Top Level API Objects
Definitions
api.NodePlacement
NodePlacement describes node scheduling configuration.
| Name | Description | Schema |
|---|---|---|
affinity |
affinity enables pod affinity/anti-affinity placement expanding the types of constraints that can be expressed with nodeSelector. affinity is going to be applied to the relevant kind of pods in parallel with nodeSelector See https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity |
|
nodeSelector |
nodeSelector is the node selector applied to the relevant kind of pods It specifies a map of key-value pairs: for the pod to be eligible to run on a node, the node must have each of the indicated key-value pairs as labels (it can have additional labels as well). See https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector |
< string, string > map |
tolerations |
tolerations is a list of tolerations applied to the relevant kind of pods See https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ for more info. These are additional tolerations other than default ones. |
< v1.Toleration > array |
resource.Quantity
Quantity is a fixed-point representation of a number. It provides convenient marshaling/unmarshaling in JSON and YAML, in addition to String() and AsInt64() accessors.
The serialization format is:
<quantity> ::= <signedNumber><suffix>
(Note that <suffix> may be empty, from the "" case in <decimalSI>.)
<digit> ::= 0 | 1 | … | 9 <digits> ::= <digit> | <digit><digits> <number> ::= <digits> | <digits>.<digits> | <digits>. | .<digits> <sign> ::= "+" | "-" <signedNumber> ::= <number> | <sign><number> <suffix> ::= <binarySI> | <decimalExponent> | <decimalSI> <binarySI> ::= Ki | Mi | Gi | Ti | Pi | Ei
(International System of units; See: http://physics.nist.gov/cuu/Units/binary.html)
<decimalSI> ::= m | "" | k | M | G | T | P | E
(Note that 1024 = 1Ki but 1000 = 1k; I didn't choose the capitalization.)
<decimalExponent> ::= "e" <signedNumber> | "E" <signedNumber>
No matter which of the three exponent forms is used, no quantity may represent a number greater than 2^63-1 in magnitude, nor may it have more than 3 decimal places. Numbers larger or more precise will be capped or rounded up. (E.g.: 0.1m will rounded up to 1m.) This may be extended in the future if we require larger or smaller quantities.
When a Quantity is parsed from a string, it will remember the type of suffix it had, and will use the same type again when it is serialized.
Before serializing, Quantity will be put in "canonical form". This means that Exponent/suffix will be adjusted up or down (with a corresponding increase or decrease in Mantissa) such that:
-
No precision is lost - No fractional digits will be emitted - The exponent (or suffix) is as large as possible.
The sign will be omitted unless the number is negative.
Examples:
-
1.5 will be serialized as "1500m" - 1.5Gi will be serialized as "1536Mi"
Note that the quantity will NEVER be internally represented by a floating point number. That is the whole point of this exercise.
Non-canonical values will still parse as long as they are well formed, but will be re-emitted in their canonical form. (So always use canonical form, or don’t diff.)
This format is intended to make it difficult to use these numbers without writing some sort of special handling code in the hopes that that will cause implementors to also use a fixed point implementation.
Type : string
runtime.RawExtension
RawExtension is used to hold extensions in external versions.
To use this, make a field which has RawExtension as its type in your external, versioned struct, and Object in your internal struct. You also need to register your various plugin types.
type MyAPIObject struct {
runtime.TypeMeta `json:",inline"`
MyPlugin runtime.Object `json:"myPlugin"`
}
type PluginA struct {
AOption string `json:"aOption"`
}
type MyAPIObject struct {
runtime.TypeMeta `json:",inline"`
MyPlugin runtime.RawExtension `json:"myPlugin"`
}
type PluginA struct {
AOption string `json:"aOption"`
}
{
"kind":"MyAPIObject",
"apiVersion":"v1",
"myPlugin": {
"kind":"PluginA",
"aOption":"foo",
},
}
So what happens? Decode first uses json or yaml to unmarshal the serialized data into your external MyAPIObject. That causes the raw JSON to be stored, but not unpacked. The next step is to copy (using pkg/conversion) into the internal struct. The runtime package’s DefaultScheme has conversion functions installed which will unpack the JSON stored in RawExtension, turning it into the correct object type, and storing it in the Object. (TODO: In the case where the object is of an unknown type, a runtime.Unknown object will be created and stored.)
Type : object
v1.APIGroup
APIGroup contains the name, the supported versions, and the preferred version of a group.
| Name | Description | Schema |
|---|---|---|
apiVersion |
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources |
string |
kind |
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds |
string |
name |
name is the name of the group. |
string |
preferredVersion |
preferredVersion is the version preferred by the API server, which probably is the storage version. |
|
serverAddressByClientCIDRs |
a map of client CIDR to server address that is serving this group. This is to help clients reach servers in the most network-efficient way possible. Clients can use the appropriate server address as per the CIDR that they match. In case of multiple matches, clients should use the longest matching CIDR. The server returns only those CIDRs that it thinks that the client can match. For example: the master will return an internal IP CIDR only, if the client reaches the server using an internal IP. Server looks at X-Forwarded-For header or X-Real-Ip header or request.RemoteAddr (in that order) to get the client IP. |
< v1.ServerAddressByClientCIDR > array |
versions |
versions are the versions supported in this group. |
< v1.GroupVersionForDiscovery > array |
v1.APIGroupList
APIGroupList is a list of APIGroup, to allow clients to discover the API at /apis.
| Name | Description | Schema |
|---|---|---|
apiVersion |
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources |
string |
groups |
groups is a list of APIGroup. |
< v1.APIGroup > array |
kind |
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds |
string |
v1.APIResource
APIResource specifies the name of a resource and whether it is namespaced.
