Skip to content
Snippets Groups Projects
0thanosrulerCustomResourceDefinition.yaml 391 KiB
Newer Older
paulfantom's avatar
paulfantom committed
                            type: string
                          value:
                            description: 'Variable references $(VAR_NAME) are expanded
                              using the previously defined environment variables in
                              the container and any service environment variables.
                              If a variable cannot be resolved, the reference in the
                              input string will be unchanged. Double $$ are reduced
                              to a single $, which allows for escaping the $(VAR_NAME)
                              syntax: i.e. "$$(VAR_NAME)" will produce the string
                              literal "$(VAR_NAME)". Escaped references will never
                              be expanded, regardless of whether the variable exists
                              or not. Defaults to "".'
paulfantom's avatar
paulfantom committed
                            type: string
                          valueFrom:
                            description: Source for the environment variable's value.
                              Cannot be used if value is not empty.
                            properties:
paulfantom's avatar
paulfantom committed
                              configMapKeyRef:
                                description: Selects a key of a ConfigMap.
                                properties:
paulfantom's avatar
paulfantom committed
                                  key:
                                    description: The key to select.
                                    type: string
                                  name:
                                    description: 'Name of the referent. More info:
                                      https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                                      TODO: Add other useful fields. apiVersion, kind,
                                      uid?'
paulfantom's avatar
paulfantom committed
                                    type: string
                                  optional:
                                    description: Specify whether the ConfigMap or
                                      its key must be defined
paulfantom's avatar
paulfantom committed
                                    type: boolean
                                required:
                                - key
                                type: object
                                x-kubernetes-map-type: atomic
paulfantom's avatar
paulfantom committed
                              fieldRef:
                                description: 'Selects a field of the pod: supports
                                  metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`,
                                  `metadata.annotations[''<KEY>'']`, spec.nodeName,
                                  spec.serviceAccountName, status.hostIP, status.podIP,
                                  status.podIPs.'
paulfantom's avatar
paulfantom committed
                                properties:
                                  apiVersion:
                                    description: Version of the schema the FieldPath
                                      is written in terms of, defaults to "v1".
paulfantom's avatar
paulfantom committed
                                    type: string
                                  fieldPath:
                                    description: Path of the field to select in the
                                      specified API version.
paulfantom's avatar
paulfantom committed
                                    type: string
                                required:
                                - fieldPath
                                type: object
                                x-kubernetes-map-type: atomic
paulfantom's avatar
paulfantom committed
                              resourceFieldRef:
                                description: 'Selects a resource of the container:
                                  only resources limits and requests (limits.cpu,
                                  limits.memory, limits.ephemeral-storage, requests.cpu,
                                  requests.memory and requests.ephemeral-storage)
                                  are currently supported.'
                                properties:
paulfantom's avatar
paulfantom committed
                                  containerName:
                                    description: 'Container name: required for volumes,
                                      optional for env vars'
paulfantom's avatar
paulfantom committed
                                    type: string
                                  divisor:
Lili Cosic's avatar
Lili Cosic committed
                                    anyOf:
                                    - type: integer
                                    - type: string
                                    description: Specifies the output format of the
                                      exposed resources, defaults to "1"
Lili Cosic's avatar
Lili Cosic committed
                                    pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                                    x-kubernetes-int-or-string: true
paulfantom's avatar
paulfantom committed
                                  resource:
                                    description: 'Required: resource to select'
                                    type: string
                                required:
                                - resource
                                type: object
                                x-kubernetes-map-type: atomic
paulfantom's avatar
paulfantom committed
                              secretKeyRef:
                                description: Selects a key of a secret in the pod's
                                  namespace
paulfantom's avatar
paulfantom committed
                                properties:
                                  key:
                                    description: The key of the secret to select from.  Must
                                      be a valid secret key.
paulfantom's avatar
paulfantom committed
                                    type: string
                                  name:
                                    description: 'Name of the referent. More info:
                                      https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                                      TODO: Add other useful fields. apiVersion, kind,
                                      uid?'
paulfantom's avatar
paulfantom committed
                                    type: string
                                  optional:
                                    description: Specify whether the Secret or its
                                      key must be defined
paulfantom's avatar
paulfantom committed
                                    type: boolean
                                required:
                                - key
                                type: object
                                x-kubernetes-map-type: atomic
                            type: object
                        required:
paulfantom's avatar
paulfantom committed
                        - name
                        type: object
                      type: array
paulfantom's avatar
paulfantom committed
                    envFrom:
                      description: List of sources to populate environment variables
                        in the container. The keys defined within a source must be
                        a C_IDENTIFIER. All invalid keys will be reported as an event
                        when the container is starting. When a key exists in multiple
                        sources, the value associated with the last source will take
                        precedence. Values defined by an Env with a duplicate key
                        will take precedence. Cannot be updated.
