that applies to the container. - type: string - user: - description: User is a SELinux user label - that applies to the container. - type: string - type: object - seccompProfile: - description: |- - The seccomp options to use by this container. If seccomp options are - provided at both the pod & container level, the container options - override the pod options. - Note that this field cannot be set when spec.os.name is windows. - properties: - localhostProfile: - description: |- - localhostProfile indicates a profile defined in a file on the node should be used. - The profile must be preconfigured on the node to work. - Must be a descending path, relative to the kubelet's configured seccomp profile location. - Must be set if type is "Localhost". Must NOT be set for any other type. - type: string - type: - description: |- - type indicates which kind of seccomp profile will be applied. - Valid options are: - - Localhost - a profile defined in a file on the node should be used. - RuntimeDefault - the container runtime default profile should be used. - Unconfined - no profile should be applied. - type: string - required: - - type - type: object - windowsOptions: - description: |- - The Windows specific settings applied to all containers. - If unspecified, the options from the PodSecurityContext will be used. - If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is linux. - properties: - gmsaCredentialSpec: - description: |- - GMSACredentialSpec is where the GMSA admission webhook - (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the - GMSA credential spec named by the GMSACredentialSpecName field. - type: string - gmsaCredentialSpecName: - description: GMSACredentialSpecName is the - name of the GMSA credential spec to use. - type: string - hostProcess: - description: |- - HostProcess determines if a container should be run as a 'Host Process' container. - All of a Pod's containers must have the same effective HostProcess value - (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). - In addition, if HostProcess is true then HostNetwork must also be set to true. - type: boolean - runAsUserName: - description: |- - The UserName in Windows to run the entrypoint of the container process. - Defaults to the user specified in image metadata if unspecified. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - type: string - type: object - type: object - type: object - controllers: - description: RPControllers configures additional controllers - that can be deployed as sidecars in rp helm - properties: - createRBAC: - type: boolean - enabled: - description: Specifies whether the Controllers are - enabled. - type: boolean - healthProbeAddress: - type: string - image: - description: RedpandaImage configures the Redpanda - container image settings in the Helm values. - properties: - pullPolicy: - description: Specifies the strategy used for pulling - images from the repository. For available values, - see https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy. - type: string - repository: - description: Specifies the image repository to - pull from. - type: string - tag: - description: Specifies the image tag. - type: string - type: object - metricsAddress: - type: string - resources: - description: ResourceRequirements describes the compute - resource requirements. - properties: - claims: - description: |- - Claims lists the names of resources, defined in spec.resourceClaims, - that are used by this container. - - This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. - - This field is immutable. It can only be set for containers. - items: - description: ResourceClaim references one entry - in PodSpec.ResourceClaims. - properties: - name: - description: |- - Name must match the name of one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes that resource available - inside a container. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - run: - items: - type: string - type: array - securityContext: - description: |- - SecurityContext holds security configuration that will be applied to a container. - Some fields are present in both SecurityContext and PodSecurityContext. When both - are set, the values in SecurityContext take precedence. - properties: - allowPrivilegeEscalation: - description: |- - AllowPrivilegeEscalation controls whether a process can gain more - privileges than its parent process. This bool directly controls if - the no_new_privs flag will be set on the container process. - AllowPrivilegeEscalation is true always when the container is: - 1) run as Privileged - 2) has CAP_SYS_ADMIN - Note that this field cannot be set when spec.os.name is windows. - type: boolean - appArmorProfile: - description: |- - appArmorProfile is the AppArmor options to use by this container. If set, this profile - overrides the pod's appArmorProfile. - Note that this field cannot be set when spec.os.name is windows. - properties: - localhostProfile: - description: |- - localhostProfile indicates a profile loaded on the node that should be used. - The profile must be preconfigured on the node to work. - Must match the loaded name of the profile. - Must be set if and only if type is "Localhost". - type: string - type: - description: |- - type indicates which kind of AppArmor profile will be applied. - Valid options are: - Localhost - a profile pre-loaded on the node. - RuntimeDefault - the container runtime's default profile. - Unconfined - no AppArmor enforcement. - type: string - required: - - type - type: object - capabilities: - description: |- - The capabilities to add/drop when running containers. - Defaults to the default set of capabilities granted by the container runtime. - Note that this field cannot be set when spec.os.name is windows. - properties: - add: - description: Added capabilities - items: - description: Capability represent POSIX - capabilities type - type: string - type: array - x-kubernetes-list-type: atomic - drop: - description: Removed capabilities - items: - description: Capability represent POSIX - capabilities type - type: string - type: array - x-kubernetes-list-type: atomic - type: object - privileged: - description: |- - Run container in privileged mode. - Processes in privileged containers are essentially equivalent to root on the host. - Defaults to false. - Note that this field cannot be set when spec.os.name is windows. - type: boolean - procMount: - description: |- - procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for - readonly paths and masked paths. - This requires the ProcMountType feature flag to be enabled. - Note that this field cannot be set when spec.os.name is windows. - type: string - readOnlyRootFilesystem: - description: |- - Whether this container has a read-only root filesystem. - Default is false. - Note that this field cannot be set when spec.os.name is windows. - type: boolean - runAsGroup: - description: |- - The GID to run the entrypoint of the container process. - Uses runtime default if unset. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is windows. - format: int64 - type: integer - runAsNonRoot: - description: |- - Indicates that the container must run as a non-root user. - If true, the Kubelet will validate the image at runtime to ensure that it - does not run as UID 0 (root) and fail to start the container if it does. - If unset or false, no such validation will be performed. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - type: boolean - runAsUser: - description: |- - The UID to run the entrypoint of the container process. - Defaults to user specified in image metadata if unspecified. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is windows. - format: int64 - type: integer - seLinuxOptions: - description: |- - The SELinux context to be applied to the container. - If unspecified, the container runtime will allocate a random SELinux context for each - container. May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is windows. - properties: - level: - description: Level is SELinux level label - that applies to the container. - type: string - role: - description: Role is a SELinux role label - that applies to the container. - type: string - type: - description: Type is a SELinux type label - that applies to the container. - type: string - user: - description: User is a SELinux user label - that applies to the container. - type: string - type: object - seccompProfile: - description: |- - The seccomp options to use by this container. If seccomp options are - provided at both the pod & container level, the container options - override the pod options. - Note that this field cannot be set when spec.os.name is windows. - properties: - localhostProfile: - description: |- - localhostProfile indicates a profile defined in a file on the node should be used. - The profile must be preconfigured on the node to work. - Must be a descending path, relative to the kubelet's configured seccomp profile location. - Must be set if type is "Localhost". Must NOT be set for any other type. - type: string - type: - description: |- - type indicates which kind of seccomp profile will be applied. - Valid options are: - - Localhost - a profile defined in a file on the node should be used. - RuntimeDefault - the container runtime default profile should be used. - Unconfined - no profile should be applied. - type: string - required: - - type - type: object - windowsOptions: - description: |- - The Windows specific settings applied to all containers. - If unspecified, the options from the PodSecurityContext will be used. - If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is linux. - properties: - gmsaCredentialSpec: - description: |- - GMSACredentialSpec is where the GMSA admission webhook - (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the - GMSA credential spec named by the GMSACredentialSpecName field. - type: string - gmsaCredentialSpecName: - description: GMSACredentialSpecName is the - name of the GMSA credential spec to use. - type: string - hostProcess: - description: |- - HostProcess determines if a container should be run as a 'Host Process' container. - All of a Pod's containers must have the same effective HostProcess value - (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). - In addition, if HostProcess is true then HostNetwork must also be set to true. - type: boolean - runAsUserName: - description: |- - The UserName in Windows to run the entrypoint of the container process. - Defaults to the user specified in image metadata if unspecified. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - type: string - type: object - type: object - type: object - rpkStatus: - description: SideCarObj represents a generic sidecar object. - This is a placeholder for now. - properties: - enabled: - type: boolean - resources: - description: ResourceRequirements describes the compute - resource requirements. - properties: - claims: - description: |- - Claims lists the names of resources, defined in spec.resourceClaims, - that are used by this container. - - This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. - - This field is immutable. It can only be set for containers. - items: - description: ResourceClaim references one entry - in PodSpec.ResourceClaims. - properties: - name: - description: |- - Name must match the name of one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes that resource available - inside a container. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - securityContext: - description: |- - SecurityContext holds security configuration that will be applied to a container. - Some fields are present in both SecurityContext and PodSecurityContext. When both - are set, the values in SecurityContext take precedence. - properties: - allowPrivilegeEscalation: - description: |- - AllowPrivilegeEscalation controls whether a process can gain more - privileges than its parent process. This bool directly controls if - the no_new_privs flag will be set on the container process. - AllowPrivilegeEscalation is true always when the container is: - 1) run as Privileged - 2) has CAP_SYS_ADMIN - Note that this field cannot be set when spec.os.name is windows. - type: boolean - appArmorProfile: - description: |- - appArmorProfile is the AppArmor options to use by this container. If set, this profile - overrides the pod's appArmorProfile. - Note that this field cannot be set when spec.os.name is windows. - properties: - localhostProfile: - description: |- - localhostProfile indicates a profile loaded on the node that should be used. - The profile must be preconfigured on the node to work. - Must match the loaded name of the profile. - Must be set if and only if type is "Localhost". - type: string - type: - description: |- - type indicates which kind of AppArmor profile will be applied. - Valid options are: - Localhost - a profile pre-loaded on the node. - RuntimeDefault - the container runtime's default profile. - Unconfined - no AppArmor enforcement. - type: string - required: - - type - type: object - capabilities: - description: |- - The capabilities to add/drop when running containers. - Defaults to the default set of capabilities granted by the container runtime. - Note that this field cannot be set when spec.os.name is windows. - properties: - add: - description: Added capabilities - items: - description: Capability represent POSIX - capabilities type - type: string - type: array - x-kubernetes-list-type: atomic - drop: - description: Removed capabilities - items: - description: Capability represent POSIX - capabilities type - type: string - type: array - x-kubernetes-list-type: atomic - type: object - privileged: - description: |- - Run container in privileged mode. - Processes in privileged containers are essentially equivalent to root on the host. - Defaults to false. - Note that this field cannot be set when spec.os.name is windows. - type: boolean - procMount: - description: |- - procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for - readonly paths and masked paths. - This requires the ProcMountType feature flag to be enabled. - Note that this field cannot be set when spec.os.name is windows. - type: string - readOnlyRootFilesystem: - description: |- - Whether this container has a read-only root filesystem. - Default is false. - Note that this field cannot be set when spec.os.name is windows. - type: boolean - runAsGroup: - description: |- - The GID to run the entrypoint of the container process. - Uses runtime default if unset. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is windows. - format: int64 - type: integer - runAsNonRoot: - description: |- - Indicates that the container must run as a non-root user. - If true, the Kubelet will validate the image at runtime to ensure that it - does not run as UID 0 (root) and fail to start the container if it does. - If unset or false, no such validation will be performed. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - type: boolean - runAsUser: - description: |- - The UID to run the entrypoint of the container process. - Defaults to user specified in image metadata if unspecified. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is windows. - format: int64 - type: integer - seLinuxOptions: - description: |- - The SELinux context to be applied to the container. - If unspecified, the container runtime will allocate a random SELinux context for each - container. May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is windows. - properties: - level: - description: Level is SELinux level label - that applies to the container. - type: string - role: - description: Role is a SELinux role label - that applies to the container. - type: string - type: - description: Type is a SELinux type label - that applies to the container. - type: string - user: - description: User is a SELinux user label - that applies to the container. - type: string - type: object - seccompProfile: - description: |- - The seccomp options to use by this container. If seccomp options are - provided at both the pod & container level, the container options - override the pod options. - Note that this field cannot be set when spec.os.name is windows. - properties: - localhostProfile: - description: |- - localhostProfile indicates a profile defined in a file on the node should be used. - The profile must be preconfigured on the node to work. - Must be a descending path, relative to the kubelet's configured seccomp profile location. - Must be set if type is "Localhost". Must NOT be set for any other type. - type: string - type: - description: |- - type indicates which kind of seccomp profile will be applied. - Valid options are: - - Localhost - a profile defined in a file on the node should be used. - RuntimeDefault - the container runtime default profile should be used. - Unconfined - no profile should be applied. - type: string - required: - - type - type: object - windowsOptions: - description: |- - The Windows specific settings applied to all containers. - If unspecified, the options from the PodSecurityContext will be used. - If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is linux. - properties: - gmsaCredentialSpec: - description: |- - GMSACredentialSpec is where the GMSA admission webhook - (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the - GMSA credential spec named by the GMSACredentialSpecName field. - type: string - gmsaCredentialSpecName: - description: GMSACredentialSpecName is the - name of the GMSA credential spec to use. - type: string - hostProcess: - description: |- - HostProcess determines if a container should be run as a 'Host Process' container. - All of a Pod's containers must have the same effective HostProcess value - (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). - In addition, if HostProcess is true then HostNetwork must also be set to true. - type: boolean - runAsUserName: - description: |- - The UserName in Windows to run the entrypoint of the container process. - Defaults to the user specified in image metadata if unspecified. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - type: string - type: object - type: object - type: object - type: object - skipChown: - description: Specifies whether to skip the changing of file - ownership (chown) during Pod initialization. - type: boolean - startupProbe: - description: Configures the startup probe to determine when - the Redpanda application within the Pod has started successfully. - properties: - failureThreshold: - description: Determines the failure threshold to mark - the application in the Pod as not started. - type: integer - initialDelaySeconds: - description: Specifies the delay in seconds before the - startup probe begins. - type: integer - periodSeconds: - description: Sets the period in seconds for conducting - subsequent probes. - type: integer - successThreshold: - type: integer - timeoutSeconds: - type: integer - type: object - terminationGracePeriodSeconds: - description: Specifies the termination grace period in seconds - to control the time delay before forcefully terminating - a Pod. - type: integer - tolerations: - description: Applies tolerations to allow Pods to be scheduled - on nodes with matching taints, enabling control over where - Pods can run. - items: - description: |- - The pod this Toleration is attached to tolerates any taint that matches - the triple using the matching operator . - properties: - effect: - description: |- - Effect indicates the taint effect to match. Empty means match all taint effects. - When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: |- - Key is the taint key that the toleration applies to. Empty means match all taint keys. - If the key is empty, operator must be Exists; this combination means to match all values and all keys. - type: string - operator: - description: |- - Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod can - tolerate all taints of a particular category. - type: string - tolerationSeconds: - description: |- - TolerationSeconds represents the period of time the toleration (which must be - of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, - it is not set, which means tolerate the taint forever (do not evict). Zero and - negative values will be treated as 0 (evict immediately) by the system. - format: int64 - type: integer - value: - description: |- - Value is the taint value the toleration matches to. - If the operator is Exists, the value should be empty, otherwise just a regular string. - type: string - type: object - type: array - topologySpreadConstraints: - description: Defines topology spread constraints to control - how Pods are spread across different topology domains. - items: - description: TopologySpreadConstraints configures topology - spread constraints to control how Pods are spread across - different topology domains. - properties: - maxSkew: - description: Defines the maximum skew between the number - of Pods in any two topology domains. - type: integer - topologyKey: - description: Specifies the topology key to use for spreading - Pods. - type: string - whenUnsatisfiable: - description: Sets the policy for how to handle unsatisfiable - constraints, such as `DoNotSchedule` or `ScheduleAnyway`. - type: string - type: object - type: array - updateStrategy: - description: Defines the update strategy for the StatefulSet - to manage how updates are rolled out to the Pods. - properties: - type: - description: Defines the strategy type for updating the - StatefulSet, such as `RollingUpdate` or `OnDelete`. - type: string - type: object - type: object - storage: - description: Defines storage settings for the Redpanda data directory - and the Tiered Storage cache. - properties: - hostPath: - description: Specifies the absolute path on the worker node - to store the Redpanda data directory. If unspecified, then - an `emptyDir` volume is used. If specified but `persistentVolume.enabled` - is true, `storage.hostPath` has no effect. - type: string - persistentVolume: - description: Configures a PersistentVolumeClaim (PVC) template - to create for each Pod. This PVC is used to store the Redpanda - data directory. - properties: - annotations: - additionalProperties: - type: string - description: Adds annotations to the PersistentVolumeClaims - to provide additional information or metadata that can - be used by other tools or libraries. - type: object - enabled: - description: Specifies whether to enable the Helm chart - to create PersistentVolumeClaims for Pods. - type: boolean - labels: - additionalProperties: - type: string - description: Applies labels to the PersistentVolumeClaims - to facilitate identification and selection based on - custom criteria. - type: object - nameOverwrite: - description: Option to change volume claim template name - for tiered storage persistent volume if tiered.mountType - is set to `persistentVolume` - type: string - size: - anyOf: - - type: integer - - type: string - description: Specifies the storage capacity required. - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - storageClass: - description: Specifies the StorageClass for the PersistentVolumeClaims - to determine how PersistentVolumes are provisioned and - managed. - type: string - type: object - tiered: - description: Configures storage for the Tiered Storage cache. - properties: - config: - description: Configures Tiered Storage, which requires - an Enterprise license configured in `enterprise.licenseKey` - or `enterprised.licenseSecretRef`. - properties: - cloud_storage_api_endpoint: - description: See https://docs.redpanda.com/docs/reference/cluster-properties/#cloud_storage_api_endpoint. - type: string - cloud_storage_api_endpoint_port: - description: See https://docs.redpanda.com/current/reference/cluster-properties/#cloud_storage_api_endpoint_port. - type: integer - cloud_storage_azure_adls_endpoint: - description: See https://docs.redpanda.com/docs/reference/cluster-properties/#cloud_storage_azure_adls_endpoint. - type: string - cloud_storage_azure_adls_port: - description: See https://docs.redpanda.com/docs/reference/cluster-properties/#cloud_storage_azure_adls_port. - type: integer - cloud_storage_azure_container: - description: See https://docs.redpanda.com/docs/reference/cluster-properties/#cloud_storage_azure_container. - type: string - cloud_storage_azure_managed_identity_id: - description: See https://docs.redpanda.com/docs/reference/cluster-properties/#cloud_storage_azure_managed_identity_id. - type: string - cloud_storage_azure_shared_key: - description: See https://docs.redpanda.com/docs/reference/cluster-properties/#cloud_storage_azure_shared_key. - type: string - cloud_storage_azure_storage_account: - description: See https://docs.redpanda.com/docs/reference/cluster-properties/#cloud_storage_azure_storage_account. - type: string - cloud_storage_bucket: - description: See https://docs.redpanda.com/current/reference/cluster-properties/#cloud_storage_bucket. - type: string - cloud_storage_cache_check_interval: - description: See https://docs.redpanda.com/current/reference/tunable-properties/#cloud_storage_cache_check_interval. - type: integer - cloud_storage_cache_directory: - description: See https://docs.redpanda.com/current/reference/node-properties/#cloud_storage_cache_directory. - type: string - cloud_storage_cache_size: - description: See https://docs.redpanda.com/current/reference/cluster-properties/#cloud_storage_cache_size. - type: string - cloud_storage_credentials_source: - description: See https://docs.redpanda.com/current/reference/cluster-properties/#cloud_storage_credentials_source. - type: string - cloud_storage_disable_tls: - description: See https://docs.redpanda.com/current/reference/cluster-properties/#cloud_storage_disable_tls. - type: boolean - cloud_storage_enable_remote_read: - description: See https://docs.redpanda.com/current/reference/tunable-properties/#cloud_storage_enable_remote_read. - type: boolean - cloud_storage_enable_remote_write: - description: See https://docs.redpanda.com/current/reference/tunable-properties/#cloud_storage_enable_remote_write. - type: boolean - cloud_storage_enabled: - description: Enables Tiered Storage, if a license - key is provided. See https://docs.redpanda.com/docs/reference/cluster-properties/#cloud_storage_enabled. - x-kubernetes-preserve-unknown-fields: true - cloud_storage_initial_backoff_ms: - description: See https://docs.redpanda.com/current/reference/tunable-properties/#cloud_storage_initial_backoff_ms. - type: integer - cloud_storage_manifest_upload_timeout_ms: - description: See https://docs.redpanda.com/current/reference/tunable-properties/#cloud_storage_manifest_upload_timeout_ms. - type: integer - cloud_storage_max_connection_idle_time_ms: - description: See https://docs.redpanda.com/current/reference/tunable-properties/#cloud_storage_max_connection_idle_time_ms. - type: integer - cloud_storage_max_connections: - description: See https://docs.redpanda.com/current/reference/cluster-properties/#cloud_storage_max_connections. - type: integer - cloud_storage_reconciliation_interval_ms: - description: 'Deprecated: See https://docs.redpanda.com/current/reference/tunable-properties/#cloud_storage_reconciliation_interval_ms.' - type: integer - cloud_storage_region: - description: See https://docs.redpanda.com/current/reference/cluster-properties/#cloud_storage_region. - type: string - cloud_storage_segment_max_upload_interval_sec: - description: See https://docs.redpanda.com/current/reference/tunable-properties/#cloud_storage_segment_max_upload_interval_sec. - type: integer - cloud_storage_segment_upload_timeout_ms: - description: See https://docs.redpanda.com/current/reference/tunable-properties/#cloud_storage_segment_upload_timeout_ms. - type: integer - cloud_storage_trust_file: - description: See https://docs.redpanda.com/current/reference/cluster-properties/#cloud_storage_trust_file. - type: string - cloud_storage_upload_ctrl_d_coeff: - description: See https://docs.redpanda.com/current/reference/tunable-properties/#cloud_storage_upload_ctrl_d_coeff. - type: integer - cloud_storage_upload_ctrl_max_shares: - description: See https://docs.redpanda.com/current/reference/tunable-properties/#cloud_storage_upload_ctrl_max_shares. - type: integer - cloud_storage_upload_ctrl_min_shares: - description: See https://docs.redpanda.com/current/reference/tunable-properties/#cloud_storage_upload_ctrl_min_shares. - type: integer - cloud_storage_upload_ctrl_p_coeff: - description: See https://docs.redpanda.com/current/reference/tunable-properties/#cloud_storage_upload_ctrl_p_coeff. - type: integer - cloud_storage_upload_ctrl_update_interval_ms: - description: See https://docs.redpanda.com/current/reference/tunable-properties/#cloud_storage_upload_ctrl_update_interval_ms. - type: integer - type: object - credentialsSecretRef: - description: CredentialSecretRef can be used to set `cloud_storage_secret_key` - and/or `cloud_storage_access_key` from referenced Kubernetes - Secret - properties: - accessKey: - properties: - configurationKey: - type: string - key: - type: string - name: - type: string - type: object - secretKey: - properties: - configurationKey: - type: string - key: - type: string - name: - type: string - type: object - type: object - hostPath: - description: Specifies the absolute path on the worker - node to store the Tiered Storage cache. - type: string - mountType: - description: |- - mountType can be one of: - - - `none`: Does not mount a volume. Tiered storage will use the same volume as the one defined for the Redpanda data directory. - - `hostPath`: Uses the path specified in `hostPath` on the worker node that the Pod is running on. - - `emptyDir`: Mounts an empty directory every time the Pod starts. - - `persistentVolume`: Creates and mounts a PersistentVolumeClaim using the template defined in `persistentVolume`. - type: string - persistentVolume: - description: Configures a PersistentVolumeClaim (PVC) - template to create for each Pod. This PVC is used to - store the Tiered Storage cache. - properties: - annotations: - additionalProperties: - type: string - description: Adds annotations to the PersistentVolumeClaims - to provide additional information or metadata that - can be used by other tools or libraries. - type: object - enabled: - description: Specifies whether to enable the Helm - chart to create PersistentVolumeClaims for Pods. - type: boolean - labels: - additionalProperties: - type: string - description: Applies labels to the PersistentVolumeClaims - to facilitate identification and selection based - on custom criteria. - type: object - nameOverwrite: - description: Option to change volume claim template - name for tiered storage persistent volume if tiered.mountType - is set to `persistentVolume` - type: string - size: - anyOf: - - type: integer - - type: string - description: Specifies the storage capacity required. - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - storageClass: - description: Specifies the StorageClass for the PersistentVolumeClaims - to determine how PersistentVolumes are provisioned - and managed. - type: string - type: object - type: object - type: object - tests: - properties: - enabled: - type: boolean - type: object - tls: - description: Defines TLS settings for listeners. - properties: - certs: - additionalProperties: - description: Certificate configures TLS certificates. - properties: - applyInternalDNSNames: - description: Specifies you wish to have Kubernetes internal - dns names (IE the headless service of the redpanda - StatefulSet) included in `dnsNames` of the certificate - even, when supplying an issuer. - type: boolean - caEnabled: - description: Specifies whether to include the `ca.crt` - file in the trust stores of all listeners. Set to - `true` only for certificates that are not authenticated - using public certificate authorities (CAs). - type: boolean - clientSecretRef: - description: Specify the name of an existing Secret - resource that contains your client TLS certificate. - properties: - name: - description: Specifies the name of the Secret resource. - type: string - type: object - duration: - description: Specifies the validity duration of certificates - generated with `issuerRef`. - type: string - enabled: - type: boolean - issuerRef: - description: Specify the name of an existing Issuer - or ClusterIssuer resource to use to generate certificates. - Requires cert-manager. See https://cert-manager.io/v1.1-docs. - properties: - group: - type: string - kind: - description: Specifies the kind of resource. One - of `Issuer` or `ClusterIssuer`. - type: string - name: - description: Specifies the name of the resource. - type: string - type: object - secretRef: - description: Specify the name of an existing Secret - resource that contains your TLS certificate. - properties: - name: - description: Specifies the name of the Secret resource. - type: string - type: object - type: object - description: Lists all available certificates in the cluster. - You can reference a specific certificate’s name in each - listener’s `listeners..tls.cert` setting. - type: object - enabled: - description: Enables TLS globally for all listeners. Each - listener must include a certificate name in its `.tls` - object. To allow you to enable TLS for individual listeners, - certificates are always loaded, even if TLS is disabled. - type: boolean - type: object - tolerations: - description: Specifies tolerations to allow Pods to be scheduled - onto nodes where they otherwise wouldn’t. - items: - description: |- - The pod this Toleration is attached to tolerates any taint that matches - the triple using the matching operator . - properties: - effect: - description: |- - Effect indicates the taint effect to match. Empty means match all taint effects. - When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: |- - Key is the taint key that the toleration applies to. Empty means match all taint keys. - If the key is empty, operator must be Exists; this combination means to match all values and all keys. - type: string - operator: - description: |- - Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod can - tolerate all taints of a particular category. - type: string - tolerationSeconds: - description: |- - TolerationSeconds represents the period of time the toleration (which must be - of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, - it is not set, which means tolerate the taint forever (do not evict). Zero and - negative values will be treated as 0 (evict immediately) by the system. - format: int64 - type: integer - value: - description: |- - Value is the taint value the toleration matches to. - If the operator is Exists, the value should be empty, otherwise just a regular string. - type: string - type: object - type: array - tuning: - description: Defines settings for the autotuner tool in Redpanda. - The autotuner identifies the hardware configuration in the container - and optimizes the Linux kernel to give you the best performance. - properties: - ballast_file_path: - description: Specifies the file path for ballast file. A ballast - file is an empty file that takes up disk space. If Redpanda - runs out of disk space and becomes unavailable, you can - delete the ballast file as a last resort. This clears up - some space and gives you time to delete topics or records - and change your retention properties. - type: string - ballast_file_size: - description: Defines the size of the ballast file. - type: string - extraVolumeMounts: - description: Configures additional volume mounts for the Pod. - type: string - resources: - description: Sets resource requirements such as CPU and memory - limits. - properties: - claims: - description: |- - Claims lists the names of resources, defined in spec.resourceClaims, - that are used by this container. - - This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. - - This field is immutable. It can only be set for containers. - items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. - properties: - name: - description: |- - Name must match the name of one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes that resource available - inside a container. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - tune_aio_events: - description: Specifies whether to increase the number of allowed - asynchronous IO events. - type: boolean - tune_ballast_file: - description: Specifies whether to create the ballast file. - type: boolean - tune_clocksource: - description: Specifies whether to synchronize NTP. - type: boolean - well_known_io: - description: Specifies the vendor, VM type, and storage device - type that Redpanda runs on, in the format ::. - This hints to Redpanda which configuration values it should - use for the Redpanda IO scheduler. - type: string - type: object - type: object - migration: - description: Deprecated and Removed in v2.2.3-24.2.X. Downgrade to - v2.2.2-24.2.4 perform the migration - properties: - clusterRef: - description: |- - ClusterRef by default will not be able to reach different namespaces, but it can be - overwritten by adding ClusterRole and ClusterRoleBinding to operator ServiceAccount. - properties: - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - namespace: - description: |- - Namespace of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ - type: string - required: - - name - - namespace - type: object - consoleRef: - description: |- - ConsoleRef by default will not be able to reach different namespaces, but it can be - overwritten by adding ClusterRole and ClusterRoleBinding to operator ServiceAccount. - properties: - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - namespace: - description: |- - Namespace of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ - type: string - required: - - name - - namespace - type: object - enabled: - type: boolean - required: - - clusterRef - - consoleRef - - enabled - type: object - type: object - status: - description: Represents the current status of the Redpanda cluster. - properties: - conditions: - description: Conditions holds the conditions for the Redpanda. - items: - description: Condition contains details for one aspect of the current - state of this API Resource. - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - decommissioningNode: - description: |- - ManagedDecommissioningNode indicates that a node is currently being - decommissioned from the cluster and provides its ordinal number. - format: int32 - type: integer - failures: - description: |- - Failures is the reconciliation failure count against the latest desired - state. It is reset after a successful reconciliation. - format: int64 - type: integer - helmRelease: - type: string - helmReleaseReady: - type: boolean - helmRepository: - type: string - helmRepositoryReady: - type: boolean - installFailures: - format: int64 - type: integer - lastAppliedRevision: - description: LastAppliedRevision is the revision of the last successfully - applied source. - type: string - lastAttemptedRevision: - description: LastAttemptedRevision is the revision of the last reconciliation - attempt. - type: string - lastHandledReconcileAt: - description: |- - LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value - can be detected. - type: string - license: - description: |- - LicenseStatus contains information about the current state of any - installed license in the Redpanda cluster. - properties: - expiration: - format: date-time - type: string - expired: - type: boolean - inUseFeatures: - items: - type: string - type: array - organization: - type: string - type: - type: string - violation: - type: boolean - required: - - inUseFeatures - - violation - type: object - observedGeneration: - description: Specifies the last observed generation. - format: int64 - type: integer - upgradeFailures: - format: int64 - type: integer - type: object - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.16.3 - name: schemas.cluster.redpanda.com -spec: - group: cluster.redpanda.com - names: - kind: Schema - listKind: SchemaList - plural: schemas - shortNames: - - sc - singular: schema - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=="Synced")].status - name: Synced - type: string - - jsonPath: .status.versions[-1] - name: Latest Version - type: number - name: v1alpha2 - schema: - openAPIV3Schema: - description: Schema defines the CRD for a Redpanda schema. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: Defines the desired state of the Redpanda schema. - properties: - cluster: - description: |- - ClusterSource is a reference to the cluster hosting the schema registry. - It is used in constructing the client created to configure a cluster. - properties: - clusterRef: - description: |- - ClusterRef is a reference to the cluster where the object should be created. - It is used in constructing the client created to configure a cluster. - This takes precedence over StaticConfigurationSource. - properties: - name: - description: Name specifies the name of the cluster being - referenced. - type: string - required: - - name - type: object - staticConfiguration: - description: StaticConfiguration holds connection parameters to - Kafka and Admin APIs. - properties: - admin: - description: |- - AdminAPISpec is the configuration information for communicating with the Admin - API of a Redpanda cluster where the object should be created. - properties: - sasl: - description: Defines authentication configuration settings - for Redpanda clusters that have authentication enabled. - properties: - mechanism: - description: Specifies the SASL/SCRAM authentication - mechanism. - type: string - passwordSecretRef: - description: Specifies the password. - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - token: - description: Specifies token for token-based authentication - (only used if no username/password are provided). - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - username: - description: Specifies the username. - type: string - required: - - mechanism - type: object - tls: - description: Defines TLS configuration settings for Redpanda - clusters that have TLS enabled. - properties: - caCertSecretRef: - description: CaCert is the reference for certificate - authority used to establish TLS connection to Redpanda - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - certSecretRef: - description: Cert is the reference for client public - certificate to establish mTLS connection to Redpanda - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - insecureSkipTlsVerify: - description: InsecureSkipTLSVerify can skip verifying - Redpanda self-signed certificate when establish - TLS connection to Redpanda - type: boolean - keySecretRef: - description: Key is the reference for client private - certificate to establish mTLS connection to Redpanda - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - type: object - urls: - description: Specifies a list of broker addresses in the - format : - items: - type: string - type: array - required: - - urls - type: object - kafka: - description: |- - Kafka is the configuration information for communicating with the Kafka - API of a Redpanda cluster where the object should be created. - properties: - brokers: - description: Specifies a list of broker addresses in the - format : - items: - type: string - type: array - sasl: - description: Defines authentication configuration settings - for Redpanda clusters that have authentication enabled. - properties: - awsMskIam: - description: |- - KafkaSASLAWSMskIam is the config for AWS IAM SASL mechanism, - see: https://docs.aws.amazon.com/msk/latest/developerguide/iam-access-control.html - properties: - accessKey: - type: string - secretKeySecretRef: - description: |- - SecretKeyRef contains enough information to inspect or modify the referred Secret data - See https://pkg.go.dev/k8s.io/api/core/v1#ObjectReference. - properties: - key: - description: Key in Secret data to get value - from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - sessionTokenSecretRef: - description: |- - SessionToken, if non-empty, is a session / security token to use for authentication. - See: https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html - properties: - key: - description: Key in Secret data to get value - from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - userAgent: - description: |- - UserAgent is the user agent to for the client to use when connecting - to Kafka, overriding the default "franz-go//". - - Setting a UserAgent allows authorizing based on the aws:UserAgent - condition key; see the following link for more details: - https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-useragent - type: string - required: - - accessKey - - secretKeySecretRef - - sessionTokenSecretRef - - userAgent - type: object - gssapi: - description: KafkaSASLGSSAPI represents the Kafka - Kerberos config. - properties: - authType: - type: string - enableFast: - description: |- - EnableFAST enables FAST, which is a pre-authentication framework for Kerberos. - It includes a mechanism for tunneling pre-authentication exchanges using armored KDC messages. - FAST provides increased resistance to passive password guessing attacks. - type: boolean - kerberosConfigPath: - type: string - keyTabPath: - type: string - passwordSecretRef: - description: |- - SecretKeyRef contains enough information to inspect or modify the referred Secret data - See https://pkg.go.dev/k8s.io/api/core/v1#ObjectReference. - properties: - key: - description: Key in Secret data to get value - from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - realm: - type: string - serviceName: - type: string - username: - type: string - required: - - authType - - enableFast - - kerberosConfigPath - - keyTabPath - - passwordSecretRef - - realm - - serviceName - - username - type: object - mechanism: - description: Specifies the SASL/SCRAM authentication - mechanism. - type: string - oauth: - description: KafkaSASLOAuthBearer is the config struct - for the SASL OAuthBearer mechanism - properties: - tokenSecretRef: - description: |- - SecretKeyRef contains enough information to inspect or modify the referred Secret data - See https://pkg.go.dev/k8s.io/api/core/v1#ObjectReference. - properties: - key: - description: Key in Secret data to get value - from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - required: - - tokenSecretRef - type: object - passwordSecretRef: - description: Specifies the password. - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - username: - description: Specifies the username. - type: string - required: - - mechanism - type: object - tls: - description: Defines TLS configuration settings for Redpanda - clusters that have TLS enabled. - properties: - caCertSecretRef: - description: CaCert is the reference for certificate - authority used to establish TLS connection to Redpanda - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - certSecretRef: - description: Cert is the reference for client public - certificate to establish mTLS connection to Redpanda - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - insecureSkipTlsVerify: - description: InsecureSkipTLSVerify can skip verifying - Redpanda self-signed certificate when establish - TLS connection to Redpanda - type: boolean - keySecretRef: - description: Key is the reference for client private - certificate to establish mTLS connection to Redpanda - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - type: object - required: - - brokers - type: object - schemaRegistry: - description: |- - SchemaRegistry is the configuration information for communicating with the Schema Registry - API of a Redpanda cluster where the object should be created. - properties: - sasl: - description: Defines authentication configuration settings - for Redpanda clusters that have authentication enabled. - properties: - mechanism: - description: Specifies the SASL/SCRAM authentication - mechanism. - type: string - passwordSecretRef: - description: Specifies the password. - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - token: - description: |- - SecretKeyRef contains enough information to inspect or modify the referred Secret data - See https://pkg.go.dev/k8s.io/api/core/v1#ObjectReference. - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - username: - description: Specifies the username. - type: string - required: - - mechanism - type: object - tls: - description: Defines TLS configuration settings for Redpanda - clusters that have TLS enabled. - properties: - caCertSecretRef: - description: CaCert is the reference for certificate - authority used to establish TLS connection to Redpanda - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - certSecretRef: - description: Cert is the reference for client public - certificate to establish mTLS connection to Redpanda - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - insecureSkipTlsVerify: - description: InsecureSkipTLSVerify can skip verifying - Redpanda self-signed certificate when establish - TLS connection to Redpanda - type: boolean - keySecretRef: - description: Key is the reference for client private - certificate to establish mTLS connection to Redpanda - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - type: object - urls: - description: Specifies a list of broker addresses in the - format : - items: - type: string - type: array - required: - - urls - type: object - type: object - type: object - x-kubernetes-validations: - - message: 'spec.cluster.staticConfiguration.schemaRegistry: required - value' - rule: '!has(self.staticConfiguration) || has(self.staticConfiguration.schemaRegistry)' - - message: either clusterRef or staticConfiguration must be set - rule: has(self.clusterRef) || has(self.staticConfiguration) - - message: ClusterSource is immutable - rule: self == oldSelf - compatibilityLevel: - default: Backward - description: CompatibilityLevel sets the compatibility level for the - given schema - enum: - - None - - Backward - - BackwardTransitive - - Forward - - ForwardTransitive - - Full - - FullTransitive - type: string - references: - description: |- - References declares other schemas this schema references. See the - docs on SchemaReference for more details. - items: - description: |- - SchemaReference is a way for a one schema to reference another. The - details for how referencing is done are type specific; for example, - JSON objects that use the key "$ref" can refer to another schema via - URL. - properties: - name: - type: string - subject: - type: string - version: - type: integer - required: - - name - - subject - - version - type: object - type: array - schemaType: - default: avro - description: Type is the type of a schema. The default type is avro. - enum: - - avro - - protobuf - - json - type: string - text: - description: Text is the actual unescaped text of a schema. - type: string - required: - - cluster - - text - type: object - status: - default: - conditions: - - lastTransitionTime: "1970-01-01T00:00:00Z" - message: Waiting for controller - reason: Pending - status: Unknown - type: Synced - description: Represents the current status of the Redpanda schema. - properties: - conditions: - description: Conditions holds the conditions for the Redpanda schema. - items: - description: Condition contains details for one aspect of the current - state of this API Resource. - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - observedGeneration: - description: Specifies the last observed generation. - format: int64 - type: integer - schemaHash: - description: SchemaHash is the hashed value of the schema synced to - the cluster - type: string - versions: - description: Versions shows the versions of a given schema - items: - type: integer - type: array - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - cert-manager.io/inject-ca-from: CERTIFICATE_NAMESPACE/CERTIFICATE_NAME - controller-gen.kubebuilder.io/version: v0.16.3 - name: topics.cluster.redpanda.com -spec: - group: cluster.redpanda.com - names: - kind: Topic - listKind: TopicList - plural: topics - singular: topic - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: Topic defines the CRD for Topic resources. See https://docs.redpanda.com/current/manage/kubernetes/manage-topics/. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: Defines the desired state of the Topic resource. - properties: - additionalConfig: - additionalProperties: - type: string - description: |- - Adds extra topic configurations. This is a free-form map of any configuration options that topics can have. - Examples: - `cleanup.policy=compact` - `redpanda.remote.write=true` - `redpanda.remote.read=true` - `redpanda.remote.recovery=true` - `redpanda.remote.delete=true` - type: object - cluster: - description: |- - ClusterSource is a reference to the cluster where the user should be created. - It is used in constructing the client created to configure a cluster. - properties: - clusterRef: - description: |- - ClusterRef is a reference to the cluster where the object should be created. - It is used in constructing the client created to configure a cluster. - This takes precedence over StaticConfigurationSource. - properties: - name: - description: Name specifies the name of the cluster being - referenced. - type: string - required: - - name - type: object - staticConfiguration: - description: StaticConfiguration holds connection parameters to - Kafka and Admin APIs. - properties: - admin: - description: |- - AdminAPISpec is the configuration information for communicating with the Admin - API of a Redpanda cluster where the object should be created. - properties: - sasl: - description: Defines authentication configuration settings - for Redpanda clusters that have authentication enabled. - properties: - mechanism: - description: Specifies the SASL/SCRAM authentication - mechanism. - type: string - passwordSecretRef: - description: Specifies the password. - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - token: - description: Specifies token for token-based authentication - (only used if no username/password are provided). - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - username: - description: Specifies the username. - type: string - required: - - mechanism - type: object - tls: - description: Defines TLS configuration settings for Redpanda - clusters that have TLS enabled. - properties: - caCertSecretRef: - description: CaCert is the reference for certificate - authority used to establish TLS connection to Redpanda - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - certSecretRef: - description: Cert is the reference for client public - certificate to establish mTLS connection to Redpanda - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - insecureSkipTlsVerify: - description: InsecureSkipTLSVerify can skip verifying - Redpanda self-signed certificate when establish - TLS connection to Redpanda - type: boolean - keySecretRef: - description: Key is the reference for client private - certificate to establish mTLS connection to Redpanda - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - type: object - urls: - description: Specifies a list of broker addresses in the - format : - items: - type: string - type: array - required: - - urls - type: object - kafka: - description: |- - Kafka is the configuration information for communicating with the Kafka - API of a Redpanda cluster where the object should be created. - properties: - brokers: - description: Specifies a list of broker addresses in the - format : - items: - type: string - type: array - sasl: - description: Defines authentication configuration settings - for Redpanda clusters that have authentication enabled. - properties: - awsMskIam: - description: |- - KafkaSASLAWSMskIam is the config for AWS IAM SASL mechanism, - see: https://docs.aws.amazon.com/msk/latest/developerguide/iam-access-control.html - properties: - accessKey: - type: string - secretKeySecretRef: - description: |- - SecretKeyRef contains enough information to inspect or modify the referred Secret data - See https://pkg.go.dev/k8s.io/api/core/v1#ObjectReference. - properties: - key: - description: Key in Secret data to get value - from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - sessionTokenSecretRef: - description: |- - SessionToken, if non-empty, is a session / security token to use for authentication. - See: https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html - properties: - key: - description: Key in Secret data to get value - from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - userAgent: - description: |- - UserAgent is the user agent to for the client to use when connecting - to Kafka, overriding the default "franz-go//". - - Setting a UserAgent allows authorizing based on the aws:UserAgent - condition key; see the following link for more details: - https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-useragent - type: string - required: - - accessKey - - secretKeySecretRef - - sessionTokenSecretRef - - userAgent - type: object - gssapi: - description: KafkaSASLGSSAPI represents the Kafka - Kerberos config. - properties: - authType: - type: string - enableFast: - description: |- - EnableFAST enables FAST, which is a pre-authentication framework for Kerberos. - It includes a mechanism for tunneling pre-authentication exchanges using armored KDC messages. - FAST provides increased resistance to passive password guessing attacks. - type: boolean - kerberosConfigPath: - type: string - keyTabPath: - type: string - passwordSecretRef: - description: |- - SecretKeyRef contains enough information to inspect or modify the referred Secret data - See https://pkg.go.dev/k8s.io/api/core/v1#ObjectReference. - properties: - key: - description: Key in Secret data to get value - from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - realm: - type: string - serviceName: - type: string - username: - type: string - required: - - authType - - enableFast - - kerberosConfigPath - - keyTabPath - - passwordSecretRef - - realm - - serviceName - - username - type: object - mechanism: - description: Specifies the SASL/SCRAM authentication - mechanism. - type: string - oauth: - description: KafkaSASLOAuthBearer is the config struct - for the SASL OAuthBearer mechanism - properties: - tokenSecretRef: - description: |- - SecretKeyRef contains enough information to inspect or modify the referred Secret data - See https://pkg.go.dev/k8s.io/api/core/v1#ObjectReference. - properties: - key: - description: Key in Secret data to get value - from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - required: - - tokenSecretRef - type: object - passwordSecretRef: - description: Specifies the password. - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - username: - description: Specifies the username. - type: string - required: - - mechanism - type: object - tls: - description: Defines TLS configuration settings for Redpanda - clusters that have TLS enabled. - properties: - caCertSecretRef: - description: CaCert is the reference for certificate - authority used to establish TLS connection to Redpanda - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - certSecretRef: - description: Cert is the reference for client public - certificate to establish mTLS connection to Redpanda - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - insecureSkipTlsVerify: - description: InsecureSkipTLSVerify can skip verifying - Redpanda self-signed certificate when establish - TLS connection to Redpanda - type: boolean - keySecretRef: - description: Key is the reference for client private - certificate to establish mTLS connection to Redpanda - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - type: object - required: - - brokers - type: object - schemaRegistry: - description: |- - SchemaRegistry is the configuration information for communicating with the Schema Registry - API of a Redpanda cluster where the object should be created. - properties: - sasl: - description: Defines authentication configuration settings - for Redpanda clusters that have authentication enabled. - properties: - mechanism: - description: Specifies the SASL/SCRAM authentication - mechanism. - type: string - passwordSecretRef: - description: Specifies the password. - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - token: - description: |- - SecretKeyRef contains enough information to inspect or modify the referred Secret data - See https://pkg.go.dev/k8s.io/api/core/v1#ObjectReference. - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - username: - description: Specifies the username. - type: string - required: - - mechanism - type: object - tls: - description: Defines TLS configuration settings for Redpanda - clusters that have TLS enabled. - properties: - caCertSecretRef: - description: CaCert is the reference for certificate - authority used to establish TLS connection to Redpanda - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - certSecretRef: - description: Cert is the reference for client public - certificate to establish mTLS connection to Redpanda - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - insecureSkipTlsVerify: - description: InsecureSkipTLSVerify can skip verifying - Redpanda self-signed certificate when establish - TLS connection to Redpanda - type: boolean - keySecretRef: - description: Key is the reference for client private - certificate to establish mTLS connection to Redpanda - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - type: object - urls: - description: Specifies a list of broker addresses in the - format : - items: - type: string - type: array - required: - - urls - type: object - type: object - type: object - x-kubernetes-validations: - - message: 'spec.cluster.staticConfiguration.kafka: required value' - rule: '!has(self.staticConfiguration) || has(self.staticConfiguration.kafka)' - - message: either clusterRef or staticConfiguration must be set - rule: has(self.clusterRef) || has(self.staticConfiguration) - - message: ClusterSource is immutable - rule: self == oldSelf - interval: - default: 3s - description: |- - Defines when the topic controller will schedule the next reconciliation. - Default is 3 seconds. - format: duration - type: string - kafkaApiSpec: - description: |- - Defines client configuration for connecting to Redpanda brokers. - Deprecated: Use cluster.staticConfiguration.kafkaApiSpec if explicit connection - configuration is required. Otherwise, prefer cluster.clusterRef. - properties: - brokers: - description: Specifies a list of broker addresses in the format - : - items: - type: string - type: array - sasl: - description: Defines authentication configuration settings for - Redpanda clusters that have authentication enabled. - properties: - awsMskIam: - description: |- - KafkaSASLAWSMskIam is the config for AWS IAM SASL mechanism, - see: https://docs.aws.amazon.com/msk/latest/developerguide/iam-access-control.html - properties: - accessKey: - type: string - secretKeySecretRef: - description: |- - SecretKeyRef contains enough information to inspect or modify the referred Secret data - See https://pkg.go.dev/k8s.io/api/core/v1#ObjectReference. - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - sessionTokenSecretRef: - description: |- - SessionToken, if non-empty, is a session / security token to use for authentication. - See: https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - userAgent: - description: |- - UserAgent is the user agent to for the client to use when connecting - to Kafka, overriding the default "franz-go//". - - Setting a UserAgent allows authorizing based on the aws:UserAgent - condition key; see the following link for more details: - https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-useragent - type: string - required: - - accessKey - - secretKeySecretRef - - sessionTokenSecretRef - - userAgent - type: object - gssapi: - description: KafkaSASLGSSAPI represents the Kafka Kerberos - config. - properties: - authType: - type: string - enableFast: - description: |- - EnableFAST enables FAST, which is a pre-authentication framework for Kerberos. - It includes a mechanism for tunneling pre-authentication exchanges using armored KDC messages. - FAST provides increased resistance to passive password guessing attacks. - type: boolean - kerberosConfigPath: - type: string - keyTabPath: - type: string - passwordSecretRef: - description: |- - SecretKeyRef contains enough information to inspect or modify the referred Secret data - See https://pkg.go.dev/k8s.io/api/core/v1#ObjectReference. - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - realm: - type: string - serviceName: - type: string - username: - type: string - required: - - authType - - enableFast - - kerberosConfigPath - - keyTabPath - - passwordSecretRef - - realm - - serviceName - - username - type: object - mechanism: - description: Specifies the SASL/SCRAM authentication mechanism. - type: string - oauth: - description: KafkaSASLOAuthBearer is the config struct for - the SASL OAuthBearer mechanism - properties: - tokenSecretRef: - description: |- - SecretKeyRef contains enough information to inspect or modify the referred Secret data - See https://pkg.go.dev/k8s.io/api/core/v1#ObjectReference. - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - required: - - tokenSecretRef - type: object - passwordSecretRef: - description: Specifies the password. - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - username: - description: Specifies the username. - type: string - required: - - mechanism - type: object - tls: - description: Defines TLS configuration settings for Redpanda clusters - that have TLS enabled. - properties: - caCertSecretRef: - description: CaCert is the reference for certificate authority - used to establish TLS connection to Redpanda - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - certSecretRef: - description: Cert is the reference for client public certificate - to establish mTLS connection to Redpanda - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - insecureSkipTlsVerify: - description: InsecureSkipTLSVerify can skip verifying Redpanda - self-signed certificate when establish TLS connection to - Redpanda - type: boolean - keySecretRef: - description: Key is the reference for client private certificate - to establish mTLS connection to Redpanda - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - type: object - required: - - brokers - type: object - metricsNamespace: - description: |- - Overwrites the fully-qualified - name of the metric. This should be easier to identify if - multiple operator instances runs inside the same Kubernetes cluster. - By default, it is set to `redpanda-operator`. - type: string - overwriteTopicName: - description: Changes the topic name from the value of `metadata.name`. - type: string - partitions: - description: |- - Specifies the number of topic shards that are distributed across the brokers in a cluster. - This number cannot be decreased after topic creation. - It can be increased after topic creation, but it is - important to understand the consequences that has, especially for - topics with semantic partitioning. When absent this will default to - the Redpanda cluster