diff --git a/e2e/install/helm/setup_test.go b/e2e/install/helm/setup_test.go
index e6f6327545..a3e9a2efd6 100644
--- a/e2e/install/helm/setup_test.go
+++ b/e2e/install/helm/setup_test.go
@@ -38,13 +38,12 @@ import (
)
func TestHelmInstallation(t *testing.T) {
- containerRegistry, ok := os.LookupEnv("KAMEL_INSTALL_REGISTRY")
- g.Expect(ok).To(BeTrue())
-
WithNewTestNamespace(t, func(ctx context.Context, g *WithT, ns string) {
+ containerRegistry, ok := os.LookupEnv("KAMEL_INSTALL_REGISTRY")
+ g.Expect(ok).To(BeTrue())
// Let's make sure no CRD is yet available in the cluster
- // as we must make the Helm procedure to install them accordingly
- g.Eventually(CRDs(t)).Should(BeNil())
+ // as we must make the procedure to install them accordingly
+ g.Eventually(CRDs(t)).Should(BeNil(), "No Camel K CRDs should be previously installed for this test")
operatorID := "helm-ck"
os.Setenv("CAMEL_K_TEST_MAKE_DIR", "../../../")
ExpectExecSucceed(t, g,
@@ -66,14 +65,14 @@ func TestHelmInstallation(t *testing.T) {
)
g.Eventually(OperatorPod(t, ctx, ns)).ShouldNot(BeNil())
- // Check if restricted security context has been applyed
+ // Check if restricted security context has been applied
operatorPod := OperatorPod(t, ctx, ns)()
g.Expect(operatorPod.Spec.Containers[0].SecurityContext.RunAsNonRoot).To(Equal(kubernetes.DefaultOperatorSecurityContext().RunAsNonRoot))
g.Expect(operatorPod.Spec.Containers[0].SecurityContext.Capabilities).To(Equal(kubernetes.DefaultOperatorSecurityContext().Capabilities))
g.Expect(operatorPod.Spec.Containers[0].SecurityContext.SeccompProfile).To(Equal(kubernetes.DefaultOperatorSecurityContext().SeccompProfile))
g.Expect(operatorPod.Spec.Containers[0].SecurityContext.AllowPrivilegeEscalation).To(Equal(kubernetes.DefaultOperatorSecurityContext().AllowPrivilegeEscalation))
- //Test a simple route
+ // Test a simple route
t.Run("simple route", func(t *testing.T) {
name := RandomizedSuffixName("yaml")
g.Expect(KamelRunWithID(t, ctx, operatorID, ns, "files/yaml.yaml", "--name", name).Execute()).To(Succeed())
diff --git a/helm/camel-k/crds/camel-k-crds.yaml b/helm/camel-k/crds/camel-k-crds.yaml
new file mode 100644
index 0000000000..20b007e4ce
--- /dev/null
+++ b/helm/camel-k/crds/camel-k-crds.yaml
@@ -0,0 +1,38387 @@
+# ---------------------------------------------------------------------------
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ---------------------------------------------------------------------------
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.15.0
+ labels:
+ app: camel-k
+ name: builds.camel.apache.org
+spec:
+ group: camel.apache.org
+ names:
+ categories:
+ - kamel
+ - camel
+ kind: Build
+ listKind: BuildList
+ plural: builds
+ shortNames:
+ - ikb
+ singular: build
+ scope: Namespaced
+ versions:
+ - additionalPrinterColumns:
+ - description: The build phase
+ jsonPath: .status.phase
+ name: Phase
+ type: string
+ - description: The time at which the build was created
+ jsonPath: .metadata.creationTimestamp
+ name: Age
+ type: date
+ - description: The time at which the build was last (re-)started
+ jsonPath: .status.startedAt
+ name: Started
+ type: date
+ - description: The build last execution duration
+ jsonPath: .status.duration
+ name: Duration
+ type: string
+ - description: The number of execution attempts
+ jsonPath: .status.failure.recovery.attempt
+ name: Attempts
+ type: integer
+ name: v1
+ schema:
+ openAPIV3Schema:
+ description: Build is the Schema for the builds API.
+ properties:
+ apiVersion:
+ description: |-
+ APIVersion defines the versioned schema of this representation of an object.
+ Servers should convert recognized schemas to the latest internal value, and
+ may reject unrecognized values.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ type: string
+ kind:
+ description: |-
+ Kind is a string value representing the REST resource this object represents.
+ Servers may infer this from the endpoint the client submits requests to.
+ Cannot be updated.
+ In CamelCase.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: |-
+ BuildSpec defines the list of tasks to be execute for a Build. From Camel K version 2, it would be more appropriate
+ to think it as pipeline.
+ properties:
+ configuration:
+ description: |-
+ The configuration that should be used to perform the Build.
+ Deprecated: no longer in use in Camel K 2 - maintained for backward compatibility
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ description: Annotation to use for the builder pod. Only used
+ for `pod` strategy
+ type: object
+ limitCPU:
+ description: The maximum amount of CPU required. Only used for
+ `pod` strategy
+ type: string
+ limitMemory:
+ description: The maximum amount of memory required. Only used
+ for `pod` strategy
+ type: string
+ nodeSelector:
+ additionalProperties:
+ type: string
+ description: The node selector for the builder pod. Only used
+ for `pod` strategy
+ type: object
+ operatorNamespace:
+ description: The namespace where to run the builder Pod (must
+ be the same of the operator in charge of this Build reconciliation).
+ type: string
+ orderStrategy:
+ description: the build order strategy to adopt
+ enum:
+ - dependencies
+ - fifo
+ - sequential
+ type: string
+ platforms:
+ description: The list of platforms used in order to build a container
+ image.
+ items:
+ type: string
+ type: array
+ requestCPU:
+ description: The minimum amount of CPU required. Only used for
+ `pod` strategy
+ type: string
+ requestMemory:
+ description: The minimum amount of memory required. Only used
+ for `pod` strategy
+ type: string
+ strategy:
+ description: the strategy to adopt
+ enum:
+ - routine
+ - pod
+ type: string
+ toolImage:
+ description: The container image to be used to run the build.
+ type: string
+ type: object
+ maxRunningBuilds:
+ description: |-
+ the maximum amount of parallel running builds started by this operator instance
+ Deprecated: no longer in use in Camel K 2 - maintained for backward compatibility
+ format: int32
+ type: integer
+ operatorNamespace:
+ description: |-
+ The namespace where to run the builder Pod (must be the same of the operator in charge of this Build reconciliation).
+ Deprecated: no longer in use in Camel K 2 - maintained for backward compatibility
+ type: string
+ tasks:
+ description: The sequence of tasks (pipeline) to be performed.
+ items:
+ description: Task represents the abstract task. Only one of the
+ task should be configured to represent the specific task chosen.
+ properties:
+ buildah:
+ description: |-
+ a BuildahTask, for Buildah strategy
+ Deprecated: use jib, s2i or a custom publishing strategy instead
+ properties:
+ baseImage:
+ description: base image layer
+ type: string
+ configuration:
+ description: The configuration that should be used to perform
+ the Build.
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ description: Annotation to use for the builder pod.
+ Only used for `pod` strategy
+ type: object
+ limitCPU:
+ description: The maximum amount of CPU required. Only
+ used for `pod` strategy
+ type: string
+ limitMemory:
+ description: The maximum amount of memory required.
+ Only used for `pod` strategy
+ type: string
+ nodeSelector:
+ additionalProperties:
+ type: string
+ description: The node selector for the builder pod.
+ Only used for `pod` strategy
+ type: object
+ operatorNamespace:
+ description: The namespace where to run the builder
+ Pod (must be the same of the operator in charge of
+ this Build reconciliation).
+ type: string
+ orderStrategy:
+ description: the build order strategy to adopt
+ enum:
+ - dependencies
+ - fifo
+ - sequential
+ type: string
+ platforms:
+ description: The list of platforms used in order to
+ build a container image.
+ items:
+ type: string
+ type: array
+ requestCPU:
+ description: The minimum amount of CPU required. Only
+ used for `pod` strategy
+ type: string
+ requestMemory:
+ description: The minimum amount of memory required.
+ Only used for `pod` strategy
+ type: string
+ strategy:
+ description: the strategy to adopt
+ enum:
+ - routine
+ - pod
+ type: string
+ toolImage:
+ description: The container image to be used to run the
+ build.
+ type: string
+ type: object
+ contextDir:
+ description: can be useful to share info with other tasks
+ type: string
+ executorImage:
+ description: docker image to use
+ type: string
+ image:
+ description: final image name
+ type: string
+ name:
+ description: name of the task
+ type: string
+ platform:
+ description: The platform of build image
+ type: string
+ registry:
+ description: where to publish the final image
+ properties:
+ address:
+ description: the URI to access
+ type: string
+ ca:
+ description: the configmap which stores the Certificate
+ Authority
+ type: string
+ insecure:
+ description: if the container registry is insecure (ie,
+ http only)
+ type: boolean
+ organization:
+ description: the registry organization
+ type: string
+ secret:
+ description: the secret where credentials are stored
+ type: string
+ type: object
+ verbose:
+ description: log more information
+ type: boolean
+ type: object
+ builder:
+ description: a BuilderTask, used to generate and build the project
+ properties:
+ baseImage:
+ description: the base image layer
+ type: string
+ buildDir:
+ description: workspace directory to use
+ type: string
+ configuration:
+ description: The configuration that should be used to perform
+ the Build.
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ description: Annotation to use for the builder pod.
+ Only used for `pod` strategy
+ type: object
+ limitCPU:
+ description: The maximum amount of CPU required. Only
+ used for `pod` strategy
+ type: string
+ limitMemory:
+ description: The maximum amount of memory required.
+ Only used for `pod` strategy
+ type: string
+ nodeSelector:
+ additionalProperties:
+ type: string
+ description: The node selector for the builder pod.
+ Only used for `pod` strategy
+ type: object
+ operatorNamespace:
+ description: The namespace where to run the builder
+ Pod (must be the same of the operator in charge of
+ this Build reconciliation).
+ type: string
+ orderStrategy:
+ description: the build order strategy to adopt
+ enum:
+ - dependencies
+ - fifo
+ - sequential
+ type: string
+ platforms:
+ description: The list of platforms used in order to
+ build a container image.
+ items:
+ type: string
+ type: array
+ requestCPU:
+ description: The minimum amount of CPU required. Only
+ used for `pod` strategy
+ type: string
+ requestMemory:
+ description: The minimum amount of memory required.
+ Only used for `pod` strategy
+ type: string
+ strategy:
+ description: the strategy to adopt
+ enum:
+ - routine
+ - pod
+ type: string
+ toolImage:
+ description: The container image to be used to run the
+ build.
+ type: string
+ type: object
+ dependencies:
+ description: the list of dependencies to use for this build
+ items:
+ type: string
+ type: array
+ maven:
+ description: the configuration required by Maven for the
+ application build phase
+ properties:
+ caSecrets:
+ description: |-
+ The Secrets name and key, containing the CA certificate(s) used to connect
+ to remote Maven repositories.
+ It can contain X.509 certificates, and PKCS#7 formatted certificate chains.
+ A JKS formatted keystore is automatically created to store the CA certificate(s),
+ and configured to be used as a trusted certificate(s) by the Maven commands.
+ Note that the root CA certificates are also imported into the created keystore.
+ items:
+ description: SecretKeySelector selects a key of a
+ Secret.
+ properties:
+ key:
+ description: The key of the secret to select from. Must
+ be a valid secret key.
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the Secret or its
+ key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: array
+ cliOptions:
+ description: |-
+ The CLI options that are appended to the list of arguments for Maven commands,
+ e.g., `-V,--no-transfer-progress,-Dstyle.color=never`.
+ See https://maven.apache.org/ref/3.8.4/maven-embedder/cli.html.
+ items:
+ type: string
+ type: array
+ extension:
+ description: |-
+ The Maven build extensions.
+ See https://maven.apache.org/guides/mini/guide-using-extensions.html.
+ items:
+ description: MavenArtifact defines a GAV (Group:Artifact:Type:Version:Classifier)
+ Maven artifact.
+ properties:
+ artifactId:
+ description: Maven Artifact
+ type: string
+ classifier:
+ description: Maven Classifier
+ type: string
+ groupId:
+ description: Maven Group
+ type: string
+ type:
+ description: Maven Type
+ type: string
+ version:
+ description: Maven Version
+ type: string
+ required:
+ - artifactId
+ - groupId
+ type: object
+ type: array
+ localRepository:
+ description: The path of the local Maven repository.
+ type: string
+ profiles:
+ description: |-
+ A reference to the ConfigMap or Secret key that contains
+ the Maven profile.
+ items:
+ description: ValueSource --.
+ properties:
+ configMapKeyRef:
+ description: Selects a key of a ConfigMap.
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the ConfigMap
+ or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ secretKeyRef:
+ description: Selects a key of a secret.
+ properties:
+ key:
+ description: The key of the secret to select
+ from. Must be a valid secret key.
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the Secret or
+ its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ type: array
+ properties:
+ additionalProperties:
+ type: string
+ description: The Maven properties.
+ type: object
+ repositories:
+ description: additional repositories
+ items:
+ description: Repository defines a Maven repository.
+ properties:
+ id:
+ description: identifies the repository
+ type: string
+ name:
+ description: name of the repository
+ type: string
+ releases:
+ description: can use stable releases
+ properties:
+ checksumPolicy:
+ description: |-
+ When Maven deploys files to the repository, it also deploys corresponding checksum files.
+ Your options are to `ignore`, `fail`, or `warn` on missing or incorrect checksums.
+ type: string
+ enabled:
+ description: is the policy activated or not
+ type: boolean
+ updatePolicy:
+ description: |-
+ This element specifies how often updates should attempt to occur.
+ Maven will compare the local POM's timestamp (stored in a repository's maven-metadata file) to the remote.
+ The choices are: `always`, `daily` (default), `interval:X` (where X is an integer in minutes) or `never`
+ type: string
+ required:
+ - enabled
+ type: object
+ snapshots:
+ description: can use snapshot
+ properties:
+ checksumPolicy:
+ description: |-
+ When Maven deploys files to the repository, it also deploys corresponding checksum files.
+ Your options are to `ignore`, `fail`, or `warn` on missing or incorrect checksums.
+ type: string
+ enabled:
+ description: is the policy activated or not
+ type: boolean
+ updatePolicy:
+ description: |-
+ This element specifies how often updates should attempt to occur.
+ Maven will compare the local POM's timestamp (stored in a repository's maven-metadata file) to the remote.
+ The choices are: `always`, `daily` (default), `interval:X` (where X is an integer in minutes) or `never`
+ type: string
+ required:
+ - enabled
+ type: object
+ url:
+ description: location of the repository
+ type: string
+ required:
+ - id
+ - url
+ type: object
+ type: array
+ servers:
+ description: Servers (auth)
+ items:
+ description: Server see link:https://maven.apache.org/settings.html[Maven
+ settings].
+ properties:
+ configuration:
+ additionalProperties:
+ type: string
+ description: Properties -- .
+ type: object
+ id:
+ type: string
+ password:
+ type: string
+ username:
+ type: string
+ type: object
+ type: array
+ settings:
+ description: |-
+ A reference to the ConfigMap or Secret key that contains
+ the Maven settings.
+ properties:
+ configMapKeyRef:
+ description: Selects a key of a ConfigMap.
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the ConfigMap or
+ its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ secretKeyRef:
+ description: Selects a key of a secret.
+ properties:
+ key:
+ description: The key of the secret to select
+ from. Must be a valid secret key.
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the Secret or its
+ key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ settingsSecurity:
+ description: |-
+ A reference to the ConfigMap or Secret key that contains
+ the security of the Maven settings.
+ properties:
+ configMapKeyRef:
+ description: Selects a key of a ConfigMap.
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the ConfigMap or
+ its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ secretKeyRef:
+ description: Selects a key of a secret.
+ properties:
+ key:
+ description: The key of the secret to select
+ from. Must be a valid secret key.
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the Secret or its
+ key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ type: object
+ name:
+ description: name of the task
+ type: string
+ runtime:
+ description: the configuration required for the runtime
+ application
+ properties:
+ applicationClass:
+ description: application entry point (main) to be executed
+ type: string
+ capabilities:
+ additionalProperties:
+ description: |-
+ Capability is a particular feature which requires a well known set of dependencies and other properties
+ which are specified in the runtime catalog.
+ properties:
+ buildTimeProperties:
+ description: Set of required Camel build time
+ properties
+ items:
+ description: CamelProperty represents a Camel
+ property that may end up in an application.properties
+ file.
+ properties:
+ key:
+ type: string
+ value:
+ type: string
+ required:
+ - key
+ type: object
+ type: array
+ dependencies:
+ description: List of required Maven dependencies
+ items:
+ description: MavenArtifact defines a GAV (Group:Artifact:Type:Version:Classifier)
+ Maven artifact.
+ properties:
+ artifactId:
+ description: Maven Artifact
+ type: string
+ classifier:
+ description: Maven Classifier
+ type: string
+ groupId:
+ description: Maven Group
+ type: string
+ type:
+ description: Maven Type
+ type: string
+ version:
+ description: Maven Version
+ type: string
+ required:
+ - artifactId
+ - groupId
+ type: object
+ type: array
+ metadata:
+ additionalProperties:
+ type: string
+ description: Set of generic metadata
+ type: object
+ runtimeProperties:
+ description: Set of required Camel runtime properties
+ items:
+ description: CamelProperty represents a Camel
+ property that may end up in an application.properties
+ file.
+ properties:
+ key:
+ type: string
+ value:
+ type: string
+ required:
+ - key
+ type: object
+ type: array
+ type: object
+ description: features offered by this runtime
+ type: object
+ dependencies:
+ description: list of dependencies needed to run the
+ application
+ items:
+ description: MavenArtifact defines a GAV (Group:Artifact:Type:Version:Classifier)
+ Maven artifact.
+ properties:
+ artifactId:
+ description: Maven Artifact
+ type: string
+ classifier:
+ description: Maven Classifier
+ type: string
+ groupId:
+ description: Maven Group
+ type: string
+ type:
+ description: Maven Type
+ type: string
+ version:
+ description: Maven Version
+ type: string
+ required:
+ - artifactId
+ - groupId
+ type: object
+ type: array
+ metadata:
+ additionalProperties:
+ type: string
+ description: set of metadata
+ type: object
+ provider:
+ description: Camel main application provider, ie, Camel
+ Quarkus
+ type: string
+ version:
+ description: Camel K Runtime version
+ type: string
+ required:
+ - applicationClass
+ - dependencies
+ - provider
+ - version
+ type: object
+ sources:
+ description: the sources to add at build time
+ items:
+ description: SourceSpec defines the configuration for
+ one or more routes to be executed in a certain Camel
+ DSL language.
+ properties:
+ compression:
+ description: if the content is compressed (base64
+ encrypted)
+ type: boolean
+ content:
+ description: the source code (plain text)
+ type: string
+ contentKey:
+ description: the confimap key holding the source content
+ type: string
+ contentRef:
+ description: the confimap reference holding the source
+ content
+ type: string
+ contentType:
+ description: the content type (tipically text or binary)
+ type: string
+ from-kamelet:
+ description: True if the spec is generated from a
+ Kamelet
+ type: boolean
+ interceptors:
+ description: |-
+ Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader
+ uses to pre/post process sources
+ items:
+ type: string
+ type: array
+ language:
+ description: specify which is the language (Camel
+ DSL) used to interpret this source code
+ type: string
+ loader:
+ description: |-
+ Loader is an optional id of the org.apache.camel.k.RoutesLoader that will
+ interpret this source at runtime
+ type: string
+ name:
+ description: the name of the specification
+ type: string
+ path:
+ description: the path where the file is stored
+ type: string
+ property-names:
+ description: List of property names defined in the
+ source (e.g. if type is "template")
+ items:
+ type: string
+ type: array
+ rawContent:
+ description: the source code (binary)
+ format: byte
+ type: string
+ type:
+ description: Type defines the kind of source described
+ by this object
+ type: string
+ type: object
+ type: array
+ steps:
+ description: the list of steps to execute (see pkg/builder/)
+ items:
+ type: string
+ type: array
+ type: object
+ custom:
+ description: User customizable task execution. These are executed
+ after the build and before the package task.
+ properties:
+ command:
+ description: |-
+ the command to execute
+ Deprecated: use ContainerCommands
+ type: string
+ commands:
+ description: the command to execute
+ items:
+ type: string
+ type: array
+ configuration:
+ description: The configuration that should be used to perform
+ the Build.
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ description: Annotation to use for the builder pod.
+ Only used for `pod` strategy
+ type: object
+ limitCPU:
+ description: The maximum amount of CPU required. Only
+ used for `pod` strategy
+ type: string
+ limitMemory:
+ description: The maximum amount of memory required.
+ Only used for `pod` strategy
+ type: string
+ nodeSelector:
+ additionalProperties:
+ type: string
+ description: The node selector for the builder pod.
+ Only used for `pod` strategy
+ type: object
+ operatorNamespace:
+ description: The namespace where to run the builder
+ Pod (must be the same of the operator in charge of
+ this Build reconciliation).
+ type: string
+ orderStrategy:
+ description: the build order strategy to adopt
+ enum:
+ - dependencies
+ - fifo
+ - sequential
+ type: string
+ platforms:
+ description: The list of platforms used in order to
+ build a container image.
+ items:
+ type: string
+ type: array
+ requestCPU:
+ description: The minimum amount of CPU required. Only
+ used for `pod` strategy
+ type: string
+ requestMemory:
+ description: The minimum amount of memory required.
+ Only used for `pod` strategy
+ type: string
+ strategy:
+ description: the strategy to adopt
+ enum:
+ - routine
+ - pod
+ type: string
+ toolImage:
+ description: The container image to be used to run the
+ build.
+ type: string
+ type: object
+ image:
+ description: the container image to use
+ type: string
+ name:
+ description: name of the task
+ type: string
+ publishingImage:
+ description: the desired image build name
+ type: string
+ userId:
+ description: the user id used to run the container
+ format: int64
+ type: integer
+ type: object
+ jib:
+ description: a JibTask, for Jib strategy
+ properties:
+ baseImage:
+ description: base image layer
+ type: string
+ configuration:
+ description: The configuration that should be used to perform
+ the Build.
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ description: Annotation to use for the builder pod.
+ Only used for `pod` strategy
+ type: object
+ limitCPU:
+ description: The maximum amount of CPU required. Only
+ used for `pod` strategy
+ type: string
+ limitMemory:
+ description: The maximum amount of memory required.
+ Only used for `pod` strategy
+ type: string
+ nodeSelector:
+ additionalProperties:
+ type: string
+ description: The node selector for the builder pod.
+ Only used for `pod` strategy
+ type: object
+ operatorNamespace:
+ description: The namespace where to run the builder
+ Pod (must be the same of the operator in charge of
+ this Build reconciliation).
+ type: string
+ orderStrategy:
+ description: the build order strategy to adopt
+ enum:
+ - dependencies
+ - fifo
+ - sequential
+ type: string
+ platforms:
+ description: The list of platforms used in order to
+ build a container image.
+ items:
+ type: string
+ type: array
+ requestCPU:
+ description: The minimum amount of CPU required. Only
+ used for `pod` strategy
+ type: string
+ requestMemory:
+ description: The minimum amount of memory required.
+ Only used for `pod` strategy
+ type: string
+ strategy:
+ description: the strategy to adopt
+ enum:
+ - routine
+ - pod
+ type: string
+ toolImage:
+ description: The container image to be used to run the
+ build.
+ type: string
+ type: object
+ contextDir:
+ description: can be useful to share info with other tasks
+ type: string
+ image:
+ description: final image name
+ type: string
+ name:
+ description: name of the task
+ type: string
+ registry:
+ description: where to publish the final image
+ properties:
+ address:
+ description: the URI to access
+ type: string
+ ca:
+ description: the configmap which stores the Certificate
+ Authority
+ type: string
+ insecure:
+ description: if the container registry is insecure (ie,
+ http only)
+ type: boolean
+ organization:
+ description: the registry organization
+ type: string
+ secret:
+ description: the secret where credentials are stored
+ type: string
+ type: object
+ type: object
+ kaniko:
+ description: |-
+ a KanikoTask, for Kaniko strategy
+ Deprecated: use jib, s2i or a custom publishing strategy instead
+ properties:
+ baseImage:
+ description: base image layer
+ type: string
+ cache:
+ description: use a cache
+ properties:
+ enabled:
+ description: true if a cache is enabled
+ type: boolean
+ persistentVolumeClaim:
+ description: the PVC used to store the cache
+ type: string
+ type: object
+ configuration:
+ description: The configuration that should be used to perform
+ the Build.
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ description: Annotation to use for the builder pod.
+ Only used for `pod` strategy
+ type: object
+ limitCPU:
+ description: The maximum amount of CPU required. Only
+ used for `pod` strategy
+ type: string
+ limitMemory:
+ description: The maximum amount of memory required.
+ Only used for `pod` strategy
+ type: string
+ nodeSelector:
+ additionalProperties:
+ type: string
+ description: The node selector for the builder pod.
+ Only used for `pod` strategy
+ type: object
+ operatorNamespace:
+ description: The namespace where to run the builder
+ Pod (must be the same of the operator in charge of
+ this Build reconciliation).
+ type: string
+ orderStrategy:
+ description: the build order strategy to adopt
+ enum:
+ - dependencies
+ - fifo
+ - sequential
+ type: string
+ platforms:
+ description: The list of platforms used in order to
+ build a container image.
+ items:
+ type: string
+ type: array
+ requestCPU:
+ description: The minimum amount of CPU required. Only
+ used for `pod` strategy
+ type: string
+ requestMemory:
+ description: The minimum amount of memory required.
+ Only used for `pod` strategy
+ type: string
+ strategy:
+ description: the strategy to adopt
+ enum:
+ - routine
+ - pod
+ type: string
+ toolImage:
+ description: The container image to be used to run the
+ build.
+ type: string
+ type: object
+ contextDir:
+ description: can be useful to share info with other tasks
+ type: string
+ executorImage:
+ description: docker image to use
+ type: string
+ image:
+ description: final image name
+ type: string
+ name:
+ description: name of the task
+ type: string
+ registry:
+ description: where to publish the final image
+ properties:
+ address:
+ description: the URI to access
+ type: string
+ ca:
+ description: the configmap which stores the Certificate
+ Authority
+ type: string
+ insecure:
+ description: if the container registry is insecure (ie,
+ http only)
+ type: boolean
+ organization:
+ description: the registry organization
+ type: string
+ secret:
+ description: the secret where credentials are stored
+ type: string
+ type: object
+ verbose:
+ description: log more information
+ type: boolean
+ type: object
+ package:
+ description: |-
+ Application pre publishing
+ a PackageTask, used to package the project
+ properties:
+ baseImage:
+ description: the base image layer
+ type: string
+ buildDir:
+ description: workspace directory to use
+ type: string
+ configuration:
+ description: The configuration that should be used to perform
+ the Build.
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ description: Annotation to use for the builder pod.
+ Only used for `pod` strategy
+ type: object
+ limitCPU:
+ description: The maximum amount of CPU required. Only
+ used for `pod` strategy
+ type: string
+ limitMemory:
+ description: The maximum amount of memory required.
+ Only used for `pod` strategy
+ type: string
+ nodeSelector:
+ additionalProperties:
+ type: string
+ description: The node selector for the builder pod.
+ Only used for `pod` strategy
+ type: object
+ operatorNamespace:
+ description: The namespace where to run the builder
+ Pod (must be the same of the operator in charge of
+ this Build reconciliation).
+ type: string
+ orderStrategy:
+ description: the build order strategy to adopt
+ enum:
+ - dependencies
+ - fifo
+ - sequential
+ type: string
+ platforms:
+ description: The list of platforms used in order to
+ build a container image.
+ items:
+ type: string
+ type: array
+ requestCPU:
+ description: The minimum amount of CPU required. Only
+ used for `pod` strategy
+ type: string
+ requestMemory:
+ description: The minimum amount of memory required.
+ Only used for `pod` strategy
+ type: string
+ strategy:
+ description: the strategy to adopt
+ enum:
+ - routine
+ - pod
+ type: string
+ toolImage:
+ description: The container image to be used to run the
+ build.
+ type: string
+ type: object
+ dependencies:
+ description: the list of dependencies to use for this build
+ items:
+ type: string
+ type: array
+ maven:
+ description: the configuration required by Maven for the
+ application build phase
+ properties:
+ caSecrets:
+ description: |-
+ The Secrets name and key, containing the CA certificate(s) used to connect
+ to remote Maven repositories.
+ It can contain X.509 certificates, and PKCS#7 formatted certificate chains.
+ A JKS formatted keystore is automatically created to store the CA certificate(s),
+ and configured to be used as a trusted certificate(s) by the Maven commands.
+ Note that the root CA certificates are also imported into the created keystore.
+ items:
+ description: SecretKeySelector selects a key of a
+ Secret.
+ properties:
+ key:
+ description: The key of the secret to select from. Must
+ be a valid secret key.
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the Secret or its
+ key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: array
+ cliOptions:
+ description: |-
+ The CLI options that are appended to the list of arguments for Maven commands,
+ e.g., `-V,--no-transfer-progress,-Dstyle.color=never`.
+ See https://maven.apache.org/ref/3.8.4/maven-embedder/cli.html.
+ items:
+ type: string
+ type: array
+ extension:
+ description: |-
+ The Maven build extensions.
+ See https://maven.apache.org/guides/mini/guide-using-extensions.html.
+ items:
+ description: MavenArtifact defines a GAV (Group:Artifact:Type:Version:Classifier)
+ Maven artifact.
+ properties:
+ artifactId:
+ description: Maven Artifact
+ type: string
+ classifier:
+ description: Maven Classifier
+ type: string
+ groupId:
+ description: Maven Group
+ type: string
+ type:
+ description: Maven Type
+ type: string
+ version:
+ description: Maven Version
+ type: string
+ required:
+ - artifactId
+ - groupId
+ type: object
+ type: array
+ localRepository:
+ description: The path of the local Maven repository.
+ type: string
+ profiles:
+ description: |-
+ A reference to the ConfigMap or Secret key that contains
+ the Maven profile.
+ items:
+ description: ValueSource --.
+ properties:
+ configMapKeyRef:
+ description: Selects a key of a ConfigMap.
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the ConfigMap
+ or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ secretKeyRef:
+ description: Selects a key of a secret.
+ properties:
+ key:
+ description: The key of the secret to select
+ from. Must be a valid secret key.
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the Secret or
+ its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ type: array
+ properties:
+ additionalProperties:
+ type: string
+ description: The Maven properties.
+ type: object
+ repositories:
+ description: additional repositories
+ items:
+ description: Repository defines a Maven repository.
+ properties:
+ id:
+ description: identifies the repository
+ type: string
+ name:
+ description: name of the repository
+ type: string
+ releases:
+ description: can use stable releases
+ properties:
+ checksumPolicy:
+ description: |-
+ When Maven deploys files to the repository, it also deploys corresponding checksum files.
+ Your options are to `ignore`, `fail`, or `warn` on missing or incorrect checksums.
+ type: string
+ enabled:
+ description: is the policy activated or not
+ type: boolean
+ updatePolicy:
+ description: |-
+ This element specifies how often updates should attempt to occur.
+ Maven will compare the local POM's timestamp (stored in a repository's maven-metadata file) to the remote.
+ The choices are: `always`, `daily` (default), `interval:X` (where X is an integer in minutes) or `never`
+ type: string
+ required:
+ - enabled
+ type: object
+ snapshots:
+ description: can use snapshot
+ properties:
+ checksumPolicy:
+ description: |-
+ When Maven deploys files to the repository, it also deploys corresponding checksum files.
+ Your options are to `ignore`, `fail`, or `warn` on missing or incorrect checksums.
+ type: string
+ enabled:
+ description: is the policy activated or not
+ type: boolean
+ updatePolicy:
+ description: |-
+ This element specifies how often updates should attempt to occur.
+ Maven will compare the local POM's timestamp (stored in a repository's maven-metadata file) to the remote.
+ The choices are: `always`, `daily` (default), `interval:X` (where X is an integer in minutes) or `never`
+ type: string
+ required:
+ - enabled
+ type: object
+ url:
+ description: location of the repository
+ type: string
+ required:
+ - id
+ - url
+ type: object
+ type: array
+ servers:
+ description: Servers (auth)
+ items:
+ description: Server see link:https://maven.apache.org/settings.html[Maven
+ settings].
+ properties:
+ configuration:
+ additionalProperties:
+ type: string
+ description: Properties -- .
+ type: object
+ id:
+ type: string
+ password:
+ type: string
+ username:
+ type: string
+ type: object
+ type: array
+ settings:
+ description: |-
+ A reference to the ConfigMap or Secret key that contains
+ the Maven settings.
+ properties:
+ configMapKeyRef:
+ description: Selects a key of a ConfigMap.
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the ConfigMap or
+ its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ secretKeyRef:
+ description: Selects a key of a secret.
+ properties:
+ key:
+ description: The key of the secret to select
+ from. Must be a valid secret key.
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the Secret or its
+ key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ settingsSecurity:
+ description: |-
+ A reference to the ConfigMap or Secret key that contains
+ the security of the Maven settings.
+ properties:
+ configMapKeyRef:
+ description: Selects a key of a ConfigMap.
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the ConfigMap or
+ its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ secretKeyRef:
+ description: Selects a key of a secret.
+ properties:
+ key:
+ description: The key of the secret to select
+ from. Must be a valid secret key.
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the Secret or its
+ key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ type: object
+ name:
+ description: name of the task
+ type: string
+ runtime:
+ description: the configuration required for the runtime
+ application
+ properties:
+ applicationClass:
+ description: application entry point (main) to be executed
+ type: string
+ capabilities:
+ additionalProperties:
+ description: |-
+ Capability is a particular feature which requires a well known set of dependencies and other properties
+ which are specified in the runtime catalog.
+ properties:
+ buildTimeProperties:
+ description: Set of required Camel build time
+ properties
+ items:
+ description: CamelProperty represents a Camel
+ property that may end up in an application.properties
+ file.
+ properties:
+ key:
+ type: string
+ value:
+ type: string
+ required:
+ - key
+ type: object
+ type: array
+ dependencies:
+ description: List of required Maven dependencies
+ items:
+ description: MavenArtifact defines a GAV (Group:Artifact:Type:Version:Classifier)
+ Maven artifact.
+ properties:
+ artifactId:
+ description: Maven Artifact
+ type: string
+ classifier:
+ description: Maven Classifier
+ type: string
+ groupId:
+ description: Maven Group
+ type: string
+ type:
+ description: Maven Type
+ type: string
+ version:
+ description: Maven Version
+ type: string
+ required:
+ - artifactId
+ - groupId
+ type: object
+ type: array
+ metadata:
+ additionalProperties:
+ type: string
+ description: Set of generic metadata
+ type: object
+ runtimeProperties:
+ description: Set of required Camel runtime properties
+ items:
+ description: CamelProperty represents a Camel
+ property that may end up in an application.properties
+ file.
+ properties:
+ key:
+ type: string
+ value:
+ type: string
+ required:
+ - key
+ type: object
+ type: array
+ type: object
+ description: features offered by this runtime
+ type: object
+ dependencies:
+ description: list of dependencies needed to run the
+ application
+ items:
+ description: MavenArtifact defines a GAV (Group:Artifact:Type:Version:Classifier)
+ Maven artifact.
+ properties:
+ artifactId:
+ description: Maven Artifact
+ type: string
+ classifier:
+ description: Maven Classifier
+ type: string
+ groupId:
+ description: Maven Group
+ type: string
+ type:
+ description: Maven Type
+ type: string
+ version:
+ description: Maven Version
+ type: string
+ required:
+ - artifactId
+ - groupId
+ type: object
+ type: array
+ metadata:
+ additionalProperties:
+ type: string
+ description: set of metadata
+ type: object
+ provider:
+ description: Camel main application provider, ie, Camel
+ Quarkus
+ type: string
+ version:
+ description: Camel K Runtime version
+ type: string
+ required:
+ - applicationClass
+ - dependencies
+ - provider
+ - version
+ type: object
+ sources:
+ description: the sources to add at build time
+ items:
+ description: SourceSpec defines the configuration for
+ one or more routes to be executed in a certain Camel
+ DSL language.
+ properties:
+ compression:
+ description: if the content is compressed (base64
+ encrypted)
+ type: boolean
+ content:
+ description: the source code (plain text)
+ type: string
+ contentKey:
+ description: the confimap key holding the source content
+ type: string
+ contentRef:
+ description: the confimap reference holding the source
+ content
+ type: string
+ contentType:
+ description: the content type (tipically text or binary)
+ type: string
+ from-kamelet:
+ description: True if the spec is generated from a
+ Kamelet
+ type: boolean
+ interceptors:
+ description: |-
+ Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader
+ uses to pre/post process sources
+ items:
+ type: string
+ type: array
+ language:
+ description: specify which is the language (Camel
+ DSL) used to interpret this source code
+ type: string
+ loader:
+ description: |-
+ Loader is an optional id of the org.apache.camel.k.RoutesLoader that will
+ interpret this source at runtime
+ type: string
+ name:
+ description: the name of the specification
+ type: string
+ path:
+ description: the path where the file is stored
+ type: string
+ property-names:
+ description: List of property names defined in the
+ source (e.g. if type is "template")
+ items:
+ type: string
+ type: array
+ rawContent:
+ description: the source code (binary)
+ format: byte
+ type: string
+ type:
+ description: Type defines the kind of source described
+ by this object
+ type: string
+ type: object
+ type: array
+ steps:
+ description: the list of steps to execute (see pkg/builder/)
+ items:
+ type: string
+ type: array
+ type: object
+ s2i:
+ description: a S2iTask, for S2I strategy
+ properties:
+ baseImage:
+ description: base image layer
+ type: string
+ configuration:
+ description: The configuration that should be used to perform
+ the Build.
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ description: Annotation to use for the builder pod.
+ Only used for `pod` strategy
+ type: object
+ limitCPU:
+ description: The maximum amount of CPU required. Only
+ used for `pod` strategy
+ type: string
+ limitMemory:
+ description: The maximum amount of memory required.
+ Only used for `pod` strategy
+ type: string
+ nodeSelector:
+ additionalProperties:
+ type: string
+ description: The node selector for the builder pod.
+ Only used for `pod` strategy
+ type: object
+ operatorNamespace:
+ description: The namespace where to run the builder
+ Pod (must be the same of the operator in charge of
+ this Build reconciliation).
+ type: string
+ orderStrategy:
+ description: the build order strategy to adopt
+ enum:
+ - dependencies
+ - fifo
+ - sequential
+ type: string
+ platforms:
+ description: The list of platforms used in order to
+ build a container image.
+ items:
+ type: string
+ type: array
+ requestCPU:
+ description: The minimum amount of CPU required. Only
+ used for `pod` strategy
+ type: string
+ requestMemory:
+ description: The minimum amount of memory required.
+ Only used for `pod` strategy
+ type: string
+ strategy:
+ description: the strategy to adopt
+ enum:
+ - routine
+ - pod
+ type: string
+ toolImage:
+ description: The container image to be used to run the
+ build.
+ type: string
+ type: object
+ contextDir:
+ description: can be useful to share info with other tasks
+ type: string
+ image:
+ description: final image name
+ type: string
+ name:
+ description: name of the task
+ type: string
+ registry:
+ description: where to publish the final image
+ properties:
+ address:
+ description: the URI to access
+ type: string
+ ca:
+ description: the configmap which stores the Certificate
+ Authority
+ type: string
+ insecure:
+ description: if the container registry is insecure (ie,
+ http only)
+ type: boolean
+ organization:
+ description: the registry organization
+ type: string
+ secret:
+ description: the secret where credentials are stored
+ type: string
+ type: object
+ tag:
+ description: used by the ImageStream
+ type: string
+ type: object
+ spectrum:
+ description: |-
+ a SpectrumTask, for Spectrum strategy
+ Deprecated: use jib, s2i or a custom publishing strategy instead
+ properties:
+ baseImage:
+ description: base image layer
+ type: string
+ configuration:
+ description: The configuration that should be used to perform
+ the Build.
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ description: Annotation to use for the builder pod.
+ Only used for `pod` strategy
+ type: object
+ limitCPU:
+ description: The maximum amount of CPU required. Only
+ used for `pod` strategy
+ type: string
+ limitMemory:
+ description: The maximum amount of memory required.
+ Only used for `pod` strategy
+ type: string
+ nodeSelector:
+ additionalProperties:
+ type: string
+ description: The node selector for the builder pod.
+ Only used for `pod` strategy
+ type: object
+ operatorNamespace:
+ description: The namespace where to run the builder
+ Pod (must be the same of the operator in charge of
+ this Build reconciliation).
+ type: string
+ orderStrategy:
+ description: the build order strategy to adopt
+ enum:
+ - dependencies
+ - fifo
+ - sequential
+ type: string
+ platforms:
+ description: The list of platforms used in order to
+ build a container image.
+ items:
+ type: string
+ type: array
+ requestCPU:
+ description: The minimum amount of CPU required. Only
+ used for `pod` strategy
+ type: string
+ requestMemory:
+ description: The minimum amount of memory required.
+ Only used for `pod` strategy
+ type: string
+ strategy:
+ description: the strategy to adopt
+ enum:
+ - routine
+ - pod
+ type: string
+ toolImage:
+ description: The container image to be used to run the
+ build.
+ type: string
+ type: object
+ contextDir:
+ description: can be useful to share info with other tasks
+ type: string
+ image:
+ description: final image name
+ type: string
+ name:
+ description: name of the task
+ type: string
+ registry:
+ description: where to publish the final image
+ properties:
+ address:
+ description: the URI to access
+ type: string
+ ca:
+ description: the configmap which stores the Certificate
+ Authority
+ type: string
+ insecure:
+ description: if the container registry is insecure (ie,
+ http only)
+ type: boolean
+ organization:
+ description: the registry organization
+ type: string
+ secret:
+ description: the secret where credentials are stored
+ type: string
+ type: object
+ type: object
+ type: object
+ type: array
+ timeout:
+ description: |-
+ Timeout defines the Build maximum execution duration.
+ The Build deadline is set to the Build start time plus the Timeout duration.
+ If the Build deadline is exceeded, the Build context is canceled,
+ and its phase set to BuildPhaseFailed.
+ format: duration
+ type: string
+ toolImage:
+ description: |-
+ The container image to be used to run the build.
+ Deprecated: no longer in use in Camel K 2 - maintained for backward compatibility
+ type: string
+ type: object
+ status:
+ description: BuildStatus defines the observed state of Build.
+ properties:
+ artifacts:
+ description: a list of artifacts contained in the build
+ items:
+ description: Artifact represents a materialized artifact (a jar
+ dependency or in general a file used by the build).
+ properties:
+ checksum:
+ description: a checksum (SHA1) of the content
+ type: string
+ id:
+ description: the identification (GAV for maven dependencies
+ or file name for other file types)
+ type: string
+ location:
+ description: where it is located in the builder `Pod`
+ type: string
+ target:
+ description: the expected location in the runtime
+ type: string
+ required:
+ - id
+ type: object
+ type: array
+ baseImage:
+ description: the base image used for this build
+ type: string
+ conditions:
+ description: a list of conditions occurred during the build
+ items:
+ description: BuildCondition describes the state of a resource at
+ a certain point.
+ properties:
+ lastTransitionTime:
+ description: Last time the condition transitioned from one status
+ to another.
+ format: date-time
+ type: string
+ lastUpdateTime:
+ description: The last time this condition was updated.
+ format: date-time
+ type: string
+ message:
+ description: A human-readable message indicating details about
+ the transition.
+ type: string
+ reason:
+ description: The reason for the condition's last transition.
+ type: string
+ status:
+ description: Status of the condition, one of True, False, Unknown.
+ type: string
+ type:
+ description: Type of integration condition.
+ type: string
+ required:
+ - status
+ - type
+ type: object
+ type: array
+ digest:
+ description: the digest from image
+ type: string
+ duration:
+ description: |-
+ how long it took for the build
+ Change to Duration / ISO 8601 when CRD uses OpenAPI spec v3
+ https://github.com/OAI/OpenAPI-Specification/issues/845
+ type: string
+ error:
+ description: the error description (if any)
+ type: string
+ failure:
+ description: the reason of the failure (if any)
+ properties:
+ reason:
+ description: a short text specifying the reason
+ type: string
+ recovery:
+ description: the recovery attempted for this failure
+ properties:
+ attempt:
+ description: attempt number
+ type: integer
+ attemptMax:
+ description: maximum number of attempts
+ type: integer
+ attemptTime:
+ description: time of the attempt execution
+ format: date-time
+ type: string
+ required:
+ - attempt
+ - attemptMax
+ type: object
+ time:
+ description: the time when the failure has happened
+ format: date-time
+ type: string
+ required:
+ - reason
+ - recovery
+ - time
+ type: object
+ image:
+ description: the image name built
+ type: string
+ observedGeneration:
+ description: ObservedGeneration is the most recent generation observed
+ for this Build.
+ format: int64
+ type: integer
+ phase:
+ description: describes the phase
+ type: string
+ rootImage:
+ description: root image (the first image from which the incremental
+ image has started)
+ type: string
+ startedAt:
+ description: the time when it started
+ format: date-time
+ type: string
+ type: object
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.15.0
+ labels:
+ app: camel-k
+ name: camelcatalogs.camel.apache.org
+spec:
+ group: camel.apache.org
+ names:
+ categories:
+ - kamel
+ - camel
+ kind: CamelCatalog
+ listKind: CamelCatalogList
+ plural: camelcatalogs
+ shortNames:
+ - cc
+ singular: camelcatalog
+ scope: Namespaced
+ versions:
+ - additionalPrinterColumns:
+ - description: The Runtime provider
+ jsonPath: .spec.runtime.provider
+ name: Runtime Provider
+ type: string
+ - description: The Runtime version
+ jsonPath: .spec.runtime.version
+ name: Runtime Version
+ type: string
+ - description: The Camel version
+ jsonPath: .spec.runtime.metadata.camel\.version
+ name: Runtime Camel Version
+ type: string
+ - description: The catalog phase
+ jsonPath: .status.phase
+ name: Phase
+ type: string
+ name: v1
+ schema:
+ openAPIV3Schema:
+ description: CamelCatalog represents the languages, components, data formats
+ and capabilities enabled on a given runtime provider. The catalog may be
+ statically generated.
+ properties:
+ apiVersion:
+ description: |-
+ APIVersion defines the versioned schema of this representation of an object.
+ Servers should convert recognized schemas to the latest internal value, and
+ may reject unrecognized values.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ type: string
+ kind:
+ description: |-
+ Kind is a string value representing the REST resource this object represents.
+ Servers may infer this from the endpoint the client submits requests to.
+ Cannot be updated.
+ In CamelCase.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: the desired state of the catalog
+ properties:
+ artifacts:
+ additionalProperties:
+ description: CamelArtifact represent the configuration for a feature
+ offered by Camel.
+ properties:
+ artifactId:
+ description: Maven Artifact
+ type: string
+ classifier:
+ description: Maven Classifier
+ type: string
+ dataformats:
+ description: accepted data formats
+ items:
+ type: string
+ type: array
+ dependencies:
+ description: required dependencies
+ items:
+ description: CamelArtifactDependency represent a maven's dependency.
+ properties:
+ artifactId:
+ description: Maven Artifact
+ type: string
+ classifier:
+ description: Maven Classifier
+ type: string
+ exclusions:
+ description: provide a list of artifacts to exclude for
+ this dependency
+ items:
+ description: CamelArtifactExclusion represents an exclusion
+ clause.
+ properties:
+ artifactId:
+ description: Maven Artifact
+ type: string
+ groupId:
+ description: Maven Group
+ type: string
+ required:
+ - artifactId
+ - groupId
+ type: object
+ type: array
+ groupId:
+ description: Maven Group
+ type: string
+ type:
+ description: Maven Type
+ type: string
+ version:
+ description: Maven Version
+ type: string
+ required:
+ - artifactId
+ - groupId
+ type: object
+ type: array
+ exclusions:
+ description: provide a list of artifacts to exclude for this
+ dependency
+ items:
+ description: CamelArtifactExclusion represents an exclusion
+ clause.
+ properties:
+ artifactId:
+ description: Maven Artifact
+ type: string
+ groupId:
+ description: Maven Group
+ type: string
+ required:
+ - artifactId
+ - groupId
+ type: object
+ type: array
+ groupId:
+ description: Maven Group
+ type: string
+ javaTypes:
+ description: the Java types used by the artifact feature (ie,
+ component, data format, ...)
+ items:
+ type: string
+ type: array
+ languages:
+ description: accepted languages
+ items:
+ type: string
+ type: array
+ schemes:
+ description: accepted URI schemes
+ items:
+ description: CamelScheme represents the scheme used to identify
+ a component in a URI (ie, timer in a timer:xyz endpoint
+ URI).
+ properties:
+ consumer:
+ description: required scope for consumer
+ properties:
+ dependencies:
+ description: list of dependencies needed for this
+ scope
+ items:
+ description: CamelArtifactDependency represent a
+ maven's dependency.
+ properties:
+ artifactId:
+ description: Maven Artifact
+ type: string
+ classifier:
+ description: Maven Classifier
+ type: string
+ exclusions:
+ description: provide a list of artifacts to
+ exclude for this dependency
+ items:
+ description: CamelArtifactExclusion represents
+ an exclusion clause.
+ properties:
+ artifactId:
+ description: Maven Artifact
+ type: string
+ groupId:
+ description: Maven Group
+ type: string
+ required:
+ - artifactId
+ - groupId
+ type: object
+ type: array
+ groupId:
+ description: Maven Group
+ type: string
+ type:
+ description: Maven Type
+ type: string
+ version:
+ description: Maven Version
+ type: string
+ required:
+ - artifactId
+ - groupId
+ type: object
+ type: array
+ type: object
+ http:
+ description: is a HTTP based scheme
+ type: boolean
+ id:
+ description: the ID (ie, timer in a timer:xyz URI)
+ type: string
+ passive:
+ description: is a passive scheme
+ type: boolean
+ producer:
+ description: required scope for producers
+ properties:
+ dependencies:
+ description: list of dependencies needed for this
+ scope
+ items:
+ description: CamelArtifactDependency represent a
+ maven's dependency.
+ properties:
+ artifactId:
+ description: Maven Artifact
+ type: string
+ classifier:
+ description: Maven Classifier
+ type: string
+ exclusions:
+ description: provide a list of artifacts to
+ exclude for this dependency
+ items:
+ description: CamelArtifactExclusion represents
+ an exclusion clause.
+ properties:
+ artifactId:
+ description: Maven Artifact
+ type: string
+ groupId:
+ description: Maven Group
+ type: string
+ required:
+ - artifactId
+ - groupId
+ type: object
+ type: array
+ groupId:
+ description: Maven Group
+ type: string
+ type:
+ description: Maven Type
+ type: string
+ version:
+ description: Maven Version
+ type: string
+ required:
+ - artifactId
+ - groupId
+ type: object
+ type: array
+ type: object
+ required:
+ - http
+ - id
+ - passive
+ type: object
+ type: array
+ type:
+ description: Maven Type
+ type: string
+ version:
+ description: Maven Version
+ type: string
+ required:
+ - artifactId
+ - groupId
+ type: object
+ description: artifacts required by this catalog
+ type: object
+ loaders:
+ additionalProperties:
+ description: CamelLoader represents the configuration required to
+ load a DSL.
+ properties:
+ artifactId:
+ description: Maven Artifact
+ type: string
+ classifier:
+ description: Maven Classifier
+ type: string
+ dependencies:
+ description: a list of additional dependencies required beside
+ the base one
+ items:
+ description: MavenArtifact defines a GAV (Group:Artifact:Type:Version:Classifier)
+ Maven artifact.
+ properties:
+ artifactId:
+ description: Maven Artifact
+ type: string
+ classifier:
+ description: Maven Classifier
+ type: string
+ groupId:
+ description: Maven Group
+ type: string
+ type:
+ description: Maven Type
+ type: string
+ version:
+ description: Maven Version
+ type: string
+ required:
+ - artifactId
+ - groupId
+ type: object
+ type: array
+ groupId:
+ description: Maven Group
+ type: string
+ languages:
+ description: a list of DSLs supported
+ items:
+ type: string
+ type: array
+ metadata:
+ additionalProperties:
+ type: string
+ description: the metadata of the loader
+ type: object
+ type:
+ description: Maven Type
+ type: string
+ version:
+ description: Maven Version
+ type: string
+ required:
+ - artifactId
+ - groupId
+ type: object
+ description: loaders required by this catalog
+ type: object
+ runtime:
+ description: the runtime targeted for the catalog
+ properties:
+ applicationClass:
+ description: application entry point (main) to be executed
+ type: string
+ capabilities:
+ additionalProperties:
+ description: |-
+ Capability is a particular feature which requires a well known set of dependencies and other properties
+ which are specified in the runtime catalog.
+ properties:
+ buildTimeProperties:
+ description: Set of required Camel build time properties
+ items:
+ description: CamelProperty represents a Camel property
+ that may end up in an application.properties file.
+ properties:
+ key:
+ type: string
+ value:
+ type: string
+ required:
+ - key
+ type: object
+ type: array
+ dependencies:
+ description: List of required Maven dependencies
+ items:
+ description: MavenArtifact defines a GAV (Group:Artifact:Type:Version:Classifier)
+ Maven artifact.
+ properties:
+ artifactId:
+ description: Maven Artifact
+ type: string
+ classifier:
+ description: Maven Classifier
+ type: string
+ groupId:
+ description: Maven Group
+ type: string
+ type:
+ description: Maven Type
+ type: string
+ version:
+ description: Maven Version
+ type: string
+ required:
+ - artifactId
+ - groupId
+ type: object
+ type: array
+ metadata:
+ additionalProperties:
+ type: string
+ description: Set of generic metadata
+ type: object
+ runtimeProperties:
+ description: Set of required Camel runtime properties
+ items:
+ description: CamelProperty represents a Camel property
+ that may end up in an application.properties file.
+ properties:
+ key:
+ type: string
+ value:
+ type: string
+ required:
+ - key
+ type: object
+ type: array
+ type: object
+ description: features offered by this runtime
+ type: object
+ dependencies:
+ description: list of dependencies needed to run the application
+ items:
+ description: MavenArtifact defines a GAV (Group:Artifact:Type:Version:Classifier)
+ Maven artifact.
+ properties:
+ artifactId:
+ description: Maven Artifact
+ type: string
+ classifier:
+ description: Maven Classifier
+ type: string
+ groupId:
+ description: Maven Group
+ type: string
+ type:
+ description: Maven Type
+ type: string
+ version:
+ description: Maven Version
+ type: string
+ required:
+ - artifactId
+ - groupId
+ type: object
+ type: array
+ metadata:
+ additionalProperties:
+ type: string
+ description: set of metadata
+ type: object
+ provider:
+ description: Camel main application provider, ie, Camel Quarkus
+ type: string
+ version:
+ description: Camel K Runtime version
+ type: string
+ required:
+ - applicationClass
+ - dependencies
+ - provider
+ - version
+ type: object
+ required:
+ - artifacts
+ - loaders
+ - runtime
+ type: object
+ status:
+ description: the actual state of the catalog
+ properties:
+ conditions:
+ description: a list of events happened for the CamelCatalog
+ items:
+ description: CamelCatalogCondition describes the state of a resource
+ at a certain point.
+ properties:
+ lastTransitionTime:
+ description: Last time the condition transitioned from one status
+ to another.
+ format: date-time
+ type: string
+ lastUpdateTime:
+ description: The last time this condition was updated.
+ format: date-time
+ type: string
+ message:
+ description: A human-readable message indicating details about
+ the transition.
+ type: string
+ reason:
+ description: The reason for the condition's last transition.
+ type: string
+ status:
+ description: Status of the condition, one of True, False, Unknown.
+ type: string
+ type:
+ description: Type of CamelCatalog condition.
+ type: string
+ required:
+ - status
+ - type
+ type: object
+ type: array
+ image:
+ description: the container image available for building an application
+ with this catalog
+ type: string
+ observedGeneration:
+ description: ObservedGeneration is the most recent generation observed
+ for this Catalog.
+ format: int64
+ type: integer
+ phase:
+ description: the actual phase
+ type: string
+ type: object
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.15.0
+ labels:
+ app: camel-k
+ name: integrationkits.camel.apache.org
+spec:
+ group: camel.apache.org
+ names:
+ categories:
+ - kamel
+ - camel
+ kind: IntegrationKit
+ listKind: IntegrationKitList
+ plural: integrationkits
+ shortNames:
+ - ik
+ singular: integrationkit
+ scope: Namespaced
+ versions:
+ - additionalPrinterColumns:
+ - description: The integration kit alias
+ jsonPath: .metadata.labels.camel\.apache\.org\/kit\.alias
+ name: Alias
+ type: string
+ - description: The integration kit phase
+ jsonPath: .status.phase
+ name: Phase
+ type: string
+ - description: The integration kit type
+ jsonPath: .metadata.labels.camel\.apache\.org\/kit\.type
+ name: Type
+ type: string
+ - description: The integration kit layout
+ jsonPath: .metadata.labels.camel\.apache\.org\/kit\.layout
+ name: Layout
+ type: string
+ - description: The integration kit image
+ jsonPath: .status.image
+ name: Image
+ type: string
+ - description: The integration kit root image
+ jsonPath: .status.rootImage
+ name: Root
+ type: string
+ name: v1
+ schema:
+ openAPIV3Schema:
+ description: |-
+ IntegrationKit defines a container image and additional configuration needed to run an `Integration`.
+ An `IntegrationKit` is a generic image generally built from the requirements of an `Integration`, but agnostic to it,
+ in order to be reused by any other `Integration` which has the same required set of capabilities. An `IntegrationKit`
+ may be used for other kits as a base container layer, when the `incremental` build option is enabled.
+ properties:
+ apiVersion:
+ description: |-
+ APIVersion defines the versioned schema of this representation of an object.
+ Servers should convert recognized schemas to the latest internal value, and
+ may reject unrecognized values.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ type: string
+ kind:
+ description: |-
+ Kind is a string value representing the REST resource this object represents.
+ Servers may infer this from the endpoint the client submits requests to.
+ Cannot be updated.
+ In CamelCase.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: the desired configuration
+ properties:
+ capabilities:
+ description: features offered by the IntegrationKit
+ items:
+ type: string
+ type: array
+ configuration:
+ description: |-
+ Deprecated:
+ Use camel trait (camel.properties) to manage properties
+ Use mount trait (mount.configs) to manage configs
+ Use mount trait (mount.resources) to manage resources
+ Use mount trait (mount.volumes) to manage volumes
+ configuration used by the kit
+ items:
+ description: ConfigurationSpec represents a generic configuration
+ specification.
+ properties:
+ type:
+ description: 'represents the type of configuration, ie: property,
+ configmap, secret, ...'
+ type: string
+ value:
+ description: the value to assign to the configuration (syntax
+ may vary depending on the `Type`)
+ type: string
+ required:
+ - type
+ - value
+ type: object
+ type: array
+ dependencies:
+ description: a list of Camel dependecies used by this kit
+ items:
+ type: string
+ type: array
+ image:
+ description: the container image as identified in the container registry
+ type: string
+ profile:
+ description: the profile which is expected by this kit
+ type: string
+ repositories:
+ description: Maven repositories that can be used by the kit
+ items:
+ type: string
+ type: array
+ sources:
+ description: the sources to add at build time
+ items:
+ description: SourceSpec defines the configuration for one or more
+ routes to be executed in a certain Camel DSL language.
+ properties:
+ compression:
+ description: if the content is compressed (base64 encrypted)
+ type: boolean
+ content:
+ description: the source code (plain text)
+ type: string
+ contentKey:
+ description: the confimap key holding the source content
+ type: string
+ contentRef:
+ description: the confimap reference holding the source content
+ type: string
+ contentType:
+ description: the content type (tipically text or binary)
+ type: string
+ from-kamelet:
+ description: True if the spec is generated from a Kamelet
+ type: boolean
+ interceptors:
+ description: |-
+ Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader
+ uses to pre/post process sources
+ items:
+ type: string
+ type: array
+ language:
+ description: specify which is the language (Camel DSL) used
+ to interpret this source code
+ type: string
+ loader:
+ description: |-
+ Loader is an optional id of the org.apache.camel.k.RoutesLoader that will
+ interpret this source at runtime
+ type: string
+ name:
+ description: the name of the specification
+ type: string
+ path:
+ description: the path where the file is stored
+ type: string
+ property-names:
+ description: List of property names defined in the source (e.g.
+ if type is "template")
+ items:
+ type: string
+ type: array
+ rawContent:
+ description: the source code (binary)
+ format: byte
+ type: string
+ type:
+ description: Type defines the kind of source described by this
+ object
+ type: string
+ type: object
+ type: array
+ traits:
+ description: traits that the kit will execute
+ properties:
+ addons:
+ additionalProperties:
+ description: AddonTrait represents the configuration of an addon
+ trait.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ description: The collection of addon trait configurations
+ type: object
+ builder:
+ description: The builder trait is internally used to determine
+ the best strategy to build and configure IntegrationKits.
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ description: When using `pod` strategy, annotation to use
+ for the builder pod.
+ type: object
+ baseImage:
+ description: |-
+ Specify a base image. In order to have the application working properly it must be a container image which has a Java JDK
+ installed and ready to use on path (ie `/usr/bin/java`).
+ type: string
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ incrementalImageBuild:
+ description: Use the incremental image build option, to reuse
+ existing containers (default `true`)
+ type: boolean
+ limitCPU:
+ description: |-
+ When using `pod` strategy, the maximum amount of CPU required by the pod builder.
+ Deprecated: use TasksRequestCPU instead with task name `builder`.
+ type: string
+ limitMemory:
+ description: |-
+ When using `pod` strategy, the maximum amount of memory required by the pod builder.
+ Deprecated: use TasksRequestCPU instead with task name `builder`.
+ type: string
+ mavenProfiles:
+ description: |-
+ A list of references pointing to configmaps/secrets that contains a maven profile.
+ This configmap/secret is a resource of the IntegrationKit created, therefore it needs to be present in the namespace where the operator is going to create the IntegrationKit.
+ The content of the maven profile is expected to be a text containing a valid maven profile starting with `` and ending with `` that will be integrated as an inline profile in the POM.
+ Syntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = profile.xml).
+ items:
+ type: string
+ type: array
+ nodeSelector:
+ additionalProperties:
+ type: string
+ description: Defines a set of nodes the builder pod is eligible
+ to be scheduled on, based on labels on the node.
+ type: object
+ orderStrategy:
+ description: The build order strategy to use, either `dependencies`,
+ `fifo` or `sequential` (default is the platform default)
+ enum:
+ - dependencies
+ - fifo
+ - sequential
+ type: string
+ platforms:
+ description: The list of manifest platforms to use to build
+ a container image (default `linux/amd64`).
+ items:
+ type: string
+ type: array
+ properties:
+ description: A list of properties to be provided to the build
+ task
+ items:
+ type: string
+ type: array
+ requestCPU:
+ description: |-
+ When using `pod` strategy, the minimum amount of CPU required by the pod builder.
+ Deprecated: use TasksRequestCPU instead with task name `builder`.
+ type: string
+ requestMemory:
+ description: |-
+ When using `pod` strategy, the minimum amount of memory required by the pod builder.
+ Deprecated: use TasksRequestCPU instead with task name `builder`.
+ type: string
+ strategy:
+ description: The strategy to use, either `pod` or `routine`
+ (default `routine`)
+ enum:
+ - pod
+ - routine
+ type: string
+ tasks:
+ description: A list of tasks to be executed (available only
+ when using `pod` strategy) with format `;;`.
+ items:
+ type: string
+ type: array
+ tasksFilter:
+ description: |-
+ A list of tasks sorted by the order of execution in a csv format, ie, `,,...`.
+ Mind that you must include also the operator tasks (`builder`, `quarkus-native`, `package`, `jib`, `s2i`)
+ if you need to execute them. Useful only with `pod` strategy.
+ type: string
+ tasksLimitCPU:
+ description: A list of limit cpu configuration for the specific
+ task with format `:`.
+ items:
+ type: string
+ type: array
+ tasksLimitMemory:
+ description: A list of limit memory configuration for the
+ specific task with format `:`.
+ items:
+ type: string
+ type: array
+ tasksRequestCPU:
+ description: A list of request cpu configuration for the specific
+ task with format `:`.
+ items:
+ type: string
+ type: array
+ tasksRequestMemory:
+ description: A list of request memory configuration for the
+ specific task with format `:`.
+ items:
+ type: string
+ type: array
+ verbose:
+ description: |-
+ Enable verbose logging on build components that support it (e.g. Kaniko build pod).
+ Deprecated no longer in use
+ type: boolean
+ type: object
+ camel:
+ description: The Camel trait sets up Camel configuration.
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ properties:
+ description: A list of properties to be provided to the Integration
+ runtime
+ items:
+ type: string
+ type: array
+ runtimeVersion:
+ description: |-
+ The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform.
+ You can use a fixed version (for example "3.2.3") or a semantic version (for example "3.x") which will try to resolve
+ to the best matching Catalog existing on the cluster.
+ type: string
+ type: object
+ quarkus:
+ description: |-
+ The Quarkus trait configures the Quarkus runtime.
+ It's enabled by default.
+ NOTE: Compiling to a native executable, requires at least 4GiB of memory, so the Pod running the native build must have enough memory available.
+ properties:
+ buildMode:
+ description: |-
+ The Quarkus mode to run: either `jvm` or `native` (default `jvm`).
+ In case both `jvm` and `native` are specified, two `IntegrationKit` resources are created,
+ with the `native` kit having precedence over the `jvm` one once ready.
+ items:
+ description: QuarkusMode is the type of Quarkus build packaging.
+ enum:
+ - jvm
+ - native
+ type: string
+ type: array
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ nativeBaseImage:
+ description: The base image to use when running a native build
+ (default `quay.io/quarkus/quarkus-micro-image:2.0`)
+ type: string
+ nativeBuilderImage:
+ description: The image containing the tooling required for
+ a native build (by default it will use the one provided
+ in the runtime catalog)
+ type: string
+ packageTypes:
+ description: |-
+ The Quarkus package types, `fast-jar` or `native` (default `fast-jar`).
+ In case both `fast-jar` and `native` are specified, two `IntegrationKit` resources are created,
+ with the native kit having precedence over the `fast-jar` one once ready.
+ The order influences the resolution of the current kit for the integration.
+ The kit corresponding to the first package type will be assigned to the
+ integration in case no existing kit that matches the integration exists.
+ Deprecated: use `build-mode` instead.
+ items:
+ description: |-
+ QuarkusPackageType is the type of Quarkus build packaging.
+ Deprecated: use `QuarkusMode` instead.
+ enum:
+ - fast-jar
+ - native
+ type: string
+ type: array
+ type: object
+ registry:
+ description: |-
+ The Registry trait sets up Maven to use the Image registry as a Maven repository (support removed since version 2.5.0).
+ Deprecated: use jvm trait or read documentation.
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ type: object
+ type: object
+ type: object
+ status:
+ description: the actual status
+ properties:
+ artifacts:
+ description: list of artifacts used by the kit
+ items:
+ description: Artifact represents a materialized artifact (a jar
+ dependency or in general a file used by the build).
+ properties:
+ checksum:
+ description: a checksum (SHA1) of the content
+ type: string
+ id:
+ description: the identification (GAV for maven dependencies
+ or file name for other file types)
+ type: string
+ location:
+ description: where it is located in the builder `Pod`
+ type: string
+ target:
+ description: the expected location in the runtime
+ type: string
+ required:
+ - id
+ type: object
+ type: array
+ baseImage:
+ description: base image used by the kit (could be another IntegrationKit)
+ type: string
+ conditions:
+ description: a list of conditions which happened for the events related
+ the kit
+ items:
+ description: IntegrationKitCondition describes the state of a resource
+ at a certain point.
+ properties:
+ lastTransitionTime:
+ description: Last time the condition transitioned from one status
+ to another.
+ format: date-time
+ type: string
+ lastUpdateTime:
+ description: The last time this condition was updated.
+ format: date-time
+ type: string
+ message:
+ description: A human-readable message indicating details about
+ the transition.
+ type: string
+ reason:
+ description: The reason for the condition's last transition.
+ type: string
+ status:
+ description: Status of the condition, one of True, False, Unknown.
+ type: string
+ type:
+ description: Type of integration condition.
+ type: string
+ required:
+ - status
+ - type
+ type: object
+ type: array
+ digest:
+ description: actual image digest of the kit
+ type: string
+ failure:
+ description: failure reason (if any)
+ properties:
+ reason:
+ description: a short text specifying the reason
+ type: string
+ recovery:
+ description: the recovery attempted for this failure
+ properties:
+ attempt:
+ description: attempt number
+ type: integer
+ attemptMax:
+ description: maximum number of attempts
+ type: integer
+ attemptTime:
+ description: time of the attempt execution
+ format: date-time
+ type: string
+ required:
+ - attempt
+ - attemptMax
+ type: object
+ time:
+ description: the time when the failure has happened
+ format: date-time
+ type: string
+ required:
+ - reason
+ - recovery
+ - time
+ type: object
+ image:
+ description: actual image name of the kit
+ type: string
+ observedGeneration:
+ description: ObservedGeneration is the most recent generation observed
+ for this IntegrationKit.
+ format: int64
+ type: integer
+ phase:
+ description: phase of the kit
+ type: string
+ platform:
+ description: the platform for which this kit was configured
+ type: string
+ rootImage:
+ description: root image used by the kit (the first image from which
+ the incremental image has started, typically a JDK/JRE base image)
+ type: string
+ runtimeProvider:
+ description: the runtime provider for which this kit was configured
+ type: string
+ runtimeVersion:
+ description: the runtime version for which this kit was configured
+ type: string
+ version:
+ description: the Camel K operator version for which this kit was configured
+ type: string
+ type: object
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.15.0
+ labels:
+ app: camel-k
+ name: integrationplatforms.camel.apache.org
+spec:
+ group: camel.apache.org
+ names:
+ categories:
+ - kamel
+ - camel
+ kind: IntegrationPlatform
+ listKind: IntegrationPlatformList
+ plural: integrationplatforms
+ shortNames:
+ - itp
+ singular: integrationplatform
+ scope: Namespaced
+ versions:
+ - additionalPrinterColumns:
+ - description: The integration platform phase
+ jsonPath: .status.phase
+ name: Phase
+ type: string
+ - description: The default build strategy
+ jsonPath: .status.build.buildConfiguration.strategy
+ name: Build strategy
+ type: string
+ - description: The default publish strategy
+ jsonPath: .status.build.publishStrategy
+ name: Publish strategy
+ type: string
+ - description: The container registry address
+ jsonPath: .status.build.registry.address
+ name: Registry address
+ type: string
+ - description: The default runtime version
+ jsonPath: .status.build.runtimeVersion
+ name: Default runtime
+ type: string
+ name: v1
+ schema:
+ openAPIV3Schema:
+ description: |-
+ IntegrationPlatform is the resource used to drive the Camel K operator behavior.
+ It defines the behavior of all Custom Resources (`IntegrationKit`, `Integration`, `Kamelet`) in the given namespace.
+ When the Camel K operator is installed in `global` mode,
+ you will need to specify an `IntegrationPlatform` in each namespace where you want the Camel K operator to be executed.
+ properties:
+ apiVersion:
+ description: |-
+ APIVersion defines the versioned schema of this representation of an object.
+ Servers should convert recognized schemas to the latest internal value, and
+ may reject unrecognized values.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ type: string
+ kind:
+ description: |-
+ Kind is a string value representing the REST resource this object represents.
+ Servers may infer this from the endpoint the client submits requests to.
+ Cannot be updated.
+ In CamelCase.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: IntegrationPlatformSpec defines the desired state of IntegrationPlatform.
+ properties:
+ build:
+ description: specify how to build the Integration/IntegrationKits
+ properties:
+ PublishStrategyOptions:
+ additionalProperties:
+ type: string
+ description: Generic options that can used by any publish strategy
+ type: object
+ baseImage:
+ description: |-
+ a base image that can be used as base layer for all images.
+ It can be useful if you want to provide some custom base image with further utility software
+ type: string
+ buildCatalogToolTimeout:
+ description: |-
+ the timeout (in seconds) to use when creating the build tools container image
+ Deprecated: no longer in use
+ type: string
+ buildConfiguration:
+ description: the configuration required to build an Integration
+ container image
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ description: Annotation to use for the builder pod. Only used
+ for `pod` strategy
+ type: object
+ limitCPU:
+ description: The maximum amount of CPU required. Only used
+ for `pod` strategy
+ type: string
+ limitMemory:
+ description: The maximum amount of memory required. Only used
+ for `pod` strategy
+ type: string
+ nodeSelector:
+ additionalProperties:
+ type: string
+ description: The node selector for the builder pod. Only used
+ for `pod` strategy
+ type: object
+ operatorNamespace:
+ description: The namespace where to run the builder Pod (must
+ be the same of the operator in charge of this Build reconciliation).
+ type: string
+ orderStrategy:
+ description: the build order strategy to adopt
+ enum:
+ - dependencies
+ - fifo
+ - sequential
+ type: string
+ platforms:
+ description: The list of platforms used in order to build
+ a container image.
+ items:
+ type: string
+ type: array
+ requestCPU:
+ description: The minimum amount of CPU required. Only used
+ for `pod` strategy
+ type: string
+ requestMemory:
+ description: The minimum amount of memory required. Only used
+ for `pod` strategy
+ type: string
+ strategy:
+ description: the strategy to adopt
+ enum:
+ - routine
+ - pod
+ type: string
+ toolImage:
+ description: The container image to be used to run the build.
+ type: string
+ type: object
+ maven:
+ description: Maven configuration used to build the Camel/Camel-Quarkus
+ applications
+ properties:
+ caSecrets:
+ description: |-
+ The Secrets name and key, containing the CA certificate(s) used to connect
+ to remote Maven repositories.
+ It can contain X.509 certificates, and PKCS#7 formatted certificate chains.
+ A JKS formatted keystore is automatically created to store the CA certificate(s),
+ and configured to be used as a trusted certificate(s) by the Maven commands.
+ Note that the root CA certificates are also imported into the created keystore.
+ items:
+ description: SecretKeySelector selects a key of a Secret.
+ properties:
+ key:
+ description: The key of the secret to select from. Must
+ be a valid secret key.
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must
+ be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: array
+ cliOptions:
+ description: |-
+ The CLI options that are appended to the list of arguments for Maven commands,
+ e.g., `-V,--no-transfer-progress,-Dstyle.color=never`.
+ See https://maven.apache.org/ref/3.8.4/maven-embedder/cli.html.
+ items:
+ type: string
+ type: array
+ extension:
+ description: |-
+ The Maven build extensions.
+ See https://maven.apache.org/guides/mini/guide-using-extensions.html.
+ items:
+ description: MavenArtifact defines a GAV (Group:Artifact:Type:Version:Classifier)
+ Maven artifact.
+ properties:
+ artifactId:
+ description: Maven Artifact
+ type: string
+ classifier:
+ description: Maven Classifier
+ type: string
+ groupId:
+ description: Maven Group
+ type: string
+ type:
+ description: Maven Type
+ type: string
+ version:
+ description: Maven Version
+ type: string
+ required:
+ - artifactId
+ - groupId
+ type: object
+ type: array
+ localRepository:
+ description: The path of the local Maven repository.
+ type: string
+ profiles:
+ description: |-
+ A reference to the ConfigMap or Secret key that contains
+ the Maven profile.
+ items:
+ description: ValueSource --.
+ properties:
+ configMapKeyRef:
+ description: Selects a key of a ConfigMap.
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the ConfigMap or its
+ key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ secretKeyRef:
+ description: Selects a key of a secret.
+ properties:
+ key:
+ description: The key of the secret to select from. Must
+ be a valid secret key.
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the Secret or its key
+ must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ type: array
+ properties:
+ additionalProperties:
+ type: string
+ description: The Maven properties.
+ type: object
+ settings:
+ description: |-
+ A reference to the ConfigMap or Secret key that contains
+ the Maven settings.
+ properties:
+ configMapKeyRef:
+ description: Selects a key of a ConfigMap.
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the ConfigMap or its
+ key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ secretKeyRef:
+ description: Selects a key of a secret.
+ properties:
+ key:
+ description: The key of the secret to select from. Must
+ be a valid secret key.
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the Secret or its key
+ must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ settingsSecurity:
+ description: |-
+ A reference to the ConfigMap or Secret key that contains
+ the security of the Maven settings.
+ properties:
+ configMapKeyRef:
+ description: Selects a key of a ConfigMap.
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the ConfigMap or its
+ key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ secretKeyRef:
+ description: Selects a key of a secret.
+ properties:
+ key:
+ description: The key of the secret to select from. Must
+ be a valid secret key.
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the Secret or its key
+ must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ type: object
+ maxRunningBuilds:
+ description: the maximum amount of parallel running pipelines
+ started by this operator instance
+ format: int32
+ type: integer
+ publishStrategy:
+ description: the strategy to adopt for publishing an Integration
+ container image
+ type: string
+ registry:
+ description: the image registry used to push/pull Integration
+ images
+ properties:
+ address:
+ description: the URI to access
+ type: string
+ ca:
+ description: the configmap which stores the Certificate Authority
+ type: string
+ insecure:
+ description: if the container registry is insecure (ie, http
+ only)
+ type: boolean
+ organization:
+ description: the registry organization
+ type: string
+ secret:
+ description: the secret where credentials are stored
+ type: string
+ type: object
+ runtimeProvider:
+ description: the runtime used. Likely Camel Quarkus (we used to
+ have main runtime which has been discontinued since version
+ 1.5)
+ type: string
+ runtimeVersion:
+ description: the Camel K Runtime dependency version
+ type: string
+ timeout:
+ description: how much time to wait before time out the pipeline
+ process
+ type: string
+ type: object
+ cluster:
+ description: what kind of cluster you're running (ie, plain Kubernetes
+ or OpenShift)
+ type: string
+ configuration:
+ description: |-
+ Deprecated:
+ Use camel trait (camel.properties) to manage properties
+ Use mount trait (mount.configs) to manage configs
+ Use mount trait (mount.resources) to manage resources
+ Use mount trait (mount.volumes) to manage volumes
+ list of configuration properties to be attached to all the Integration/IntegrationKits built from this IntegrationPlatform
+ items:
+ description: ConfigurationSpec represents a generic configuration
+ specification.
+ properties:
+ type:
+ description: 'represents the type of configuration, ie: property,
+ configmap, secret, ...'
+ type: string
+ value:
+ description: the value to assign to the configuration (syntax
+ may vary depending on the `Type`)
+ type: string
+ required:
+ - type
+ - value
+ type: object
+ type: array
+ kamelet:
+ description: configuration to be executed to all Kamelets controlled
+ by this IntegrationPlatform
+ properties:
+ repositories:
+ description: remote repository used to retrieve Kamelet catalog
+ items:
+ description: KameletRepositorySpec defines the location of the
+ Kamelet catalog to use.
+ properties:
+ uri:
+ description: the remote repository in the format github:ORG/REPO/PATH_TO_KAMELETS_FOLDER
+ type: string
+ type: object
+ type: array
+ type: object
+ profile:
+ description: |-
+ the profile you wish to use. It will apply certain traits which are required by the specific profile chosen.
+ It usually relates the Cluster with the optional definition of special profiles (ie, Knative)
+ type: string
+ traits:
+ description: list of traits to be executed for all the Integration/IntegrationKits
+ built from this IntegrationPlatform
+ properties:
+ 3scale:
+ description: 'Deprecated: for backward compatibility.'
+ properties:
+ configuration:
+ description: TraitConfiguration parameters configuration
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ required:
+ - configuration
+ type: object
+ addons:
+ additionalProperties:
+ description: AddonTrait represents the configuration of an addon
+ trait.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ description: The extension point with addon traits
+ type: object
+ affinity:
+ description: The configuration of Affinity trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ nodeAffinityLabels:
+ description: Defines a set of nodes the integration pod(s)
+ are eligible to be scheduled on, based on labels on the
+ node.
+ items:
+ type: string
+ type: array
+ podAffinity:
+ description: Always co-locates multiple replicas of the integration
+ in the same node (default `false`).
+ type: boolean
+ podAffinityLabels:
+ description: |-
+ Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the
+ integration pod(s) should be co-located with.
+ items:
+ type: string
+ type: array
+ podAntiAffinity:
+ description: Never co-locates multiple replicas of the integration
+ in the same node (default `false`).
+ type: boolean
+ podAntiAffinityLabels:
+ description: |-
+ Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the
+ integration pod(s) should not be co-located with.
+ items:
+ type: string
+ type: array
+ type: object
+ builder:
+ description: The configuration of Builder trait
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ description: When using `pod` strategy, annotation to use
+ for the builder pod.
+ type: object
+ baseImage:
+ description: |-
+ Specify a base image. In order to have the application working properly it must be a container image which has a Java JDK
+ installed and ready to use on path (ie `/usr/bin/java`).
+ type: string
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ incrementalImageBuild:
+ description: Use the incremental image build option, to reuse
+ existing containers (default `true`)
+ type: boolean
+ limitCPU:
+ description: |-
+ When using `pod` strategy, the maximum amount of CPU required by the pod builder.
+ Deprecated: use TasksRequestCPU instead with task name `builder`.
+ type: string
+ limitMemory:
+ description: |-
+ When using `pod` strategy, the maximum amount of memory required by the pod builder.
+ Deprecated: use TasksRequestCPU instead with task name `builder`.
+ type: string
+ mavenProfiles:
+ description: |-
+ A list of references pointing to configmaps/secrets that contains a maven profile.
+ This configmap/secret is a resource of the IntegrationKit created, therefore it needs to be present in the namespace where the operator is going to create the IntegrationKit.
+ The content of the maven profile is expected to be a text containing a valid maven profile starting with `` and ending with `` that will be integrated as an inline profile in the POM.
+ Syntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = profile.xml).
+ items:
+ type: string
+ type: array
+ nodeSelector:
+ additionalProperties:
+ type: string
+ description: Defines a set of nodes the builder pod is eligible
+ to be scheduled on, based on labels on the node.
+ type: object
+ orderStrategy:
+ description: The build order strategy to use, either `dependencies`,
+ `fifo` or `sequential` (default is the platform default)
+ enum:
+ - dependencies
+ - fifo
+ - sequential
+ type: string
+ platforms:
+ description: The list of manifest platforms to use to build
+ a container image (default `linux/amd64`).
+ items:
+ type: string
+ type: array
+ properties:
+ description: A list of properties to be provided to the build
+ task
+ items:
+ type: string
+ type: array
+ requestCPU:
+ description: |-
+ When using `pod` strategy, the minimum amount of CPU required by the pod builder.
+ Deprecated: use TasksRequestCPU instead with task name `builder`.
+ type: string
+ requestMemory:
+ description: |-
+ When using `pod` strategy, the minimum amount of memory required by the pod builder.
+ Deprecated: use TasksRequestCPU instead with task name `builder`.
+ type: string
+ strategy:
+ description: The strategy to use, either `pod` or `routine`
+ (default `routine`)
+ enum:
+ - pod
+ - routine
+ type: string
+ tasks:
+ description: A list of tasks to be executed (available only
+ when using `pod` strategy) with format `;;`.
+ items:
+ type: string
+ type: array
+ tasksFilter:
+ description: |-
+ A list of tasks sorted by the order of execution in a csv format, ie, `,,...`.
+ Mind that you must include also the operator tasks (`builder`, `quarkus-native`, `package`, `jib`, `s2i`)
+ if you need to execute them. Useful only with `pod` strategy.
+ type: string
+ tasksLimitCPU:
+ description: A list of limit cpu configuration for the specific
+ task with format `:`.
+ items:
+ type: string
+ type: array
+ tasksLimitMemory:
+ description: A list of limit memory configuration for the
+ specific task with format `:`.
+ items:
+ type: string
+ type: array
+ tasksRequestCPU:
+ description: A list of request cpu configuration for the specific
+ task with format `:`.
+ items:
+ type: string
+ type: array
+ tasksRequestMemory:
+ description: A list of request memory configuration for the
+ specific task with format `:`.
+ items:
+ type: string
+ type: array
+ verbose:
+ description: |-
+ Enable verbose logging on build components that support it (e.g. Kaniko build pod).
+ Deprecated no longer in use
+ type: boolean
+ type: object
+ camel:
+ description: The configuration of Camel trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ properties:
+ description: A list of properties to be provided to the Integration
+ runtime
+ items:
+ type: string
+ type: array
+ runtimeVersion:
+ description: |-
+ The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform.
+ You can use a fixed version (for example "3.2.3") or a semantic version (for example "3.x") which will try to resolve
+ to the best matching Catalog existing on the cluster.
+ type: string
+ type: object
+ container:
+ description: The configuration of Container trait
+ properties:
+ allowPrivilegeEscalation:
+ description: Security Context AllowPrivilegeEscalation configuration
+ (default false).
+ type: boolean
+ auto:
+ description: To automatically enable the trait
+ type: boolean
+ capabilitiesAdd:
+ description: Security Context Capabilities Add configuration
+ (default none).
+ items:
+ description: Capability represent POSIX capabilities type
+ type: string
+ type: array
+ capabilitiesDrop:
+ description: Security Context Capabilities Drop configuration
+ (default ALL).
+ items:
+ description: Capability represent POSIX capabilities type
+ type: string
+ type: array
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ expose:
+ description: Can be used to enable/disable exposure via kubernetes
+ Service.
+ type: boolean
+ image:
+ description: |-
+ The main container image to use for the Integration. When using this parameter the operator will create a synthetic IntegrationKit which
+ won't be able to execute traits requiring CamelCatalog. If the container image you're using is coming from an IntegrationKit, use instead
+ Integration `.spec.integrationKit` parameter. If you're moving the Integration across environments, you will also need to create an "external" IntegrationKit.
+ type: string
+ imagePullPolicy:
+ description: 'The pull policy: Always|Never|IfNotPresent'
+ enum:
+ - Always
+ - Never
+ - IfNotPresent
+ type: string
+ limitCPU:
+ description: The maximum amount of CPU to be provided (default
+ 500 millicores).
+ type: string
+ limitMemory:
+ description: The maximum amount of memory to be provided (default
+ 512 Mi).
+ type: string
+ name:
+ description: The main container name. It's named `integration`
+ by default.
+ type: string
+ port:
+ description: To configure a different port exposed by the
+ container (default `8080`).
+ type: integer
+ portName:
+ description: To configure a different port name for the port
+ exposed by the container. It defaults to `http` only when
+ the `expose` parameter is true.
+ type: string
+ requestCPU:
+ description: The minimum amount of CPU required (default 125
+ millicores).
+ type: string
+ requestMemory:
+ description: The minimum amount of memory required (default
+ 128 Mi).
+ type: string
+ runAsNonRoot:
+ description: Security Context RunAsNonRoot configuration (default
+ false).
+ type: boolean
+ runAsUser:
+ description: 'Security Context RunAsUser configuration (default
+ none): this value is automatically retrieved in Openshift
+ clusters when not explicitly set.'
+ format: int64
+ type: integer
+ seccompProfileType:
+ description: Security Context SeccompProfileType configuration
+ (default RuntimeDefault).
+ enum:
+ - Unconfined
+ - RuntimeDefault
+ type: string
+ servicePort:
+ description: To configure under which service port the container
+ port is to be exposed (default `80`).
+ type: integer
+ servicePortName:
+ description: To configure under which service port name the
+ container port is to be exposed (default `http`).