                        description: EnvFromSource represents the source of a set
                          of ConfigMaps
                        properties:
paulfantom's avatar
paulfantom committed
                          configMapRef:
                            description: The ConfigMap to select from
                            properties:
paulfantom's avatar
paulfantom committed
                              name:
                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                                  TODO: Add other useful fields. apiVersion, kind,
                                  uid?'
paulfantom's avatar
paulfantom committed
                                type: string
                              optional:
                                description: Specify whether the ConfigMap must be
                                  defined
paulfantom's avatar
paulfantom committed
                                type: boolean
                            type: object
                            x-kubernetes-map-type: atomic
paulfantom's avatar
paulfantom committed
                          prefix:
                            description: An optional identifier to prepend to each
                              key in the ConfigMap. Must be a C_IDENTIFIER.
                            type: string
paulfantom's avatar
paulfantom committed
                          secretRef:
                            description: The Secret to select from
                            properties:
                              name:
                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
                                  TODO: Add other useful fields. apiVersion, kind,
                                  uid?'
paulfantom's avatar
paulfantom committed
                                type: string
                              optional:
                                description: Specify whether the Secret must be defined
                                type: boolean
                            type: object
                            x-kubernetes-map-type: atomic
                        type: object
                      type: array
paulfantom's avatar
paulfantom committed
                    image:
                      description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images
                        This field is optional to allow higher level config management
                        to default or override container images in workload controllers
                        like Deployments and StatefulSets.'
                      type: string
paulfantom's avatar
paulfantom committed
                    imagePullPolicy:
                      description: 'Image pull policy. One of Always, Never, IfNotPresent.
                        Defaults to Always if :latest tag is specified, or IfNotPresent
                        otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
                      type: string
paulfantom's avatar
paulfantom committed
                    lifecycle:
                      description: Actions that the management system should take
                        in response to container lifecycle events. Cannot be updated.
                      properties:
paulfantom's avatar
paulfantom committed
                        postStart:
                          description: 'PostStart is called immediately after a container
                            is created. If the handler fails, the container is terminated
                            and restarted according to its restart policy. Other management
                            of the container blocks until the hook completes. More
                            info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks'
                          properties:
paulfantom's avatar
paulfantom committed
                            exec:
                              description: Exec specifies the action to take.
paulfantom's avatar
paulfantom committed
                              properties:
                                command:
                                  description: Command is the command line to execute
                                    inside the container, the working directory for
                                    the command  is root ('/') in the container's
                                    filesystem. The command is simply exec'd, it is
                                    not run inside a shell, so traditional shell instructions
                                    ('|', etc) won't work. To use a shell, you need
                                    to explicitly call out to that shell. Exit status
                                    of 0 is treated as live/healthy and non-zero is
                                    unhealthy.
paulfantom's avatar
paulfantom committed
                                  items:
                                    type: string
                                  type: array
                              type: object
                            httpGet:
                              description: HTTPGet specifies the http request to perform.
                              properties:
paulfantom's avatar
paulfantom committed
                                host:
                                  description: Host name to connect to, defaults to
                                    the pod IP. You probably want to set "Host" in
                                    httpHeaders instead.
paulfantom's avatar
paulfantom committed
                                  type: string
                                httpHeaders:
                                  description: Custom headers to set in the request.
                                    HTTP allows repeated headers.
paulfantom's avatar
paulfantom committed
                                  items:
                                    description: HTTPHeader describes a custom header
                                      to be used in HTTP probes
paulfantom's avatar
paulfantom committed
                                    properties:
                                      name:
                                        description: The header field name
                                        type: string
                                      value:
                                        description: The header field value
                                        type: string
                                    required:
                                    - name
                                    - value
                                    type: object
                                  type: array
                                path:
                                  description: Path to access on the HTTP server.
                                  type: string
paulfantom's avatar
paulfantom committed
                                port:
                                  anyOf:
                                  - type: integer
                                  - type: string
                                  description: Name or number of the port to access
                                    on the container. Number must be in the range
                                    1 to 65535. Name must be an IANA_SVC_NAME.
paulfantom's avatar
paulfantom committed
                                  x-kubernetes-int-or-string: true
                                scheme:
                                  description: Scheme to use for connecting to the
                                    host. Defaults to HTTP.
                                  type: string
                              required:
paulfantom's avatar
paulfantom committed
                              - port
                              type: object
paulfantom's avatar
paulfantom committed
                            tcpSocket:
                              description: Deprecated. TCPSocket is NOT supported
                                as a LifecycleHandler and kept for the backward compatibility.
                                There are no validation of this field and lifecycle
                                hooks will fail in runtime when tcp handler is specified.
                              properties:
paulfantom's avatar
paulfantom committed
                                host:
                                  description: 'Optional: Host name to connect to,
                                    defaults to the pod IP.'
                                  type: string
paulfantom's avatar
paulfantom committed
                                port:
                                  anyOf:
                                  - type: integer
                                  - type: string
                                  description: Number or name of the port to access
                                    on the container. Number must be in the range
                                    1 to 65535. Name must be an IANA_SVC_NAME.
paulfantom's avatar
paulfantom committed
                                  x-kubernetes-int-or-string: true
paulfantom's avatar
paulfantom committed
                              - port
                              type: object
                          type: object
                        preStop:
                          description: 'PreStop is called immediately before a container
                            is terminated due to an API request or management event
                            such as liveness/startup probe failure, preemption, resource
                            contention, etc. The handler is not called if the container
                            crashes or exits. The Pod''s termination grace period
                            countdown begins before the PreStop hook is executed.
                            Regardless of the outcome of the handler, the container
                            will eventually terminate within the Pod''s termination
                            grace period (unless delayed by finalizers). Other management
                            of the container blocks until the hook completes or until
                            the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks'
paulfantom's avatar
paulfantom committed
                          properties:
                            exec:
                              description: Exec specifies the action to take.
paulfantom's avatar
paulfantom committed
                              properties:
                                command:
                                  description: Command is the command line to execute
                                    inside the container, the working directory for
                                    the command  is root ('/') in the container's
                                    filesystem. The command is simply exec'd, it is
                                    not run inside a shell, so traditional shell instructions
                                    ('|', etc) won't work. To use a shell, you need
                                    to explicitly call out to that shell. Exit status
                                    of 0 is treated as live/healthy and non-zero is
                                    unhealthy.
paulfantom's avatar
paulfantom committed
                                  items:
                                    type: string
                                  type: array
                              type: object
paulfantom's avatar
paulfantom committed
                            httpGet:
                              description: HTTPGet specifies the http request to perform.
                              properties:
paulfantom's avatar
paulfantom committed
                                host:
                                  description: Host name to connect to, defaults to
                                    the pod IP. You probably want to set "Host" in
                                    httpHeaders instead.
                                  type: string
paulfantom's avatar
paulfantom committed
                                httpHeaders:
                                  description: Custom headers to set in the request.
                                    HTTP allows repeated headers.
paulfantom's avatar
paulfantom committed
                                  items:
                                    description: HTTPHeader describes a custom header
                                      to be used in HTTP probes
paulfantom's avatar
paulfantom committed
                                    properties:
                                      name:
                                        description: The header field name
                                        type: string
                                      value:
                                        description: The header field value
                                        type: string
                                    required:
                                    - name
                                    - value
                                    type: object
                                  type: array
                                path:
                                  description: Path to access on the HTTP server.
                                  type: string
paulfantom's avatar
paulfantom committed
                                port:
                                  anyOf:
                                  - type: integer
                                  - type: string
                                  description: Name or number of the port to access
                                    on the container. Number must be in the range
                                    1 to 65535. Name must be an IANA_SVC_NAME.
paulfantom's avatar
paulfantom committed
                                  x-kubernetes-int-or-string: true
                                scheme:
                                  description: Scheme to use for connecting to the
                                    host. Defaults to HTTP.
                                  type: string
                              required:
paulfantom's avatar
paulfantom committed
                              - port
                              type: object
paulfantom's avatar
paulfantom committed
                            tcpSocket:
                              description: Deprecated. TCPSocket is NOT supported
                                as a LifecycleHandler and kept for the backward compatibility.
                                There are no validation of this field and lifecycle
                                hooks will fail in runtime when tcp handler is specified.
                              properties:
paulfantom's avatar
paulfantom committed
                                host:
                                  description: 'Optional: Host name to connect to,
                                    defaults to the pod IP.'
                                  type: string
paulfantom's avatar
paulfantom committed
                                port:
                                  anyOf:
                                  - type: integer
                                  - type: string
                                  description: Number or name of the port to access
                                    on the container. Number must be in the range
                                    1 to 65535. Name must be an IANA_SVC_NAME.
paulfantom's avatar
paulfantom committed
                                  x-kubernetes-int-or-string: true
paulfantom's avatar
paulfantom committed
                              - port
                              type: object
                          type: object
                      type: object
paulfantom's avatar
paulfantom committed
                    livenessProbe:
                      description: 'Periodic probe of container liveness. Container
                        will be restarted if the probe fails. Cannot be updated. More
                        info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
                      properties:
paulfantom's avatar
paulfantom committed
                        exec:
                          description: Exec specifies the action to take.
                          properties:
paulfantom's avatar
paulfantom committed
                            command:
                              description: Command is the command line to execute
                                inside the container, the working directory for the
                                command  is root ('/') in the container's filesystem.