configuration `default_topic_partitions`. - See https://docs.redpanda.com/docs/reference/cluster-properties/#default_topic_partitions and - https://docs.redpanda.com/docs/get-started/architecture/#partitions - type: integer - replicationFactor: - description: |- - Specifies the number of replicas the topic should have. Must be odd value. - When absent this will default to the Redpanda cluster configuration `default_topic_replications`. - See https://docs.redpanda.com/docs/reference/cluster-properties/#default_topic_replications. - type: integer - type: object - x-kubernetes-validations: - - message: cluster must be specified if kafkaApiSpec is not - rule: has(self.cluster) || has(self.kafkaApiSpec) - status: - description: Represents the current status of the Topic resource. - properties: - conditions: - description: Conditions holds the conditions for the Topic. - items: - description: Condition contains details for one aspect of the current - state of this API Resource. - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - observedGeneration: - description: ObservedGeneration is the last observed generation of - the Topic. - format: int64 - type: integer - topicConfiguration: - description: TopicConfiguration is the last snapshot of the topic - configuration during successful reconciliation. - items: - description: Configuration was copied from https://github.com/twmb/franz-go/blob/01651affd204d4a3577a341e748c5d09b52587f8/pkg/kmsg/generated.go#L24593-L24634 - properties: - configSynonyms: - description: |- - ConfigSynonyms contains fallback key/value pairs for this config - entry, in order of preference. That is, if a config entry is both - dynamically configured and has a default, the top level return will be - the dynamic configuration, while its "synonym" will be the default. - items: - description: ConfigSynonyms was copied from https://github.com/twmb/franz-go/blob/01651affd204d4a3577a341e748c5d09b52587f8/pkg/kmsg/generated.go#L24569-L24578 - properties: - name: - type: string - source: - type: string - unknownTags: - additionalProperties: - type: string - description: UnknownTags are tags Kafka sent that we do - not know the purpose of. - type: object - value: - type: string - required: - - name - - source - type: object - type: array - configType: - description: ConfigType specifies the configuration data type. - type: string - documentation: - description: Documentation is optional documentation for the - config entry. - type: string - isDefault: - description: |- - IsDefault is whether this is a default config option. This has been - replaced in favor of Source. - type: boolean - isSensitive: - description: |- - IsSensitive signifies whether this is a sensitive config key, which - is either a password or an unknown type. - type: boolean - name: - description: Name is a key this entry corresponds to (e.g. segment.bytes). - type: string - readOnly: - description: |- - ReadOnly signifies whether this is not a dynamic config option. - - Note that this field is not always correct, and you may need to check - whether the Source is any dynamic enum. See franz-go#91 for more details. - type: boolean - source: - description: |- - Source is where this config entry is from. - - This field has a default of -1. - type: string - unknownTags: - additionalProperties: - type: string - description: UnknownTags are tags Kafka sent that we do not - know the purpose of. - type: object - value: - description: |- - Value is the value for this config key. If the key is sensitive, - the value will be null. - type: string - required: - - configType - - isDefault - - isSensitive - - name - - readOnly - - source - - unknownTags - type: object - type: array - type: object - type: object - served: true - storage: false - subresources: - status: {} - - name: v1alpha2 - schema: - openAPIV3Schema: - description: Topic defines the CRD for Topic resources. See https://docs.redpanda.com/current/manage/kubernetes/manage-topics/. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: Defines the desired state of the Topic resource. - properties: - additionalConfig: - additionalProperties: - type: string - description: |- - Adds extra topic configurations. This is a free-form map of any configuration options that topics can have. - Examples: - `cleanup.policy=compact` - `redpanda.remote.write=true` - `redpanda.remote.read=true` - `redpanda.remote.recovery=true` - `redpanda.remote.delete=true` - type: object - cluster: - description: |- - ClusterSource is a reference to the cluster where the user should be created. - It is used in constructing the client created to configure a cluster. - properties: - clusterRef: - description: |- - ClusterRef is a reference to the cluster where the object should be created. - It is used in constructing the client created to configure a cluster. - This takes precedence over StaticConfigurationSource. - properties: - name: - description: Name specifies the name of the cluster being - referenced. - type: string - required: - - name - type: object - staticConfiguration: - description: StaticConfiguration holds connection parameters to - Kafka and Admin APIs. - properties: - admin: - description: |- - AdminAPISpec is the configuration information for communicating with the Admin - API of a Redpanda cluster where the object should be created. - properties: - sasl: - description: Defines authentication configuration settings - for Redpanda clusters that have authentication enabled. - properties: - mechanism: - description: Specifies the SASL/SCRAM authentication - mechanism. - type: string - passwordSecretRef: - description: Specifies the password. - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - token: - description: Specifies token for token-based authentication - (only used if no username/password are provided). - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - username: - description: Specifies the username. - type: string - required: - - mechanism - type: object - tls: - description: Defines TLS configuration settings for Redpanda - clusters that have TLS enabled. - properties: - caCertSecretRef: - description: CaCert is the reference for certificate - authority used to establish TLS connection to Redpanda - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - certSecretRef: - description: Cert is the reference for client public - certificate to establish mTLS connection to Redpanda - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - insecureSkipTlsVerify: - description: InsecureSkipTLSVerify can skip verifying - Redpanda self-signed certificate when establish - TLS connection to Redpanda - type: boolean - keySecretRef: - description: Key is the reference for client private - certificate to establish mTLS connection to Redpanda - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - type: object - urls: - description: Specifies a list of broker addresses in the - format : - items: - type: string - type: array - required: - - urls - type: object - kafka: - description: |- - Kafka is the configuration information for communicating with the Kafka - API of a Redpanda cluster where the object should be created. - properties: - brokers: - description: Specifies a list of broker addresses in the - format : - items: - type: string - type: array - sasl: - description: Defines authentication configuration settings - for Redpanda clusters that have authentication enabled. - properties: - awsMskIam: - description: |- - KafkaSASLAWSMskIam is the config for AWS IAM SASL mechanism, - see: https://docs.aws.amazon.com/msk/latest/developerguide/iam-access-control.html - properties: - accessKey: - type: string - secretKeySecretRef: - description: |- - SecretKeyRef contains enough information to inspect or modify the referred Secret data - See https://pkg.go.dev/k8s.io/api/core/v1#ObjectReference. - properties: - key: - description: Key in Secret data to get value - from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - sessionTokenSecretRef: - description: |- - SessionToken, if non-empty, is a session / security token to use for authentication. - See: https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html - properties: - key: - description: Key in Secret data to get value - from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - userAgent: - description: |- - UserAgent is the user agent to for the client to use when connecting - to Kafka, overriding the default "franz-go//". - - Setting a UserAgent allows authorizing based on the aws:UserAgent - condition key; see the following link for more details: - https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-useragent - type: string - required: - - accessKey - - secretKeySecretRef - - sessionTokenSecretRef - - userAgent - type: object - gssapi: - description: KafkaSASLGSSAPI represents the Kafka - Kerberos config. - properties: - authType: - type: string - enableFast: - description: |- - EnableFAST enables FAST, which is a pre-authentication framework for Kerberos. - It includes a mechanism for tunneling pre-authentication exchanges using armored KDC messages. - FAST provides increased resistance to passive password guessing attacks. - type: boolean - kerberosConfigPath: - type: string - keyTabPath: - type: string - passwordSecretRef: - description: |- - SecretKeyRef contains enough information to inspect or modify the referred Secret data - See https://pkg.go.dev/k8s.io/api/core/v1#ObjectReference. - properties: - key: - description: Key in Secret data to get value - from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - realm: - type: string - serviceName: - type: string - username: - type: string - required: - - authType - - enableFast - - kerberosConfigPath - - keyTabPath - - passwordSecretRef - - realm - - serviceName - - username - type: object - mechanism: - description: Specifies the SASL/SCRAM authentication - mechanism. - type: string - oauth: - description: KafkaSASLOAuthBearer is the config struct - for the SASL OAuthBearer mechanism - properties: - tokenSecretRef: - description: |- - SecretKeyRef contains enough information to inspect or modify the referred Secret data - See https://pkg.go.dev/k8s.io/api/core/v1#ObjectReference. - properties: - key: - description: Key in Secret data to get value - from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - required: - - tokenSecretRef - type: object - passwordSecretRef: - description: Specifies the password. - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - username: - description: Specifies the username. - type: string - required: - - mechanism - type: object - tls: - description: Defines TLS configuration settings for Redpanda - clusters that have TLS enabled. - properties: - caCertSecretRef: - description: CaCert is the reference for certificate - authority used to establish TLS connection to Redpanda - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - certSecretRef: - description: Cert is the reference for client public - certificate to establish mTLS connection to Redpanda - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - insecureSkipTlsVerify: - description: InsecureSkipTLSVerify can skip verifying - Redpanda self-signed certificate when establish - TLS connection to Redpanda - type: boolean - keySecretRef: - description: Key is the reference for client private - certificate to establish mTLS connection to Redpanda - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - type: object - required: - - brokers - type: object - schemaRegistry: - description: |- - SchemaRegistry is the configuration information for communicating with the Schema Registry - API of a Redpanda cluster where the object should be created. - properties: - sasl: - description: Defines authentication configuration settings - for Redpanda clusters that have authentication enabled. - properties: - mechanism: - description: Specifies the SASL/SCRAM authentication - mechanism. - type: string - passwordSecretRef: - description: Specifies the password. - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - token: - description: |- - SecretKeyRef contains enough information to inspect or modify the referred Secret data - See https://pkg.go.dev/k8s.io/api/core/v1#ObjectReference. - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - username: - description: Specifies the username. - type: string - required: - - mechanism - type: object - tls: - description: Defines TLS configuration settings for Redpanda - clusters that have TLS enabled. - properties: - caCertSecretRef: - description: CaCert is the reference for certificate - authority used to establish TLS connection to Redpanda - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - certSecretRef: - description: Cert is the reference for client public - certificate to establish mTLS connection to Redpanda - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - insecureSkipTlsVerify: - description: InsecureSkipTLSVerify can skip verifying - Redpanda self-signed certificate when establish - TLS connection to Redpanda - type: boolean - keySecretRef: - description: Key is the reference for client private - certificate to establish mTLS connection to Redpanda - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - type: object - urls: - description: Specifies a list of broker addresses in the - format : - items: - type: string - type: array - required: - - urls - type: object - type: object - type: object - x-kubernetes-validations: - - message: 