+ type: string
+ type: object
+ cron:
+ description: The configuration of Cron trait
+ properties:
+ activeDeadlineSeconds:
+ description: |-
+ Specifies the duration in seconds, relative to the start time, that the job
+ may be continuously active before it is considered to be failed.
+ It defaults to 60s.
+ format: int64
+ type: integer
+ auto:
+ description: |-
+ Automatically deploy the integration as CronJob when all routes are
+ either starting from a periodic consumer (only `cron`, `timer` and `quartz` are supported) or a passive consumer (e.g. `direct` is a passive consumer).
+
+
+ It's required that all periodic consumers have the same period, and it can be expressed as cron schedule (e.g. `1m` can be expressed as `0/1 * * * *`,
+ while `35m` or `50s` cannot).
+ type: boolean
+ backoffLimit:
+ description: |-
+ Specifies the number of retries before marking the job failed.
+ It defaults to 2.
+ format: int32
+ type: integer
+ components:
+ description: |-
+ A comma separated list of the Camel components that need to be customized in order for them to work when the schedule is triggered externally by Kubernetes.
+ A specific customizer is activated for each specified component. E.g. for the `timer` component, the `cron-timer` customizer is
+ activated (it's present in the `org.apache.camel.k:camel-k-cron` library).
+
+
+ Supported components are currently: `cron`, `timer` and `quartz`.
+ type: string
+ concurrencyPolicy:
+ description: |-
+ Specifies how to treat concurrent executions of a Job.
+ Valid values are:
+ - "Allow": allows CronJobs to run concurrently;
+ - "Forbid" (default): forbids concurrent runs, skipping next run if previous run hasn't finished yet;
+ - "Replace": cancels currently running job and replaces it with a new one
+ enum:
+ - Allow
+ - Forbid
+ - Replace
+ type: string
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ fallback:
+ description: |-
+ Use the default Camel implementation of the `cron` endpoint (`quartz`) instead of trying to materialize the integration
+ as Kubernetes CronJob.
+ type: boolean
+ schedule:
+ description: |-
+ The CronJob schedule for the whole integration. If multiple routes are declared, they must have the same schedule for this
+ mechanism to work correctly.
+ type: string
+ startingDeadlineSeconds:
+ description: |-
+ Optional deadline in seconds for starting the job if it misses scheduled
+ time for any reason. Missed jobs executions will be counted as failed ones.
+ format: int64
+ type: integer
+ timeZone:
+ description: The timezone that the CronJob will run on
+ type: string
+ type: object
+ dependencies:
+ description: The configuration of Dependencies trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ type: object
+ deployer:
+ description: The configuration of Deployer trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ kind:
+ description: Allows to explicitly select the desired deployment
+ kind between `deployment`, `cron-job` or `knative-service`
+ when creating the resources for running the integration.
+ enum:
+ - deployment
+ - cron-job
+ - knative-service
+ type: string
+ useSSA:
+ description: |-
+ Use server-side apply to update the owned resources (default `true`).
+ Note that it automatically falls back to client-side patching, if SSA is not available, e.g., on old Kubernetes clusters.
+ type: boolean
+ type: object
+ deployment:
+ description: The configuration of Deployment trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ progressDeadlineSeconds:
+ description: |-
+ The maximum time in seconds for the deployment to make progress before it
+ is considered to be failed. It defaults to `60s`.
+ format: int32
+ type: integer
+ rollingUpdateMaxSurge:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ The maximum number of pods that can be scheduled above the desired number of
+ pods.
+ Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
+ This can not be 0 if MaxUnavailable is 0.
+ Absolute number is calculated from percentage by rounding up.
+ Defaults to `25%`.
+ x-kubernetes-int-or-string: true
+ rollingUpdateMaxUnavailable:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ The maximum number of pods that can be unavailable during the update.
+ Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
+ Absolute number is calculated from percentage by rounding down.
+ This can not be 0 if MaxSurge is 0.
+ Defaults to `25%`.
+ x-kubernetes-int-or-string: true
+ strategy:
+ description: The deployment strategy to use to replace existing
+ pods with new ones.
+ enum:
+ - Recreate
+ - RollingUpdate
+ type: string
+ type: object
+ environment:
+ description: The configuration of Environment trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ containerMeta:
+ description: Enables injection of `NAMESPACE` and `POD_NAME`
+ environment variables (default `true`)
+ type: boolean
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ httpProxy:
+ description: Propagates the `HTTP_PROXY`, `HTTPS_PROXY` and
+ `NO_PROXY` environment variables (default `true`)
+ type: boolean
+ vars:
+ description: |-
+ A list of environment variables to be added to the integration container.
+ The syntax is KEY=VALUE, e.g., `MY_VAR="my value"`.
+ These take precedence over the previously defined environment variables.
+ items:
+ type: string
+ type: array
+ type: object
+ error-handler:
+ description: The configuration of Error Handler trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ ref:
+ description: The error handler ref name provided or found
+ in application properties
+ type: string
+ type: object
+ gc:
+ description: The configuration of GC trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ discoveryCache:
+ description: |-
+ Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`).
+ Deprecated: to be removed from trait configuration.
+ enum:
+ - disabled
+ - disk
+ - memory
+ type: string
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ type: object
+ health:
+ description: The configuration of Health trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ livenessFailureThreshold:
+ description: Minimum consecutive failures for the liveness
+ probe to be considered failed after having succeeded.
+ format: int32
+ type: integer
+ livenessInitialDelay:
+ description: Number of seconds after the container has started
+ before the liveness probe is initiated.
+ format: int32
+ type: integer
+ livenessPeriod:
+ description: How often to perform the liveness probe.
+ format: int32
+ type: integer
+ livenessProbe:
+ description: The liveness probe path to use (default provided
+ by the Catalog runtime used).
+ type: string
+ livenessProbeEnabled:
+ description: Configures the liveness probe for the integration
+ container (default `false`).
+ type: boolean
+ livenessScheme:
+ description: Scheme to use when connecting to the liveness
+ probe (default `HTTP`).
+ type: string
+ livenessSuccessThreshold:
+ description: Minimum consecutive successes for the liveness
+ probe to be considered successful after having failed.
+ format: int32
+ type: integer
+ livenessTimeout:
+ description: Number of seconds after which the liveness probe
+ times out.
+ format: int32
+ type: integer
+ readinessFailureThreshold:
+ description: Minimum consecutive failures for the readiness
+ probe to be considered failed after having succeeded.
+ format: int32
+ type: integer
+ readinessInitialDelay:
+ description: Number of seconds after the container has started
+ before the readiness probe is initiated.
+ format: int32
+ type: integer
+ readinessPeriod:
+ description: How often to perform the readiness probe.
+ format: int32
+ type: integer
+ readinessProbe:
+ description: The readiness probe path to use (default provided
+ by the Catalog runtime used).
+ type: string
+ readinessProbeEnabled:
+ description: Configures the readiness probe for the integration
+ container (default `true`).
+ type: boolean
+ readinessScheme:
+ description: Scheme to use when connecting to the readiness
+ probe (default `HTTP`).
+ type: string
+ readinessSuccessThreshold:
+ description: Minimum consecutive successes for the readiness
+ probe to be considered successful after having failed.
+ format: int32
+ type: integer
+ readinessTimeout:
+ description: Number of seconds after which the readiness probe
+ times out.
+ format: int32
+ type: integer
+ startupFailureThreshold:
+ description: Minimum consecutive failures for the startup
+ probe to be considered failed after having succeeded.
+ format: int32
+ type: integer
+ startupInitialDelay:
+ description: Number of seconds after the container has started
+ before the startup probe is initiated.
+ format: int32
+ type: integer
+ startupPeriod:
+ description: How often to perform the startup probe.
+ format: int32
+ type: integer
+ startupProbe:
+ description: The startup probe path to use (default provided
+ by the Catalog runtime used).
+ type: string
+ startupProbeEnabled:
+ description: Configures the startup probe for the integration
+ container (default `false`).
+ type: boolean
+ startupScheme:
+ description: Scheme to use when connecting to the startup
+ probe (default `HTTP`).
+ type: string
+ startupSuccessThreshold:
+ description: Minimum consecutive successes for the startup
+ probe to be considered successful after having failed.
+ format: int32
+ type: integer
+ startupTimeout:
+ description: Number of seconds after which the startup probe
+ times out.
+ format: int32
+ type: integer
+ type: object
+ ingress:
+ description: The configuration of Ingress trait
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ description: |-
+ The annotations added to the ingress.
+ This can be used to set controller specific annotations, e.g., when using the NGINX Ingress controller:
+ See https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md
+ type: object
+ auto:
+ description: To automatically add an ingress whenever the
+ integration uses an HTTP endpoint consumer.
+ type: boolean
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ host:
+ description: To configure the host exposed by the ingress.
+ type: string
+ path:
+ description: To configure the path exposed by the ingress
+ (default `/`).
+ type: string
+ pathType:
+ description: |-
+ To configure the path type exposed by the ingress.
+ One of `Exact`, `Prefix`, `ImplementationSpecific` (default to `Prefix`).
+ enum:
+ - Exact
+ - Prefix
+ - ImplementationSpecific
+ type: string
+ tlsHosts:
+ description: To configure tls hosts
+ items:
+ type: string
+ type: array
+ tlsSecretName:
+ description: To configure tls secret name
+ type: string
+ type: object
+ istio:
+ description: The configuration of Istio trait
+ properties:
+ allow:
+ description: Configures a (comma-separated) list of CIDR subnets
+ that should not be intercepted by the Istio proxy (`10.0.0.0/8,172.16.0.0/12,192.168.0.0/16`
+ by default).
+ type: string
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ inject:
+ description: Forces the value for labels `sidecar.istio.io/inject`.
+ By default the label is set to `true` on deployment and
+ not set on Knative Service.
+ type: boolean
+ type: object
+ jolokia:
+ description: The configuration of Jolokia trait
+ properties:
+ CACert:
+ description: |-
+ The PEM encoded CA certification file path, used to verify client certificates,
+ applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`
+ (default `/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt` for OpenShift).
+ type: string
+ clientPrincipal:
+ description: |-
+ The principal(s) which must be given in a client certificate to allow access to the Jolokia endpoint,
+ applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`
+ (default `clientPrincipal=cn=system:master-proxy`, `cn=hawtio-online.hawtio.svc` and `cn=fuse-console.fuse.svc` for OpenShift).
+ items:
+ type: string
+ type: array
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ discoveryEnabled:
+ description: Listen for multicast requests (default `false`)
+ type: boolean
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ extendedClientCheck:
+ description: |-
+ Mandate the client certificate contains a client flag in the extended key usage section,
+ applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`
+ (default `true` for OpenShift).
+ type: boolean
+ host:
+ description: |-
+ The Host address to which the Jolokia agent should bind to. If `"\*"` or `"0.0.0.0"` is given,
+ the servers binds to every network interface (default `"*"`).
+ type: string
+ options:
+ description: |-
+ A list of additional Jolokia options as defined
+ in https://jolokia.org/reference/html/agents.html#agent-jvm-config[JVM agent configuration options]
+ items:
+ type: string
+ type: array
+ password:
+ description: The password used for authentication, applicable
+ when the `user` option is set.
+ type: string
+ port:
+ description: The Jolokia endpoint port (default `8778`).
+ type: integer
+ protocol:
+ description: The protocol to use, either `http` or `https`
+ (default `https` for OpenShift)
+ type: string
+ useSSLClientAuthentication:
+ description: Whether client certificates should be used for
+ authentication (default `true` for OpenShift).
+ type: boolean
+ user:
+ description: The user to be used for authentication
+ type: string
+ type: object
+ jvm:
+ description: The configuration of JVM trait
+ properties:
+ classpath:
+ description: Additional JVM classpath (use `Linux` classpath
+ separator)
+ type: string
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ debug:
+ description: Activates remote debugging, so that a debugger
+ can be attached to the JVM, e.g., using port-forwarding
+ type: boolean
+ debugAddress:
+ description: Transport address at which to listen for the
+ newly launched JVM (default `*:5005`)
+ type: string
+ debugSuspend:
+ description: Suspends the target JVM immediately before the
+ main class is loaded
+ type: boolean
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ jar:
+ description: The Jar dependency which will run the application.
+ Leave it empty for managed Integrations.
+ type: string
+ options:
+ description: A list of JVM options
+ items:
+ type: string
+ type: array
+ printCommand:
+ description: |-
+ Prints the command used the start the JVM in the container logs (default `true`)
+ Deprecated: no longer in use.
+ type: boolean
+ type: object
+ kamelets:
+ description: The configuration of Kamelets trait
+ properties:
+ auto:
+ description: Automatically inject all referenced Kamelets
+ and their default configuration (enabled by default)
+ type: boolean
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ list:
+ description: Comma separated list of Kamelet names to load
+ into the current integration
+ type: string
+ mountPoint:
+ description: The directory where the application mounts and
+ reads Kamelet spec (default `/etc/camel/kamelets`)
+ type: string
+ type: object
+ keda:
+ description: 'Deprecated: for backward compatibility.'
+ properties:
+ configuration:
+ description: TraitConfiguration parameters configuration
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ required:
+ - configuration
+ type: object
+ knative:
+ description: The configuration of Knative trait
+ properties:
+ auto:
+ description: Enable automatic discovery of all trait properties.
+ type: boolean
+ channelSinks:
+ description: |-
+ List of channels used as destination of integration routes.
+ Can contain simple channel names or full Camel URIs.
+ items:
+ type: string
+ type: array
+ channelSources:
+ description: |-
+ List of channels used as source of integration routes.
+ Can contain simple channel names or full Camel URIs.
+ items:
+ type: string
+ type: array
+ config:
+ description: Can be used to inject a Knative complete configuration
+ in JSON format.
+ type: string
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ endpointSinks:
+ description: |-
+ List of endpoints used as destination of integration routes.
+ Can contain simple endpoint names or full Camel URIs.
+ items:
+ type: string
+ type: array
+ endpointSources:
+ description: List of channels used as source of integration
+ routes.
+ items:
+ type: string
+ type: array
+ eventSinks:
+ description: |-
+ List of event types that the integration will produce.
+ Can contain simple event types or full Camel URIs (to use a specific broker).
+ items:
+ type: string
+ type: array
+ eventSources:
+ description: |-
+ List of event types that the integration will be subscribed to.
+ Can contain simple event types or full Camel URIs (to use a specific broker different from "default").
+ items:
+ type: string
+ type: array
+ filterEventType:
+ description: |-
+ Enables the default filtering for the Knative trigger using the event type
+ If this is true, the created Knative trigger uses the event type as a filter on the event stream when no other filter criteria is given. (default: true)
+ type: boolean
+ filterSourceChannels:
+ description: |-
+ Enables filtering on events based on the header "ce-knativehistory". Since this header has been removed in newer versions of
+ Knative, filtering is disabled by default.
+ type: boolean
+ filters:
+ description: |-
+ Sets filter attributes on the event stream (such as event type, source, subject and so on).
+ A list of key-value pairs that represent filter attributes and its values.
+ The syntax is KEY=VALUE, e.g., `source="my.source"`.
+ Filter attributes get set on the Knative trigger that is being created as part of this integration.
+ items:
+ type: string
+ type: array
+ namespaceLabel:
+ description: |-
+ Enables the camel-k-operator to set the "bindings.knative.dev/include=true" label to the namespace
+ As Knative requires this label to perform injection of K_SINK URL into the service.
+ If this is false, the integration pod may start and fail, read the SinkBinding Knative documentation. (default: true)
+ type: boolean
+ sinkBinding:
+ description: |-
+ Allows binding the integration to a sink via a Knative SinkBinding resource.
+ This can be used when the integration targets a single sink.
+ It's enabled by default when the integration targets a single sink
+ (except when the integration is owned by a Knative source).
+ type: boolean
+ type: object
+ knative-service:
+ description: The configuration of Knative Service trait
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ description: |-
+ The annotations added to route.
+ This can be used to set knative service specific annotations
+ CLI usage example: -t "knative-service.annotations.'haproxy.router.openshift.io/balance'=true"
+ type: object
+ auto:
+ description: |-
+ Automatically deploy the integration as Knative service when all conditions hold:
+
+
+ * Integration is using the Knative profile
+ * All routes are either starting from an HTTP based consumer or a passive consumer (e.g. `direct` is a passive consumer)
+ type: boolean
+ autoscalingMetric:
+ description: |-
+ Configures the Knative autoscaling metric property (e.g. to set `concurrency` based or `cpu` based autoscaling).
+
+
+ Refer to the Knative documentation for more information.
+ type: string
+ autoscalingTarget:
+ description: |-
+ Sets the allowed concurrency level or CPU percentage (depending on the autoscaling metric) for each Pod.
+
+
+ Refer to the Knative documentation for more information.
+ type: integer
+ class:
+ description: |-
+ Configures the Knative autoscaling class property (e.g. to set `hpa.autoscaling.knative.dev` or `kpa.autoscaling.knative.dev` autoscaling).
+
+
+ Refer to the Knative documentation for more information.
+ enum:
+ - kpa.autoscaling.knative.dev
+ - hpa.autoscaling.knative.dev
+ type: string
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ maxScale:
+ description: |-
+ An upper bound for the number of Pods that can be running in parallel for the integration.
+ Knative has its own cap value that depends on the installation.
+
+
+ Refer to the Knative documentation for more information.
+ type: integer
+ minScale:
+ description: |-
+ The minimum number of Pods that should be running at any time for the integration. It's **zero** by default, meaning that
+ the integration is scaled down to zero when not used for a configured amount of time.
+
+
+ Refer to the Knative documentation for more information.
+ type: integer
+ rolloutDuration:
+ description: |-
+ Enables to gradually shift traffic to the latest Revision and sets the rollout duration.
+ It's disabled by default and must be expressed as a Golang `time.Duration` string representation,
+ rounded to a second precision.
+ type: string
+ timeoutSeconds:
+ description: |-
+ The maximum duration in seconds that the request instance is allowed to respond to a request.
+ This field propagates to the integration pod's terminationGracePeriodSeconds
+
+
+ Refer to the Knative documentation for more information.
+ format: int64
+ type: integer
+ visibility:
+ description: |-
+ Setting `cluster-local`, Knative service becomes a private service.
+ Specifically, this option applies the `networking.knative.dev/visibility` label to Knative service.
+
+
+ Refer to the Knative documentation for more information.
+ enum:
+ - cluster-local
+ type: string
+ type: object
+ logging:
+ description: The configuration of Logging trait
+ properties:
+ color:
+ description: Colorize the log output
+ type: boolean
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ format:
+ description: Logs message format
+ type: string
+ json:
+ description: Output the logs in JSON
+ type: boolean
+ jsonPrettyPrint:
+ description: Enable "pretty printing" of the JSON logs
+ type: boolean
+ level:
+ description: Adjust the logging level (defaults to `INFO`)
+ enum:
+ - FATAL
+ - WARN
+ - INFO
+ - DEBUG
+ - TRACE
+ type: string
+ type: object
+ master:
+ description: 'Deprecated: for backward compatibility.'
+ properties:
+ configuration:
+ description: TraitConfiguration parameters configuration
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ required:
+ - configuration
+ type: object
+ mount:
+ description: The configuration of Mount trait
+ properties:
+ configs:
+ description: |-
+ A list of configuration pointing to configmap/secret.
+ The configuration are expected to be UTF-8 resources as they are processed by runtime Camel Context and tried to be parsed as property files.
+ They are also made available on the classpath in order to ease their usage directly from the Route.
+ Syntax: [configmap|secret]:name[/key], where name represents the resource name and key optionally represents the resource key to be filtered
+ items:
+ type: string
+ type: array
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ emptyDirs:
+ description: 'A list of EmptyDir volumes to be mounted. Syntax:
+ [name:/container/path]'
+ items:
+ type: string
+ type: array
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ hotReload:
+ description: |-
+ Enable "hot reload" when a secret/configmap mounted is edited (default `false`). The configmap/secret must be
+ marked with `camel.apache.org/integration` label to be taken in account. The resource will be watched for any kind change, also for
+ changes in metadata.
+ type: boolean
+ resources:
+ description: |-
+ A list of resources (text or binary content) pointing to configmap/secret.
+ The resources are expected to be any resource type (text or binary content).
+ The destination path can be either a default location or any path specified by the user.
+ Syntax: [configmap|secret]:name[/key][@path], where name represents the resource name, key optionally represents the resource key to be filtered and path represents the destination path
+ items:
+ type: string
+ type: array
+ scanKameletsImplicitLabelSecrets:
+ description: |-
+ Deprecated: include your properties in an explicit property file backed by a secret.
+ Let the operator to scan for secret labeled with `camel.apache.org/kamelet` and `camel.apache.org/kamelet.configuration`.
+ These secrets are mounted to the application and treated as plain properties file with their key/value list
+ (ie .spec.data["camel.my-property"] = my-value) (default `true`).
+ type: boolean
+ volumes:
+ description: 'A list of Persistent Volume Claims to be mounted.
+ Syntax: [pvcname:/container/path]'
+ items:
+ type: string
+ type: array
+ type: object
+ openapi:
+ description: The configuration of OpenAPI trait
+ properties:
+ configmaps:
+ description: The configmaps holding the spec of the OpenAPI
+ (compatible with > 3.0 spec only).
+ items:
+ type: string
+ type: array
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ type: object
+ owner:
+ description: The configuration of Owner trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ targetAnnotations:
+ description: The set of annotations to be transferred
+ items:
+ type: string
+ type: array
+ targetLabels:
+ description: The set of labels to be transferred
+ items:
+ type: string
+ type: array
+ type: object
+ pdb:
+ description: The configuration of PDB trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ maxUnavailable:
+ description: |-
+ The number of pods for the Integration that can be unavailable after an eviction.
+ It can be either an absolute number or a percentage (default `1` if `min-available` is also not set).
+ Only one of `max-unavailable` and `min-available` can be specified.
+ type: string
+ minAvailable:
+ description: |-
+ The number of pods for the Integration that must still be available after an eviction.
+ It can be either an absolute number or a percentage.
+ Only one of `min-available` and `max-unavailable` can be specified.
+ type: string
+ type: object
+ platform:
+ description: The configuration of Platform trait
+ properties:
+ auto:
+ description: |-
+ To automatically detect from the environment if a default platform can be created (it will be created on OpenShift or when a registry address is set).
+ Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility
+ type: boolean
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ createDefault:
+ description: |-
+ To create a default (empty) platform when the platform is missing.
+ Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility
+ type: boolean
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ global:
+ description: |-
+ Indicates if the platform should be created globally in the case of global operator (default true).
+ Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility
+ type: boolean
+ type: object
+ pod:
+ description: The configuration of Pod trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ type: object
+ prometheus:
+ description: The configuration of Prometheus trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ podMonitor:
+ description: Whether a `PodMonitor` resource is created (default
+ `true`).
+ type: boolean
+ podMonitorLabels:
+ description: The `PodMonitor` resource labels, applicable
+ when `pod-monitor` is `true`.
+ items:
+ type: string
+ type: array
+ type: object
+ pull-secret:
+ description: The configuration of Pull Secret trait
+ properties:
+ auto:
+ description: Automatically configures the platform registry
+ secret on the pod if it is of type `kubernetes.io/dockerconfigjson`.
+ type: boolean
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ imagePullerDelegation:
+ description: When using a global operator with a shared platform,
+ this enables delegation of the `system:image-puller` cluster
+ role on the operator namespace to the integration service
+ account.
+ type: boolean
+ secretName:
+ description: The pull secret name to set on the Pod. If left
+ empty this is automatically taken from the `IntegrationPlatform`
+ registry configuration.
+ type: string
+ type: object
+ quarkus:
+ description: The configuration of Quarkus trait
+ properties:
+ buildMode:
+ description: |-
+ The Quarkus mode to run: either `jvm` or `native` (default `jvm`).
+ In case both `jvm` and `native` are specified, two `IntegrationKit` resources are created,
+ with the `native` kit having precedence over the `jvm` one once ready.
+ items:
+ description: QuarkusMode is the type of Quarkus build packaging.
+ enum:
+ - jvm
+ - native
+ type: string
+ type: array
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ nativeBaseImage:
+ description: The base image to use when running a native build
+ (default `quay.io/quarkus/quarkus-micro-image:2.0`)
+ type: string
+ nativeBuilderImage:
+ description: The image containing the tooling required for
+ a native build (by default it will use the one provided
+ in the runtime catalog)
+ type: string
+ packageTypes:
+ description: |-
+ The Quarkus package types, `fast-jar` or `native` (default `fast-jar`).
+ In case both `fast-jar` and `native` are specified, two `IntegrationKit` resources are created,
+ with the native kit having precedence over the `fast-jar` one once ready.
+ The order influences the resolution of the current kit for the integration.
+ The kit corresponding to the first package type will be assigned to the
+ integration in case no existing kit that matches the integration exists.
+ Deprecated: use `build-mode` instead.
+ items:
+ description: |-
+ QuarkusPackageType is the type of Quarkus build packaging.
+ Deprecated: use `QuarkusMode` instead.
+ enum:
+ - fast-jar
+ - native
+ type: string
+ type: array
+ type: object
+ registry:
+ description: |-
+ The configuration of Registry trait (support removed since version 2.5.0).
+ Deprecated: use jvm trait or read documentation.
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ type: object
+ route:
+ description: The configuration of Route trait
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ description: |-
+ The annotations added to route.
+ This can be used to set route specific annotations
+ For annotations options see https://docs.openshift.com/container-platform/3.11/architecture/networking/routes.html#route-specific-annotations
+ CLI usage example: -t "route.annotations.'haproxy.router.openshift.io/balance'=true"
+ type: object
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ host:
+ description: To configure the host exposed by the route.
+ type: string
+ tlsCACertificate:
+ description: |-
+ The TLS CA certificate contents.
+
+
+ Refer to the OpenShift route documentation for additional information.
+ type: string
+ tlsCACertificateSecret:
+ description: |-
+ The secret name and key reference to the TLS CA certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
+
+
+ Refer to the OpenShift route documentation for additional information.
+ type: string
+ tlsCertificate:
+ description: |-
+ The TLS certificate contents.
+
+
+ Refer to the OpenShift route documentation for additional information.
+ type: string
+ tlsCertificateSecret:
+ description: |-
+ The secret name and key reference to the TLS certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
+
+
+ Refer to the OpenShift route documentation for additional information.
+ type: string
+ tlsDestinationCACertificate:
+ description: |-
+ The destination CA certificate provides the contents of the ca certificate of the final destination. When using reencrypt
+ termination this file should be provided in order to have routers use it for health checks on the secure connection.
+ If this field is not specified, the router may provide its own destination CA and perform hostname validation using
+ the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically
+ verify.
+
+
+ Refer to the OpenShift route documentation for additional information.
+ type: string
+ tlsDestinationCACertificateSecret:
+ description: |-
+ The secret name and key reference to the destination CA certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
+
+
+ Refer to the OpenShift route documentation for additional information.
+ type: string
+ tlsInsecureEdgeTerminationPolicy:
+ description: |-
+ To configure how to deal with insecure traffic, e.g. `Allow`, `Disable` or `Redirect` traffic.
+
+
+ Refer to the OpenShift route documentation for additional information.
+ enum:
+ - None
+ - Allow
+ - Redirect
+ type: string
+ tlsKey:
+ description: |-
+ The TLS certificate key contents.
+
+
+ Refer to the OpenShift route documentation for additional information.
+ type: string
+ tlsKeySecret:
+ description: |-
+ The secret name and key reference to the TLS certificate key. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
+
+
+ Refer to the OpenShift route documentation for additional information.
+ type: string
+ tlsTermination:
+ description: |-
+ The TLS termination type, like `edge`, `passthrough` or `reencrypt`.
+
+
+ Refer to the OpenShift route documentation for additional information.
+ enum:
+ - edge
+ - reencrypt
+ - passthrough
+ type: string
+ type: object
+ security-context:
+ description: The configuration of Security Context trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ runAsNonRoot:
+ description: Security Context RunAsNonRoot configuration (default
+ false).
+ type: boolean
+ runAsUser:
+ description: 'Security Context RunAsUser configuration (default
+ none): this value is automatically retrieved in Openshift
+ clusters when not explicitly set.'
+ format: int64
+ type: integer
+ seccompProfileType:
+ description: Security Context SeccompProfileType configuration
+ (default RuntimeDefault).
+ enum:
+ - Unconfined
+ - RuntimeDefault
+ type: string
+ type: object
+ service:
+ description: The configuration of Service trait
+ properties:
+ auto:
+ description: To automatically detect from the code if a Service
+ needs to be created.
+ type: boolean
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ nodePort:
+ description: |-
+ Enable Service to be exposed as NodePort (default `false`).
+ Deprecated: Use service type instead.
+ type: boolean
+ type:
+ description: The type of service to be used, either 'ClusterIP',
+ 'NodePort' or 'LoadBalancer'.
+ enum:
+ - ClusterIP
+ - NodePort
+ - LoadBalancer
+ type: string
+ type: object
+ service-binding:
+ description: The configuration of Service Binding trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ services:
+ description: List of Services in the form [[apigroup/]version:]kind:[namespace/]name
+ items:
+ type: string
+ type: array
+ type: object
+ strimzi:
+ description: 'Deprecated: for backward compatibility.'
+ properties:
+ configuration:
+ description: TraitConfiguration parameters configuration
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ required:
+ - configuration
+ type: object
+ toleration:
+ description: The configuration of Toleration trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ taints:
+ description: The list of taints to tolerate, in the form `Key[=Value]:Effect[:Seconds]`
+ items:
+ type: string
+ type: array
+ type: object
+ tracing:
+ description: 'Deprecated: for backward compatibility.'
+ properties:
+ configuration:
+ description: TraitConfiguration parameters configuration
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ required:
+ - configuration
+ type: object
+ type: object
+ type: object
+ status:
+ description: IntegrationPlatformStatus defines the observed state of IntegrationPlatform.
+ properties:
+ build:
+ description: specify how to build the Integration/IntegrationKits
+ properties:
+ PublishStrategyOptions:
+ additionalProperties:
+ type: string
+ description: Generic options that can used by any publish strategy
+ type: object
+ baseImage:
+ description: |-
+ a base image that can be used as base layer for all images.
+ It can be useful if you want to provide some custom base image with further utility software
+ type: string
+ buildCatalogToolTimeout:
+ description: |-
+ the timeout (in seconds) to use when creating the build tools container image
+ Deprecated: no longer in use
+ type: string
+ buildConfiguration:
+ description: the configuration required to build an Integration
+ container image
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ description: Annotation to use for the builder pod. Only used
+ for `pod` strategy
+ type: object
+ limitCPU:
+ description: The maximum amount of CPU required. Only used
+ for `pod` strategy
+ type: string
+ limitMemory:
+ description: The maximum amount of memory required. Only used
+ for `pod` strategy
+ type: string
+ nodeSelector:
+ additionalProperties:
+ type: string
+ description: The node selector for the builder pod. Only used
+ for `pod` strategy
+ type: object
+ operatorNamespace:
+ description: The namespace where to run the builder Pod (must
+ be the same of the operator in charge of this Build reconciliation).
+ type: string
+ orderStrategy:
+ description: the build order strategy to adopt
+ enum:
+ - dependencies
+ - fifo
+ - sequential
+ type: string
+ platforms:
+ description: The list of platforms used in order to build
+ a container image.
+ items:
+ type: string
+ type: array
+ requestCPU:
+ description: The minimum amount of CPU required. Only used
+ for `pod` strategy
+ type: string
+ requestMemory:
+ description: The minimum amount of memory required. Only used
+ for `pod` strategy
+ type: string
+ strategy:
+ description: the strategy to adopt
+ enum:
+ - routine
+ - pod
+ type: string
+ toolImage:
+ description: The container image to be used to run the build.
+ type: string
+ type: object
+ maven:
+ description: Maven configuration used to build the Camel/Camel-Quarkus
+ applications
+ properties:
+ caSecrets:
+ description: |-
+ The Secrets name and key, containing the CA certificate(s) used to connect
+ to remote Maven repositories.
+ It can contain X.509 certificates, and PKCS#7 formatted certificate chains.
+ A JKS formatted keystore is automatically created to store the CA certificate(s),
+ and configured to be used as a trusted certificate(s) by the Maven commands.
+ Note that the root CA certificates are also imported into the created keystore.
+ items:
+ description: SecretKeySelector selects a key of a Secret.
+ properties:
+ key:
+ description: The key of the secret to select from. Must
+ be a valid secret key.
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must
+ be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: array
+ cliOptions:
+ description: |-
+ The CLI options that are appended to the list of arguments for Maven commands,
+ e.g., `-V,--no-transfer-progress,-Dstyle.color=never`.
+ See https://maven.apache.org/ref/3.8.4/maven-embedder/cli.html.
+ items:
+ type: string
+ type: array
+ extension:
+ description: |-
+ The Maven build extensions.
+ See https://maven.apache.org/guides/mini/guide-using-extensions.html.
+ items:
+ description: MavenArtifact defines a GAV (Group:Artifact:Type:Version:Classifier)
+ Maven artifact.
+ properties:
+ artifactId:
+ description: Maven Artifact
+ type: string
+ classifier:
+ description: Maven Classifier
+ type: string
+ groupId:
+ description: Maven Group
+ type: string
+ type:
+ description: Maven Type
+ type: string
+ version:
+ description: Maven Version
+ type: string
+ required:
+ - artifactId
+ - groupId
+ type: object
+ type: array
+ localRepository:
+ description: The path of the local Maven repository.
+ type: string
+ profiles:
+ description: |-
+ A reference to the ConfigMap or Secret key that contains
+ the Maven profile.
+ items:
+ description: ValueSource --.
+ properties:
+ configMapKeyRef:
+ description: Selects a key of a ConfigMap.
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the ConfigMap or its
+ key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ secretKeyRef:
+ description: Selects a key of a secret.
+ properties:
+ key:
+ description: The key of the secret to select from. Must
+ be a valid secret key.
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the Secret or its key
+ must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ type: array
+ properties:
+ additionalProperties:
+ type: string
+ description: The Maven properties.
+ type: object
+ settings:
+ description: |-
+ A reference to the ConfigMap or Secret key that contains
+ the Maven settings.
+ properties:
+ configMapKeyRef:
+ description: Selects a key of a ConfigMap.
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the ConfigMap or its
+ key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ secretKeyRef:
+ description: Selects a key of a secret.
+ properties:
+ key:
+ description: The key of the secret to select from. Must
+ be a valid secret key.
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the Secret or its key
+ must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ settingsSecurity:
+ description: |-
+ A reference to the ConfigMap or Secret key that contains
+ the security of the Maven settings.
+ properties:
+ configMapKeyRef:
+ description: Selects a key of a ConfigMap.
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the ConfigMap or its
+ key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ secretKeyRef:
+ description: Selects a key of a secret.
+ properties:
+ key:
+ description: The key of the secret to select from. Must
+ be a valid secret key.
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the Secret or its key
+ must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ type: object
+ maxRunningBuilds:
+ description: the maximum amount of parallel running pipelines
+ started by this operator instance
+ format: int32
+ type: integer
+ publishStrategy:
+ description: the strategy to adopt for publishing an Integration
+ container image
+ type: string
+ registry:
+ description: the image registry used to push/pull Integration
+ images
+ properties:
+ address:
+ description: the URI to access
+ type: string
+ ca:
+ description: the configmap which stores the Certificate Authority
+ type: string
+ insecure:
+ description: if the container registry is insecure (ie, http
+ only)
+ type: boolean
+ organization:
+ description: the registry organization
+ type: string
+ secret:
+ description: the secret where credentials are stored
+ type: string
+ type: object
+ runtimeProvider:
+ description: the runtime used. Likely Camel Quarkus (we used to
+ have main runtime which has been discontinued since version
+ 1.5)
+ type: string
+ runtimeVersion:
+ description: the Camel K Runtime dependency version
+ type: string
+ timeout:
+ description: how much time to wait before time out the pipeline
+ process
+ type: string
+ type: object
+ cluster:
+ description: what kind of cluster you're running (ie, plain Kubernetes
+ or OpenShift)
+ type: string
+ conditions:
+ description: which are the conditions met (particularly useful when
+ in ERROR phase)
+ items:
+ description: IntegrationPlatformCondition describes the state of
+ a resource at a certain point.
+ properties:
+ lastTransitionTime:
+ description: Last time the condition transitioned from one status
+ to another.
+ format: date-time
+ type: string
+ lastUpdateTime:
+ description: The last time this condition was updated.
+ format: date-time
+ type: string
+ message:
+ description: A human-readable message indicating details about
+ the transition.
+ type: string
+ reason:
+ description: The reason for the condition's last transition.
+ type: string
+ status:
+ description: Status of the condition, one of True, False, Unknown.
+ type: string
+ type:
+ description: Type of integration condition.
+ type: string
+ required:
+ - status
+ - type
+ type: object
+ type: array
+ configuration:
+ description: |-
+ Deprecated:
+ Use camel trait (camel.properties) to manage properties
+ Use mount trait (mount.configs) to manage configs
+ Use mount trait (mount.resources) to manage resources
+ Use mount trait (mount.volumes) to manage volumes
+ list of configuration properties to be attached to all the Integration/IntegrationKits built from this IntegrationPlatform
+ items:
+ description: ConfigurationSpec represents a generic configuration
+ specification.
+ properties:
+ type:
+ description: 'represents the type of configuration, ie: property,
+ configmap, secret, ...'
+ type: string
+ value:
+ description: the value to assign to the configuration (syntax
+ may vary depending on the `Type`)
+ type: string
+ required:
+ - type
+ - value
+ type: object
+ type: array
+ info:
+ additionalProperties:
+ type: string
+ description: generic information related to the build of Camel K operator
+ software
+ type: object
+ kamelet:
+ description: configuration to be executed to all Kamelets controlled
+ by this IntegrationPlatform
+ properties:
+ repositories:
+ description: remote repository used to retrieve Kamelet catalog
+ items:
+ description: KameletRepositorySpec defines the location of the
+ Kamelet catalog to use.
+ properties:
+ uri:
+ description: the remote repository in the format github:ORG/REPO/PATH_TO_KAMELETS_FOLDER
+ type: string
+ type: object
+ type: array
+ type: object
+ observedGeneration:
+ description: ObservedGeneration is the most recent generation observed
+ for this IntegrationPlatform.
+ format: int64
+ type: integer
+ phase:
+ description: defines in what phase the IntegrationPlatform is found
+ type: string
+ profile:
+ description: |-
+ the profile you wish to use. It will apply certain traits which are required by the specific profile chosen.
+ It usually relates the Cluster with the optional definition of special profiles (ie, Knative)
+ type: string
+ traits:
+ description: list of traits to be executed for all the Integration/IntegrationKits
+ built from this IntegrationPlatform
+ properties:
+ 3scale:
+ description: 'Deprecated: for backward compatibility.'
+ properties:
+ configuration:
+ description: TraitConfiguration parameters configuration
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ required:
+ - configuration
+ type: object
+ addons:
+ additionalProperties:
+ description: AddonTrait represents the configuration of an addon
+ trait.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ description: The extension point with addon traits
+ type: object
+ affinity:
+ description: The configuration of Affinity trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ nodeAffinityLabels:
+ description: Defines a set of nodes the integration pod(s)
+ are eligible to be scheduled on, based on labels on the
+ node.
+ items:
+ type: string
+ type: array
+ podAffinity:
+ description: Always co-locates multiple replicas of the integration
+ in the same node (default `false`).
+ type: boolean
+ podAffinityLabels:
+ description: |-
+ Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the
+ integration pod(s) should be co-located with.
+ items:
+ type: string
+ type: array
+ podAntiAffinity:
+ description: Never co-locates multiple replicas of the integration
+ in the same node (default `false`).
+ type: boolean
+ podAntiAffinityLabels:
+ description: |-
+ Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the
+ integration pod(s) should not be co-located with.
+ items:
+ type: string
+ type: array
+ type: object
+ builder:
+ description: The configuration of Builder trait
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ description: When using `pod` strategy, annotation to use
+ for the builder pod.
+ type: object
+ baseImage:
+ description: |-
+ Specify a base image. In order to have the application working properly it must be a container image which has a Java JDK
+ installed and ready to use on path (ie `/usr/bin/java`).
+ type: string
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ incrementalImageBuild:
+ description: Use the incremental image build option, to reuse
+ existing containers (default `true`)
+ type: boolean
+ limitCPU:
+ description: |-
+ When using `pod` strategy, the maximum amount of CPU required by the pod builder.
+ Deprecated: use TasksRequestCPU instead with task name `builder`.
+ type: string
+ limitMemory:
+ description: |-
+ When using `pod` strategy, the maximum amount of memory required by the pod builder.
+ Deprecated: use TasksRequestCPU instead with task name `builder`.
+ type: string
+ mavenProfiles:
+ description: |-
+ A list of references pointing to configmaps/secrets that contains a maven profile.
+ This configmap/secret is a resource of the IntegrationKit created, therefore it needs to be present in the namespace where the operator is going to create the IntegrationKit.
+ The content of the maven profile is expected to be a text containing a valid maven profile starting with `` and ending with `` that will be integrated as an inline profile in the POM.
+ Syntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = profile.xml).
+ items:
+ type: string
+ type: array
+ nodeSelector:
+ additionalProperties:
+ type: string
+ description: Defines a set of nodes the builder pod is eligible
+ to be scheduled on, based on labels on the node.
+ type: object
+ orderStrategy:
+ description: The build order strategy to use, either `dependencies`,
+ `fifo` or `sequential` (default is the platform default)
+ enum:
+ - dependencies
+ - fifo
+ - sequential
+ type: string
+ platforms:
+ description: The list of manifest platforms to use to build
+ a container image (default `linux/amd64`).
+ items:
+ type: string
+ type: array
+ properties:
+ description: A list of properties to be provided to the build
+ task
+ items:
+ type: string
+ type: array
+ requestCPU:
+ description: |-
+ When using `pod` strategy, the minimum amount of CPU required by the pod builder.
+ Deprecated: use TasksRequestCPU instead with task name `builder`.
+ type: string
+ requestMemory:
+ description: |-
+ When using `pod` strategy, the minimum amount of memory required by the pod builder.
+ Deprecated: use TasksRequestCPU instead with task name `builder`.
+ type: string
+ strategy:
+ description: The strategy to use, either `pod` or `routine`
+ (default `routine`)
+ enum:
+ - pod
+ - routine
+ type: string
+ tasks:
+ description: A list of tasks to be executed (available only
+ when using `pod` strategy) with format `;;`.
+ items:
+ type: string
+ type: array
+ tasksFilter:
+ description: |-
+ A list of tasks sorted by the order of execution in a csv format, ie, `,,...`.
+ Mind that you must include also the operator tasks (`builder`, `quarkus-native`, `package`, `jib`, `s2i`)
+ if you need to execute them. Useful only with `pod` strategy.
+ type: string
+ tasksLimitCPU:
+ description: A list of limit cpu configuration for the specific
+ task with format `:`.
+ items:
+ type: string
+ type: array
+ tasksLimitMemory:
+ description: A list of limit memory configuration for the
+ specific task with format `:`.
+ items:
+ type: string
+ type: array
+ tasksRequestCPU:
+ description: A list of request cpu configuration for the specific
+ task with format `:`.
+ items:
+ type: string
+ type: array
+ tasksRequestMemory:
+ description: A list of request memory configuration for the
+ specific task with format `:`.
+ items:
+ type: string
+ type: array
+ verbose:
+ description: |-
+ Enable verbose logging on build components that support it (e.g. Kaniko build pod).
+ Deprecated no longer in use
+ type: boolean
+ type: object
+ camel:
+ description: The configuration of Camel trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ properties:
+ description: A list of properties to be provided to the Integration
+ runtime
+ items:
+ type: string
+ type: array
+ runtimeVersion:
+ description: |-
+ The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform.
+ You can use a fixed version (for example "3.2.3") or a semantic version (for example "3.x") which will try to resolve
+ to the best matching Catalog existing on the cluster.
+ type: string
+ type: object
+ container:
+ description: The configuration of Container trait
+ properties:
+ allowPrivilegeEscalation:
+ description: Security Context AllowPrivilegeEscalation configuration
+ (default false).
+ type: boolean
+ auto:
+ description: To automatically enable the trait
+ type: boolean
+ capabilitiesAdd:
+ description: Security Context Capabilities Add configuration
+ (default none).
+ items:
+ description: Capability represent POSIX capabilities type
+ type: string
+ type: array
+ capabilitiesDrop:
+ description: Security Context Capabilities Drop configuration
+ (default ALL).
+ items:
+ description: Capability represent POSIX capabilities type
+ type: string
+ type: array
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ expose:
+ description: Can be used to enable/disable exposure via kubernetes
+ Service.
+ type: boolean
+ image:
+ description: |-
+ The main container image to use for the Integration. When using this parameter the operator will create a synthetic IntegrationKit which
+ won't be able to execute traits requiring CamelCatalog. If the container image you're using is coming from an IntegrationKit, use instead
+ Integration `.spec.integrationKit` parameter. If you're moving the Integration across environments, you will also need to create an "external" IntegrationKit.
+ type: string
+ imagePullPolicy:
+ description: 'The pull policy: Always|Never|IfNotPresent'
+ enum:
+ - Always
+ - Never
+ - IfNotPresent
+ type: string
+ limitCPU:
+ description: The maximum amount of CPU to be provided (default
+ 500 millicores).
+ type: string
+ limitMemory:
+ description: The maximum amount of memory to be provided (default
+ 512 Mi).
+ type: string
+ name:
+ description: The main container name. It's named `integration`
+ by default.
+ type: string
+ port:
+ description: To configure a different port exposed by the
+ container (default `8080`).
+ type: integer
+ portName:
+ description: To configure a different port name for the port
+ exposed by the container. It defaults to `http` only when
+ the `expose` parameter is true.
+ type: string
+ requestCPU:
+ description: The minimum amount of CPU required (default 125
+ millicores).
+ type: string
+ requestMemory:
+ description: The minimum amount of memory required (default
+ 128 Mi).
+ type: string
+ runAsNonRoot:
+ description: Security Context RunAsNonRoot configuration (default
+ false).
+ type: boolean
+ runAsUser:
+ description: 'Security Context RunAsUser configuration (default
+ none): this value is automatically retrieved in Openshift
+ clusters when not explicitly set.'
+ format: int64
+ type: integer
+ seccompProfileType:
+ description: Security Context SeccompProfileType configuration
+ (default RuntimeDefault).
+ enum:
+ - Unconfined
+ - RuntimeDefault
+ type: string
+ servicePort:
+ description: To configure under which service port the container
+ port is to be exposed (default `80`).
+ type: integer
+ servicePortName:
+ description: To configure under which service port name the
+ container port is to be exposed (default `http`).
+ type: string
+ type: object
+ cron:
+ description: The configuration of Cron trait
+ properties:
+ activeDeadlineSeconds:
+ description: |-
+ Specifies the duration in seconds, relative to the start time, that the job
+ may be continuously active before it is considered to be failed.
+ It defaults to 60s.
+ format: int64
+ type: integer
+ auto:
+ description: |-
+ Automatically deploy the integration as CronJob when all routes are
+ either starting from a periodic consumer (only `cron`, `timer` and `quartz` are supported) or a passive consumer (e.g. `direct` is a passive consumer).
+
+
+ It's required that all periodic consumers have the same period, and it can be expressed as cron schedule (e.g. `1m` can be expressed as `0/1 * * * *`,
+ while `35m` or `50s` cannot).
+ type: boolean
+ backoffLimit:
+ description: |-
+ Specifies the number of retries before marking the job failed.
+ It defaults to 2.
+ format: int32
+ type: integer
+ components:
+ description: |-
+ A comma separated list of the Camel components that need to be customized in order for them to work when the schedule is triggered externally by Kubernetes.
+ A specific customizer is activated for each specified component. E.g. for the `timer` component, the `cron-timer` customizer is
+ activated (it's present in the `org.apache.camel.k:camel-k-cron` library).
+
+
+ Supported components are currently: `cron`, `timer` and `quartz`.
+ type: string
+ concurrencyPolicy:
+ description: |-
+ Specifies how to treat concurrent executions of a Job.
+ Valid values are:
+ - "Allow": allows CronJobs to run concurrently;
+ - "Forbid" (default): forbids concurrent runs, skipping next run if previous run hasn't finished yet;
+ - "Replace": cancels currently running job and replaces it with a new one
+ enum:
+ - Allow
+ - Forbid
+ - Replace
+ type: string
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ fallback:
+ description: |-
+ Use the default Camel implementation of the `cron` endpoint (`quartz`) instead of trying to materialize the integration
+ as Kubernetes CronJob.
+ type: boolean
+ schedule:
+ description: |-
+ The CronJob schedule for the whole integration. If multiple routes are declared, they must have the same schedule for this
+ mechanism to work correctly.
+ type: string
+ startingDeadlineSeconds:
+ description: |-
+ Optional deadline in seconds for starting the job if it misses scheduled
+ time for any reason. Missed jobs executions will be counted as failed ones.
+ format: int64
+ type: integer
+ timeZone:
+ description: The timezone that the CronJob will run on
+ type: string
+ type: object
+ dependencies:
+ description: The configuration of Dependencies trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ type: object
+ deployer:
+ description: The configuration of Deployer trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ kind:
+ description: Allows to explicitly select the desired deployment
+ kind between `deployment`, `cron-job` or `knative-service`
+ when creating the resources for running the integration.
+ enum:
+ - deployment
+ - cron-job
+ - knative-service
+ type: string
+ useSSA:
+ description: |-
+ Use server-side apply to update the owned resources (default `true`).
+ Note that it automatically falls back to client-side patching, if SSA is not available, e.g., on old Kubernetes clusters.
+ type: boolean
+ type: object
+ deployment:
+ description: The configuration of Deployment trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ progressDeadlineSeconds:
+ description: |-
+ The maximum time in seconds for the deployment to make progress before it
+ is considered to be failed. It defaults to `60s`.
+ format: int32
+ type: integer
+ rollingUpdateMaxSurge:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ The maximum number of pods that can be scheduled above the desired number of
+ pods.
+ Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
+ This can not be 0 if MaxUnavailable is 0.
+ Absolute number is calculated from percentage by rounding up.
+ Defaults to `25%`.
+ x-kubernetes-int-or-string: true
+ rollingUpdateMaxUnavailable:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ The maximum number of pods that can be unavailable during the update.
+ Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
+ Absolute number is calculated from percentage by rounding down.
+ This can not be 0 if MaxSurge is 0.
+ Defaults to `25%`.
+ x-kubernetes-int-or-string: true
+ strategy:
+ description: The deployment strategy to use to replace existing
+ pods with new ones.
+ enum:
+ - Recreate
+ - RollingUpdate
+ type: string
+ type: object
+ environment:
+ description: The configuration of Environment trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ containerMeta:
+ description: Enables injection of `NAMESPACE` and `POD_NAME`
+ environment variables (default `true`)
+ type: boolean
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ httpProxy:
+ description: Propagates the `HTTP_PROXY`, `HTTPS_PROXY` and
+ `NO_PROXY` environment variables (default `true`)
+ type: boolean
+ vars:
+ description: |-
+ A list of environment variables to be added to the integration container.
+ The syntax is KEY=VALUE, e.g., `MY_VAR="my value"`.
+ These take precedence over the previously defined environment variables.
+ items:
+ type: string
+ type: array
+ type: object
+ error-handler:
+ description: The configuration of Error Handler trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ ref:
+ description: The error handler ref name provided or found
+ in application properties
+ type: string
+ type: object
+ gc:
+ description: The configuration of GC trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ discoveryCache:
+ description: |-
+ Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`).
+ Deprecated: to be removed from trait configuration.
+ enum:
+ - disabled
+ - disk
+ - memory
+ type: string
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ type: object
+ health:
+ description: The configuration of Health trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ livenessFailureThreshold:
+ description: Minimum consecutive failures for the liveness
+ probe to be considered failed after having succeeded.
+ format: int32
+ type: integer
+ livenessInitialDelay:
+ description: Number of seconds after the container has started
+ before the liveness probe is initiated.
+ format: int32
+ type: integer
+ livenessPeriod:
+ description: How often to perform the liveness probe.
+ format: int32
+ type: integer
+ livenessProbe:
+ description: The liveness probe path to use (default provided
+ by the Catalog runtime used).
+ type: string
+ livenessProbeEnabled:
+ description: Configures the liveness probe for the integration
+ container (default `false`).
+ type: boolean
+ livenessScheme:
+ description: Scheme to use when connecting to the liveness
+ probe (default `HTTP`).
+ type: string
+ livenessSuccessThreshold:
+ description: Minimum consecutive successes for the liveness
+ probe to be considered successful after having failed.
+ format: int32
+ type: integer
+ livenessTimeout:
+ description: Number of seconds after which the liveness probe
+ times out.
+ format: int32
+ type: integer
+ readinessFailureThreshold:
+ description: Minimum consecutive failures for the readiness
+ probe to be considered failed after having succeeded.
+ format: int32
+ type: integer
+ readinessInitialDelay:
+ description: Number of seconds after the container has started
+ before the readiness probe is initiated.
+ format: int32
+ type: integer
+ readinessPeriod:
+ description: How often to perform the readiness probe.
+ format: int32
+ type: integer
+ readinessProbe:
+ description: The readiness probe path to use (default provided
+ by the Catalog runtime used).
+ type: string
+ readinessProbeEnabled:
+ description: Configures the readiness probe for the integration
+ container (default `true`).
+ type: boolean
+ readinessScheme:
+ description: Scheme to use when connecting to the readiness
+ probe (default `HTTP`).
+ type: string
+ readinessSuccessThreshold:
+ description: Minimum consecutive successes for the readiness
+ probe to be considered successful after having failed.
+ format: int32
+ type: integer
+ readinessTimeout:
+ description: Number of seconds after which the readiness probe
+ times out.
+ format: int32
+ type: integer
+ startupFailureThreshold:
+ description: Minimum consecutive failures for the startup
+ probe to be considered failed after having succeeded.
+ format: int32
+ type: integer
+ startupInitialDelay:
+ description: Number of seconds after the container has started
+ before the startup probe is initiated.
+ format: int32
+ type: integer
+ startupPeriod:
+ description: How often to perform the startup probe.
+ format: int32
+ type: integer
+ startupProbe:
+ description: The startup probe path to use (default provided
+ by the Catalog runtime used).
+ type: string
+ startupProbeEnabled:
+ description: Configures the startup probe for the integration
+ container (default `false`).
+ type: boolean
+ startupScheme:
+ description: Scheme to use when connecting to the startup
+ probe (default `HTTP`).
+ type: string
+ startupSuccessThreshold:
+ description: Minimum consecutive successes for the startup
+ probe to be considered successful after having failed.
+ format: int32
+ type: integer
+ startupTimeout:
+ description: Number of seconds after which the startup probe
+ times out.
+ format: int32
+ type: integer
+ type: object
+ ingress:
+ description: The configuration of Ingress trait
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ description: |-
+ The annotations added to the ingress.
+ This can be used to set controller specific annotations, e.g., when using the NGINX Ingress controller:
+ See https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md
+ type: object
+ auto:
+ description: To automatically add an ingress whenever the
+ integration uses an HTTP endpoint consumer.
+ type: boolean
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ host:
+ description: To configure the host exposed by the ingress.
+ type: string
+ path:
+ description: To configure the path exposed by the ingress
+ (default `/`).
+ type: string
+ pathType:
+ description: |-
+ To configure the path type exposed by the ingress.
+ One of `Exact`, `Prefix`, `ImplementationSpecific` (default to `Prefix`).
+ enum:
+ - Exact
+ - Prefix
+ - ImplementationSpecific
+ type: string
+ tlsHosts:
+ description: To configure tls hosts
+ items:
+ type: string
+ type: array
+ tlsSecretName:
+ description: To configure tls secret name
+ type: string
+ type: object
+ istio:
+ description: The configuration of Istio trait
+ properties:
+ allow:
+ description: Configures a (comma-separated) list of CIDR subnets
+ that should not be intercepted by the Istio proxy (`10.0.0.0/8,172.16.0.0/12,192.168.0.0/16`
+ by default).
+ type: string
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ inject:
+ description: Forces the value for labels `sidecar.istio.io/inject`.
+ By default the label is set to `true` on deployment and
+ not set on Knative Service.
+ type: boolean
+ type: object
+ jolokia:
+ description: The configuration of Jolokia trait
+ properties:
+ CACert:
+ description: |-
+ The PEM encoded CA certification file path, used to verify client certificates,
+ applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`
+ (default `/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt` for OpenShift).
+ type: string
+ clientPrincipal:
+ description: |-
+ The principal(s) which must be given in a client certificate to allow access to the Jolokia endpoint,
+ applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`
+ (default `clientPrincipal=cn=system:master-proxy`, `cn=hawtio-online.hawtio.svc` and `cn=fuse-console.fuse.svc` for OpenShift).
+ items:
+ type: string
+ type: array
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ discoveryEnabled:
+ description: Listen for multicast requests (default `false`)
+ type: boolean
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ extendedClientCheck:
+ description: |-
+ Mandate the client certificate contains a client flag in the extended key usage section,
+ applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`
+ (default `true` for OpenShift).
+ type: boolean
+ host:
+ description: |-
+ The Host address to which the Jolokia agent should bind to. If `"\*"` or `"0.0.0.0"` is given,
+ the servers binds to every network interface (default `"*"`).
+ type: string
+ options:
+ description: |-
+ A list of additional Jolokia options as defined
+ in https://jolokia.org/reference/html/agents.html#agent-jvm-config[JVM agent configuration options]
+ items:
+ type: string
+ type: array
+ password:
+ description: The password used for authentication, applicable
+ when the `user` option is set.
+ type: string
+ port:
+ description: The Jolokia endpoint port (default `8778`).
+ type: integer
+ protocol:
+ description: The protocol to use, either `http` or `https`
+ (default `https` for OpenShift)
+ type: string
+ useSSLClientAuthentication:
+ description: Whether client certificates should be used for
+ authentication (default `true` for OpenShift).
+ type: boolean
+ user:
+ description: The user to be used for authentication
+ type: string
+ type: object
+ jvm:
+ description: The configuration of JVM trait
+ properties:
+ classpath:
+ description: Additional JVM classpath (use `Linux` classpath
+ separator)
+ type: string
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ debug:
+ description: Activates remote debugging, so that a debugger
+ can be attached to the JVM, e.g., using port-forwarding
+ type: boolean
+ debugAddress:
+ description: Transport address at which to listen for the
+ newly launched JVM (default `*:5005`)
+ type: string
+ debugSuspend:
+ description: Suspends the target JVM immediately before the
+ main class is loaded
+ type: boolean
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ jar:
+ description: The Jar dependency which will run the application.
+ Leave it empty for managed Integrations.
+ type: string
+ options:
+ description: A list of JVM options
+ items:
+ type: string
+ type: array
+ printCommand:
+ description: |-
+ Prints the command used the start the JVM in the container logs (default `true`)
+ Deprecated: no longer in use.
+ type: boolean
+ type: object
+ kamelets:
+ description: The configuration of Kamelets trait
+ properties:
+ auto:
+ description: Automatically inject all referenced Kamelets
+ and their default configuration (enabled by default)
+ type: boolean
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ list:
+ description: Comma separated list of Kamelet names to load
+ into the current integration
+ type: string
+ mountPoint:
+ description: The directory where the application mounts and
+ reads Kamelet spec (default `/etc/camel/kamelets`)
+ type: string
+ type: object
+ keda:
+ description: 'Deprecated: for backward compatibility.'
+ properties:
+ configuration:
+ description: TraitConfiguration parameters configuration
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ required:
+ - configuration
+ type: object
+ knative:
+ description: The configuration of Knative trait
+ properties:
+ auto:
+ description: Enable automatic discovery of all trait properties.
+ type: boolean
+ channelSinks:
+ description: |-
+ List of channels used as destination of integration routes.
+ Can contain simple channel names or full Camel URIs.
+ items:
+ type: string
+ type: array
+ channelSources:
+ description: |-
+ List of channels used as source of integration routes.
+ Can contain simple channel names or full Camel URIs.
+ items:
+ type: string
+ type: array
+ config:
+ description: Can be used to inject a Knative complete configuration
+ in JSON format.
+ type: string
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ endpointSinks:
+ description: |-
+ List of endpoints used as destination of integration routes.
+ Can contain simple endpoint names or full Camel URIs.
+ items:
+ type: string
+ type: array
+ endpointSources:
+ description: List of channels used as source of integration
+ routes.
+ items:
+ type: string
+ type: array
+ eventSinks:
+ description: |-
+ List of event types that the integration will produce.
+ Can contain simple event types or full Camel URIs (to use a specific broker).
+ items:
+ type: string
+ type: array
+ eventSources:
+ description: |-
+ List of event types that the integration will be subscribed to.
+ Can contain simple event types or full Camel URIs (to use a specific broker different from "default").
+ items:
+ type: string
+ type: array
+ filterEventType:
+ description: |-
+ Enables the default filtering for the Knative trigger using the event type
+ If this is true, the created Knative trigger uses the event type as a filter on the event stream when no other filter criteria is given. (default: true)
+ type: boolean
+ filterSourceChannels:
+ description: |-
+ Enables filtering on events based on the header "ce-knativehistory". Since this header has been removed in newer versions of
+ Knative, filtering is disabled by default.
+ type: boolean
+ filters:
+ description: |-
+ Sets filter attributes on the event stream (such as event type, source, subject and so on).
+ A list of key-value pairs that represent filter attributes and its values.
+ The syntax is KEY=VALUE, e.g., `source="my.source"`.
+ Filter attributes get set on the Knative trigger that is being created as part of this integration.
+ items:
+ type: string
+ type: array
+ namespaceLabel:
+ description: |-
+ Enables the camel-k-operator to set the "bindings.knative.dev/include=true" label to the namespace
+ As Knative requires this label to perform injection of K_SINK URL into the service.
+ If this is false, the integration pod may start and fail, read the SinkBinding Knative documentation. (default: true)
+ type: boolean
+ sinkBinding:
+ description: |-
+ Allows binding the integration to a sink via a Knative SinkBinding resource.
+ This can be used when the integration targets a single sink.
+ It's enabled by default when the integration targets a single sink
+ (except when the integration is owned by a Knative source).
+ type: boolean
+ type: object
+ knative-service:
+ description: The configuration of Knative Service trait
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ description: |-
+ The annotations added to route.
+ This can be used to set knative service specific annotations
+ CLI usage example: -t "knative-service.annotations.'haproxy.router.openshift.io/balance'=true"
+ type: object
+ auto:
+ description: |-
+ Automatically deploy the integration as Knative service when all conditions hold:
+
+
+ * Integration is using the Knative profile
+ * All routes are either starting from an HTTP based consumer or a passive consumer (e.g. `direct` is a passive consumer)
+ type: boolean
+ autoscalingMetric:
+ description: |-
+ Configures the Knative autoscaling metric property (e.g. to set `concurrency` based or `cpu` based autoscaling).
+
+
+ Refer to the Knative documentation for more information.
+ type: string
+ autoscalingTarget:
+ description: |-
+ Sets the allowed concurrency level or CPU percentage (depending on the autoscaling metric) for each Pod.
+
+
+ Refer to the Knative documentation for more information.
+ type: integer
+ class:
+ description: |-
+ Configures the Knative autoscaling class property (e.g. to set `hpa.autoscaling.knative.dev` or `kpa.autoscaling.knative.dev` autoscaling).
+
+
+ Refer to the Knative documentation for more information.
+ enum:
+ - kpa.autoscaling.knative.dev
+ - hpa.autoscaling.knative.dev
+ type: string
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ maxScale:
+ description: |-
+ An upper bound for the number of Pods that can be running in parallel for the integration.
+ Knative has its own cap value that depends on the installation.
+
+
+ Refer to the Knative documentation for more information.
+ type: integer
+ minScale:
+ description: |-
+ The minimum number of Pods that should be running at any time for the integration. It's **zero** by default, meaning that
+ the integration is scaled down to zero when not used for a configured amount of time.
+
+
+ Refer to the Knative documentation for more information.
+ type: integer
+ rolloutDuration:
+ description: |-
+ Enables to gradually shift traffic to the latest Revision and sets the rollout duration.
+ It's disabled by default and must be expressed as a Golang `time.Duration` string representation,
+ rounded to a second precision.
+ type: string
+ timeoutSeconds:
+ description: |-
+ The maximum duration in seconds that the request instance is allowed to respond to a request.
+ This field propagates to the integration pod's terminationGracePeriodSeconds
+
+
+ Refer to the Knative documentation for more information.
+ format: int64
+ type: integer
+ visibility:
+ description: |-
+ Setting `cluster-local`, Knative service becomes a private service.
+ Specifically, this option applies the `networking.knative.dev/visibility` label to Knative service.
+
+
+ Refer to the Knative documentation for more information.
+ enum:
+ - cluster-local
+ type: string
+ type: object
+ logging:
+ description: The configuration of Logging trait
+ properties:
+ color:
+ description: Colorize the log output
+ type: boolean
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ format:
+ description: Logs message format
+ type: string
+ json:
+ description: Output the logs in JSON
+ type: boolean
+ jsonPrettyPrint:
+ description: Enable "pretty printing" of the JSON logs
+ type: boolean
+ level:
+ description: Adjust the logging level (defaults to `INFO`)
+ enum:
+ - FATAL
+ - WARN
+ - INFO
+ - DEBUG
+ - TRACE
+ type: string
+ type: object
+ master:
+ description: 'Deprecated: for backward compatibility.'
+ properties:
+ configuration:
+ description: TraitConfiguration parameters configuration
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ required:
+ - configuration
+ type: object
+ mount:
+ description: The configuration of Mount trait
+ properties:
+ configs:
+ description: |-
+ A list of configuration pointing to configmap/secret.
+ The configuration are expected to be UTF-8 resources as they are processed by runtime Camel Context and tried to be parsed as property files.
+ They are also made available on the classpath in order to ease their usage directly from the Route.
+ Syntax: [configmap|secret]:name[/key], where name represents the resource name and key optionally represents the resource key to be filtered
+ items:
+ type: string
+ type: array
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ emptyDirs:
+ description: 'A list of EmptyDir volumes to be mounted. Syntax:
+ [name:/container/path]'
+ items:
+ type: string
+ type: array
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ hotReload:
+ description: |-
+ Enable "hot reload" when a secret/configmap mounted is edited (default `false`). The configmap/secret must be
+ marked with `camel.apache.org/integration` label to be taken in account. The resource will be watched for any kind change, also for
+ changes in metadata.
+ type: boolean
+ resources:
+ description: |-
+ A list of resources (text or binary content) pointing to configmap/secret.
+ The resources are expected to be any resource type (text or binary content).
+ The destination path can be either a default location or any path specified by the user.
+ Syntax: [configmap|secret]:name[/key][@path], where name represents the resource name, key optionally represents the resource key to be filtered and path represents the destination path
+ items:
+ type: string
+ type: array
+ scanKameletsImplicitLabelSecrets:
+ description: |-
+ Deprecated: include your properties in an explicit property file backed by a secret.
+ Let the operator to scan for secret labeled with `camel.apache.org/kamelet` and `camel.apache.org/kamelet.configuration`.
+ These secrets are mounted to the application and treated as plain properties file with their key/value list
+ (ie .spec.data["camel.my-property"] = my-value) (default `true`).
+ type: boolean
+ volumes:
+ description: 'A list of Persistent Volume Claims to be mounted.
+ Syntax: [pvcname:/container/path]'
+ items:
+ type: string
+ type: array
+ type: object
+ openapi:
+ description: The configuration of OpenAPI trait
+ properties:
+ configmaps:
+ description: The configmaps holding the spec of the OpenAPI
+ (compatible with > 3.0 spec only).
+ items:
+ type: string
+ type: array
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ type: object
+ owner:
+ description: The configuration of Owner trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ targetAnnotations:
+ description: The set of annotations to be transferred
+ items:
+ type: string
+ type: array
+ targetLabels:
+ description: The set of labels to be transferred
+ items:
+ type: string
+ type: array
+ type: object
+ pdb:
+ description: The configuration of PDB trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ maxUnavailable:
+ description: |-
+ The number of pods for the Integration that can be unavailable after an eviction.
+ It can be either an absolute number or a percentage (default `1` if `min-available` is also not set).
+ Only one of `max-unavailable` and `min-available` can be specified.
+ type: string
+ minAvailable:
+ description: |-
+ The number of pods for the Integration that must still be available after an eviction.
+ It can be either an absolute number or a percentage.
+ Only one of `min-available` and `max-unavailable` can be specified.
+ type: string
+ type: object
+ platform:
+ description: The configuration of Platform trait
+ properties:
+ auto:
+ description: |-
+ To automatically detect from the environment if a default platform can be created (it will be created on OpenShift or when a registry address is set).
+ Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility
+ type: boolean
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ createDefault:
+ description: |-
+ To create a default (empty) platform when the platform is missing.
+ Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility
+ type: boolean
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ global:
+ description: |-
+ Indicates if the platform should be created globally in the case of global operator (default true).
+ Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility
+ type: boolean
+ type: object
+ pod:
+ description: The configuration of Pod trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ type: object
+ prometheus:
+ description: The configuration of Prometheus trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ podMonitor:
+ description: Whether a `PodMonitor` resource is created (default
+ `true`).
+ type: boolean
+ podMonitorLabels:
+ description: The `PodMonitor` resource labels, applicable
+ when `pod-monitor` is `true`.
+ items:
+ type: string
+ type: array
+ type: object
+ pull-secret:
+ description: The configuration of Pull Secret trait
+ properties:
+ auto:
+ description: Automatically configures the platform registry
+ secret on the pod if it is of type `kubernetes.io/dockerconfigjson`.
+ type: boolean
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ imagePullerDelegation:
+ description: When using a global operator with a shared platform,
+ this enables delegation of the `system:image-puller` cluster
+ role on the operator namespace to the integration service
+ account.
+ type: boolean
+ secretName:
+ description: The pull secret name to set on the Pod. If left
+ empty this is automatically taken from the `IntegrationPlatform`
+ registry configuration.
+ type: string
+ type: object
+ quarkus:
+ description: The configuration of Quarkus trait
+ properties:
+ buildMode:
+ description: |-
+ The Quarkus mode to run: either `jvm` or `native` (default `jvm`).
+ In case both `jvm` and `native` are specified, two `IntegrationKit` resources are created,
+ with the `native` kit having precedence over the `jvm` one once ready.
+ items:
+ description: QuarkusMode is the type of Quarkus build packaging.
+ enum:
+ - jvm
+ - native
+ type: string
+ type: array
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ nativeBaseImage:
+ description: The base image to use when running a native build
+ (default `quay.io/quarkus/quarkus-micro-image:2.0`)
+ type: string
+ nativeBuilderImage:
+ description: The image containing the tooling required for
+ a native build (by default it will use the one provided
+ in the runtime catalog)
+ type: string
+ packageTypes:
+ description: |-
+ The Quarkus package types, `fast-jar` or `native` (default `fast-jar`).
+ In case both `fast-jar` and `native` are specified, two `IntegrationKit` resources are created,
+ with the native kit having precedence over the `fast-jar` one once ready.
+ The order influences the resolution of the current kit for the integration.
+ The kit corresponding to the first package type will be assigned to the
+ integration in case no existing kit that matches the integration exists.
+ Deprecated: use `build-mode` instead.
+ items:
+ description: |-
+ QuarkusPackageType is the type of Quarkus build packaging.
+ Deprecated: use `QuarkusMode` instead.
+ enum:
+ - fast-jar
+ - native
+ type: string
+ type: array
+ type: object
+ registry:
+ description: |-
+ The configuration of Registry trait (support removed since version 2.5.0).
+ Deprecated: use jvm trait or read documentation.
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ type: object
+ route:
+ description: The configuration of Route trait
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ description: |-
+ The annotations added to route.
+ This can be used to set route specific annotations
+ For annotations options see https://docs.openshift.com/container-platform/3.11/architecture/networking/routes.html#route-specific-annotations
+ CLI usage example: -t "route.annotations.'haproxy.router.openshift.io/balance'=true"
+ type: object
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ host:
+ description: To configure the host exposed by the route.
+ type: string
+ tlsCACertificate:
+ description: |-
+ The TLS CA certificate contents.
+
+
+ Refer to the OpenShift route documentation for additional information.
+ type: string
+ tlsCACertificateSecret:
+ description: |-
+ The secret name and key reference to the TLS CA certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
+
+
+ Refer to the OpenShift route documentation for additional information.
+ type: string
+ tlsCertificate:
+ description: |-
+ The TLS certificate contents.
+
+
+ Refer to the OpenShift route documentation for additional information.
+ type: string
+ tlsCertificateSecret:
+ description: |-
+ The secret name and key reference to the TLS certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
+
+
+ Refer to the OpenShift route documentation for additional information.
+ type: string
+ tlsDestinationCACertificate:
+ description: |-
+ The destination CA certificate provides the contents of the ca certificate of the final destination. When using reencrypt
+ termination this file should be provided in order to have routers use it for health checks on the secure connection.
+ If this field is not specified, the router may provide its own destination CA and perform hostname validation using
+ the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically
+ verify.
+
+
+ Refer to the OpenShift route documentation for additional information.
+ type: string
+ tlsDestinationCACertificateSecret:
+ description: |-
+ The secret name and key reference to the destination CA certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
+
+
+ Refer to the OpenShift route documentation for additional information.
+ type: string
+ tlsInsecureEdgeTerminationPolicy:
+ description: |-
+ To configure how to deal with insecure traffic, e.g. `Allow`, `Disable` or `Redirect` traffic.
+
+
+ Refer to the OpenShift route documentation for additional information.
+ enum:
+ - None
+ - Allow
+ - Redirect
+ type: string
+ tlsKey:
+ description: |-
+ The TLS certificate key contents.
+
+
+ Refer to the OpenShift route documentation for additional information.
+ type: string
+ tlsKeySecret:
+ description: |-
+ The secret name and key reference to the TLS certificate key. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
+
+
+ Refer to the OpenShift route documentation for additional information.
+ type: string
+ tlsTermination:
+ description: |-
+ The TLS termination type, like `edge`, `passthrough` or `reencrypt`.
+
+
+ Refer to the OpenShift route documentation for additional information.
+ enum:
+ - edge
+ - reencrypt
+ - passthrough
+ type: string
+ type: object
+ security-context:
+ description: The configuration of Security Context trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ runAsNonRoot:
+ description: Security Context RunAsNonRoot configuration (default
+ false).
+ type: boolean
+ runAsUser:
+ description: 'Security Context RunAsUser configuration (default
+ none): this value is automatically retrieved in Openshift
+ clusters when not explicitly set.'
+ format: int64
+ type: integer
+ seccompProfileType:
+ description: Security Context SeccompProfileType configuration
+ (default RuntimeDefault).
+ enum:
+ - Unconfined
+ - RuntimeDefault
+ type: string
+ type: object
+ service:
+ description: The configuration of Service trait
+ properties:
+ auto:
+ description: To automatically detect from the code if a Service
+ needs to be created.
+ type: boolean
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ nodePort:
+ description: |-
+ Enable Service to be exposed as NodePort (default `false`).
+ Deprecated: Use service type instead.
+ type: boolean
+ type:
+ description: The type of service to be used, either 'ClusterIP',
+ 'NodePort' or 'LoadBalancer'.
+ enum:
+ - ClusterIP
+ - NodePort
+ - LoadBalancer
+ type: string
+ type: object
+ service-binding:
+ description: The configuration of Service Binding trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ services:
+ description: List of Services in the form [[apigroup/]version:]kind:[namespace/]name
+ items:
+ type: string
+ type: array
+ type: object
+ strimzi:
+ description: 'Deprecated: for backward compatibility.'
+ properties:
+ configuration:
+ description: TraitConfiguration parameters configuration
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ required:
+ - configuration
+ type: object
+ toleration:
+ description: The configuration of Toleration trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ taints:
+ description: The list of taints to tolerate, in the form `Key[=Value]:Effect[:Seconds]`
+ items:
+ type: string
+ type: array
+ type: object
+ tracing:
+ description: 'Deprecated: for backward compatibility.'
+ properties:
+ configuration:
+ description: TraitConfiguration parameters configuration
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ required:
+ - configuration
+ type: object
+ type: object
+ version:
+ description: the Camel K operator version controlling this IntegrationPlatform
+ type: string
+ type: object
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.15.0
+ labels:
+ app: camel-k
+ name: integrationprofiles.camel.apache.org
+spec:
+ group: camel.apache.org
+ names:
+ categories:
+ - kamel
+ - camel
+ kind: IntegrationProfile
+ listKind: IntegrationProfileList
+ plural: integrationprofiles
+ shortNames:
+ - ipr
+ singular: integrationprofile
+ scope: Namespaced
+ versions:
+ - additionalPrinterColumns:
+ - description: The integration profile phase
+ jsonPath: .status.phase
+ name: Phase
+ type: string
+ - description: The default runtime version
+ jsonPath: .status.build.runtimeVersion
+ name: Default runtime
+ type: string
+ name: v1
+ schema:
+ openAPIV3Schema:
+ description: |-
+ IntegrationProfile is the resource used to apply user defined settings to the Camel K operator behavior.
+ It defines the behavior of all Custom Resources (`IntegrationKit`, `Integration`, `Kamelet`) in the given namespace.
+ properties:
+ apiVersion:
+ description: |-
+ APIVersion defines the versioned schema of this representation of an object.
+ Servers should convert recognized schemas to the latest internal value, and
+ may reject unrecognized values.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ type: string
+ kind:
+ description: |-
+ Kind is a string value representing the REST resource this object represents.
+ Servers may infer this from the endpoint the client submits requests to.
+ Cannot be updated.
+ In CamelCase.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: IntegrationProfileSpec applies user defined settings to the
+ IntegrationProfile.
+ properties:
+ build:
+ description: specify how to build the Integration/IntegrationKits
+ properties:
+ baseImage:
+ description: |-
+ a base image that can be used as base layer for all images.
+ It can be useful if you want to provide some custom base image with further utility software
+ type: string
+ maven:
+ description: Maven configuration used to build the Camel/Camel-Quarkus
+ applications
+ properties:
+ caSecrets:
+ description: |-
+ The Secrets name and key, containing the CA certificate(s) used to connect
+ to remote Maven repositories.
+ It can contain X.509 certificates, and PKCS#7 formatted certificate chains.
+ A JKS formatted keystore is automatically created to store the CA certificate(s),
+ and configured to be used as a trusted certificate(s) by the Maven commands.
+ Note that the root CA certificates are also imported into the created keystore.
+ items:
+ description: SecretKeySelector selects a key of a Secret.
+ properties:
+ key:
+ description: The key of the secret to select from. Must
+ be a valid secret key.
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must
+ be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: array
+ cliOptions:
+ description: |-
+ The CLI options that are appended to the list of arguments for Maven commands,
+ e.g., `-V,--no-transfer-progress,-Dstyle.color=never`.
+ See https://maven.apache.org/ref/3.8.4/maven-embedder/cli.html.
+ items:
+ type: string
+ type: array
+ extension:
+ description: |-
+ The Maven build extensions.
+ See https://maven.apache.org/guides/mini/guide-using-extensions.html.
+ items:
+ description: MavenArtifact defines a GAV (Group:Artifact:Type:Version:Classifier)
+ Maven artifact.
+ properties:
+ artifactId:
+ description: Maven Artifact
+ type: string
+ classifier:
+ description: Maven Classifier
+ type: string
+ groupId:
+ description: Maven Group
+ type: string
+ type:
+ description: Maven Type
+ type: string
+ version:
+ description: Maven Version
+ type: string
+ required:
+ - artifactId
+ - groupId
+ type: object
+ type: array
+ localRepository:
+ description: The path of the local Maven repository.
+ type: string
+ profiles:
+ description: |-
+ A reference to the ConfigMap or Secret key that contains
+ the Maven profile.
+ items:
+ description: ValueSource --.
+ properties:
+ configMapKeyRef:
+ description: Selects a key of a ConfigMap.
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the ConfigMap or its
+ key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ secretKeyRef:
+ description: Selects a key of a secret.
+ properties:
+ key:
+ description: The key of the secret to select from. Must
+ be a valid secret key.
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the Secret or its key
+ must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ type: array
+ properties:
+ additionalProperties:
+ type: string
+ description: The Maven properties.
+ type: object
+ settings:
+ description: |-
+ A reference to the ConfigMap or Secret key that contains
+ the Maven settings.
+ properties:
+ configMapKeyRef:
+ description: Selects a key of a ConfigMap.
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the ConfigMap or its
+ key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ secretKeyRef:
+ description: Selects a key of a secret.
+ properties:
+ key:
+ description: The key of the secret to select from. Must
+ be a valid secret key.
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the Secret or its key
+ must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ settingsSecurity:
+ description: |-
+ A reference to the ConfigMap or Secret key that contains
+ the security of the Maven settings.
+ properties:
+ configMapKeyRef:
+ description: Selects a key of a ConfigMap.
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the ConfigMap or its
+ key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ secretKeyRef:
+ description: Selects a key of a secret.
+ properties:
+ key:
+ description: The key of the secret to select from. Must
+ be a valid secret key.
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the Secret or its key
+ must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ type: object
+ registry:
+ description: the image registry used to push/pull Integration
+ images
+ properties:
+ address:
+ description: the URI to access
+ type: string
+ ca:
+ description: the configmap which stores the Certificate Authority
+ type: string
+ insecure:
+ description: if the container registry is insecure (ie, http
+ only)
+ type: boolean
+ organization:
+ description: the registry organization
+ type: string
+ secret:
+ description: the secret where credentials are stored
+ type: string
+ type: object
+ runtimeProvider:
+ description: the runtime used. Likely Camel Quarkus (we used to
+ have main runtime which has been discontinued since version
+ 1.5)
+ type: string
+ runtimeVersion:
+ description: the Camel K Runtime dependency version
+ type: string
+ timeout:
+ description: how much time to wait before time out the pipeline
+ process
+ type: string
+ type: object
+ kamelet:
+ description: configuration to be executed to all Kamelets controlled
+ by this IntegrationProfile
+ properties:
+ repositories:
+ description: remote repository used to retrieve Kamelet catalog
+ items:
+ description: KameletRepositorySpec defines the location of the
+ Kamelet catalog to use.
+ properties:
+ uri:
+ description: the remote repository in the format github:ORG/REPO/PATH_TO_KAMELETS_FOLDER
+ type: string
+ type: object
+ type: array
+ type: object
+ traits:
+ description: list of traits to be executed for all the Integration/IntegrationKits
+ built from this IntegrationProfile
+ properties:
+ 3scale:
+ description: 'Deprecated: for backward compatibility.'
+ properties:
+ configuration:
+ description: TraitConfiguration parameters configuration
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ required:
+ - configuration
+ type: object
+ addons:
+ additionalProperties:
+ description: AddonTrait represents the configuration of an addon
+ trait.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ description: The extension point with addon traits
+ type: object
+ affinity:
+ description: The configuration of Affinity trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ nodeAffinityLabels:
+ description: Defines a set of nodes the integration pod(s)
+ are eligible to be scheduled on, based on labels on the
+ node.
+ items:
+ type: string
+ type: array
+ podAffinity:
+ description: Always co-locates multiple replicas of the integration
+ in the same node (default `false`).
+ type: boolean
+ podAffinityLabels:
+ description: |-
+ Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the
+ integration pod(s) should be co-located with.
+ items:
+ type: string
+ type: array
+ podAntiAffinity:
+ description: Never co-locates multiple replicas of the integration
+ in the same node (default `false`).
+ type: boolean
+ podAntiAffinityLabels:
+ description: |-
+ Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the
+ integration pod(s) should not be co-located with.
+ items:
+ type: string
+ type: array
+ type: object
+ builder:
+ description: The configuration of Builder trait
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ description: When using `pod` strategy, annotation to use
+ for the builder pod.
+ type: object
+ baseImage:
+ description: |-
+ Specify a base image. In order to have the application working properly it must be a container image which has a Java JDK
+ installed and ready to use on path (ie `/usr/bin/java`).
+ type: string
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ incrementalImageBuild:
+ description: Use the incremental image build option, to reuse
+ existing containers (default `true`)
+ type: boolean
+ limitCPU:
+ description: |-
+ When using `pod` strategy, the maximum amount of CPU required by the pod builder.
+ Deprecated: use TasksRequestCPU instead with task name `builder`.
+ type: string
+ limitMemory:
+ description: |-
+ When using `pod` strategy, the maximum amount of memory required by the pod builder.
+ Deprecated: use TasksRequestCPU instead with task name `builder`.
+ type: string
+ mavenProfiles:
+ description: |-
+ A list of references pointing to configmaps/secrets that contains a maven profile.
+ This configmap/secret is a resource of the IntegrationKit created, therefore it needs to be present in the namespace where the operator is going to create the IntegrationKit.
+ The content of the maven profile is expected to be a text containing a valid maven profile starting with `` and ending with `` that will be integrated as an inline profile in the POM.
+ Syntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = profile.xml).
+ items:
+ type: string
+ type: array
+ nodeSelector:
+ additionalProperties:
+ type: string
+ description: Defines a set of nodes the builder pod is eligible
+ to be scheduled on, based on labels on the node.
+ type: object
+ orderStrategy:
+ description: The build order strategy to use, either `dependencies`,
+ `fifo` or `sequential` (default is the platform default)
+ enum:
+ - dependencies
+ - fifo
+ - sequential
+ type: string
+ platforms:
+ description: The list of manifest platforms to use to build
+ a container image (default `linux/amd64`).
+ items:
+ type: string
+ type: array
+ properties:
+ description: A list of properties to be provided to the build
+ task
+ items:
+ type: string
+ type: array
+ requestCPU:
+ description: |-
+ When using `pod` strategy, the minimum amount of CPU required by the pod builder.
+ Deprecated: use TasksRequestCPU instead with task name `builder`.
+ type: string
+ requestMemory:
+ description: |-
+ When using `pod` strategy, the minimum amount of memory required by the pod builder.
+ Deprecated: use TasksRequestCPU instead with task name `builder`.
+ type: string
+ strategy:
+ description: The strategy to use, either `pod` or `routine`
+ (default `routine`)
+ enum:
+ - pod
+ - routine
+ type: string
+ tasks:
+ description: A list of tasks to be executed (available only
+ when using `pod` strategy) with format `;;`.
+ items:
+ type: string
+ type: array
+ tasksFilter:
+ description: |-
+ A list of tasks sorted by the order of execution in a csv format, ie, `,,...`.
+ Mind that you must include also the operator tasks (`builder`, `quarkus-native`, `package`, `jib`, `s2i`)
+ if you need to execute them. Useful only with `pod` strategy.
+ type: string
+ tasksLimitCPU:
+ description: A list of limit cpu configuration for the specific
+ task with format `:`.
+ items:
+ type: string
+ type: array
+ tasksLimitMemory:
+ description: A list of limit memory configuration for the
+ specific task with format `:`.
+ items:
+ type: string
+ type: array
+ tasksRequestCPU:
+ description: A list of request cpu configuration for the specific
+ task with format `:`.
+ items:
+ type: string
+ type: array
+ tasksRequestMemory:
+ description: A list of request memory configuration for the
+ specific task with format `:`.
+ items:
+ type: string
+ type: array
+ verbose:
+ description: |-
+ Enable verbose logging on build components that support it (e.g. Kaniko build pod).
+ Deprecated no longer in use
+ type: boolean
+ type: object
+ camel:
+ description: The configuration of Camel trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ properties:
+ description: A list of properties to be provided to the Integration
+ runtime
+ items:
+ type: string
+ type: array
+ runtimeVersion:
+ description: |-
+ The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform.