| Name | Description | Schema |
|---|---|---|
categories |
categories is a list of the grouped resources this resource belongs to (e.g. 'all') |
< string > array |
group |
group is the preferred group of the resource. Empty implies the group of the containing resource list. For subresources, this may have a different value, for example: Scale". |
string |
kind |
kind is the kind for the resource (e.g. 'Foo' is the kind for a resource 'foo') |
string |
name |
name is the plural name of the resource. |
string |
namespaced |
namespaced indicates if a resource is namespaced or not. |
boolean |
shortNames |
shortNames is a list of suggested short names of the resource. |
< string > array |
singularName |
singularName is the singular name of the resource. This allows clients to handle plural and singular opaquely. The singularName is more correct for reporting status on a single item and both singular and plural are allowed from the kubectl CLI interface. |
string |
storageVersionHash |
The hash value of the storage version, the version this resource is converted to when written to the data store. Value must be treated as opaque by clients. Only equality comparison on the value is valid. This is an alpha feature and may change or be removed in the future. The field is populated by the apiserver only if the StorageVersionHash feature gate is enabled. This field will remain optional even if it graduates. |
string |
verbs |
verbs is a list of supported kube verbs (this includes get, list, watch, create, update, patch, delete, deletecollection, and proxy) |
< string > array |
version |
version is the preferred version of the resource. Empty implies the version of the containing resource list For subresources, this may have a different value, for example: v1 (while inside a v1beta1 version of the core resource’s group)". |
string |
v1.APIResourceList
APIResourceList is a list of APIResource, it is used to expose the name of the resources supported in a specific group and version, and if the resource is namespaced.
| Name | Description | Schema |
|---|---|---|
apiVersion |
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources |
string |
groupVersion |
groupVersion is the group and version this APIResourceList is for. |
string |
kind |
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds |
string |
resources |
resources contains the name of the resources and if they are namespaced. |
< v1.APIResource > array |
v1.Affinity
Affinity is a group of affinity scheduling rules.
| Name | Description | Schema |
|---|---|---|
nodeAffinity |
Describes node affinity scheduling rules for the pod. |
|
podAffinity |
Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). |
|
podAntiAffinity |
Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). |
v1.Condition
Condition represents the state of the operator’s reconciliation functionality.
| Name | Description | Schema |
|---|---|---|
lastHeartbeatTime |
||
lastTransitionTime |
||
message |
string |
|
reason |
string |
|
status |
Default : |
string |
type |
Default : |
string |
v1.CustomTLSProfile
CustomTLSProfile is a user-defined TLS security profile. Be extremely careful using a custom TLS profile as invalid configurations can be catastrophic.
| Name | Description | Schema | ||
|---|---|---|---|---|
ciphers |
ciphers is used to specify the cipher algorithms that are negotiated during the TLS handshake. Operators may remove entries their operands do not support. For example, to use DES-CBC3-SHA (yaml): ciphers: - DES-CBC3-SHA |
< string > array |
||
minTLSVersion |
minTLSVersion is used to specify the minimal version of the TLS protocol that is negotiated during the TLS handshake. For example, to use TLS versions 1.1, 1.2 and 1.3 (yaml): minTLSVersion: TLSv1.1
|
string |
v1.DeleteOptions
DeleteOptions may be provided when deleting an API object.
| Name | Description | Schema |
|---|---|---|
apiVersion |
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources |
string |
dryRun |
When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed |
< string > array |
gracePeriodSeconds |
The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. |
integer (int64) |
kind |
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds |
string |
orphanDependents |
Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list. Either this field or PropagationPolicy may be set, but not both. |
boolean |
preconditions |
Must be fulfilled before a deletion is carried out. If not possible, a 409 Conflict status will be returned. |
|
propagationPolicy |
Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground. |
string |
v1.Duration
Duration is a wrapper around time.Duration which supports correct marshaling to YAML and JSON. In particular, it marshals into strings, which can be used as map keys in json.
Type : string
v1.FieldsV1
FieldsV1 stores a set of fields in a data structure like a Trie, in JSON format.
Each key is either a '.' representing the field itself, and will always map to an empty set, or a string representing a sub-field or item. The string will follow one of these four formats: 'f:<name>', where <name> is the name of a field in a struct, or key in a map 'v:<value>', where <value> is the exact json formatted value of a list item 'i:<index>', where <index> is position of a item in a list 'k:<keys>', where <keys> is a map of a list item’s key fields to their unique values If a key maps to an empty Fields value, the field that key represents is part of the set.
The exact format is defined in sigs.k8s.io/structured-merge-diff
Type : object
v1.GroupVersionForDiscovery
GroupVersion contains the "group/version" and "version" string of a version. It is made a struct to keep extensibility.
| Name | Description | Schema |
|---|---|---|
groupVersion |
groupVersion specifies the API group and version in the form "group/version" |
string |
version |
version specifies the version in the form of "version". This is to save the clients the trouble of splitting the GroupVersion. |
string |
v1.IntermediateTLSProfile
IntermediateTLSProfile is a TLS security profile based on: https://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28default.29
Type : object
v1.LabelSelector
A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.
| Name | Description | Schema |
|---|---|---|
matchExpressions |
matchExpressions is a list of label selector requirements. The requirements are ANDed. |
< v1.LabelSelectorRequirement > array |
matchLabels |
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. |
< string, string > map |
v1.LabelSelectorRequirement
A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
| Name | Description | Schema |
|---|---|---|
key |
key is the label key that the selector applies to. |
string |
operator |
operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. |
string |
values |
values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. |
< string > array |
v1.ListMeta
ListMeta describes metadata that synthetic resources must have, including lists and various status objects. A resource may have only one of {ObjectMeta, ListMeta}.
| Name | Description | Schema |
|---|---|---|
continue |
continue may be set if the user set a limit on the number of items returned, and indicates that the server has more data available. The value is opaque and may be used to issue another request to the endpoint that served this list to retrieve the next set of available objects. Continuing a consistent list may not be possible if the server configuration has changed or more than a few minutes have passed. The resourceVersion field returned when using this continue value will be identical to the value in the first response, unless you have received this token from an error message. |
string |
remainingItemCount |
remainingItemCount is the number of subsequent items in the list which are not included in this list response. If the list request contained label or field selectors, then the number of remaining items is unknown and the field will be left unset and omitted during serialization. If the list is complete (either because it is not chunking or because this is the last chunk), then there are no more remaining items and this field will be left unset and omitted during serialization. Servers older than v1.15 do not set this field. The intended use of the remainingItemCount is estimating the size of a collection. Clients should not rely on the remainingItemCount to be set or to be exact. |
integer (int64) |
resourceVersion |
String that identifies the server’s internal version of this object that can be used by clients to determine when objects have changed. Value must be treated as opaque by clients and passed unmodified back to the server. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency |
string |
selfLink |
Deprecated: selfLink is a legacy read-only field that is no longer populated by the system. |
string |
v1.LocalObjectReference
LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.
| Name | Description | Schema |
|---|---|---|
name |
Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names |
string |
v1.ManagedFieldsEntry
ManagedFieldsEntry is a workflow-id, a FieldSet and the group version of the resource that the fieldset applies to.
| Name | Description | Schema |
|---|---|---|
apiVersion |
APIVersion defines the version of this resource that this field set applies to. The format is "group/version" just like the top-level APIVersion field. It is necessary to track the version of a field set because it cannot be automatically converted. |
string |
fieldsType |
FieldsType is the discriminator for the different fields format and version. There is currently only one possible value: "FieldsV1" |
string |
fieldsV1 |
FieldsV1 holds the first JSON version format as described in the "FieldsV1" type. |
|
manager |
Manager is an identifier of the workflow managing these fields. |
string |
operation |
Operation is the type of operation which lead to this ManagedFieldsEntry being created. The only valid values for this field are 'Apply' and 'Update'. |
string |
subresource |
Subresource is the name of the subresource used to update that object, or empty string if the object was updated through the main resource. The value of this field is used to distinguish between managers, even if they share the same name. For example, a status update will be distinct from a regular update using the same manager name. Note that the APIVersion field is not related to the Subresource field and it always corresponds to the version of the main resource. |
string |
time |
Time is the timestamp of when the ManagedFields entry was added. The timestamp will also be updated if a field is added, the manager changes any of the owned fields value or removes a field. The timestamp does not update when a field is removed from the entry because another manager took it over. |
v1.ModernTLSProfile
ModernTLSProfile is a TLS security profile based on: https://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility
Type : object
v1.NodeAffinity
Node affinity is a group of node affinity scheduling rules.
| Name | Description | Schema |
|---|---|---|
preferredDuringSchedulingIgnoredDuringExecution |
The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. |
< v1.PreferredSchedulingTerm > array |
requiredDuringSchedulingIgnoredDuringExecution |
If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. |
v1.NodeSelector
A node selector represents the union of the results of one or more label queries over a set of nodes; that is, it represents the OR of the selectors represented by the node selector terms.
| Name | Description | Schema |
|---|---|---|
nodeSelectorTerms |
Required. A list of node selector terms. The terms are ORed. |
< v1.NodeSelectorTerm > array |
v1.NodeSelectorRequirement
A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
| Name | Description | Schema |
|---|---|---|
key |
The label key that the selector applies to. |
string |
operator |
Represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. Possible enum values:
- |
enum (DoesNotExist, Exists, Gt, In, Lt, NotIn) |
values |
An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. |
< string > array |
v1.NodeSelectorTerm
A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.
| Name | Description | Schema |
|---|---|---|
matchExpressions |
A list of node selector requirements by node’s labels. |
< v1.NodeSelectorRequirement > array |
matchFields |
A list of node selector requirements by node’s fields. |
< v1.NodeSelectorRequirement > array |
v1.ObjectMeta
ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create.
| Name | Description | Schema |
|---|---|---|
annotations |
Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations |
< string, string > map |
creationTimestamp |
CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata |
|
deletionGracePeriodSeconds |
Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. |
integer (int64) |
deletionTimestamp |
DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata |
|
finalizers |
Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. Finalizers may be processed and removed in any order. Order is NOT enforced because it introduces significant risk of stuck finalizers. finalizers is a shared field, any actor with permission can reorder it. If the finalizer list is processed in order, then this can lead to a situation in which the component responsible for the first finalizer in the list is waiting for a signal (field value, external system, or other) produced by a component responsible for a finalizer later in the list, resulting in a deadlock. Without enforced ordering finalizers are free to order amongst themselves and are not vulnerable to ordering changes in the list. |
< string > array |
generateName |
GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will return a 409. Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#idempotency |
string |
generation |
A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. |
integer (int64) |
labels |
Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels |
< string, string > map |
managedFields |
ManagedFields maps workflow-id and version to the set of fields that are managed by that workflow. This is mostly for internal housekeeping, and users typically shouldn’t need to set or understand this field. A workflow can be the user’s name, a controller’s name, or the name of a specific apply path like "ci-cd". The set of fields is always in the version that the workflow used when modifying the object. |
< v1.ManagedFieldsEntry > array |
name |
Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names |
string |
namespace |
Namespace defines the space within which each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces |
string |
ownerReferences |
List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller. |
< v1.OwnerReference > array |
resourceVersion |
An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency |
string |
selfLink |
Deprecated: selfLink is a legacy read-only field that is no longer populated by the system. |
string |
uid |
UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids |
string |
v1.OldTLSProfile
OldTLSProfile is a TLS security profile based on: https://wiki.mozilla.org/Security/Server_Side_TLS#Old_backward_compatibility
Type : object
v1.OwnerReference
OwnerReference contains enough information to let you identify an owning object. An owning object must be in the same namespace as the dependent, or be cluster-scoped, so there is no namespace field.
| Name | Description | Schema |
|---|---|---|
apiVersion |
API version of the referent. |
string |
blockOwnerDeletion |
If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. See https://kubernetes.io/docs/concepts/architecture/garbage-collection/#foreground-deletion for how the garbage collector interacts with this field and enforces the foreground deletion. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. |
boolean |
controller |
If true, this reference points to the managing controller. |
boolean |
kind |
Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds |
string |
name |
Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names |
string |
uid |
UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids |
string |
v1.Patch
Patch is provided to give a concrete name and type to the Kubernetes PATCH request body.
Type : object
v1.PersistentVolumeClaimSpec
PersistentVolumeClaimSpec describes the common attributes of storage devices and allows a Source for provider-specific attributes
| Name | Description | Schema |
|---|---|---|
accessModes |
accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 |
< string > array |
dataSource |
dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource. |
|
dataSourceRef |
dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn’t specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn’t set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. |
|
resources |
resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources |
|
selector |
selector is a label query over volumes to consider for binding. |
|
storageClassName |
storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 |
string |
volumeMode |
volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec. Possible enum values:
- |
enum (Block, Filesystem) |
volumeName |
volumeName is the binding reference to the PersistentVolume backing this claim. |
string |
v1.PodAffinity
Pod affinity is a group of inter pod affinity scheduling rules.
| Name | Description | Schema |
|---|---|---|
preferredDuringSchedulingIgnoredDuringExecution |
The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. |
< v1.WeightedPodAffinityTerm > array |
requiredDuringSchedulingIgnoredDuringExecution |
If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. |
< v1.PodAffinityTerm > array |
v1.PodAffinityTerm
Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running
| Name | Description | Schema |
|---|---|---|
labelSelector |
A label query over a set of resources, in this case pods. |
|
namespaceSelector |
A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces. |
|
namespaces |
namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod’s namespace". |
< string > array |
topologyKey |
This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. |
string |
v1.PodAntiAffinity
Pod anti affinity is a group of inter pod anti affinity scheduling rules.
| Name | Description | Schema |
|---|---|---|
preferredDuringSchedulingIgnoredDuringExecution |
The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. |
< v1.WeightedPodAffinityTerm > array |
requiredDuringSchedulingIgnoredDuringExecution |
If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. |
< v1.PodAffinityTerm > array |
v1.Preconditions
Preconditions must be fulfilled before an operation (update, delete, etc.) is carried out.
| Name | Description | Schema |
|---|---|---|
resourceVersion |
Specifies the target ResourceVersion |
string |
uid |
Specifies the target UID. |
string |
v1.PreferredSchedulingTerm
An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it’s a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).
| Name | Description | Schema |
|---|---|---|
preference |
A node selector term, associated with the corresponding weight. |
|
weight |
Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. |
integer (int32) |
v1.ResourceClaim
ResourceClaim references one entry in PodSpec.ResourceClaims.
| Name | Description | Schema |
|---|---|---|
name |
Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. |
string |
v1.ResourceRequirements
ResourceRequirements describes the compute resource requirements.
| Name | Description | Schema |
|---|---|---|
claims |
Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. |
< v1.ResourceClaim > array |
limits |
Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ |
< string, resource.Quantity > map |
requests |
Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ |
< string, resource.Quantity > map |
v1.RootPaths
RootPaths lists the paths available at root. For example: "/healthz", "/apis".
| Name | Description | Schema |
|---|---|---|
paths |
paths are the paths available at root. |
< string > array |
v1.ServerAddressByClientCIDR
ServerAddressByClientCIDR helps the client to determine the server address that they should use, depending on the clientCIDR that they match.
| Name | Description | Schema |
|---|---|---|
clientCIDR |
The CIDR with which clients can match their IP to figure out the server address that they should use. |
string |
serverAddress |
Address of this server, suitable for a client that matches the above CIDR. This can be a hostname, hostname:port, IP or IP:port. |
string |
v1.Status
Status is a return value for calls that don’t return other objects.
| Name | Description | Schema |
|---|---|---|
apiVersion |
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources |
string |
code |
Suggested HTTP return code for this status, 0 if not set. |
integer (int32) |
details |
Extended data associated with the reason. Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type. |
|
kind |
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds |
string |
message |
A human-readable description of the status of this operation. |
string |
metadata |
Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds |
|
reason |
A machine-readable description of why this operation is in the "Failure" status. If this value is empty there is no information available. A Reason clarifies an HTTP status code but does not override it. |
string |
status |
Status of the operation. One of: "Success" or "Failure". More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status |
string |
v1.StatusCause
StatusCause provides more information about an api.Status failure, including cases when multiple errors are encountered.
| Name | Description | Schema |
|---|---|---|
field |
The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. Examples: "name" - the field "name" on the current resource "items[0].name" - the field "name" on the first array entry in "items" |
string |
message |
A human-readable description of the cause of the error. This field may be presented as-is to a reader. |
string |
reason |
A machine-readable description of the cause of the error. If this value is empty there is no information available. |
string |
v1.StatusDetails
StatusDetails is a set of additional properties that MAY be set by the server to provide additional information about a response. The Reason field of a Status object defines what attributes will be set. Clients must ignore fields that do not match the defined type of each attribute, and should assume that any attribute may be empty, invalid, or under defined.
| Name | Description | Schema |
|---|---|---|
causes |
The Causes array includes more details associated with the StatusReason failure. Not all StatusReasons may provide detailed causes. |
< v1.StatusCause > array |
group |
The group attribute of the resource associated with the status StatusReason. |
string |
kind |
The kind attribute of the resource associated with the status StatusReason. On some operations may differ from the requested resource Kind. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds |
string |
name |
The name attribute of the resource associated with the status StatusReason (when there is a single name which can be described). |
string |
retryAfterSeconds |
If specified, the time in seconds before the operation should be retried. Some errors may indicate the client must take an alternate action - for those errors this field may indicate how long to wait before taking the alternate action. |
integer (int32) |
uid |
UID of the resource. (when there is a single resource which can be described). More info: http://kubernetes.io/docs/user-guide/identifiers#uids |
string |
v1.TLSSecurityProfile
TLSSecurityProfile defines the schema for a TLS security profile. This object is used by operators to apply TLS security settings to operands.
| Name | Description | Schema | ||
|---|---|---|---|---|
custom |
custom is a user-defined TLS security profile. Be extremely careful using a custom profile as invalid configurations can be catastrophic. An example custom profile looks like this: ciphers: - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 minTLSVersion: TLSv1.1 |
|||
intermediate |
intermediate is a TLS security profile based on: and looks like this (yaml): ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-RSA-AES256-GCM-SHA384 - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - DHE-RSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 minTLSVersion: TLSv1.2 |
|||
modern |
modern is a TLS security profile based on: and looks like this (yaml): ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 minTLSVersion: TLSv1.3
|
|||
old |
old is a TLS security profile based on: and looks like this (yaml): ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-RSA-AES256-GCM-SHA384 - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - DHE-RSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 - DHE-RSA-CHACHA20-POLY1305 - ECDHE-ECDSA-AES128-SHA256 - ECDHE-RSA-AES128-SHA256 - ECDHE-ECDSA-AES128-SHA - ECDHE-RSA-AES128-SHA - ECDHE-ECDSA-AES256-SHA384 - ECDHE-RSA-AES256-SHA384 - ECDHE-ECDSA-AES256-SHA - ECDHE-RSA-AES256-SHA - DHE-RSA-AES128-SHA256 - DHE-RSA-AES256-SHA256 - AES128-GCM-SHA256 - AES256-GCM-SHA384 - AES128-SHA256 - AES256-SHA256 - AES128-SHA - AES256-SHA - DES-CBC3-SHA minTLSVersion: TLSv1.0 |
|||
type |
type is one of Old, Intermediate, Modern or Custom. Custom provides the ability to specify individual TLS security profile parameters. Old, Intermediate and Modern are TLS security profiles based on: The profiles are intent based, so they may change over time as new ciphers are developed and existing ciphers are found to be insecure. Depending on precisely which ciphers are available to a process, the list may be reduced. Note that the Modern profile is currently not supported because it is not yet well adopted by common software libraries. |
string |
v1.Time
Time is a wrapper around time.Time which supports correct marshaling to YAML and JSON. Wrappers are provided for many of the factory methods that the time package offers.
Type : string (date-time)
v1.Toleration
The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.
| Name | Description | Schema |
|---|---|---|
effect |
Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. Possible enum values:
- |
enum (NoExecute, NoSchedule, PreferNoSchedule) |
key |
Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. |
string |
operator |
Operator represents a key’s relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. Possible enum values:
- |
enum (Equal, Exists) |
tolerationSeconds |
TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. |
integer (int64) |
value |
Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. |
string |
v1.TypedLocalObjectReference
TypedLocalObjectReference contains enough information to let you locate the typed referenced object inside the same namespace.
| Name | Description | Schema |
|---|---|---|
apiGroup |
APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. |
string |
kind |
Kind is the type of resource being referenced |
string |
name |
Name is the name of resource being referenced |
string |
v1.TypedObjectReference
| Name | Description | Schema |
|---|---|---|
apiGroup |
APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. |
string |
kind |
Kind is the type of resource being referenced |
string |
name |
Name is the name of resource being referenced |
string |
namespace |
Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace’s owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. |
string |
v1.WatchEvent
Event represents a single event to a watched resource.
| Name | Description | Schema |
|---|---|---|
object |
Object is: * If Type is Added or Modified: the new state of the object. * If Type is Deleted: the state of the object immediately before deletion. * If Type is Error: *Status is recommended; other types may make sense depending on context. |
|
type |
Default : |
string |
v1.WeightedPodAffinityTerm
The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)
| Name | Description | Schema |
|---|---|---|
podAffinityTerm |
Required. A pod affinity term, associated with the corresponding weight. |
|
weight |
weight associated with matching the corresponding podAffinityTerm, in the range 1-100. |
integer (int32) |
v1beta1.CDI
CDI is the CDI Operator CRD
| Name | Description | Schema |
|---|---|---|
apiVersion |
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources |
string |
kind |
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds |
string |
metadata |
||
spec |
||
status |
v1beta1.CDICertConfig
CDICertConfig has the CertConfigs for CDI
| Name | Description | Schema |
|---|---|---|
ca |
CA configuration CA certs are kept in the CA bundle as long as they are valid |
|
server |
Server configuration Certs are rotated and discarded |
v1beta1.CDIConfig
CDIConfig provides a user configuration for CDI
| Name | Description | Schema |
|---|---|---|
apiVersion |
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources |
string |
kind |
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds |
string |
metadata |
||
spec |
||
status |
v1beta1.CDIConfigList
CDIConfigList provides the needed parameters to do request a list of CDIConfigs from the system
| Name | Description | Schema |
|---|---|---|
apiVersion |
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources |
string |
items |
Items provides a list of CDIConfigs |
< v1beta1.CDIConfig > array |
kind |
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds |
string |
metadata |
v1beta1.CDIConfigSpec
CDIConfigSpec defines specification for user configuration
| Name | Description | Schema |
|---|---|---|
dataVolumeTTLSeconds |
DataVolumeTTLSeconds is the time in seconds after DataVolume completion it can be garbage collected. Disabled by default. |
integer (int32) |
featureGates |
FeatureGates are a list of specific enabled feature gates |
< string > array |
filesystemOverhead |
FilesystemOverhead describes the space reserved for overhead when using Filesystem volumes. A value is between 0 and 1, if not defined it is 0.055 (5.5% overhead) |
|
imagePullSecrets |
The imagePullSecrets used to pull the container images |
< v1.LocalObjectReference > array |
importProxy |
ImportProxy contains importer pod proxy configuration. |
|
insecureRegistries |
InsecureRegistries is a list of TLS disabled registries |
< string > array |
logVerbosity |
LogVerbosity overrides the default verbosity level used to initialize loggers |
integer (int32) |
podResourceRequirements |
ResourceRequirements describes the compute resource requirements. |
|
preallocation |
Preallocation controls whether storage for DataVolumes should be allocated in advance. |
boolean |
scratchSpaceStorageClass |
Override the storage class to used for scratch space during transfer operations. The scratch space storage class is determined in the following order: 1. value of scratchSpaceStorageClass, if that doesn’t exist, use the default storage class, if there is no default storage class, use the storage class of the DataVolume, if no storage class specified, use no storage class for scratch space |
string |
tlsSecurityProfile |
TLSSecurityProfile is used by operators to apply cluster-wide TLS security settings to operands. |
|
uploadProxyURLOverride |
Override the URL used when uploading to a DataVolume |
string |
v1beta1.CDIConfigStatus
CDIConfigStatus provides the most recently observed status of the CDI Config resource
| Name | Description | Schema |
|---|---|---|
defaultPodResourceRequirements |
ResourceRequirements describes the compute resource requirements. |
|
filesystemOverhead |
FilesystemOverhead describes the space reserved for overhead when using Filesystem volumes. A percentage value is between 0 and 1 |
|
imagePullSecrets |
The imagePullSecrets used to pull the container images |
< v1.LocalObjectReference > array |
importProxy |
ImportProxy contains importer pod proxy configuration. |
|
preallocation |
Preallocation controls whether storage for DataVolumes should be allocated in advance. |
boolean |
scratchSpaceStorageClass |
The calculated storage class to be used for scratch space |
string |
uploadProxyURL |
The calculated upload proxy URL |
string |
v1beta1.CDIList
CDIList provides the needed parameters to do request a list of CDIs from the system
| Name | Description | Schema |
|---|---|---|
apiVersion |
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources |
string |
items |
Items provides a list of CDIs |
< v1beta1.CDI > array |
kind |
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds |
string |
metadata |
v1beta1.CDISpec
CDISpec defines our specification for the CDI installation
| Name | Description | Schema |
|---|---|---|
certConfig |
certificate configuration |
|
cloneStrategyOverride |
Clone strategy override: should we use a host-assisted copy even if snapshots are available? |
string |
config |
CDIConfig at CDI level |
|
imagePullPolicy |
PullPolicy describes a policy for if/when to pull a container image Possible enum values:
- |
enum (Always, IfNotPresent, Never) |
infra |
Rules on which nodes CDI infrastructure pods will be scheduled |
|
priorityClass |
PriorityClass of the CDI control plane |
string |
uninstallStrategy |
CDIUninstallStrategy defines the state to leave CDI on uninstall |
string |
workload |
Restrict on which nodes CDI workload pods will be scheduled |
v1beta1.CDIStatus
CDIStatus defines the status of the installation
| Name | Description | Schema |
|---|---|---|
conditions |
A list of current conditions of the resource |
< v1.Condition > array |
observedVersion |
The observed version of the resource |
string |
operatorVersion |
The version of the resource as defined by the operator |
string |
phase |
string |
|
targetVersion |
The desired version of the resource |
string |
v1beta1.CertConfig
CertConfig contains the tunables for TLS certificates
| Name | Description | Schema |
|---|---|---|
duration |
The requested 'duration' (i.e. lifetime) of the Certificate. |
|
renewBefore |
The amount of time before the currently issued certificate’s |
v1beta1.DataImportCron
DataImportCron defines a cron job for recurring polling/importing disk images as PVCs into a golden image namespace
| Name | Description | Schema |
|---|---|---|
apiVersion |
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources |
string |
kind |
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds |
string |
metadata |
||
spec |
||
status |
v1beta1.DataImportCronCondition
DataImportCronCondition represents the state of a data import cron condition
| Name | Description | Schema |
|---|---|---|
lastHeartbeatTime |
||
lastTransitionTime |
||
message |
string |
|
reason |
string |
|
status |
Default : |
string |
type |
Default : |
string |
v1beta1.DataImportCronList
DataImportCronList provides the needed parameters to do request a list of DataImportCrons from the system
| Name | Description | Schema |
|---|---|---|
apiVersion |
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources |
string |
items |
Items provides a list of DataImportCrons |
< v1beta1.DataImportCron > array |
kind |
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds |
string |
metadata |
v1beta1.DataImportCronSpec
DataImportCronSpec defines specification for DataImportCron
| Name | Description | Schema |
|---|---|---|
garbageCollect |
GarbageCollect specifies whether old PVCs should be cleaned up after a new PVC is imported. Options are currently "Outdated" and "Never", defaults to "Outdated". |
string |
importsToKeep |
Number of import PVCs to keep when garbage collecting. Default is 3. |
integer (int32) |
managedDataSource |
ManagedDataSource specifies the name of the corresponding DataSource this cron will manage. DataSource has to be in the same namespace. |
string |
retentionPolicy |
RetentionPolicy specifies whether the created DataVolumes and DataSources are retained when their DataImportCron is deleted. Default is RatainAll. |
string |
schedule |
Schedule specifies in cron format when and how often to look for new imports |
string |
template |
Template specifies template for the DVs to be created |
v1beta1.DataImportCronStatus
DataImportCronStatus provides the most recently observed status of the DataImportCron
| Name | Description | Schema |
|---|---|---|
conditions |
< v1beta1.DataImportCronCondition > array |
|
currentImports |
CurrentImports are the imports in progress. Currently only a single import is supported. |
< v1beta1.ImportStatus > array |
lastExecutionTimestamp |
LastExecutionTimestamp is the time of the last polling |
|
lastImportTimestamp |
LastImportTimestamp is the time of the last import |
|
lastImportedPVC |
LastImportedPVC is the last imported PVC |
|
sourceFormat |
SourceFormat defines the format of the DataImportCron-created disk image sources |
string |
v1beta1.DataSource
DataSource references an import/clone source for a DataVolume
| Name | Description | Schema |
|---|---|---|
apiVersion |
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources |
string |
kind |
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds |
string |
metadata |
||
spec |
||
status |
v1beta1.DataSourceCondition
DataSourceCondition represents the state of a data source condition
| Name | Description | Schema |
|---|---|---|
lastHeartbeatTime |
||
lastTransitionTime |
||
message |
string |
|
reason |
string |
|
status |
Default : |
string |
type |
Default : |
string |
v1beta1.DataSourceList
DataSourceList provides the needed parameters to do request a list of Data Sources from the system
| Name | Description | Schema |
|---|---|---|
apiVersion |
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources |
string |
items |
Items provides a list of DataSources |
< v1beta1.DataSource > array |
kind |
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds |
string |
metadata |
v1beta1.DataSourceSource
DataSourceSource represents the source for our DataSource
| Name | Schema |
|---|---|
pvc |
|
snapshot |
v1beta1.DataSourceSpec
DataSourceSpec defines specification for DataSource
| Name | Description | Schema |
|---|---|---|
source |
Source is the source of the data referenced by the DataSource |
v1beta1.DataSourceStatus
DataSourceStatus provides the most recently observed status of the DataSource
| Name | Description | Schema |
|---|---|---|
conditions |
< v1beta1.DataSourceCondition > array |
|
source |
Source is the current source of the data referenced by the DataSource |
v1beta1.DataVolume
DataVolume is an abstraction on top of PersistentVolumeClaims to allow easy population of those PersistentVolumeClaims with relation to VirtualMachines
| Name | Description | Schema |
|---|---|---|
apiVersion |
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources |
string |
kind |
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds |
string |
metadata |
||
spec |
||
status |
v1beta1.DataVolumeBlankImage
DataVolumeBlankImage provides the parameters to create a new raw blank image for the PVC
Type : object
v1beta1.DataVolumeCheckpoint
DataVolumeCheckpoint defines a stage in a warm migration.
| Name | Description | Schema |
|---|---|---|
current |
Current is the identifier of the snapshot created for this checkpoint. |
string |
previous |
Previous is the identifier of the snapshot from the previous checkpoint. |
string |
v1beta1.DataVolumeCondition
DataVolumeCondition represents the state of a data volume condition.
| Name | Description | Schema |
|---|---|---|
lastHeartbeatTime |
||
lastTransitionTime |
||
message |
string |
|
reason |
string |
|
status |
Default : |
string |
type |
Default : |
string |
v1beta1.DataVolumeList
DataVolumeList provides the needed parameters to do request a list of Data Volumes from the system
| Name | Description | Schema |
|---|---|---|
apiVersion |
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources |
string |
items |
Items provides a list of DataVolumes |
< v1beta1.DataVolume > array |
kind |
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds |
string |
metadata |
v1beta1.DataVolumeSource
DataVolumeSource represents the source for our Data Volume, this can be HTTP, Imageio, S3, GCS, Registry or an existing PVC
| Name | Schema |
|---|---|
blank |
|
gcs |
|
http |
|
imageio |
|
pvc |
|
registry |
|
s3 |
|
snapshot |
|
upload |
|
vddk |
v1beta1.DataVolumeSourceGCS
DataVolumeSourceGCS provides the parameters to create a Data Volume from an GCS source
| Name | Description | Schema |
|---|---|---|
secretRef |
SecretRef provides the secret reference needed to access the GCS source |
string |
url |
URL is the url of the GCS source |
string |
v1beta1.DataVolumeSourceHTTP
DataVolumeSourceHTTP can be either an http or https endpoint, with an optional basic auth user name and password, and an optional configmap containing additional CAs
| Name | Description | Schema |
|---|---|---|
certConfigMap |
CertConfigMap is a configmap reference, containing a Certificate Authority(CA) public key, and a base64 encoded pem certificate |
string |
extraHeaders |
ExtraHeaders is a list of strings containing extra headers to include with HTTP transfer requests |
< string > array |
secretExtraHeaders |
SecretExtraHeaders is a list of Secret references, each containing an extra HTTP header that may include sensitive information |
< string > array |
secretRef |
SecretRef A Secret reference, the secret should contain accessKeyId (user name) base64 encoded, and secretKey (password) also base64 encoded |
string |
url |
URL is the URL of the http(s) endpoint |
string |
v1beta1.DataVolumeSourceImageIO
DataVolumeSourceImageIO provides the parameters to create a Data Volume from an imageio source
| Name | Description | Schema |
|---|---|---|
certConfigMap |
CertConfigMap provides a reference to the CA cert |
string |
diskId |
DiskID provides id of a disk to be imported |
string |
secretRef |
SecretRef provides the secret reference needed to access the ovirt-engine |
string |
url |
URL is the URL of the ovirt-engine |
string |
v1beta1.DataVolumeSourcePVC
DataVolumeSourcePVC provides the parameters to create a Data Volume from an existing PVC
| Name | Description | Schema |
|---|---|---|
name |
The name of the source PVC |
string |
namespace |
The namespace of the source PVC |
string |
v1beta1.DataVolumeSourceRef
DataVolumeSourceRef defines an indirect reference to the source of data for the DataVolume
| Name | Description | Schema |
|---|---|---|
kind |
The kind of the source reference, currently only "DataSource" is supported |
string |
name |
The name of the source reference |
string |
namespace |
The namespace of the source reference, defaults to the DataVolume namespace |
string |
v1beta1.DataVolumeSourceRegistry
DataVolumeSourceRegistry provides the parameters to create a Data Volume from an registry source
| Name | Description | Schema |
|---|---|---|
certConfigMap |
CertConfigMap provides a reference to the Registry certs |
string |
imageStream |
ImageStream is the name of image stream for import |
string |
pullMethod |
PullMethod can be either "pod" (default import), or "node" (node docker cache based import) |
string |
secretRef |
SecretRef provides the secret reference needed to access the Registry source |
string |
url |
URL is the url of the registry source (starting with the scheme: docker, oci-archive) |
string |
v1beta1.DataVolumeSourceS3
DataVolumeSourceS3 provides the parameters to create a Data Volume from an S3 source
| Name | Description | Schema |
|---|---|---|
certConfigMap |
CertConfigMap is a configmap reference, containing a Certificate Authority(CA) public key, and a base64 encoded pem certificate |
string |
secretRef |
SecretRef provides the secret reference needed to access the S3 source |
string |
url |
URL is the url of the S3 source |
string |
v1beta1.DataVolumeSourceSnapshot
DataVolumeSourceSnapshot provides the parameters to create a Data Volume from an existing VolumeSnapshot
| Name | Description | Schema |
|---|---|---|
name |
The name of the source VolumeSnapshot |
string |
namespace |
The namespace of the source VolumeSnapshot |
string |
v1beta1.DataVolumeSourceUpload
DataVolumeSourceUpload provides the parameters to create a Data Volume by uploading the source
Type : object
v1beta1.DataVolumeSourceVDDK
DataVolumeSourceVDDK provides the parameters to create a Data Volume from a Vmware source
| Name | Description | Schema |
|---|---|---|
backingFile |
BackingFile is the path to the virtual hard disk to migrate from vCenter/ESXi |
string |
initImageURL |
InitImageURL is an optional URL to an image containing an extracted VDDK library, overrides v2v-vmware config map |
string |
secretRef |
SecretRef provides a reference to a secret containing the username and password needed to access the vCenter or ESXi host |
string |
thumbprint |
Thumbprint is the certificate thumbprint of the vCenter or ESXi host |
string |
url |
URL is the URL of the vCenter or ESXi host with the VM to migrate |
string |
uuid |
UUID is the UUID of the virtual machine that the backing file is attached to in vCenter/ESXi |
string |
v1beta1.DataVolumeSpec
DataVolumeSpec defines the DataVolume type specification
| Name | Description | Schema |
|---|---|---|
checkpoints |