'spec.cluster.staticConfiguration.kafka: required value' - rule: '!has(self.staticConfiguration) || has(self.staticConfiguration.kafka)' - - message: either clusterRef or staticConfiguration must be set - rule: has(self.clusterRef) || has(self.staticConfiguration) - - message: ClusterSource is immutable - rule: self == oldSelf - interval: - default: 3s - description: |- - Defines when the topic controller will schedule the next reconciliation. - Default is 3 seconds. - format: duration - type: string - kafkaApiSpec: - description: |- - Defines client configuration for connecting to Redpanda brokers. - Deprecated: Use cluster.staticConfiguration.kafkaApiSpec if explicit connection - configuration is required. Otherwise, prefer cluster.clusterRef. - properties: - brokers: - description: Specifies a list of broker addresses in the format - : - items: - type: string - type: array - sasl: - description: Defines authentication configuration settings for - Redpanda clusters that have authentication enabled. - properties: - awsMskIam: - description: |- - KafkaSASLAWSMskIam is the config for AWS IAM SASL mechanism, - see: https://docs.aws.amazon.com/msk/latest/developerguide/iam-access-control.html - properties: - accessKey: - type: string - secretKeySecretRef: - description: |- - SecretKeyRef contains enough information to inspect or modify the referred Secret data - See https://pkg.go.dev/k8s.io/api/core/v1#ObjectReference. - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - sessionTokenSecretRef: - description: |- - SessionToken, if non-empty, is a session / security token to use for authentication. - See: https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - userAgent: - description: |- - UserAgent is the user agent to for the client to use when connecting - to Kafka, overriding the default "franz-go//". - - Setting a UserAgent allows authorizing based on the aws:UserAgent - condition key; see the following link for more details: - https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-useragent - type: string - required: - - accessKey - - secretKeySecretRef - - sessionTokenSecretRef - - userAgent - type: object - gssapi: - description: KafkaSASLGSSAPI represents the Kafka Kerberos - config. - properties: - authType: - type: string - enableFast: - description: |- - EnableFAST enables FAST, which is a pre-authentication framework for Kerberos. - It includes a mechanism for tunneling pre-authentication exchanges using armored KDC messages. - FAST provides increased resistance to passive password guessing attacks. - type: boolean - kerberosConfigPath: - type: string - keyTabPath: - type: string - passwordSecretRef: - description: |- - SecretKeyRef contains enough information to inspect or modify the referred Secret data - See https://pkg.go.dev/k8s.io/api/core/v1#ObjectReference. - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - realm: - type: string - serviceName: - type: string - username: - type: string - required: - - authType - - enableFast - - kerberosConfigPath - - keyTabPath - - passwordSecretRef - - realm - - serviceName - - username - type: object - mechanism: - description: Specifies the SASL/SCRAM authentication mechanism. - type: string - oauth: - description: KafkaSASLOAuthBearer is the config struct for - the SASL OAuthBearer mechanism - properties: - tokenSecretRef: - description: |- - SecretKeyRef contains enough information to inspect or modify the referred Secret data - See https://pkg.go.dev/k8s.io/api/core/v1#ObjectReference. - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - required: - - tokenSecretRef - type: object - passwordSecretRef: - description: Specifies the password. - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - username: - description: Specifies the username. - type: string - required: - - mechanism - type: object - tls: - description: Defines TLS configuration settings for Redpanda clusters - that have TLS enabled. - properties: - caCertSecretRef: - description: CaCert is the reference for certificate authority - used to establish TLS connection to Redpanda - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - certSecretRef: - description: Cert is the reference for client public certificate - to establish mTLS connection to Redpanda - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - insecureSkipTlsVerify: - description: InsecureSkipTLSVerify can skip verifying Redpanda - self-signed certificate when establish TLS connection to - Redpanda - type: boolean - keySecretRef: - description: Key is the reference for client private certificate - to establish mTLS connection to Redpanda - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - type: object - required: - - brokers - type: object - metricsNamespace: - description: |- - Overwrites the fully-qualified - name of the metric. This should be easier to identify if - multiple operator instances runs inside the same Kubernetes cluster. - By default, it is set to `redpanda-operator`. - type: string - overwriteTopicName: - description: Changes the topic name from the value of `metadata.name`. - type: string - partitions: - description: |- - Specifies the number of topic shards that are distributed across the brokers in a cluster. - This number cannot be decreased after topic creation. - It can be increased after topic creation, but it is - important to understand the consequences that has, especially for - topics with semantic partitioning. When absent this will default to - the Redpanda cluster configuration `default_topic_partitions`. - See https://docs.redpanda.com/docs/reference/cluster-properties/#default_topic_partitions and - https://docs.redpanda.com/docs/get-started/architecture/#partitions - type: integer - replicationFactor: - description: |- - Specifies the number of replicas the topic should have. Must be odd value. - When absent this will default to the Redpanda cluster configuration `default_topic_replications`. - See https://docs.redpanda.com/docs/reference/cluster-properties/#default_topic_replications. - type: integer - type: object - x-kubernetes-validations: - - message: cluster must be specified if kafkaApiSpec is not - rule: has(self.cluster) || has(self.kafkaApiSpec) - status: - description: Represents the current status of the Topic resource. - properties: - conditions: - description: Conditions holds the conditions for the Topic. - items: - description: Condition contains details for one aspect of the current - state of this API Resource. - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - observedGeneration: - description: ObservedGeneration is the last observed generation of - the Topic. - format: int64 - type: integer - topicConfiguration: - description: TopicConfiguration is the last snapshot of the topic - configuration during successful reconciliation. - items: - description: Configuration was copied from https://github.com/twmb/franz-go/blob/01651affd204d4a3577a341e748c5d09b52587f8/pkg/kmsg/generated.go#L24593-L24634 - properties: - configSynonyms: - description: |- - ConfigSynonyms contains fallback key/value pairs for this config - entry, in order of preference. That is, if a config entry is both - dynamically configured and has a default, the top level return will be - the dynamic configuration, while its "synonym" will be the default. - items: - description: ConfigSynonyms was copied from https://github.com/twmb/franz-go/blob/01651affd204d4a3577a341e748c5d09b52587f8/pkg/kmsg/generated.go#L24569-L24578 - properties: - name: - type: string - source: - type: string - unknownTags: - additionalProperties: - type: string - description: UnknownTags are tags Kafka sent that we do - not know the purpose of. - type: object - value: - type: string - required: - - name - - source - type: object - type: array - configType: - description: ConfigType specifies the configuration data type. - type: string - documentation: - description: Documentation is optional documentation for the - config entry. - type: string - isDefault: - description: |- - IsDefault is whether this is a default config option. This has been - replaced in favor of Source. - type: boolean - isSensitive: - description: |- - IsSensitive signifies whether this is a sensitive config key, which - is either a password or an unknown type. - type: boolean - name: - description: Name is a key this entry corresponds to (e.g. segment.bytes). - type: string - readOnly: - description: |- - ReadOnly signifies whether this is not a dynamic config option. - - Note that this field is not always correct, and you may need to check - whether the Source is any dynamic enum. See franz-go#91 for more details. - type: boolean - source: - description: |- - Source is where this config entry is from. - - This field has a default of -1. - type: string - unknownTags: - additionalProperties: - type: string - description: UnknownTags are tags Kafka sent that we do not - know the purpose of. - type: object - value: - description: |- - Value is the value for this config key. If the key is sensitive, - the value will be null. - type: string - required: - - configType - - isDefault - - isSensitive - - name - - readOnly - - source - - unknownTags - type: object - type: array - type: object - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.16.3 - name: users.cluster.redpanda.com -spec: - group: cluster.redpanda.com - names: - kind: User - listKind: UserList - plural: users - shortNames: - - rpu - singular: user - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=="Synced")].status - name: Synced - type: string - - jsonPath: .status.managedUser - name: Managing User - type: boolean - - jsonPath: .status.managedAcls - name: Managing ACLs - type: boolean - name: v1alpha2 - schema: - openAPIV3Schema: - description: User defines the CRD for a Redpanda user. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: Defines the desired state of the Redpanda user. - properties: - authentication: - description: |- - Authentication defines the authentication information for a user. If no - Authentication credentials are specified, then no user will be created. - This is useful when wanting to manage ACLs for an already-existing user. - properties: - password: - description: Password specifies where a password is read from. - properties: - value: - description: |- - Value is a hardcoded value to use for the given password. It should only be used for testing purposes. - In production, use ValueFrom. - type: string - valueFrom: - description: ValueFrom specifies a source for a password to - be fetched from when specifying or generating user credentials. - properties: - secretKeyRef: - description: |- - SecretKeyRef specifies the secret used in reading a User password. - If the Secret exists and has a value in it, then that value is used. - If the Secret does not exist, or is empty, a password is generated and - stored based on this configuration. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - required: - - secretKeyRef - type: object - required: - - valueFrom - type: object - x-kubernetes-validations: - - message: valueFrom must not be empty if no value supplied - rule: self.value != "" || has(self.valueFrom) - type: - default: scram-sha-512 - description: |- - SASL mechanism to use for the user credentials. Valid values are: - - scram-sha-512 - - scram-sha-256 - enum: - - scram-sha-256 - - scram-sha-512 - - SCRAM-SHA-256 - - SCRAM-SHA-512 - type: string - required: - - password - type: object - authorization: - description: Authorization rules defined for this user. - properties: - acls: - description: List of ACL rules which should be applied to this - user. - items: - description: |- - ACLRule defines an ACL rule applied to the given user. - - Validations taken from https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=75978240 - properties: - host: - default: '*' - description: |- - The host from which the action described in the ACL rule is allowed or denied. - If not set, it defaults to *, allowing or denying the action from any host. - type: string - operations: - description: |- - List of operations which will be allowed or denied. Valid values are resource type dependent, but include: - - Read - - Write - - Delete - - Alter - - Describe - - IdempotentWrite - - ClusterAction - - Create - - AlterConfigs - - DescribeConfigs - items: - description: ACLOperation specifies the type of operation - for an ACL. - type: string - maxItems: 11 - minItems: 1 - type: array - resource: - description: Indicates the resource for which given ACL - rule applies. - properties: - name: - description: |- - Name of resource for which given ACL rule applies. If using type `cluster` this must not be specified. - Can be combined with patternType field to use prefix pattern. - type: string - patternType: - default: literal - description: |- - Describes the pattern used in the resource field. The supported types are literal - and prefixed. With literal pattern type, the resource field will be used as a definition - of a full topic name. With prefix pattern type, the resource name will be used only as - a prefix. Prefixed patterns can only be specified when using types `topic`, `group`, or - `transactionalId`. Default value is literal. Valid values: - - literal - - prefixed - enum: - - literal - - prefixed - type: string - type: - description: |- - Type specifies the type of resource an ACL is applied to. Valid values: - - topic - - group - - cluster - - transactionalId - enum: - - topic - - group - - cluster - - transactionalId - type: string - required: - - name - - type - type: object - x-kubernetes-validations: - - message: prefixed pattern type only supported for ['group', - 'topic', 'transactionalId'] - rule: 'self.type in [''group'', ''topic'', ''transactionalId''] - ? true : !has(self.patternType) || self.patternType - != ''prefixed''' - - message: name must not be specified for type ['cluster'] - rule: 'self.type == "cluster" ? (self.name == "") : true' - - message: acl rules on non-cluster resources must specify - a name - rule: 'self.type == "cluster" ? true : (self.name != "")' - type: - description: |- - Type specifies the type of ACL rule to create. Valid values are: - - allow - - deny - enum: - - allow - - deny - type: string - required: - - operations - - resource - - type - type: object - x-kubernetes-validations: - - message: supported topic operations are ['Alter', 'AlterConfigs', - 'Create', 'Delete', 'Describe', 'DescribeConfigs', 'Read', - 'Write'] - rule: 'self.resource.type == ''topic'' ? self.operations.all(o, - o in [''Alter'', ''AlterConfigs'', ''Create'', ''Delete'', - ''Describe'', ''DescribeConfigs'', ''Read'', ''Write'']) - : true' - - message: supported group operations are ['Delete', 'Describe', - 'Read'] - rule: 'self.resource.type == ''group'' ? self.operations.all(o, - o in [''Delete'', ''Describe'', ''Read'']) : true' - - message: supported transactionalId operations are ['Describe', - 'Write'] - rule: 'self.resource.type == ''transactionalId'' ? self.operations.all(o, - o in [''Describe'', ''Write'']) : true' - - message: supported cluster operations are ['Alter', 'AlterConfigs', - 'ClusterAction', 'Create', 'Describe', 'DescribeConfigs', - 'IdempotentWrite'] - rule: 'self.resource.type == ''cluster'' ? self.operations.all(o, - o in [''Alter'', ''AlterConfigs'', ''ClusterAction'', ''Create'', - ''Describe'', ''DescribeConfigs'', ''IdempotentWrite'']) - : true' - maxItems: 1024 - type: array - type: - default: simple - description: |- - Type specifies the type of authorization to use for User ACLs. If unspecified, defaults to `simple`. Valid values are: - - simple - enum: - - simple - type: string - type: object - cluster: - description: |- - ClusterSource is a reference to the cluster where the user should be created. - It is used in constructing the client created to configure a cluster. - properties: - clusterRef: - description: |- - ClusterRef is a reference to the cluster where the object should be created. - It is used in constructing the client created to configure a cluster. - This takes precedence over StaticConfigurationSource. - properties: - name: - description: Name specifies the name of the cluster being - referenced. - type: string - required: - - name - type: object - staticConfiguration: - description: StaticConfiguration holds connection parameters to - Kafka and Admin APIs. - properties: - admin: - description: |- - AdminAPISpec is the configuration information for communicating with the Admin - API of a Redpanda cluster where the object should be created. - properties: - sasl: - description: Defines authentication configuration settings - for Redpanda clusters that have authentication enabled. - properties: - mechanism: - description: Specifies the SASL/SCRAM authentication - mechanism. - type: string - passwordSecretRef: - description: Specifies the password. - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - token: - description: Specifies token for token-based authentication - (only used if no username/password are provided). - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - username: - description: Specifies the username. - type: string - required: - - mechanism - type: object - tls: - description: Defines TLS configuration settings for Redpanda - clusters that have TLS enabled. - properties: - caCertSecretRef: - description: CaCert is the reference for certificate - authority used to establish TLS connection to Redpanda - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - certSecretRef: - description: Cert is the reference for client public - certificate to establish mTLS connection to Redpanda - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - insecureSkipTlsVerify: - description: InsecureSkipTLSVerify can skip verifying - Redpanda self-signed certificate when establish - TLS connection to Redpanda - type: boolean - keySecretRef: - description: Key is the reference for client private - certificate to establish mTLS connection to Redpanda - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - type: object - urls: - description: Specifies a list of broker addresses in the - format : - items: - type: string - type: array - required: - - urls - type: object - kafka: - description: |- - Kafka is the configuration information for communicating with the Kafka - API of a Redpanda cluster where the object should be created. - properties: - brokers: - description: Specifies a list of broker addresses in the - format : - items: - type: string - type: array - sasl: - description: Defines authentication configuration settings - for Redpanda clusters that have authentication enabled. - properties: - awsMskIam: - description: |- - KafkaSASLAWSMskIam is the config for AWS IAM SASL mechanism, - see: https://docs.aws.amazon.com/msk/latest/developerguide/iam-access-control.html - properties: - accessKey: - type: string - secretKeySecretRef: - description: |- - SecretKeyRef contains enough information to inspect or modify the referred Secret data - See https://pkg.go.dev/k8s.io/api/core/v1#ObjectReference. - properties: - key: - description: Key in Secret data to get value - from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - sessionTokenSecretRef: - description: |- - SessionToken, if non-empty, is a session / security token to use for authentication. - See: https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html - properties: - key: - description: Key in Secret data to get value - from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - userAgent: - description: |- - UserAgent is the user agent to for the client to use when connecting - to Kafka, overriding the default "franz-go//". - - Setting a UserAgent allows authorizing based on the aws:UserAgent - condition key; see the following link for more details: - https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-useragent - type: string - required: - - accessKey - - secretKeySecretRef - - sessionTokenSecretRef - - userAgent - type: object - gssapi: - description: KafkaSASLGSSAPI represents the Kafka - Kerberos config. - properties: - authType: - type: string - enableFast: - description: |- - EnableFAST enables FAST, which is a pre-authentication framework for Kerberos. - It includes a mechanism for tunneling pre-authentication exchanges using armored KDC messages. - FAST provides increased resistance to passive password guessing attacks. - type: boolean - kerberosConfigPath: - type: string - keyTabPath: - type: string - passwordSecretRef: - description: |- - SecretKeyRef contains enough information to inspect or modify the referred Secret data - See https://pkg.go.dev/k8s.io/api/core/v1#ObjectReference. - properties: - key: - description: Key in Secret data to get value - from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - realm: - type: string - serviceName: - type: string - username: - type: string - required: - - authType - - enableFast - - kerberosConfigPath - - keyTabPath - - passwordSecretRef - - realm - - serviceName - - username - type: object - mechanism: - description: Specifies the SASL/SCRAM authentication - mechanism. - type: string - oauth: - description: KafkaSASLOAuthBearer is the config struct - for the SASL OAuthBearer mechanism - properties: - tokenSecretRef: - description: |- - SecretKeyRef contains enough information to inspect or modify the referred Secret data - See https://pkg.go.dev/k8s.io/api/core/v1#ObjectReference. - properties: - key: - description: Key in Secret data to get value - from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - required: - - tokenSecretRef - type: object - passwordSecretRef: - description: Specifies the password. - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - username: - description: Specifies the username. - type: string - required: - - mechanism - type: object - tls: - description: Defines TLS configuration settings for Redpanda - clusters that have TLS enabled. - properties: - caCertSecretRef: - description: CaCert is the reference for certificate - authority used to establish TLS connection to Redpanda - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - certSecretRef: - description: Cert is the reference for client public - certificate to establish mTLS connection to Redpanda - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - insecureSkipTlsVerify: - description: InsecureSkipTLSVerify can skip verifying - Redpanda self-signed certificate when establish - TLS connection to Redpanda - type: boolean - keySecretRef: - description: Key is the reference for client private - certificate to establish mTLS connection to Redpanda - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - type: object - required: - - brokers - type: object - schemaRegistry: - description: |- - SchemaRegistry is the configuration information for communicating with the Schema Registry - API of a Redpanda cluster where the object should be created. - properties: - sasl: - description: Defines authentication configuration settings - for Redpanda clusters that have authentication enabled. - properties: - mechanism: - description: Specifies the SASL/SCRAM authentication - mechanism. - type: string - passwordSecretRef: - description: Specifies the password. - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - token: - description: |- - SecretKeyRef contains enough information to inspect or modify the referred Secret data - See https://pkg.go.dev/k8s.io/api/core/v1#ObjectReference. - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - username: - description: Specifies the username. - type: string - required: - - mechanism - type: object - tls: - description: Defines TLS configuration settings for Redpanda - clusters that have TLS enabled. - properties: - caCertSecretRef: - description: CaCert is the reference for certificate - authority used to establish TLS connection to Redpanda - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - certSecretRef: - description: Cert is the reference for client public - certificate to establish mTLS connection to Redpanda - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - insecureSkipTlsVerify: - description: InsecureSkipTLSVerify can skip verifying - Redpanda self-signed certificate when establish - TLS connection to Redpanda - type: boolean - keySecretRef: - description: Key is the reference for client private - certificate to establish mTLS connection to Redpanda - properties: - key: - description: Key in Secret data to get value from - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - name - type: object - type: object - urls: - description: Specifies a list of broker addresses in the - format : - items: - type: string - type: array - required: - - urls - type: object - type: object - type: object - x-kubernetes-validations: - - message: 'spec.cluster.staticConfiguration.admin: required value' - rule: '!has(self.staticConfiguration) || has(self.staticConfiguration.admin)' - - message: 'spec.cluster.staticConfiguration.kafka: required value' - rule: '!has(self.staticConfiguration) || has(self.staticConfiguration.kafka)' - - message: either clusterRef or staticConfiguration must be set - rule: has(self.clusterRef) || has(self.staticConfiguration) - - message: ClusterSource is immutable - rule: self == oldSelf - template: - description: Template to specify how user secrets are generated. - properties: - secret: - description: Specifies how the Secret with a user password is - generated. - properties: - metadata: - description: Metadata specifies additional metadata to associate - with a resource. - properties: - annotations: - additionalProperties: - type: string - description: Annotations specifies the Kubernetes annotations - to apply to a managed resource. - type: object - labels: - additionalProperties: - type: string - description: Labels specifies the Kubernetes labels to - apply to a managed resource. - type: object - type: object - required: - - metadata - type: object - type: object - required: - - cluster - type: object - status: - default: - conditions: - - lastTransitionTime: "1970-01-01T00:00:00Z" - message: Waiting for controller - reason: Pending - status: Unknown - type: Synced - description: Represents the current status of the Redpanda user. - properties: - conditions: - description: Conditions holds the conditions for the Redpanda user. - items: - description: Condition contains details for one aspect of the current - state of this API Resource. - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - managedAcls: - description: |- - ManagedACLs returns whether the user has managed ACLs that need - to be cleaned up. - type: boolean - managedUser: - description: |- - ManagedUser returns whether the user has a managed SCRAM user that need - to be cleaned up. - type: boolean - observedGeneration: - description: Specifies the last observed generation. - format: int64 - type: integer - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {}