Newer
Older
inlines the contents of the GMSA credential spec named
by the GMSACredentialSpecName field.
description: GMSACredentialSpecName is the name of the
GMSA credential spec to use.
description: The UserName in Windows to run the entrypoint
of the container process. Defaults to the user specified
in image metadata if unspecified. May also be set
in PodSecurityContext. If set in both SecurityContext
and PodSecurityContext, the value specified in SecurityContext
takes precedence.
type: string
type: object
type: object
startupProbe:
description: 'StartupProbe indicates that the Pod has successfully
initialized. If specified, no other probes are executed until
this completes successfully. If this probe fails, the Pod
will be restarted, just as if the livenessProbe failed. This
can be used to provide different probe parameters at the beginning
of a Pod''s lifecycle, when it might take a long time to load
data or warm a cache, than during steady-state operation.
This cannot be updated. This is a beta feature enabled by
the StartupProbe feature flag. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
description: One and only one of the following should be
specified. Exec specifies the action to take.
description: Command is the command line to execute
inside the container, the working directory for the
command is root ('/') in the container's filesystem.
The command is simply exec'd, it is not run inside
a shell, so traditional shell instructions ('|', etc)
won't work. To use a shell, you need to explicitly
call out to that shell. Exit status of 0 is treated
as live/healthy and non-zero is unhealthy.
items:
type: string
type: array
type: object
failureThreshold:
description: Minimum consecutive failures for the probe
to be considered failed after having succeeded. Defaults
to 3. Minimum value is 1.
format: int32
type: integer
httpGet:
description: HTTPGet specifies the http request to perform.
properties:
host:
description: Host name to connect to, defaults to the
pod IP. You probably want to set "Host" in httpHeaders
instead.
description: Custom headers to set in the request. HTTP
allows repeated headers.
description: HTTPHeader describes a custom header
to be used in HTTP probes
properties:
name:
description: The header field name
type: string
value:
description: The header field value
type: string
required:
- name
- value
type: object
type: array
path:
description: Path to access on the HTTP server.
type: string
port:
anyOf:
- type: integer
- type: string
description: Name or number of the port to access on
the container. Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
description: Scheme to use for connecting to the host.
Defaults to HTTP.
type: string
required:
- port
type: object
initialDelaySeconds:
description: 'Number of seconds after the container has
started before liveness probes are initiated. More info:
https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
description: How often (in seconds) to perform the probe.
Default to 10 seconds. Minimum value is 1.
description: Minimum consecutive successes for the probe
to be considered successful after having failed. Defaults
to 1. Must be 1 for liveness and startup. Minimum value
is 1.
description: 'TCPSocket specifies an action involving a
TCP port. TCP hooks not yet supported TODO: implement
a realistic TCP lifecycle hook'
description: 'Optional: Host name to connect to, defaults
to the pod IP.'
type: string
port:
anyOf:
- type: integer
- type: string
description: Number or name of the port to access on
the container. Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
required:
- port
type: object
timeoutSeconds:
description: 'Number of seconds after which the probe times
out. Defaults to 1 second. Minimum value is 1. More info:
https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
format: int32
type: integer
type: object
stdin:
description: Whether this container should allocate a buffer
for stdin in the container runtime. If this is not set, reads
from stdin in the container will always result in EOF. Default
is false.
description: Whether the container runtime should close the
stdin channel after it has been opened by a single attach.
When stdin is true the stdin stream will remain open across
multiple attach sessions. If stdinOnce is set to true, stdin
is opened on container start, is empty until the first client
attaches to stdin, and then remains open and accepts data
until the client disconnects, at which time stdin is closed
and remains closed until the container is restarted. If this
flag is false, a container processes that reads from stdin
will never receive an EOF. Default is false
description: 'Optional: Path at which the file to which the
container''s termination message will be written is mounted
into the container''s filesystem. Message written is intended
to be brief final status, such as an assertion failure message.
Will be truncated by the node if greater than 4096 bytes.
The total message length across all containers will be limited
to 12kb. Defaults to /dev/termination-log. Cannot be updated.'
description: Indicate how the termination message should be
populated. File will use the contents of terminationMessagePath
to populate the container status message on both success and
failure. FallbackToLogsOnError will use the last chunk of
container log output if the termination message file is empty
and the container exited with an error. The log output is
limited to 2048 bytes or 80 lines, whichever is smaller. Defaults
to File. Cannot be updated.
description: Whether this container should allocate a TTY for
itself, also requires 'stdin' to be true. Default is false.
description: volumeDevices is the list of block devices to be
used by the container.
description: volumeDevice describes a mapping of a raw block
device within a container.
description: devicePath is the path inside of the container
that the device will be mapped to.
description: name must match the name of a persistentVolumeClaim
in the pod
description: Pod volumes to mount into the container's filesystem.