                                The command is simply exec'd, it is not run inside
                                a shell, so traditional shell instructions ('|', etc)
                                won't work. To use a shell, you need to explicitly
                                call out to that shell. Exit status of 0 is treated
                                as live/healthy and non-zero is unhealthy.
paulfantom's avatar
paulfantom committed
                              items:
                                type: string
                              type: array
                          type: object
                        failureThreshold:
                          description: Minimum consecutive failures for the probe
                            to be considered failed after having succeeded. Defaults
                            to 3. Minimum value is 1.
paulfantom's avatar
paulfantom committed
                          format: int32
                          type: integer
                        grpc:
                          description: GRPC specifies an action involving a GRPC port.
                            This is a beta field and requires enabling GRPCContainerProbe
                            feature gate.
                          properties:
                            port:
                              description: Port number of the gRPC service. Number
                                must be in the range 1 to 65535.
                              format: int32
                              type: integer
                            service:
                              description: "Service is the name of the service to
                                place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
                                \n If this is not specified, the default behavior
                                is defined by gRPC."
                              type: string
                          required:
                          - port
                          type: object
paulfantom's avatar
paulfantom committed
                        httpGet:
                          description: HTTPGet specifies the http request to perform.
                          properties:
                            host:
                              description: Host name to connect to, defaults to the
                                pod IP. You probably want to set "Host" in httpHeaders
                                instead.
paulfantom's avatar
paulfantom committed
                              type: string
                            httpHeaders:
                              description: Custom headers to set in the request. HTTP
                                allows repeated headers.
paulfantom's avatar
paulfantom committed
                              items:
                                description: HTTPHeader describes a custom header
                                  to be used in HTTP probes
paulfantom's avatar
paulfantom committed
                                properties:
                                  name:
                                    description: The header field name
                                    type: string
                                  value:
                                    description: The header field value
                                    type: string
                                required:
                                - name
                                - value
                                type: object
                              type: array
                            path:
                              description: Path to access on the HTTP server.
                              type: string
paulfantom's avatar
paulfantom committed
                            port:
                              anyOf:
                              - type: integer
                              - type: string
                              description: Name or number of the port to access on
                                the container. Number must be in the range 1 to 65535.
                                Name must be an IANA_SVC_NAME.
paulfantom's avatar
paulfantom committed
                              x-kubernetes-int-or-string: true
                            scheme:
                              description: Scheme to use for connecting to the host.
                                Defaults to HTTP.
paulfantom's avatar
paulfantom committed
                              type: string
                          required:
                          - port
                          type: object
paulfantom's avatar
paulfantom committed
                        initialDelaySeconds:
                          description: 'Number of seconds after the container has
                            started before liveness probes are initiated. More info:
                            https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
paulfantom's avatar
paulfantom committed
                          format: int32
                          type: integer
                        periodSeconds:
                          description: How often (in seconds) to perform the probe.
                            Default to 10 seconds. Minimum value is 1.
paulfantom's avatar
paulfantom committed
                          format: int32
                          type: integer
                        successThreshold:
                          description: Minimum consecutive successes for the probe
                            to be considered successful after having failed. Defaults
                            to 1. Must be 1 for liveness and startup. Minimum value
                            is 1.
paulfantom's avatar
paulfantom committed
                          format: int32
                          type: integer
                        tcpSocket:
                          description: TCPSocket specifies an action involving a TCP
                            port.
                          properties:
paulfantom's avatar
paulfantom committed
                            host:
                              description: 'Optional: Host name to connect to, defaults
                                to the pod IP.'
                              type: string
paulfantom's avatar
paulfantom committed
                            port:
                              anyOf:
                              - type: integer
                              - type: string
                              description: Number or name of the port to access on
                                the container. Number must be in the range 1 to 65535.
                                Name must be an IANA_SVC_NAME.
paulfantom's avatar
paulfantom committed
                              x-kubernetes-int-or-string: true
                          required:
                          - port
                          type: object
                        terminationGracePeriodSeconds:
                          description: Optional duration in seconds the pod needs
                            to terminate gracefully upon probe failure. The grace
                            period is the duration in seconds after the processes
                            running in the pod are sent a termination signal and the
                            time when the processes are forcibly halted with a kill
                            signal. Set this value longer than the expected cleanup
                            time for your process. If this value is nil, the pod's
                            terminationGracePeriodSeconds will be used. Otherwise,
                            this value overrides the value provided by the pod spec.
                            Value must be non-negative integer. The value zero indicates
                            stop immediately via the kill signal (no opportunity to
                            shut down). This is a beta field and requires enabling
                            ProbeTerminationGracePeriod feature gate. Minimum value
                            is 1. spec.terminationGracePeriodSeconds is used if unset.
                          format: int64
                          type: integer
paulfantom's avatar
paulfantom committed
                        timeoutSeconds:
                          description: 'Number of seconds after which the probe times
                            out. Defaults to 1 second. Minimum value is 1. More info:
                            https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
paulfantom's avatar
paulfantom committed
                          format: int32
                          type: integer
                      type: object
paulfantom's avatar
paulfantom committed
                    name:
                      description: Name of the container specified as a DNS_LABEL.
                        Each container in a pod must have a unique name (DNS_LABEL).
                        Cannot be updated.
paulfantom's avatar
paulfantom committed
                      type: string
                    ports:
                      description: List of ports to expose from the container. Not
                        specifying a port here DOES NOT prevent that port from being
                        exposed. Any port which is listening on the default "0.0.0.0"
                        address inside a container will be accessible from the network.
                        Modifying this array with strategic merge patch may corrupt
                        the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255.
                        Cannot be updated.
paulfantom's avatar
paulfantom committed
                      items:
                        description: ContainerPort represents a network port in a
                          single container.
                        properties:
paulfantom's avatar
paulfantom committed
                          containerPort:
                            description: Number of port to expose on the pod's IP
                              address. This must be a valid port number, 0 < x < 65536.
paulfantom's avatar
paulfantom committed
                            format: int32
                            type: integer
                          hostIP:
                            description: What host IP to bind the external port to.
                            type: string
paulfantom's avatar
paulfantom committed
                          hostPort:
                            description: Number of port to expose on the host. If
                              specified, this must be a valid port number, 0 < x <
                              65536. If HostNetwork is specified, this must match
                              ContainerPort. Most containers do not need this.
paulfantom's avatar
paulfantom committed
                            format: int32
                            type: integer
                          name:
                            description: If specified, this must be an IANA_SVC_NAME
                              and unique within the pod. Each named port in a pod
                              must have a unique name. Name for the port that can
                              be referred to by services.
                            type: string
paulfantom's avatar
paulfantom committed
                          protocol:
Lili Cosic's avatar
Lili Cosic committed
                            default: TCP
                            description: Protocol for port. Must be UDP, TCP, or SCTP.
                              Defaults to "TCP".
                            type: string
                        required:
paulfantom's avatar
paulfantom committed
                        - containerPort
                        type: object
paulfantom's avatar
paulfantom committed
                      type: array
Lili Cosic's avatar
Lili Cosic committed
                      x-kubernetes-list-map-keys:
                      - containerPort
                      - protocol
                      x-kubernetes-list-type: map
paulfantom's avatar
paulfantom committed
                    readinessProbe:
                      description: 'Periodic probe of container service readiness.
                        Container will be removed from service endpoints if the probe
                        fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
                      properties:
paulfantom's avatar
paulfantom committed
                        exec:
                          description: Exec specifies the action to take.
paulfantom's avatar
paulfantom committed
                          properties:
                            command:
                              description: Command is the command line to execute
                                inside the container, the working directory for the
                                command  is root ('/') in the container's filesystem.
                                The command is simply exec'd, it is not run inside
                                a shell, so traditional shell instructions ('|', etc)
                                won't work. To use a shell, you need to explicitly
                                call out to that shell. Exit status of 0 is treated
                                as live/healthy and non-zero is unhealthy.
paulfantom's avatar
paulfantom committed
                              items:
                                type: string
                              type: array
                          type: object
                        failureThreshold:
                          description: Minimum consecutive failures for the probe
                            to be considered failed after having succeeded. Defaults
                            to 3. Minimum value is 1.
                          format: int32
                          type: integer
                        grpc:
                          description: GRPC specifies an action involving a GRPC port.
                            This is a beta field and requires enabling GRPCContainerProbe
                            feature gate.
                          properties:
                            port:
                              description: Port number of the gRPC service. Number
                                must be in the range 1 to 65535.
                              format: int32
                              type: integer
                            service:
                              description: "Service is the name of the service to
                                place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
                                \n If this is not specified, the default behavior
                                is defined by gRPC."
                              type: string
                          required:
                          - port
                          type: object
paulfantom's avatar
paulfantom committed
                        httpGet:
                          description: HTTPGet specifies the http request to perform.
                          properties:
                            host:
                              description: Host name to connect to, defaults to the
                                pod IP. You probably want to set "Host" in httpHeaders
                                instead.
paulfantom's avatar
paulfantom committed
                              type: string
                            httpHeaders:
                              description: Custom headers to set in the request. HTTP
                                allows repeated headers.
paulfantom's avatar
paulfantom committed
                              items:
                                description: HTTPHeader describes a custom header
                                  to be used in HTTP probes
paulfantom's avatar
paulfantom committed
                                properties:
                                  name:
                                    description: The header field name
                                    type: string
                                  value:
                                    description: The header field value
                                    type: string
                                required:
                                - name
                                - value
                                type: object
                              type: array
                            path:
                              description: Path to access on the HTTP server.
                              type: string
                            port:
                              anyOf:
                              - type: integer
                              - type: string
                              description: Name or number of the port to access on
                                the container. Number must be in the range 1 to 65535.
                                Name must be an IANA_SVC_NAME.
paulfantom's avatar
paulfantom committed
                              x-kubernetes-int-or-string: true
                            scheme:
                              description: Scheme to use for connecting to the host.
                                Defaults to HTTP.
paulfantom's avatar
paulfantom committed
                              type: string
                          required:
                          - port
                          type: object
                        initialDelaySeconds:
                          description: 'Number of seconds after the container has
                            started before liveness probes are initiated. More info:
                            https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
                          format: int32
                          type: integer
paulfantom's avatar
paulfantom committed
                        periodSeconds:
                          description: How often (in seconds) to perform the probe.
                            Default to 10 seconds. Minimum value is 1.
paulfantom's avatar
paulfantom committed
                          format: int32
                          type: integer
                        successThreshold:
                          description: Minimum consecutive successes for the probe
                            to be considered successful after having failed. Defaults
                            to 1. Must be 1 for liveness and startup. Minimum value
                            is 1.
paulfantom's avatar
paulfantom committed
                          format: int32
                          type: integer
                        tcpSocket:
                          description: TCPSocket specifies an action involving a TCP
                            port.
paulfantom's avatar
paulfantom committed
                          properties:
                            host:
                              description: 'Optional: Host name to connect to, defaults
                                to the pod IP.'
paulfantom's avatar
paulfantom committed
                              type: string
                            port:
                              anyOf:
                              - type: integer
                              - type: string
                              description: Number or name of the port to access on
                                the container. Number must be in the range 1 to 65535.
                                Name must be an IANA_SVC_NAME.
paulfantom's avatar
paulfantom committed
                              x-kubernetes-int-or-string: true
                          required:
                          - port
                          type: object
                        terminationGracePeriodSeconds:
                          description: Optional duration in seconds the pod needs
                            to terminate gracefully upon probe failure. The grace
                            period is the duration in seconds after the processes
                            running in the pod are sent a termination signal and the
                            time when the processes are forcibly halted with a kill
                            signal. Set this value longer than the expected cleanup
                            time for your process. If this value is nil, the pod's
                            terminationGracePeriodSeconds will be used. Otherwise,
                            this value overrides the value provided by the pod spec.
                            Value must be non-negative integer. The value zero indicates
                            stop immediately via the kill signal (no opportunity to
                            shut down). This is a beta field and requires enabling
                            ProbeTerminationGracePeriod feature gate. Minimum value
                            is 1. spec.terminationGracePeriodSeconds is used if unset.
                          format: int64
                          type: integer
paulfantom's avatar
paulfantom committed
                        timeoutSeconds:
                          description: 'Number of seconds after which the probe times
                            out. Defaults to 1 second. Minimum value is 1. More info:
                            https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
paulfantom's avatar
paulfantom committed
                          format: int32
                          type: integer
                      type: object
                    resources:
                      description: 'Compute Resources required by this container.
                        Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
paulfantom's avatar
paulfantom committed
                      properties:
                        limits:
                          additionalProperties:
Lili Cosic's avatar
Lili Cosic committed
                            anyOf:
                            - type: integer
                            - type: string
                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                            x-kubernetes-int-or-string: true
                          description: 'Limits describes the maximum amount of compute
                            resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
paulfantom's avatar
paulfantom committed
                          type: object
                        requests:
                          additionalProperties:
Lili Cosic's avatar
Lili Cosic committed
                            anyOf:
                            - type: integer
                            - type: string
                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                            x-kubernetes-int-or-string: true
                          description: 'Requests describes the minimum amount of compute
                            resources required. If Requests is omitted for a container,
                            it defaults to Limits if that is explicitly specified,
                            otherwise to an implementation-defined value. More info:
                            https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
paulfantom's avatar
paulfantom committed
                          type: object
                      type: object
                    securityContext:
                      description: 'SecurityContext defines the security options the
                        container should be run with. If set, the fields of SecurityContext
                        override the equivalent fields of PodSecurityContext. More
                        info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
paulfantom's avatar
paulfantom committed
                      properties:
                        allowPrivilegeEscalation:
                          description: 'AllowPrivilegeEscalation controls whether
                            a process can gain more privileges than its parent process.
                            This bool directly controls if the no_new_privs flag will
                            be set on the container process. AllowPrivilegeEscalation
                            is true always when the container is: 1) run as Privileged
                            2) has CAP_SYS_ADMIN Note that this field cannot be set
                            when spec.os.name is windows.'
paulfantom's avatar
paulfantom committed
                          type: boolean
                        capabilities:
                          description: The capabilities to add/drop when running containers.