+ You can use a fixed version (for example "3.2.3") or a semantic version (for example "3.x") which will try to resolve
+ to the best matching Catalog existing on the cluster.
+ type: string
+ type: object
+ container:
+ description: The configuration of Container trait
+ properties:
+ allowPrivilegeEscalation:
+ description: Security Context AllowPrivilegeEscalation configuration
+ (default false).
+ type: boolean
+ auto:
+ description: To automatically enable the trait
+ type: boolean
+ capabilitiesAdd:
+ description: Security Context Capabilities Add configuration
+ (default none).
+ items:
+ description: Capability represent POSIX capabilities type
+ type: string
+ type: array
+ capabilitiesDrop:
+ description: Security Context Capabilities Drop configuration
+ (default ALL).
+ items:
+ description: Capability represent POSIX capabilities type
+ type: string
+ type: array
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ expose:
+ description: Can be used to enable/disable exposure via kubernetes
+ Service.
+ type: boolean
+ image:
+ description: |-
+ The main container image to use for the Integration. When using this parameter the operator will create a synthetic IntegrationKit which
+ won't be able to execute traits requiring CamelCatalog. If the container image you're using is coming from an IntegrationKit, use instead
+ Integration `.spec.integrationKit` parameter. If you're moving the Integration across environments, you will also need to create an "external" IntegrationKit.
+ type: string
+ imagePullPolicy:
+ description: 'The pull policy: Always|Never|IfNotPresent'
+ enum:
+ - Always
+ - Never
+ - IfNotPresent
+ type: string
+ limitCPU:
+ description: The maximum amount of CPU to be provided (default
+ 500 millicores).
+ type: string
+ limitMemory:
+ description: The maximum amount of memory to be provided (default
+ 512 Mi).
+ type: string
+ name:
+ description: The main container name. It's named `integration`
+ by default.
+ type: string
+ port:
+ description: To configure a different port exposed by the
+ container (default `8080`).
+ type: integer
+ portName:
+ description: To configure a different port name for the port
+ exposed by the container. It defaults to `http` only when
+ the `expose` parameter is true.
+ type: string
+ requestCPU:
+ description: The minimum amount of CPU required (default 125
+ millicores).
+ type: string
+ requestMemory:
+ description: The minimum amount of memory required (default
+ 128 Mi).
+ type: string
+ runAsNonRoot:
+ description: Security Context RunAsNonRoot configuration (default
+ false).
+ type: boolean
+ runAsUser:
+ description: 'Security Context RunAsUser configuration (default
+ none): this value is automatically retrieved in Openshift
+ clusters when not explicitly set.'
+ format: int64
+ type: integer
+ seccompProfileType:
+ description: Security Context SeccompProfileType configuration
+ (default RuntimeDefault).
+ enum:
+ - Unconfined
+ - RuntimeDefault
+ type: string
+ servicePort:
+ description: To configure under which service port the container
+ port is to be exposed (default `80`).
+ type: integer
+ servicePortName:
+ description: To configure under which service port name the
+ container port is to be exposed (default `http`).
+ type: string
+ type: object
+ cron:
+ description: The configuration of Cron trait
+ properties:
+ activeDeadlineSeconds:
+ description: |-
+ Specifies the duration in seconds, relative to the start time, that the job
+ may be continuously active before it is considered to be failed.
+ It defaults to 60s.
+ format: int64
+ type: integer
+ auto:
+ description: |-
+ Automatically deploy the integration as CronJob when all routes are
+ either starting from a periodic consumer (only `cron`, `timer` and `quartz` are supported) or a passive consumer (e.g. `direct` is a passive consumer).
+
+
+ It's required that all periodic consumers have the same period, and it can be expressed as cron schedule (e.g. `1m` can be expressed as `0/1 * * * *`,
+ while `35m` or `50s` cannot).
+ type: boolean
+ backoffLimit:
+ description: |-
+ Specifies the number of retries before marking the job failed.
+ It defaults to 2.
+ format: int32
+ type: integer
+ components:
+ description: |-
+ A comma separated list of the Camel components that need to be customized in order for them to work when the schedule is triggered externally by Kubernetes.
+ A specific customizer is activated for each specified component. E.g. for the `timer` component, the `cron-timer` customizer is
+ activated (it's present in the `org.apache.camel.k:camel-k-cron` library).
+
+
+ Supported components are currently: `cron`, `timer` and `quartz`.
+ type: string
+ concurrencyPolicy:
+ description: |-
+ Specifies how to treat concurrent executions of a Job.
+ Valid values are:
+ - "Allow": allows CronJobs to run concurrently;
+ - "Forbid" (default): forbids concurrent runs, skipping next run if previous run hasn't finished yet;
+ - "Replace": cancels currently running job and replaces it with a new one
+ enum:
+ - Allow
+ - Forbid
+ - Replace
+ type: string
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ fallback:
+ description: |-
+ Use the default Camel implementation of the `cron` endpoint (`quartz`) instead of trying to materialize the integration
+ as Kubernetes CronJob.
+ type: boolean
+ schedule:
+ description: |-
+ The CronJob schedule for the whole integration. If multiple routes are declared, they must have the same schedule for this
+ mechanism to work correctly.
+ type: string
+ startingDeadlineSeconds:
+ description: |-
+ Optional deadline in seconds for starting the job if it misses scheduled
+ time for any reason. Missed jobs executions will be counted as failed ones.
+ format: int64
+ type: integer
+ timeZone:
+ description: The timezone that the CronJob will run on
+ type: string
+ type: object
+ dependencies:
+ description: The configuration of Dependencies trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ type: object
+ deployer:
+ description: The configuration of Deployer trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ kind:
+ description: Allows to explicitly select the desired deployment
+ kind between `deployment`, `cron-job` or `knative-service`
+ when creating the resources for running the integration.
+ enum:
+ - deployment
+ - cron-job
+ - knative-service
+ type: string
+ useSSA:
+ description: |-
+ Use server-side apply to update the owned resources (default `true`).
+ Note that it automatically falls back to client-side patching, if SSA is not available, e.g., on old Kubernetes clusters.
+ type: boolean
+ type: object
+ deployment:
+ description: The configuration of Deployment trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ progressDeadlineSeconds:
+ description: |-
+ The maximum time in seconds for the deployment to make progress before it
+ is considered to be failed. It defaults to `60s`.
+ format: int32
+ type: integer
+ rollingUpdateMaxSurge:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ The maximum number of pods that can be scheduled above the desired number of
+ pods.
+ Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
+ This can not be 0 if MaxUnavailable is 0.
+ Absolute number is calculated from percentage by rounding up.
+ Defaults to `25%`.
+ x-kubernetes-int-or-string: true
+ rollingUpdateMaxUnavailable:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ The maximum number of pods that can be unavailable during the update.
+ Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
+ Absolute number is calculated from percentage by rounding down.
+ This can not be 0 if MaxSurge is 0.
+ Defaults to `25%`.
+ x-kubernetes-int-or-string: true
+ strategy:
+ description: The deployment strategy to use to replace existing
+ pods with new ones.
+ enum:
+ - Recreate
+ - RollingUpdate
+ type: string
+ type: object
+ environment:
+ description: The configuration of Environment trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ containerMeta:
+ description: Enables injection of `NAMESPACE` and `POD_NAME`
+ environment variables (default `true`)
+ type: boolean
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ httpProxy:
+ description: Propagates the `HTTP_PROXY`, `HTTPS_PROXY` and
+ `NO_PROXY` environment variables (default `true`)
+ type: boolean
+ vars:
+ description: |-
+ A list of environment variables to be added to the integration container.
+ The syntax is KEY=VALUE, e.g., `MY_VAR="my value"`.
+ These take precedence over the previously defined environment variables.
+ items:
+ type: string
+ type: array
+ type: object
+ error-handler:
+ description: The configuration of Error Handler trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ ref:
+ description: The error handler ref name provided or found
+ in application properties
+ type: string
+ type: object
+ gc:
+ description: The configuration of GC trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ discoveryCache:
+ description: |-
+ Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`).
+ Deprecated: to be removed from trait configuration.
+ enum:
+ - disabled
+ - disk
+ - memory
+ type: string
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ type: object
+ health:
+ description: The configuration of Health trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ livenessFailureThreshold:
+ description: Minimum consecutive failures for the liveness
+ probe to be considered failed after having succeeded.
+ format: int32
+ type: integer
+ livenessInitialDelay:
+ description: Number of seconds after the container has started
+ before the liveness probe is initiated.
+ format: int32
+ type: integer
+ livenessPeriod:
+ description: How often to perform the liveness probe.
+ format: int32
+ type: integer
+ livenessProbe:
+ description: The liveness probe path to use (default provided
+ by the Catalog runtime used).
+ type: string
+ livenessProbeEnabled:
+ description: Configures the liveness probe for the integration
+ container (default `false`).
+ type: boolean
+ livenessScheme:
+ description: Scheme to use when connecting to the liveness
+ probe (default `HTTP`).
+ type: string
+ livenessSuccessThreshold:
+ description: Minimum consecutive successes for the liveness
+ probe to be considered successful after having failed.
+ format: int32
+ type: integer
+ livenessTimeout:
+ description: Number of seconds after which the liveness probe
+ times out.
+ format: int32
+ type: integer
+ readinessFailureThreshold:
+ description: Minimum consecutive failures for the readiness
+ probe to be considered failed after having succeeded.
+ format: int32
+ type: integer
+ readinessInitialDelay:
+ description: Number of seconds after the container has started
+ before the readiness probe is initiated.
+ format: int32
+ type: integer
+ readinessPeriod:
+ description: How often to perform the readiness probe.
+ format: int32
+ type: integer
+ readinessProbe:
+ description: The readiness probe path to use (default provided
+ by the Catalog runtime used).
+ type: string
+ readinessProbeEnabled:
+ description: Configures the readiness probe for the integration
+ container (default `true`).
+ type: boolean
+ readinessScheme:
+ description: Scheme to use when connecting to the readiness
+ probe (default `HTTP`).
+ type: string
+ readinessSuccessThreshold:
+ description: Minimum consecutive successes for the readiness
+ probe to be considered successful after having failed.
+ format: int32
+ type: integer
+ readinessTimeout:
+ description: Number of seconds after which the readiness probe
+ times out.
+ format: int32
+ type: integer
+ startupFailureThreshold:
+ description: Minimum consecutive failures for the startup
+ probe to be considered failed after having succeeded.
+ format: int32
+ type: integer
+ startupInitialDelay:
+ description: Number of seconds after the container has started
+ before the startup probe is initiated.
+ format: int32
+ type: integer
+ startupPeriod:
+ description: How often to perform the startup probe.
+ format: int32
+ type: integer
+ startupProbe:
+ description: The startup probe path to use (default provided
+ by the Catalog runtime used).
+ type: string
+ startupProbeEnabled:
+ description: Configures the startup probe for the integration
+ container (default `false`).
+ type: boolean
+ startupScheme:
+ description: Scheme to use when connecting to the startup
+ probe (default `HTTP`).
+ type: string
+ startupSuccessThreshold:
+ description: Minimum consecutive successes for the startup
+ probe to be considered successful after having failed.
+ format: int32
+ type: integer
+ startupTimeout:
+ description: Number of seconds after which the startup probe
+ times out.
+ format: int32
+ type: integer
+ type: object
+ ingress:
+ description: The configuration of Ingress trait
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ description: |-
+ The annotations added to the ingress.
+ This can be used to set controller specific annotations, e.g., when using the NGINX Ingress controller:
+ See https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md
+ type: object
+ auto:
+ description: To automatically add an ingress whenever the
+ integration uses an HTTP endpoint consumer.
+ type: boolean
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ host:
+ description: To configure the host exposed by the ingress.
+ type: string
+ path:
+ description: To configure the path exposed by the ingress
+ (default `/`).
+ type: string
+ pathType:
+ description: |-
+ To configure the path type exposed by the ingress.
+ One of `Exact`, `Prefix`, `ImplementationSpecific` (default to `Prefix`).
+ enum:
+ - Exact
+ - Prefix
+ - ImplementationSpecific
+ type: string
+ tlsHosts:
+ description: To configure tls hosts
+ items:
+ type: string
+ type: array
+ tlsSecretName:
+ description: To configure tls secret name
+ type: string
+ type: object
+ istio:
+ description: The configuration of Istio trait
+ properties:
+ allow:
+ description: Configures a (comma-separated) list of CIDR subnets
+ that should not be intercepted by the Istio proxy (`10.0.0.0/8,172.16.0.0/12,192.168.0.0/16`
+ by default).
+ type: string
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ inject:
+ description: Forces the value for labels `sidecar.istio.io/inject`.
+ By default the label is set to `true` on deployment and
+ not set on Knative Service.
+ type: boolean
+ type: object
+ jolokia:
+ description: The configuration of Jolokia trait
+ properties:
+ CACert:
+ description: |-
+ The PEM encoded CA certification file path, used to verify client certificates,
+ applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`
+ (default `/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt` for OpenShift).
+ type: string
+ clientPrincipal:
+ description: |-
+ The principal(s) which must be given in a client certificate to allow access to the Jolokia endpoint,
+ applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`
+ (default `clientPrincipal=cn=system:master-proxy`, `cn=hawtio-online.hawtio.svc` and `cn=fuse-console.fuse.svc` for OpenShift).
+ items:
+ type: string
+ type: array
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ discoveryEnabled:
+ description: Listen for multicast requests (default `false`)
+ type: boolean
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ extendedClientCheck:
+ description: |-
+ Mandate the client certificate contains a client flag in the extended key usage section,
+ applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`
+ (default `true` for OpenShift).
+ type: boolean
+ host:
+ description: |-
+ The Host address to which the Jolokia agent should bind to. If `"\*"` or `"0.0.0.0"` is given,
+ the servers binds to every network interface (default `"*"`).
+ type: string
+ options:
+ description: |-
+ A list of additional Jolokia options as defined
+ in https://jolokia.org/reference/html/agents.html#agent-jvm-config[JVM agent configuration options]
+ items:
+ type: string
+ type: array
+ password:
+ description: The password used for authentication, applicable
+ when the `user` option is set.
+ type: string
+ port:
+ description: The Jolokia endpoint port (default `8778`).
+ type: integer
+ protocol:
+ description: The protocol to use, either `http` or `https`
+ (default `https` for OpenShift)
+ type: string
+ useSSLClientAuthentication:
+ description: Whether client certificates should be used for
+ authentication (default `true` for OpenShift).
+ type: boolean
+ user:
+ description: The user to be used for authentication
+ type: string
+ type: object
+ jvm:
+ description: The configuration of JVM trait
+ properties:
+ classpath:
+ description: Additional JVM classpath (use `Linux` classpath
+ separator)
+ type: string
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ debug:
+ description: Activates remote debugging, so that a debugger
+ can be attached to the JVM, e.g., using port-forwarding
+ type: boolean
+ debugAddress:
+ description: Transport address at which to listen for the
+ newly launched JVM (default `*:5005`)
+ type: string
+ debugSuspend:
+ description: Suspends the target JVM immediately before the
+ main class is loaded
+ type: boolean
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ jar:
+ description: The Jar dependency which will run the application.
+ Leave it empty for managed Integrations.
+ type: string
+ options:
+ description: A list of JVM options
+ items:
+ type: string
+ type: array
+ printCommand:
+ description: |-
+ Prints the command used the start the JVM in the container logs (default `true`)
+ Deprecated: no longer in use.
+ type: boolean
+ type: object
+ kamelets:
+ description: The configuration of Kamelets trait
+ properties:
+ auto:
+ description: Automatically inject all referenced Kamelets
+ and their default configuration (enabled by default)
+ type: boolean
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ list:
+ description: Comma separated list of Kamelet names to load
+ into the current integration
+ type: string
+ mountPoint:
+ description: The directory where the application mounts and
+ reads Kamelet spec (default `/etc/camel/kamelets`)
+ type: string
+ type: object
+ keda:
+ description: 'Deprecated: for backward compatibility.'
+ properties:
+ configuration:
+ description: TraitConfiguration parameters configuration
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ required:
+ - configuration
+ type: object
+ knative:
+ description: The configuration of Knative trait
+ properties:
+ auto:
+ description: Enable automatic discovery of all trait properties.
+ type: boolean
+ channelSinks:
+ description: |-
+ List of channels used as destination of integration routes.
+ Can contain simple channel names or full Camel URIs.
+ items:
+ type: string
+ type: array
+ channelSources:
+ description: |-
+ List of channels used as source of integration routes.
+ Can contain simple channel names or full Camel URIs.
+ items:
+ type: string
+ type: array
+ config:
+ description: Can be used to inject a Knative complete configuration
+ in JSON format.
+ type: string
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ endpointSinks:
+ description: |-
+ List of endpoints used as destination of integration routes.
+ Can contain simple endpoint names or full Camel URIs.
+ items:
+ type: string
+ type: array
+ endpointSources:
+ description: List of channels used as source of integration
+ routes.
+ items:
+ type: string
+ type: array
+ eventSinks:
+ description: |-
+ List of event types that the integration will produce.
+ Can contain simple event types or full Camel URIs (to use a specific broker).
+ items:
+ type: string
+ type: array
+ eventSources:
+ description: |-
+ List of event types that the integration will be subscribed to.
+ Can contain simple event types or full Camel URIs (to use a specific broker different from "default").
+ items:
+ type: string
+ type: array
+ filterEventType:
+ description: |-
+ Enables the default filtering for the Knative trigger using the event type
+ If this is true, the created Knative trigger uses the event type as a filter on the event stream when no other filter criteria is given. (default: true)
+ type: boolean
+ filterSourceChannels:
+ description: |-
+ Enables filtering on events based on the header "ce-knativehistory". Since this header has been removed in newer versions of
+ Knative, filtering is disabled by default.
+ type: boolean
+ filters:
+ description: |-
+ Sets filter attributes on the event stream (such as event type, source, subject and so on).
+ A list of key-value pairs that represent filter attributes and its values.
+ The syntax is KEY=VALUE, e.g., `source="my.source"`.
+ Filter attributes get set on the Knative trigger that is being created as part of this integration.
+ items:
+ type: string
+ type: array
+ namespaceLabel:
+ description: |-
+ Enables the camel-k-operator to set the "bindings.knative.dev/include=true" label to the namespace
+ As Knative requires this label to perform injection of K_SINK URL into the service.
+ If this is false, the integration pod may start and fail, read the SinkBinding Knative documentation. (default: true)
+ type: boolean
+ sinkBinding:
+ description: |-
+ Allows binding the integration to a sink via a Knative SinkBinding resource.
+ This can be used when the integration targets a single sink.
+ It's enabled by default when the integration targets a single sink
+ (except when the integration is owned by a Knative source).
+ type: boolean
+ type: object
+ knative-service:
+ description: The configuration of Knative Service trait
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ description: |-
+ The annotations added to route.
+ This can be used to set knative service specific annotations
+ CLI usage example: -t "knative-service.annotations.'haproxy.router.openshift.io/balance'=true"
+ type: object
+ auto:
+ description: |-
+ Automatically deploy the integration as Knative service when all conditions hold:
+
+
+ * Integration is using the Knative profile
+ * All routes are either starting from an HTTP based consumer or a passive consumer (e.g. `direct` is a passive consumer)
+ type: boolean
+ autoscalingMetric:
+ description: |-
+ Configures the Knative autoscaling metric property (e.g. to set `concurrency` based or `cpu` based autoscaling).
+
+
+ Refer to the Knative documentation for more information.
+ type: string
+ autoscalingTarget:
+ description: |-
+ Sets the allowed concurrency level or CPU percentage (depending on the autoscaling metric) for each Pod.
+
+
+ Refer to the Knative documentation for more information.
+ type: integer
+ class:
+ description: |-
+ Configures the Knative autoscaling class property (e.g. to set `hpa.autoscaling.knative.dev` or `kpa.autoscaling.knative.dev` autoscaling).
+
+
+ Refer to the Knative documentation for more information.
+ enum:
+ - kpa.autoscaling.knative.dev
+ - hpa.autoscaling.knative.dev
+ type: string
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ maxScale:
+ description: |-
+ An upper bound for the number of Pods that can be running in parallel for the integration.
+ Knative has its own cap value that depends on the installation.
+
+
+ Refer to the Knative documentation for more information.
+ type: integer
+ minScale:
+ description: |-
+ The minimum number of Pods that should be running at any time for the integration. It's **zero** by default, meaning that
+ the integration is scaled down to zero when not used for a configured amount of time.
+
+
+ Refer to the Knative documentation for more information.
+ type: integer
+ rolloutDuration:
+ description: |-
+ Enables to gradually shift traffic to the latest Revision and sets the rollout duration.
+ It's disabled by default and must be expressed as a Golang `time.Duration` string representation,
+ rounded to a second precision.
+ type: string
+ timeoutSeconds:
+ description: |-
+ The maximum duration in seconds that the request instance is allowed to respond to a request.
+ This field propagates to the integration pod's terminationGracePeriodSeconds
+
+
+ Refer to the Knative documentation for more information.
+ format: int64
+ type: integer
+ visibility:
+ description: |-
+ Setting `cluster-local`, Knative service becomes a private service.
+ Specifically, this option applies the `networking.knative.dev/visibility` label to Knative service.
+
+
+ Refer to the Knative documentation for more information.
+ enum:
+ - cluster-local
+ type: string
+ type: object
+ logging:
+ description: The configuration of Logging trait
+ properties:
+ color:
+ description: Colorize the log output
+ type: boolean
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ format:
+ description: Logs message format
+ type: string
+ json:
+ description: Output the logs in JSON
+ type: boolean
+ jsonPrettyPrint:
+ description: Enable "pretty printing" of the JSON logs
+ type: boolean
+ level:
+ description: Adjust the logging level (defaults to `INFO`)
+ enum:
+ - FATAL
+ - WARN
+ - INFO
+ - DEBUG
+ - TRACE
+ type: string
+ type: object
+ master:
+ description: 'Deprecated: for backward compatibility.'
+ properties:
+ configuration:
+ description: TraitConfiguration parameters configuration
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ required:
+ - configuration
+ type: object
+ mount:
+ description: The configuration of Mount trait
+ properties:
+ configs:
+ description: |-
+ A list of configuration pointing to configmap/secret.
+ The configuration are expected to be UTF-8 resources as they are processed by runtime Camel Context and tried to be parsed as property files.
+ They are also made available on the classpath in order to ease their usage directly from the Route.
+ Syntax: [configmap|secret]:name[/key], where name represents the resource name and key optionally represents the resource key to be filtered
+ items:
+ type: string
+ type: array
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ emptyDirs:
+ description: 'A list of EmptyDir volumes to be mounted. Syntax:
+ [name:/container/path]'
+ items:
+ type: string
+ type: array
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ hotReload:
+ description: |-
+ Enable "hot reload" when a secret/configmap mounted is edited (default `false`). The configmap/secret must be
+ marked with `camel.apache.org/integration` label to be taken in account. The resource will be watched for any kind change, also for
+ changes in metadata.
+ type: boolean
+ resources:
+ description: |-
+ A list of resources (text or binary content) pointing to configmap/secret.
+ The resources are expected to be any resource type (text or binary content).
+ The destination path can be either a default location or any path specified by the user.
+ Syntax: [configmap|secret]:name[/key][@path], where name represents the resource name, key optionally represents the resource key to be filtered and path represents the destination path
+ items:
+ type: string
+ type: array
+ scanKameletsImplicitLabelSecrets:
+ description: |-
+ Deprecated: include your properties in an explicit property file backed by a secret.
+ Let the operator to scan for secret labeled with `camel.apache.org/kamelet` and `camel.apache.org/kamelet.configuration`.
+ These secrets are mounted to the application and treated as plain properties file with their key/value list
+ (ie .spec.data["camel.my-property"] = my-value) (default `true`).
+ type: boolean
+ volumes:
+ description: 'A list of Persistent Volume Claims to be mounted.
+ Syntax: [pvcname:/container/path]'
+ items:
+ type: string
+ type: array
+ type: object
+ openapi:
+ description: The configuration of OpenAPI trait
+ properties:
+ configmaps:
+ description: The configmaps holding the spec of the OpenAPI
+ (compatible with > 3.0 spec only).
+ items:
+ type: string
+ type: array
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ type: object
+ owner:
+ description: The configuration of Owner trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ targetAnnotations:
+ description: The set of annotations to be transferred
+ items:
+ type: string
+ type: array
+ targetLabels:
+ description: The set of labels to be transferred
+ items:
+ type: string
+ type: array
+ type: object
+ pdb:
+ description: The configuration of PDB trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ maxUnavailable:
+ description: |-
+ The number of pods for the Integration that can be unavailable after an eviction.
+ It can be either an absolute number or a percentage (default `1` if `min-available` is also not set).
+ Only one of `max-unavailable` and `min-available` can be specified.
+ type: string
+ minAvailable:
+ description: |-
+ The number of pods for the Integration that must still be available after an eviction.
+ It can be either an absolute number or a percentage.
+ Only one of `min-available` and `max-unavailable` can be specified.
+ type: string
+ type: object
+ platform:
+ description: The configuration of Platform trait
+ properties:
+ auto:
+ description: |-
+ To automatically detect from the environment if a default platform can be created (it will be created on OpenShift or when a registry address is set).
+ Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility
+ type: boolean
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ createDefault:
+ description: |-
+ To create a default (empty) platform when the platform is missing.
+ Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility
+ type: boolean
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ global:
+ description: |-
+ Indicates if the platform should be created globally in the case of global operator (default true).
+ Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility
+ type: boolean
+ type: object
+ pod:
+ description: The configuration of Pod trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ type: object
+ prometheus:
+ description: The configuration of Prometheus trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ podMonitor:
+ description: Whether a `PodMonitor` resource is created (default
+ `true`).
+ type: boolean
+ podMonitorLabels:
+ description: The `PodMonitor` resource labels, applicable
+ when `pod-monitor` is `true`.
+ items:
+ type: string
+ type: array
+ type: object
+ pull-secret:
+ description: The configuration of Pull Secret trait
+ properties:
+ auto:
+ description: Automatically configures the platform registry
+ secret on the pod if it is of type `kubernetes.io/dockerconfigjson`.
+ type: boolean
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ imagePullerDelegation:
+ description: When using a global operator with a shared platform,
+ this enables delegation of the `system:image-puller` cluster
+ role on the operator namespace to the integration service
+ account.
+ type: boolean
+ secretName:
+ description: The pull secret name to set on the Pod. If left
+ empty this is automatically taken from the `IntegrationPlatform`
+ registry configuration.
+ type: string
+ type: object
+ quarkus:
+ description: The configuration of Quarkus trait
+ properties:
+ buildMode:
+ description: |-
+ The Quarkus mode to run: either `jvm` or `native` (default `jvm`).
+ In case both `jvm` and `native` are specified, two `IntegrationKit` resources are created,
+ with the `native` kit having precedence over the `jvm` one once ready.
+ items:
+ description: QuarkusMode is the type of Quarkus build packaging.
+ enum:
+ - jvm
+ - native
+ type: string
+ type: array
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ nativeBaseImage:
+ description: The base image to use when running a native build
+ (default `quay.io/quarkus/quarkus-micro-image:2.0`)
+ type: string
+ nativeBuilderImage:
+ description: The image containing the tooling required for
+ a native build (by default it will use the one provided
+ in the runtime catalog)
+ type: string
+ packageTypes:
+ description: |-
+ The Quarkus package types, `fast-jar` or `native` (default `fast-jar`).
+ In case both `fast-jar` and `native` are specified, two `IntegrationKit` resources are created,
+ with the native kit having precedence over the `fast-jar` one once ready.
+ The order influences the resolution of the current kit for the integration.
+ The kit corresponding to the first package type will be assigned to the
+ integration in case no existing kit that matches the integration exists.
+ Deprecated: use `build-mode` instead.
+ items:
+ description: |-
+ QuarkusPackageType is the type of Quarkus build packaging.
+ Deprecated: use `QuarkusMode` instead.
+ enum:
+ - fast-jar
+ - native
+ type: string
+ type: array
+ type: object
+ registry:
+ description: |-
+ The configuration of Registry trait (support removed since version 2.5.0).
+ Deprecated: use jvm trait or read documentation.
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ type: object
+ route:
+ description: The configuration of Route trait
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ description: |-
+ The annotations added to route.
+ This can be used to set route specific annotations
+ For annotations options see https://docs.openshift.com/container-platform/3.11/architecture/networking/routes.html#route-specific-annotations
+ CLI usage example: -t "route.annotations.'haproxy.router.openshift.io/balance'=true"
+ type: object
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ host:
+ description: To configure the host exposed by the route.
+ type: string
+ tlsCACertificate:
+ description: |-
+ The TLS CA certificate contents.
+
+
+ Refer to the OpenShift route documentation for additional information.
+ type: string
+ tlsCACertificateSecret:
+ description: |-
+ The secret name and key reference to the TLS CA certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
+
+
+ Refer to the OpenShift route documentation for additional information.
+ type: string
+ tlsCertificate:
+ description: |-
+ The TLS certificate contents.
+
+
+ Refer to the OpenShift route documentation for additional information.
+ type: string
+ tlsCertificateSecret:
+ description: |-
+ The secret name and key reference to the TLS certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
+
+
+ Refer to the OpenShift route documentation for additional information.
+ type: string
+ tlsDestinationCACertificate:
+ description: |-
+ The destination CA certificate provides the contents of the ca certificate of the final destination. When using reencrypt
+ termination this file should be provided in order to have routers use it for health checks on the secure connection.