Checkpoints is a list of DataVolumeCheckpoints, representing stages in a multistage import. |
< v1beta1.DataVolumeCheckpoint > array |
contentType |
DataVolumeContentType options: "kubevirt", "archive" |
string |
finalCheckpoint |
FinalCheckpoint indicates whether the current DataVolumeCheckpoint is the final checkpoint. |
boolean |
preallocation |
Preallocation controls whether storage for DataVolumes should be allocated in advance. |
boolean |
priorityClassName |
PriorityClassName for Importer, Cloner and Uploader pod |
string |
pvc |
PVC is the PVC specification |
|
source |
Source is the src of the data for the requested DataVolume |
|
sourceRef |
SourceRef is an indirect reference to the source of data for the requested DataVolume |
|
storage |
Storage is the requested storage specification |
v1beta1.DataVolumeStatus
DataVolumeStatus contains the current status of the DataVolume
| Name | Description | Schema |
|---|---|---|
claimName |
ClaimName is the name of the underlying PVC used by the DataVolume. |
string |
conditions |
< v1beta1.DataVolumeCondition > array |
|
phase |
Phase is the current phase of the data volume |
string |
progress |
string |
|
restartCount |
RestartCount is the number of times the pod populating the DataVolume has restarted |
integer (int32) |
v1beta1.FilesystemOverhead
FilesystemOverhead defines the reserved size for PVCs with VolumeMode: Filesystem
| Name | Description | Schema |
|---|---|---|
global |
Global is how much space of a Filesystem volume should be reserved for overhead. This value is used unless overridden by a more specific value (per storageClass) |
string |
storageClass |
StorageClass specifies how much space of a Filesystem volume should be reserved for safety. The keys are the storageClass and the values are the overhead. This value overrides the global value |
< string, string > map |
v1beta1.ImportProxy
ImportProxy provides the information on how to configure the importer pod proxy.
| Name | Description | Schema |
|---|---|---|
HTTPProxy |
HTTPProxy is the URL http://<username>:<pswd>@<ip>:<port>; of the import proxy for HTTP requests. Empty means unset and will not result in the import pod env var. |
string |
HTTPSProxy |
HTTPSProxy is the URL https://<username>:<pswd>@<ip>:<port>; of the import proxy for HTTPS requests. Empty means unset and will not result in the import pod env var. |
string |
noProxy |
NoProxy is a comma-separated list of hostnames and/or CIDRs for which the proxy should not be used. Empty means unset and will not result in the import pod env var. |
string |
trustedCAProxy |
TrustedCAProxy is the name of a ConfigMap in the cdi namespace that contains a user-provided trusted certificate authority (CA) bundle. The TrustedCAProxy ConfigMap is consumed by the DataImportCron controller for creating cronjobs, and by the import controller referring a copy of the ConfigMap in the import namespace. Here is an example of the ConfigMap (in yaml): apiVersion: v1 kind: ConfigMap metadata: name: my-ca-proxy-cm namespace: cdi data: ca.pem: | —–BEGIN CERTIFICATE—– … <base64 encoded cert> … —–END CERTIFICATE—– |
string |
v1beta1.ImportStatus
ImportStatus of a currently in progress import
| Name | Description | Schema |
|---|---|---|
DataVolumeName |
DataVolumeName is the currently in progress import DataVolume |
string |
Digest |
Digest of the currently imported image |
string |
v1beta1.StorageSpec
StorageSpec defines the Storage type specification
| Name | Description | Schema |
|---|---|---|
accessModes |
AccessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 |
< string > array |
dataSource |
This field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) * An existing custom resource that implements data population (Alpha) In order to use custom resource types that implement data population, the AnyVolumeDataSource feature gate must be enabled. If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. If the AnyVolumeDataSource feature gate is enabled, this field will always have the same contents as the DataSourceRef field. |
|
dataSourceRef |
Specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any local object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the DataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, both fields (DataSource and DataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. There are two important differences between DataSource and DataSourceRef: * While DataSource only allows two specific types of objects, DataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While DataSource ignores disallowed values (dropping them), DataSourceRef preserves all values, and generates an error if a disallowed value is specified. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. |
|
resources |
Resources represents the minimum resources the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources |
|
selector |
A label query over volumes to consider for binding. |
|
storageClassName |
Name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 |
string |
volumeMode |
volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec. Possible enum values:
- |
enum (Block, Filesystem) |
volumeName |
VolumeName is the binding reference to the PersistentVolume backing this claim. |
string |
v1beta1.UploadTokenRequest
UploadTokenRequest is the CR used to initiate a CDI upload
| Name | Description | Schema |
|---|---|---|
apiVersion |
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources |
string |
kind |
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds |
string |
metadata |
||
spec |
Spec contains the parameters of the request |
|
status |
Status contains the status of the request |
v1beta1.UploadTokenRequestSpec
UploadTokenRequestSpec defines the parameters of the token request
| Name | Description | Schema |
|---|---|---|
pvcName |
PvcName is the name of the PVC to upload to |
string |
v1beta1.UploadTokenRequestStatus
UploadTokenRequestStatus stores the status of a token request
| Name | Description | Schema |
|---|---|---|
token |
Token is a JWT token to be inserted in "Authentication Bearer header" |
string |