                            Defaults to the default set of capabilities granted by
                            the container runtime. Note that this field cannot be
                            set when spec.os.name is windows.
paulfantom's avatar
paulfantom committed
                          properties:
                            add:
                              description: Added capabilities
                              items:
                                description: Capability represent POSIX capabilities
                                  type
paulfantom's avatar
paulfantom committed
                                type: string
                              type: array
                            drop:
                              description: Removed capabilities
                              items:
                                description: Capability represent POSIX capabilities
                                  type
paulfantom's avatar
paulfantom committed
                                type: string
                              type: array
                          type: object
                        privileged:
                          description: Run container in privileged mode. Processes
                            in privileged containers are essentially equivalent to
                            root on the host. Defaults to false. Note that this field
                            cannot be set when spec.os.name is windows.
paulfantom's avatar
paulfantom committed
                          type: boolean
                        procMount:
                          description: procMount denotes the type of proc mount to
                            use for the containers. The default is DefaultProcMount
                            which uses the container runtime defaults for readonly
                            paths and masked paths. This requires the ProcMountType
                            feature flag to be enabled. Note that this field cannot
                            be set when spec.os.name is windows.
                          type: string
paulfantom's avatar
paulfantom committed
                        readOnlyRootFilesystem:
                          description: Whether this container has a read-only root
                            filesystem. Default is false. Note that this field cannot
                            be set when spec.os.name is windows.
paulfantom's avatar
paulfantom committed
                          type: boolean
                        runAsGroup:
                          description: The GID to run the entrypoint of the container
                            process. Uses runtime default if unset. May also be set
                            in PodSecurityContext.  If set in both SecurityContext
                            and PodSecurityContext, the value specified in SecurityContext
                            takes precedence. Note that this field cannot be set when
                            spec.os.name is windows.
paulfantom's avatar
paulfantom committed
                          format: int64
                          type: integer
                        runAsNonRoot:
                          description: Indicates that the container must run as a
                            non-root user. If true, the Kubelet will validate the
                            image at runtime to ensure that it does not run as UID
                            0 (root) and fail to start the container if it does. If
                            unset or false, no such validation will be performed.
                            May also be set in PodSecurityContext.  If set in both
                            SecurityContext and PodSecurityContext, the value specified
                            in SecurityContext takes precedence.
paulfantom's avatar
paulfantom committed
                          type: boolean
                        runAsUser:
                          description: The UID to run the entrypoint of the container
                            process. Defaults to user specified in image metadata
                            if unspecified. May also be set in PodSecurityContext.  If
                            set in both SecurityContext and PodSecurityContext, the
                            value specified in SecurityContext takes precedence. Note
                            that this field cannot be set when spec.os.name is windows.
paulfantom's avatar
paulfantom committed
                          format: int64
                          type: integer
                        seLinuxOptions:
                          description: The SELinux context to be applied to the container.
                            If unspecified, the container runtime will allocate a
                            random SELinux context for each container.  May also be
                            set in PodSecurityContext.  If set in both SecurityContext
                            and PodSecurityContext, the value specified in SecurityContext
                            takes precedence. Note that this field cannot be set when
                            spec.os.name is windows.
paulfantom's avatar
paulfantom committed
                          properties:
                            level:
                              description: Level is SELinux level label that applies
                                to the container.
paulfantom's avatar
paulfantom committed
                              type: string
                            role:
                              description: Role is a SELinux role label that applies
                                to the container.
paulfantom's avatar
paulfantom committed
                              type: string
                            type:
                              description: Type is a SELinux type label that applies
                                to the container.
paulfantom's avatar
paulfantom committed
                              type: string
                            user:
                              description: User is a SELinux user label that applies
                                to the container.
paulfantom's avatar
paulfantom committed
                              type: string
                          type: object
                        seccompProfile:
                          description: The seccomp options to use by this container.
                            If seccomp options are provided at both the pod & container
                            level, the container options override the pod options.
                            Note that this field cannot be set when spec.os.name is
                            windows.
                          properties:
                            localhostProfile:
                              description: localhostProfile indicates a profile defined
                                in a file on the node should be used. The profile
                                must be preconfigured on the node to work. Must be
                                a descending path, relative to the kubelet's configured
                                seccomp profile location. Must only be set if type
                                is "Localhost".
                              type: string
                            type:
                              description: "type indicates which kind of seccomp profile
                                will be applied. Valid options are: \n Localhost -
                                a profile defined in a file on the node should be
                                used. RuntimeDefault - the container runtime default
                                profile should be used. Unconfined - no profile should
                                be applied."
                              type: string
                          required:
                          - type
                          type: object
paulfantom's avatar
paulfantom committed
                        windowsOptions:
                          description: The Windows specific settings applied to all
                            containers. If unspecified, the options from the PodSecurityContext
                            will be used. If set in both SecurityContext and PodSecurityContext,
                            the value specified in SecurityContext takes precedence.