Cannot be updated.
description: VolumeMount describes a mounting of a Volume
within a container.
description: Path within the container at which the volume
should be mounted. Must not contain ':'.
description: mountPropagation determines how mounts are
propagated from the host to container and the other
way around. When not set, MountPropagationNone is used.
This field is beta in 1.10.
name:
description: This must match the Name of a Volume.
description: Mounted read-only if true, read-write otherwise
(false or unspecified). Defaults to false.
description: Path within the volume from which the container's
volume should be mounted. Defaults to "" (volume's root).
description: Expanded path within the volume from which
the container's volume should be mounted. Behaves similarly
to SubPath but environment variable references $(VAR_NAME)
are expanded using the container's environment. Defaults
to "" (volume's root). SubPathExpr and SubPath are mutually
exclusive.
description: Container's working directory. If not specified,
the container runtime's default will be used, which might
be configured in the container image. Cannot be updated.
type: string
required:
- name
type: object
type: array
disableCompaction:
description: Disable prometheus compaction.
type: boolean
enableAdminAPI:
description: 'Enable access to prometheus web admin API. Defaults
to the value of `false`. WARNING: Enabling the admin APIs enables
mutating endpoints, to delete data, shutdown Prometheus, and more.
Enabling this should be done with care and the user is advised to
add additional authentication authorization via a proxy to ensure
only clients authorized to perform these actions can do so. For
more information see https://prometheus.io/docs/prometheus/latest/querying/api/#tsdb-admin-apis'
description: Enable access to Prometheus disabled features. By default,
no features are enabled. Enabling disabled features is entirely
outside the scope of what the maintainers will support and by doing
so, you accept that this behaviour may break at any time without
notice. For more information see https://prometheus.io/docs/prometheus/latest/disabled_features/
description: 'EnforcedBodySizeLimit defines the maximum size of uncompressed
response body that will be accepted by Prometheus. Targets responding
with a body larger than this many bytes will cause the scrape to
fail. Example: 100MB. If defined, the limit will apply to all service/pod
monitors and probes. This is an experimental feature, this behaviour
could change or be removed in the future. Only valid in Prometheus
versions 2.28.0 and newer.'
description: Per-scrape limit on number of labels that will be accepted
for a sample. If more than this number of labels are present post
metric-relabeling, the entire scrape will be treated as failed.
0 means no limit. Only valid in Prometheus versions 2.27.0 and newer.
format: int64
type: integer
enforcedLabelNameLengthLimit:
description: Per-scrape limit on length of labels name that will be
accepted for a sample. If a label name is longer than this number
post metric-relabeling, the entire scrape will be treated as failed.
0 means no limit. Only valid in Prometheus versions 2.27.0 and newer.
format: int64
type: integer
enforcedLabelValueLengthLimit:
description: Per-scrape limit on length of labels value that will
be accepted for a sample. If a label value is longer than this number
post metric-relabeling, the entire scrape will be treated as failed.
0 means no limit. Only valid in Prometheus versions 2.27.0 and newer.
description: "EnforcedNamespaceLabel If set, a label will be added
to \n 1. all user-metrics (created by `ServiceMonitor`, `PodMonitor`
and `ProbeConfig` object) and 2. in all `PrometheusRule` objects
(except the ones excluded in `prometheusRulesExcludedFromEnforce`)
to * alerting & recording rules and * the metrics used in
their expressions (`expr`). \n Label name is this field's value.
Label value is the namespace of the created object (mentioned above)."
description: EnforcedSampleLimit defines global limit on number of
scraped samples that will be accepted. This overrides any SampleLimit
set per ServiceMonitor or/and PodMonitor. It is meant to be used
by admins to enforce the SampleLimit to keep overall number of samples/series
under the desired limit. Note that if SampleLimit is lower that
value will be taken instead.
description: EnforcedTargetLimit defines a global limit on the number
of scraped targets. This overrides any TargetLimit set per ServiceMonitor
or/and PodMonitor. It is meant to be used by admins to enforce
the TargetLimit to keep the overall number of targets under the
desired limit. Note that if TargetLimit is lower, that value will
be taken instead, except if either value is zero, in which case
the non-zero value will be used. If both values are zero, no limit
is enforced.