                            Note that this field cannot be set when spec.os.name is
                            linux.
paulfantom's avatar
paulfantom committed
                          properties:
                            gmsaCredentialSpec:
                              description: GMSACredentialSpec is where the GMSA admission
                                webhook (https://github.com/kubernetes-sigs/windows-gmsa)
                                inlines the contents of the GMSA credential spec named
                                by the GMSACredentialSpecName field.
paulfantom's avatar
paulfantom committed
                              type: string
                            gmsaCredentialSpecName:
                              description: GMSACredentialSpecName is the name of the
                                GMSA credential spec to use.
paulfantom's avatar
paulfantom committed
                              type: string
                            hostProcess:
                              description: HostProcess determines if a container should
                                be run as a 'Host Process' container. This field is
                                alpha-level and will only be honored by components
                                that enable the WindowsHostProcessContainers feature
                                flag. Setting this field without the feature flag
                                will result in errors when validating the Pod. All
                                of a Pod's containers must have the same effective
                                HostProcess value (it is not allowed to have a mix
                                of HostProcess containers and non-HostProcess containers).  In
                                addition, if HostProcess is true then HostNetwork
                                must also be set to true.
                              type: boolean
paulfantom's avatar
paulfantom committed
                            runAsUserName:
                              description: The UserName in Windows to run the entrypoint
                                of the container process. Defaults to the user specified
                                in image metadata if unspecified. May also be set
                                in PodSecurityContext. If set in both SecurityContext
                                and PodSecurityContext, the value specified in SecurityContext
                                takes precedence.
paulfantom's avatar
paulfantom committed
                              type: string
                          type: object
                      type: object
paulfantom's avatar
paulfantom committed
                    startupProbe:
                      description: 'StartupProbe indicates that the Pod has successfully
                        initialized. If specified, no other probes are executed until
                        this completes successfully. If this probe fails, the Pod
                        will be restarted, just as if the livenessProbe failed. This
                        can be used to provide different probe parameters at the beginning
                        of a Pod''s lifecycle, when it might take a long time to load
                        data or warm a cache, than during steady-state operation.
                        This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
paulfantom's avatar
paulfantom committed
                      properties:
                        exec:
                          description: Exec specifies the action to take.
paulfantom's avatar
paulfantom committed
                          properties:
                            command:
                              description: Command is the command line to execute
                                inside the container, the working directory for the
                                command  is root ('/') in the container's filesystem.
                                The command is simply exec'd, it is not run inside
                                a shell, so traditional shell instructions ('|', etc)
                                won't work. To use a shell, you need to explicitly
                                call out to that shell. Exit status of 0 is treated
                                as live/healthy and non-zero is unhealthy.
paulfantom's avatar
paulfantom committed
                              items:
                                type: string
                              type: array
                          type: object
                        failureThreshold:
                          description: Minimum consecutive failures for the probe
                            to be considered failed after having succeeded. Defaults
                            to 3. Minimum value is 1.
paulfantom's avatar
paulfantom committed
                          format: int32
                          type: integer
                        grpc:
                          description: GRPC specifies an action involving a GRPC port.
                            This is a beta field and requires enabling GRPCContainerProbe
                            feature gate.
                          properties:
                            port:
                              description: Port number of the gRPC service. Number
                                must be in the range 1 to 65535.
                              format: int32
                              type: integer
                            service:
                              description: "Service is the name of the service to
                                place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
                                \n If this is not specified, the default behavior
                                is defined by gRPC."
                              type: string
                          required:
                          - port
                          type: object
paulfantom's avatar
paulfantom committed
                        httpGet:
                          description: HTTPGet specifies the http request to perform.
                          properties:
                            host:
                              description: Host name to connect to, defaults to the
                                pod IP. You probably want to set "Host" in httpHeaders
                                instead.
                              type: string
paulfantom's avatar
paulfantom committed
                            httpHeaders:
                              description: Custom headers to set in the request. HTTP
                                allows repeated headers.
paulfantom's avatar
paulfantom committed
                              items:
                                description: HTTPHeader describes a custom header
                                  to be used in HTTP probes
paulfantom's avatar
paulfantom committed
                                properties:
                                  name:
                                    description: The header field name
                                    type: string
                                  value:
                                    description: The header field value
                                    type: string
                                required:
                                - name
                                - value
                                type: object
                              type: array
                            path:
                              description: Path to access on the HTTP server.
                              type: string
                            port:
                              anyOf:
                              - type: integer
                              - type: string
                              description: Name or number of the port to access on
                                the container. Number must be in the range 1 to 65535.
                                Name must be an IANA_SVC_NAME.