format: int64
type: integer
description: 'Interval between consecutive evaluations. Default: `1m`'
type: string
externalLabels:
additionalProperties:
type: string
description: The labels to add to any time series or alerts when communicating
with external systems (federation, remote storage, Alertmanager).
description: The external URL the Prometheus instances will be available
under. This is necessary to generate correct URLs. This is necessary
if Prometheus is not served from root of a DNS name.
description: IgnoreNamespaceSelectors if set to true will ignore NamespaceSelector
settings from the podmonitor and servicemonitor configs, and they
will only discover endpoints within their current namespace. Defaults
to false.
description: Image if specified has precedence over baseImage, tag
and sha combinations. Specifying the version is still necessary
to ensure the Prometheus Operator knows what version of Prometheus
is being configured.
description: An optional list of references to secrets in the same
namespace to use for pulling prometheus and alertmanager images
from registries see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod
description: LocalObjectReference contains enough information to
let you locate the referenced object inside the same namespace.
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
description: 'InitContainers allows adding initContainers to the pod
definition. Those can be used to e.g. fetch secrets for injection
into the Prometheus configuration from external sources. Any errors
during the execution of an initContainer will lead to a restart
of the Pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
InitContainers described here modify an operator generated init
containers if they share the same name and modifications are done
via a strategic merge patch. The current init container name is:
`init-config-reloader`. Overriding init containers is entirely outside
the scope of what the maintainers will support and by doing so,
you accept that this behaviour may break at any time without notice.'
description: A single application container that you want to run
within a pod.
description: 'Arguments to the entrypoint. The docker image''s
CMD is used if this is not provided. Variable references $(VAR_NAME)
are expanded using the container''s environment. If a variable
cannot be resolved, the reference in the input string will
be unchanged. The $(VAR_NAME) syntax can be escaped with a
double $$, ie: $$(VAR_NAME). Escaped references will never
be expanded, regardless of whether the variable exists or
not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
description: 'Entrypoint array. Not executed within a shell.
The docker image''s ENTRYPOINT is used if this is not provided.
Variable references $(VAR_NAME) are expanded using the container''s
environment. If a variable cannot be resolved, the reference
in the input string will be unchanged. The $(VAR_NAME) syntax
can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
references will never be expanded, regardless of whether the
variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
description: List of environment variables to set in the container.
Cannot be updated.
description: EnvVar represents an environment variable present
in a Container.
description: Name of the environment variable. Must be
a C_IDENTIFIER.
description: 'Variable references $(VAR_NAME) are expanded
using the previous defined environment variables in
the container and any service environment variables.
If a variable cannot be resolved, the reference in the
input string will be unchanged. The $(VAR_NAME) syntax
can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
references will never be expanded, regardless of whether
the variable exists or not. Defaults to "".'
description: Source for the environment variable's value.
Cannot be used if value is not empty.
properties:
configMapKeyRef:
description: Selects a key of a ConfigMap.
properties:
key:
description: The key to select.
type: string
name:
description: 'Name of the referent. More info:
https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind,
uid?'
description: Specify whether the ConfigMap or
its key must be defined
type: boolean
required:
- key
type: object
fieldRef:
description: 'Selects a field of the pod: supports
metadata.name, metadata.namespace, metadata.labels,
metadata.annotations, spec.nodeName, spec.serviceAccountName,
status.hostIP, status.podIP, status.podIPs.'
description: Version of the schema the FieldPath
is written in terms of, defaults to "v1".
description: Path of the field to select in the
specified API version.
type: string
required:
- fieldPath
type: object
resourceFieldRef:
description: 'Selects a resource of the container:
only resources limits and requests (limits.cpu,
limits.memory, limits.ephemeral-storage, requests.cpu,
requests.memory and requests.ephemeral-storage)
are currently supported.'
description: 'Container name: required for volumes,
optional for env vars'
description: Specifies the output format of the
exposed resources, defaults to "1"
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
resource:
description: 'Required: resource to select'
type: string
required:
- resource
type: object
secretKeyRef:
description: Selects a key of a secret in the pod's
namespace
description: The key of the secret to select from. Must
be a valid secret key.
description: 'Name of the referent. More info:
https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind,
uid?'
description: Specify whether the Secret or its
key must be defined
type: boolean
required:
- key
type: object
type: object
required:
- name
type: object
type: array
envFrom:
description: List of sources to populate environment variables
in the container. The keys defined within a source must be
a C_IDENTIFIER. All invalid keys will be reported as an event
when the container is starting. When a key exists in multiple
sources, the value associated with the last source will take
precedence. Values defined by an Env with a duplicate key
will take precedence. Cannot be updated.
description: EnvFromSource represents the source of a set
of ConfigMaps
properties:
configMapRef:
description: The ConfigMap to select from
properties:
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind,
uid?'
description: Specify whether the ConfigMap must be
defined
description: An optional identifier to prepend to each
key in the ConfigMap. Must be a C_IDENTIFIER.
type: string
secretRef:
description: The Secret to select from
properties:
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind,
uid?'
type: string
optional:
description: Specify whether the Secret must be defined
type: boolean
type: object
type: object
type: array
image:
description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images
This field is optional to allow higher level config management
to default or override container images in workload controllers
like Deployments and StatefulSets.'
description: 'Image pull policy. One of Always, Never, IfNotPresent.
Defaults to Always if :latest tag is specified, or IfNotPresent
otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
description: Actions that the management system should take
in response to container lifecycle events. Cannot be updated.
description: 'PostStart is called immediately after a container
is created. If the handler fails, the container is terminated
and restarted according to its restart policy. Other management
of the container blocks until the hook completes. More
info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks'
description: One and only one of the following should
be specified. Exec specifies the action to take.
description: Command is the command line to execute
inside the container, the working directory for
the command is root ('/') in the container's
filesystem. The command is simply exec'd, it is
not run inside a shell, so traditional shell instructions
('|', etc) won't work. To use a shell, you need
to explicitly call out to that shell. Exit status
of 0 is treated as live/healthy and non-zero is
unhealthy.
items:
type: string
type: array
type: object
httpGet:
description: HTTPGet specifies the http request to perform.
properties:
host:
description: Host name to connect to, defaults to
the pod IP. You probably want to set "Host" in
httpHeaders instead.
description: Custom headers to set in the request.
HTTP allows repeated headers.
description: HTTPHeader describes a custom header
to be used in HTTP probes
properties:
name:
description: The header field name
type: string
value:
description: The header field value
type: string
required:
- name
- value
type: object
type: array
path:
description: Path to access on the HTTP server.
type: string
port:
anyOf:
- type: integer
- type: string
description: Name or number of the port to access
on the container. Number must be in the range
1 to 65535. Name must be an IANA_SVC_NAME.
description: Scheme to use for connecting to the
host. Defaults to HTTP.
description: 'TCPSocket specifies an action involving
a TCP port. TCP hooks not yet supported TODO: implement
a realistic TCP lifecycle hook'
description: 'Optional: Host name to connect to,
defaults to the pod IP.'
description: Number or name of the port to access
on the container. Number must be in the range
1 to 65535. Name must be an IANA_SVC_NAME.
description: 'PreStop is called immediately before a container
is terminated due to an API request or management event
such as liveness/startup probe failure, preemption, resource
contention, etc. The handler is not called if the container
crashes or exits. The reason for termination is passed
to the handler. The Pod''s termination grace period countdown
begins before the PreStop hooked is executed. Regardless
of the outcome of the handler, the container will eventually
terminate within the Pod''s termination grace period.
Other management of the container blocks until the hook
completes or until the termination grace period is reached.
More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks'
description: One and only one of the following should
be specified. Exec specifies the action to take.
description: Command is the command line to execute
inside the container, the working directory for
the command is root ('/') in the container's
filesystem. The command is simply exec'd, it is
not run inside a shell, so traditional shell instructions
('|', etc) won't work. To use a shell, you need
to explicitly call out to that shell. Exit status
of 0 is treated as live/healthy and non-zero is
unhealthy.
httpGet:
description: HTTPGet specifies the http request to perform.
description: Host name to connect to, defaults to
the pod IP. You probably want to set "Host" in
httpHeaders instead.
description: Custom headers to set in the request.
HTTP allows repeated headers.
description: HTTPHeader describes a custom header
to be used in HTTP probes
properties:
name:
description: The header field name
type: string
value:
description: The header field value
type: string
required:
- name
- value
type: object
type: array
path:
description: Path to access on the HTTP server.
description: Name or number of the port to access
on the container. Number must be in the range
1 to 65535. Name must be an IANA_SVC_NAME.
description: Scheme to use for connecting to the
host. Defaults to HTTP.
description: 'TCPSocket specifies an action involving
a TCP port. TCP hooks not yet supported TODO: implement
a realistic TCP lifecycle hook'
description: 'Optional: Host name to connect to,
defaults to the pod IP.'
description: Number or name of the port to access
on the container. Number must be in the range
1 to 65535. Name must be an IANA_SVC_NAME.
type: object
type: object
type: object
description: 'Periodic probe of container liveness. Container
will be restarted if the probe fails. Cannot be updated. More
info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
description: One and only one of the following should be
specified. Exec specifies the action to take.
description: Command is the command line to execute
inside the container, the working directory for the
command is root ('/') in the container's filesystem.
The command is simply exec'd, it is not run inside
a shell, so traditional shell instructions ('|', etc)
won't work. To use a shell, you need to explicitly
call out to that shell. Exit status of 0 is treated
as live/healthy and non-zero is unhealthy.
items:
type: string
type: array
type: object
failureThreshold:
description: Minimum consecutive failures for the probe
to be considered failed after having succeeded. Defaults
to 3. Minimum value is 1.
format: int32
type: integer
httpGet:
description: HTTPGet specifies the http request to perform.
properties:
host:
description: Host name to connect to, defaults to the
pod IP. You probably want to set "Host" in httpHeaders
instead.
description: Custom headers to set in the request. HTTP
allows repeated headers.
description: HTTPHeader describes a custom header
to be used in HTTP probes
properties:
name:
description: The header field name
type: string
value:
description: The header field value
type: string
required:
- name
- value
type: object
type: array
path:
description: Path to access on the HTTP server.
type: string
port:
anyOf:
- type: integer
- type: string
description: Name or number of the port to access on
the container. Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
description: Scheme to use for connecting to the host.
Defaults to HTTP.
description: 'Number of seconds after the container has
started before liveness probes are initiated. More info:
https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
description: How often (in seconds) to perform the probe.
Default to 10 seconds. Minimum value is 1.
description: Minimum consecutive successes for the probe
to be considered successful after having failed. Defaults
to 1. Must be 1 for liveness and startup. Minimum value
is 1.
description: 'TCPSocket specifies an action involving a
TCP port. TCP hooks not yet supported TODO: implement
a realistic TCP lifecycle hook'
description: 'Optional: Host name to connect to, defaults
to the pod IP.'
description: Number or name of the port to access on
the container. Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
description: 'Number of seconds after which the probe times
out. Defaults to 1 second. Minimum value is 1. More info:
https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
description: Name of the container specified as a DNS_LABEL.
Each container in a pod must have a unique name (DNS_LABEL).
Cannot be updated.
description: List of ports to expose from the container. Exposing
a port here gives the system additional information about
the network connections a container uses, but is primarily
informational. Not specifying a port here DOES NOT prevent
that port from being exposed. Any port which is listening
on the default "0.0.0.0" address inside a container will be
accessible from the network. Cannot be updated.
description: ContainerPort represents a network port in a
single container.
description: Number of port to expose on the pod's IP
address. This must be a valid port number, 0 < x < 65536.
format: int32
type: integer
hostIP:
description: What host IP to bind the external port to.
type: string
hostPort:
description: Number of port to expose on the host. If
specified, this must be a valid port number, 0 < x <
65536. If HostNetwork is specified, this must match
ContainerPort. Most containers do not need this.
description: If specified, this must be an IANA_SVC_NAME
and unique within the pod. Each named port in a pod
must have a unique name. Name for the port that can
be referred to by services.
description: Protocol for port. Must be UDP, TCP, or SCTP.
Defaults to "TCP".
x-kubernetes-list-map-keys:
- containerPort
- protocol
x-kubernetes-list-type: map
description: 'Periodic probe of container service readiness.
Container will be removed from service endpoints if the probe
fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
description: One and only one of the following should be
specified. Exec specifies the action to take.
description: Command is the command line to execute
inside the container, the working directory for the
command is root ('/') in the container's filesystem.
The command is simply exec'd, it is not run inside
a shell, so traditional shell instructions ('|', etc)
won't work. To use a shell, you need to explicitly
call out to that shell. Exit status of 0 is treated
as live/healthy and non-zero is unhealthy.
description: Minimum consecutive failures for the probe
to be considered failed after having succeeded. Defaults
to 3. Minimum value is 1.
format: int32
type: integer
httpGet:
description: HTTPGet specifies the http request to perform.
properties:
host:
description: Host name to connect to, defaults to the
pod IP. You probably want to set "Host" in httpHeaders
instead.
description: Custom headers to set in the request. HTTP
allows repeated headers.
description: HTTPHeader describes a custom header
to be used in HTTP probes
properties:
name:
description: The header field name
type: string
value:
description: The header field value
type: string
required:
- name
- value
type: object
type: array
path:
description: Path to access on the HTTP server.
type: string
port:
anyOf:
- type: integer
- type: string
description: Name or number of the port to access on
the container. Number must be in the range 1 to 65535.