+ If this field is not specified, the router may provide its own destination CA and perform hostname validation using
+ the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically
+ verify.
+
+
+ Refer to the OpenShift route documentation for additional information.
+ type: string
+ tlsDestinationCACertificateSecret:
+ description: |-
+ The secret name and key reference to the destination CA certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
+
+
+ Refer to the OpenShift route documentation for additional information.
+ type: string
+ tlsInsecureEdgeTerminationPolicy:
+ description: |-
+ To configure how to deal with insecure traffic, e.g. `Allow`, `Disable` or `Redirect` traffic.
+
+
+ Refer to the OpenShift route documentation for additional information.
+ enum:
+ - None
+ - Allow
+ - Redirect
+ type: string
+ tlsKey:
+ description: |-
+ The TLS certificate key contents.
+
+
+ Refer to the OpenShift route documentation for additional information.
+ type: string
+ tlsKeySecret:
+ description: |-
+ The secret name and key reference to the TLS certificate key. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
+
+
+ Refer to the OpenShift route documentation for additional information.
+ type: string
+ tlsTermination:
+ description: |-
+ The TLS termination type, like `edge`, `passthrough` or `reencrypt`.
+
+
+ Refer to the OpenShift route documentation for additional information.
+ enum:
+ - edge
+ - reencrypt
+ - passthrough
+ type: string
+ type: object
+ security-context:
+ description: The configuration of Security Context trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ runAsNonRoot:
+ description: Security Context RunAsNonRoot configuration (default
+ false).
+ type: boolean
+ runAsUser:
+ description: 'Security Context RunAsUser configuration (default
+ none): this value is automatically retrieved in Openshift
+ clusters when not explicitly set.'
+ format: int64
+ type: integer
+ seccompProfileType:
+ description: Security Context SeccompProfileType configuration
+ (default RuntimeDefault).
+ enum:
+ - Unconfined
+ - RuntimeDefault
+ type: string
+ type: object
+ service:
+ description: The configuration of Service trait
+ properties:
+ auto:
+ description: To automatically detect from the code if a Service
+ needs to be created.
+ type: boolean
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ nodePort:
+ description: |-
+ Enable Service to be exposed as NodePort (default `false`).
+ Deprecated: Use service type instead.
+ type: boolean
+ type:
+ description: The type of service to be used, either 'ClusterIP',
+ 'NodePort' or 'LoadBalancer'.
+ enum:
+ - ClusterIP
+ - NodePort
+ - LoadBalancer
+ type: string
+ type: object
+ service-binding:
+ description: The configuration of Service Binding trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ services:
+ description: List of Services in the form [[apigroup/]version:]kind:[namespace/]name
+ items:
+ type: string
+ type: array
+ type: object
+ strimzi:
+ description: 'Deprecated: for backward compatibility.'
+ properties:
+ configuration:
+ description: TraitConfiguration parameters configuration
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ required:
+ - configuration
+ type: object
+ toleration:
+ description: The configuration of Toleration trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ taints:
+ description: The list of taints to tolerate, in the form `Key[=Value]:Effect[:Seconds]`
+ items:
+ type: string
+ type: array
+ type: object
+ tracing:
+ description: 'Deprecated: for backward compatibility.'
+ properties:
+ configuration:
+ description: TraitConfiguration parameters configuration
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ required:
+ - configuration
+ type: object
+ type: object
+ type: object
+ status:
+ description: IntegrationProfileStatus defines the observed state of IntegrationProfile.
+ properties:
+ build:
+ description: specify how to build the Integration/IntegrationKits
+ properties:
+ baseImage:
+ description: |-
+ a base image that can be used as base layer for all images.
+ It can be useful if you want to provide some custom base image with further utility software
+ type: string
+ maven:
+ description: Maven configuration used to build the Camel/Camel-Quarkus
+ applications
+ properties:
+ caSecrets:
+ description: |-
+ The Secrets name and key, containing the CA certificate(s) used to connect
+ to remote Maven repositories.
+ It can contain X.509 certificates, and PKCS#7 formatted certificate chains.
+ A JKS formatted keystore is automatically created to store the CA certificate(s),
+ and configured to be used as a trusted certificate(s) by the Maven commands.
+ Note that the root CA certificates are also imported into the created keystore.
+ items:
+ description: SecretKeySelector selects a key of a Secret.
+ properties:
+ key:
+ description: The key of the secret to select from. Must
+ be a valid secret key.
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must
+ be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: array
+ cliOptions:
+ description: |-
+ The CLI options that are appended to the list of arguments for Maven commands,
+ e.g., `-V,--no-transfer-progress,-Dstyle.color=never`.
+ See https://maven.apache.org/ref/3.8.4/maven-embedder/cli.html.
+ items:
+ type: string
+ type: array
+ extension:
+ description: |-
+ The Maven build extensions.
+ See https://maven.apache.org/guides/mini/guide-using-extensions.html.
+ items:
+ description: MavenArtifact defines a GAV (Group:Artifact:Type:Version:Classifier)
+ Maven artifact.
+ properties:
+ artifactId:
+ description: Maven Artifact
+ type: string
+ classifier:
+ description: Maven Classifier
+ type: string
+ groupId:
+ description: Maven Group
+ type: string
+ type:
+ description: Maven Type
+ type: string
+ version:
+ description: Maven Version
+ type: string
+ required:
+ - artifactId
+ - groupId
+ type: object
+ type: array
+ localRepository:
+ description: The path of the local Maven repository.
+ type: string
+ profiles:
+ description: |-
+ A reference to the ConfigMap or Secret key that contains
+ the Maven profile.
+ items:
+ description: ValueSource --.
+ properties:
+ configMapKeyRef:
+ description: Selects a key of a ConfigMap.
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the ConfigMap or its
+ key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ secretKeyRef:
+ description: Selects a key of a secret.
+ properties:
+ key:
+ description: The key of the secret to select from. Must
+ be a valid secret key.
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the Secret or its key
+ must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ type: array
+ properties:
+ additionalProperties:
+ type: string
+ description: The Maven properties.
+ type: object
+ settings:
+ description: |-
+ A reference to the ConfigMap or Secret key that contains
+ the Maven settings.
+ properties:
+ configMapKeyRef:
+ description: Selects a key of a ConfigMap.
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the ConfigMap or its
+ key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ secretKeyRef:
+ description: Selects a key of a secret.
+ properties:
+ key:
+ description: The key of the secret to select from. Must
+ be a valid secret key.
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the Secret or its key
+ must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ settingsSecurity:
+ description: |-
+ A reference to the ConfigMap or Secret key that contains
+ the security of the Maven settings.
+ properties:
+ configMapKeyRef:
+ description: Selects a key of a ConfigMap.
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the ConfigMap or its
+ key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ secretKeyRef:
+ description: Selects a key of a secret.
+ properties:
+ key:
+ description: The key of the secret to select from. Must
+ be a valid secret key.
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the Secret or its key
+ must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ type: object
+ registry:
+ description: the image registry used to push/pull Integration
+ images
+ properties:
+ address:
+ description: the URI to access
+ type: string
+ ca:
+ description: the configmap which stores the Certificate Authority
+ type: string
+ insecure:
+ description: if the container registry is insecure (ie, http
+ only)
+ type: boolean
+ organization:
+ description: the registry organization
+ type: string
+ secret:
+ description: the secret where credentials are stored
+ type: string
+ type: object
+ runtimeProvider:
+ description: the runtime used. Likely Camel Quarkus (we used to
+ have main runtime which has been discontinued since version
+ 1.5)
+ type: string
+ runtimeVersion:
+ description: the Camel K Runtime dependency version
+ type: string
+ timeout:
+ description: how much time to wait before time out the pipeline
+ process
+ type: string
+ type: object
+ conditions:
+ description: which are the conditions met (particularly useful when
+ in ERROR phase)
+ items:
+ description: IntegrationProfileCondition describes the state of
+ a resource at a certain point.
+ properties:
+ lastTransitionTime:
+ description: Last time the condition transitioned from one status
+ to another.
+ format: date-time
+ type: string
+ lastUpdateTime:
+ description: The last time this condition was updated.
+ format: date-time
+ type: string
+ message:
+ description: A human-readable message indicating details about
+ the transition.
+ type: string
+ reason:
+ description: The reason for the condition's last transition.
+ type: string
+ status:
+ description: Status of the condition, one of True, False, Unknown.
+ type: string
+ type:
+ description: Type of integration condition.
+ type: string
+ required:
+ - status
+ - type
+ type: object
+ type: array
+ kamelet:
+ description: configuration to be executed to all Kamelets controlled
+ by this IntegrationProfile
+ properties:
+ repositories:
+ description: remote repository used to retrieve Kamelet catalog
+ items:
+ description: KameletRepositorySpec defines the location of the
+ Kamelet catalog to use.
+ properties:
+ uri:
+ description: the remote repository in the format github:ORG/REPO/PATH_TO_KAMELETS_FOLDER
+ type: string
+ type: object
+ type: array
+ type: object
+ observedGeneration:
+ description: ObservedGeneration is the most recent generation observed
+ for this IntegrationProfile.
+ format: int64
+ type: integer
+ phase:
+ description: defines in what phase the IntegrationProfile is found
+ type: string
+ traits:
+ description: list of traits to be executed for all the Integration/IntegrationKits
+ built from this IntegrationProfile
+ properties:
+ 3scale:
+ description: 'Deprecated: for backward compatibility.'
+ properties:
+ configuration:
+ description: TraitConfiguration parameters configuration
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ required:
+ - configuration
+ type: object
+ addons:
+ additionalProperties:
+ description: AddonTrait represents the configuration of an addon
+ trait.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ description: The extension point with addon traits
+ type: object
+ affinity:
+ description: The configuration of Affinity trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ nodeAffinityLabels:
+ description: Defines a set of nodes the integration pod(s)
+ are eligible to be scheduled on, based on labels on the
+ node.
+ items:
+ type: string
+ type: array
+ podAffinity:
+ description: Always co-locates multiple replicas of the integration
+ in the same node (default `false`).
+ type: boolean
+ podAffinityLabels:
+ description: |-
+ Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the
+ integration pod(s) should be co-located with.
+ items:
+ type: string
+ type: array
+ podAntiAffinity:
+ description: Never co-locates multiple replicas of the integration
+ in the same node (default `false`).
+ type: boolean
+ podAntiAffinityLabels:
+ description: |-
+ Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the
+ integration pod(s) should not be co-located with.
+ items:
+ type: string
+ type: array
+ type: object
+ builder:
+ description: The configuration of Builder trait
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ description: When using `pod` strategy, annotation to use
+ for the builder pod.
+ type: object
+ baseImage:
+ description: |-
+ Specify a base image. In order to have the application working properly it must be a container image which has a Java JDK
+ installed and ready to use on path (ie `/usr/bin/java`).
+ type: string
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ incrementalImageBuild:
+ description: Use the incremental image build option, to reuse
+ existing containers (default `true`)
+ type: boolean
+ limitCPU:
+ description: |-
+ When using `pod` strategy, the maximum amount of CPU required by the pod builder.
+ Deprecated: use TasksRequestCPU instead with task name `builder`.
+ type: string
+ limitMemory:
+ description: |-
+ When using `pod` strategy, the maximum amount of memory required by the pod builder.
+ Deprecated: use TasksRequestCPU instead with task name `builder`.
+ type: string
+ mavenProfiles:
+ description: |-
+ A list of references pointing to configmaps/secrets that contains a maven profile.
+ This configmap/secret is a resource of the IntegrationKit created, therefore it needs to be present in the namespace where the operator is going to create the IntegrationKit.
+ The content of the maven profile is expected to be a text containing a valid maven profile starting with `` and ending with `` that will be integrated as an inline profile in the POM.
+ Syntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = profile.xml).
+ items:
+ type: string
+ type: array
+ nodeSelector:
+ additionalProperties:
+ type: string
+ description: Defines a set of nodes the builder pod is eligible
+ to be scheduled on, based on labels on the node.
+ type: object
+ orderStrategy:
+ description: The build order strategy to use, either `dependencies`,
+ `fifo` or `sequential` (default is the platform default)
+ enum:
+ - dependencies
+ - fifo
+ - sequential
+ type: string
+ platforms:
+ description: The list of manifest platforms to use to build
+ a container image (default `linux/amd64`).
+ items:
+ type: string
+ type: array
+ properties:
+ description: A list of properties to be provided to the build
+ task
+ items:
+ type: string
+ type: array
+ requestCPU:
+ description: |-
+ When using `pod` strategy, the minimum amount of CPU required by the pod builder.
+ Deprecated: use TasksRequestCPU instead with task name `builder`.
+ type: string
+ requestMemory:
+ description: |-
+ When using `pod` strategy, the minimum amount of memory required by the pod builder.
+ Deprecated: use TasksRequestCPU instead with task name `builder`.
+ type: string
+ strategy:
+ description: The strategy to use, either `pod` or `routine`
+ (default `routine`)
+ enum:
+ - pod
+ - routine
+ type: string
+ tasks:
+ description: A list of tasks to be executed (available only
+ when using `pod` strategy) with format `;;`.
+ items:
+ type: string
+ type: array
+ tasksFilter:
+ description: |-
+ A list of tasks sorted by the order of execution in a csv format, ie, `,,...`.
+ Mind that you must include also the operator tasks (`builder`, `quarkus-native`, `package`, `jib`, `s2i`)
+ if you need to execute them. Useful only with `pod` strategy.
+ type: string
+ tasksLimitCPU:
+ description: A list of limit cpu configuration for the specific
+ task with format `:`.
+ items:
+ type: string
+ type: array
+ tasksLimitMemory:
+ description: A list of limit memory configuration for the
+ specific task with format `:`.
+ items:
+ type: string
+ type: array
+ tasksRequestCPU:
+ description: A list of request cpu configuration for the specific
+ task with format `:`.
+ items:
+ type: string
+ type: array
+ tasksRequestMemory:
+ description: A list of request memory configuration for the
+ specific task with format `:`.
+ items:
+ type: string
+ type: array
+ verbose:
+ description: |-
+ Enable verbose logging on build components that support it (e.g. Kaniko build pod).
+ Deprecated no longer in use
+ type: boolean
+ type: object
+ camel:
+ description: The configuration of Camel trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ properties:
+ description: A list of properties to be provided to the Integration
+ runtime
+ items:
+ type: string
+ type: array
+ runtimeVersion:
+ description: |-
+ The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform.
+ You can use a fixed version (for example "3.2.3") or a semantic version (for example "3.x") which will try to resolve
+ to the best matching Catalog existing on the cluster.
+ type: string
+ type: object
+ container:
+ description: The configuration of Container trait
+ properties:
+ allowPrivilegeEscalation:
+ description: Security Context AllowPrivilegeEscalation configuration
+ (default false).
+ type: boolean
+ auto:
+ description: To automatically enable the trait
+ type: boolean
+ capabilitiesAdd:
+ description: Security Context Capabilities Add configuration
+ (default none).
+ items:
+ description: Capability represent POSIX capabilities type
+ type: string
+ type: array
+ capabilitiesDrop:
+ description: Security Context Capabilities Drop configuration
+ (default ALL).
+ items:
+ description: Capability represent POSIX capabilities type
+ type: string
+ type: array
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ expose:
+ description: Can be used to enable/disable exposure via kubernetes
+ Service.
+ type: boolean
+ image:
+ description: |-
+ The main container image to use for the Integration. When using this parameter the operator will create a synthetic IntegrationKit which
+ won't be able to execute traits requiring CamelCatalog. If the container image you're using is coming from an IntegrationKit, use instead
+ Integration `.spec.integrationKit` parameter. If you're moving the Integration across environments, you will also need to create an "external" IntegrationKit.
+ type: string
+ imagePullPolicy:
+ description: 'The pull policy: Always|Never|IfNotPresent'
+ enum:
+ - Always
+ - Never
+ - IfNotPresent
+ type: string
+ limitCPU:
+ description: The maximum amount of CPU to be provided (default
+ 500 millicores).
+ type: string
+ limitMemory:
+ description: The maximum amount of memory to be provided (default
+ 512 Mi).
+ type: string
+ name:
+ description: The main container name. It's named `integration`
+ by default.
+ type: string
+ port:
+ description: To configure a different port exposed by the
+ container (default `8080`).
+ type: integer
+ portName:
+ description: To configure a different port name for the port
+ exposed by the container. It defaults to `http` only when
+ the `expose` parameter is true.
+ type: string
+ requestCPU:
+ description: The minimum amount of CPU required (default 125
+ millicores).
+ type: string
+ requestMemory:
+ description: The minimum amount of memory required (default
+ 128 Mi).
+ type: string
+ runAsNonRoot:
+ description: Security Context RunAsNonRoot configuration (default
+ false).
+ type: boolean
+ runAsUser:
+ description: 'Security Context RunAsUser configuration (default
+ none): this value is automatically retrieved in Openshift
+ clusters when not explicitly set.'
+ format: int64
+ type: integer
+ seccompProfileType:
+ description: Security Context SeccompProfileType configuration
+ (default RuntimeDefault).
+ enum:
+ - Unconfined
+ - RuntimeDefault
+ type: string
+ servicePort:
+ description: To configure under which service port the container
+ port is to be exposed (default `80`).
+ type: integer
+ servicePortName:
+ description: To configure under which service port name the
+ container port is to be exposed (default `http`).
+ type: string
+ type: object
+ cron:
+ description: The configuration of Cron trait
+ properties:
+ activeDeadlineSeconds:
+ description: |-
+ Specifies the duration in seconds, relative to the start time, that the job
+ may be continuously active before it is considered to be failed.
+ It defaults to 60s.
+ format: int64
+ type: integer
+ auto:
+ description: |-
+ Automatically deploy the integration as CronJob when all routes are
+ either starting from a periodic consumer (only `cron`, `timer` and `quartz` are supported) or a passive consumer (e.g. `direct` is a passive consumer).
+
+
+ It's required that all periodic consumers have the same period, and it can be expressed as cron schedule (e.g. `1m` can be expressed as `0/1 * * * *`,
+ while `35m` or `50s` cannot).
+ type: boolean
+ backoffLimit:
+ description: |-
+ Specifies the number of retries before marking the job failed.
+ It defaults to 2.
+ format: int32
+ type: integer
+ components:
+ description: |-
+ A comma separated list of the Camel components that need to be customized in order for them to work when the schedule is triggered externally by Kubernetes.
+ A specific customizer is activated for each specified component. E.g. for the `timer` component, the `cron-timer` customizer is
+ activated (it's present in the `org.apache.camel.k:camel-k-cron` library).
+
+
+ Supported components are currently: `cron`, `timer` and `quartz`.
+ type: string
+ concurrencyPolicy:
+ description: |-
+ Specifies how to treat concurrent executions of a Job.
+ Valid values are:
+ - "Allow": allows CronJobs to run concurrently;
+ - "Forbid" (default): forbids concurrent runs, skipping next run if previous run hasn't finished yet;
+ - "Replace": cancels currently running job and replaces it with a new one
+ enum:
+ - Allow
+ - Forbid
+ - Replace
+ type: string
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ fallback:
+ description: |-
+ Use the default Camel implementation of the `cron` endpoint (`quartz`) instead of trying to materialize the integration
+ as Kubernetes CronJob.
+ type: boolean
+ schedule:
+ description: |-
+ The CronJob schedule for the whole integration. If multiple routes are declared, they must have the same schedule for this
+ mechanism to work correctly.
+ type: string
+ startingDeadlineSeconds:
+ description: |-
+ Optional deadline in seconds for starting the job if it misses scheduled
+ time for any reason. Missed jobs executions will be counted as failed ones.
+ format: int64
+ type: integer
+ timeZone:
+ description: The timezone that the CronJob will run on
+ type: string
+ type: object
+ dependencies:
+ description: The configuration of Dependencies trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ type: object
+ deployer:
+ description: The configuration of Deployer trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ kind:
+ description: Allows to explicitly select the desired deployment
+ kind between `deployment`, `cron-job` or `knative-service`
+ when creating the resources for running the integration.
+ enum:
+ - deployment
+ - cron-job
+ - knative-service
+ type: string
+ useSSA:
+ description: |-
+ Use server-side apply to update the owned resources (default `true`).
+ Note that it automatically falls back to client-side patching, if SSA is not available, e.g., on old Kubernetes clusters.
+ type: boolean
+ type: object
+ deployment:
+ description: The configuration of Deployment trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ progressDeadlineSeconds:
+ description: |-
+ The maximum time in seconds for the deployment to make progress before it
+ is considered to be failed. It defaults to `60s`.
+ format: int32
+ type: integer
+ rollingUpdateMaxSurge:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ The maximum number of pods that can be scheduled above the desired number of
+ pods.
+ Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
+ This can not be 0 if MaxUnavailable is 0.
+ Absolute number is calculated from percentage by rounding up.
+ Defaults to `25%`.
+ x-kubernetes-int-or-string: true
+ rollingUpdateMaxUnavailable:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ The maximum number of pods that can be unavailable during the update.
+ Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
+ Absolute number is calculated from percentage by rounding down.
+ This can not be 0 if MaxSurge is 0.
+ Defaults to `25%`.
+ x-kubernetes-int-or-string: true
+ strategy:
+ description: The deployment strategy to use to replace existing
+ pods with new ones.
+ enum:
+ - Recreate
+ - RollingUpdate
+ type: string
+ type: object
+ environment:
+ description: The configuration of Environment trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ containerMeta:
+ description: Enables injection of `NAMESPACE` and `POD_NAME`
+ environment variables (default `true`)
+ type: boolean
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ httpProxy:
+ description: Propagates the `HTTP_PROXY`, `HTTPS_PROXY` and
+ `NO_PROXY` environment variables (default `true`)
+ type: boolean
+ vars:
+ description: |-
+ A list of environment variables to be added to the integration container.
+ The syntax is KEY=VALUE, e.g., `MY_VAR="my value"`.
+ These take precedence over the previously defined environment variables.
+ items:
+ type: string
+ type: array
+ type: object
+ error-handler:
+ description: The configuration of Error Handler trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ ref:
+ description: The error handler ref name provided or found
+ in application properties
+ type: string
+ type: object
+ gc:
+ description: The configuration of GC trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ discoveryCache:
+ description: |-
+ Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`).
+ Deprecated: to be removed from trait configuration.
+ enum:
+ - disabled
+ - disk
+ - memory
+ type: string
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ type: object
+ health:
+ description: The configuration of Health trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ livenessFailureThreshold:
+ description: Minimum consecutive failures for the liveness
+ probe to be considered failed after having succeeded.
+ format: int32
+ type: integer
+ livenessInitialDelay:
+ description: Number of seconds after the container has started
+ before the liveness probe is initiated.
+ format: int32
+ type: integer
+ livenessPeriod:
+ description: How often to perform the liveness probe.
+ format: int32
+ type: integer
+ livenessProbe:
+ description: The liveness probe path to use (default provided
+ by the Catalog runtime used).
+ type: string
+ livenessProbeEnabled:
+ description: Configures the liveness probe for the integration
+ container (default `false`).
+ type: boolean
+ livenessScheme:
+ description: Scheme to use when connecting to the liveness
+ probe (default `HTTP`).
+ type: string
+ livenessSuccessThreshold:
+ description: Minimum consecutive successes for the liveness
+ probe to be considered successful after having failed.
+ format: int32
+ type: integer
+ livenessTimeout:
+ description: Number of seconds after which the liveness probe
+ times out.
+ format: int32
+ type: integer
+ readinessFailureThreshold:
+ description: Minimum consecutive failures for the readiness
+ probe to be considered failed after having succeeded.
+ format: int32
+ type: integer
+ readinessInitialDelay:
+ description: Number of seconds after the container has started
+ before the readiness probe is initiated.
+ format: int32
+ type: integer
+ readinessPeriod:
+ description: How often to perform the readiness probe.
+ format: int32
+ type: integer
+ readinessProbe:
+ description: The readiness probe path to use (default provided
+ by the Catalog runtime used).
+ type: string
+ readinessProbeEnabled:
+ description: Configures the readiness probe for the integration
+ container (default `true`).
+ type: boolean
+ readinessScheme:
+ description: Scheme to use when connecting to the readiness
+ probe (default `HTTP`).
+ type: string
+ readinessSuccessThreshold:
+ description: Minimum consecutive successes for the readiness
+ probe to be considered successful after having failed.
+ format: int32
+ type: integer
+ readinessTimeout:
+ description: Number of seconds after which the readiness probe
+ times out.
+ format: int32
+ type: integer
+ startupFailureThreshold:
+ description: Minimum consecutive failures for the startup
+ probe to be considered failed after having succeeded.
+ format: int32
+ type: integer
+ startupInitialDelay:
+ description: Number of seconds after the container has started
+ before the startup probe is initiated.
+ format: int32
+ type: integer
+ startupPeriod:
+ description: How often to perform the startup probe.
+ format: int32
+ type: integer
+ startupProbe:
+ description: The startup probe path to use (default provided
+ by the Catalog runtime used).
+ type: string
+ startupProbeEnabled:
+ description: Configures the startup probe for the integration
+ container (default `false`).
+ type: boolean
+ startupScheme:
+ description: Scheme to use when connecting to the startup
+ probe (default `HTTP`).
+ type: string
+ startupSuccessThreshold:
+ description: Minimum consecutive successes for the startup
+ probe to be considered successful after having failed.
+ format: int32
+ type: integer
+ startupTimeout:
+ description: Number of seconds after which the startup probe
+ times out.
+ format: int32
+ type: integer
+ type: object
+ ingress:
+ description: The configuration of Ingress trait
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ description: |-
+ The annotations added to the ingress.
+ This can be used to set controller specific annotations, e.g., when using the NGINX Ingress controller:
+ See https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md
+ type: object
+ auto:
+ description: To automatically add an ingress whenever the
+ integration uses an HTTP endpoint consumer.
+ type: boolean
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ host:
+ description: To configure the host exposed by the ingress.
+ type: string
+ path:
+ description: To configure the path exposed by the ingress
+ (default `/`).
+ type: string
+ pathType:
+ description: |-
+ To configure the path type exposed by the ingress.
+ One of `Exact`, `Prefix`, `ImplementationSpecific` (default to `Prefix`).
+ enum:
+ - Exact
+ - Prefix
+ - ImplementationSpecific
+ type: string
+ tlsHosts:
+ description: To configure tls hosts
+ items:
+ type: string
+ type: array
+ tlsSecretName:
+ description: To configure tls secret name
+ type: string
+ type: object
+ istio:
+ description: The configuration of Istio trait
+ properties:
+ allow:
+ description: Configures a (comma-separated) list of CIDR subnets
+ that should not be intercepted by the Istio proxy (`10.0.0.0/8,172.16.0.0/12,192.168.0.0/16`
+ by default).
+ type: string
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ inject:
+ description: Forces the value for labels `sidecar.istio.io/inject`.
+ By default the label is set to `true` on deployment and
+ not set on Knative Service.
+ type: boolean
+ type: object
+ jolokia:
+ description: The configuration of Jolokia trait
+ properties:
+ CACert:
+ description: |-
+ The PEM encoded CA certification file path, used to verify client certificates,
+ applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`
+ (default `/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt` for OpenShift).
+ type: string
+ clientPrincipal:
+ description: |-
+ The principal(s) which must be given in a client certificate to allow access to the Jolokia endpoint,
+ applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`
+ (default `clientPrincipal=cn=system:master-proxy`, `cn=hawtio-online.hawtio.svc` and `cn=fuse-console.fuse.svc` for OpenShift).
+ items:
+ type: string
+ type: array
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ discoveryEnabled:
+ description: Listen for multicast requests (default `false`)
+ type: boolean
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ extendedClientCheck:
+ description: |-
+ Mandate the client certificate contains a client flag in the extended key usage section,
+ applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`
+ (default `true` for OpenShift).
+ type: boolean
+ host:
+ description: |-
+ The Host address to which the Jolokia agent should bind to. If `"\*"` or `"0.0.0.0"` is given,
+ the servers binds to every network interface (default `"*"`).
+ type: string
+ options:
+ description: |-
+ A list of additional Jolokia options as defined
+ in https://jolokia.org/reference/html/agents.html#agent-jvm-config[JVM agent configuration options]
+ items:
+ type: string
+ type: array
+ password:
+ description: The password used for authentication, applicable
+ when the `user` option is set.
+ type: string
+ port:
+ description: The Jolokia endpoint port (default `8778`).
+ type: integer
+ protocol:
+ description: The protocol to use, either `http` or `https`
+ (default `https` for OpenShift)
+ type: string
+ useSSLClientAuthentication:
+ description: Whether client certificates should be used for
+ authentication (default `true` for OpenShift).
+ type: boolean
+ user:
+ description: The user to be used for authentication
+ type: string
+ type: object
+ jvm:
+ description: The configuration of JVM trait
+ properties:
+ classpath:
+ description: Additional JVM classpath (use `Linux` classpath
+ separator)
+ type: string
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ debug:
+ description: Activates remote debugging, so that a debugger
+ can be attached to the JVM, e.g., using port-forwarding
+ type: boolean
+ debugAddress:
+ description: Transport address at which to listen for the
+ newly launched JVM (default `*:5005`)
+ type: string
+ debugSuspend:
+ description: Suspends the target JVM immediately before the
+ main class is loaded
+ type: boolean
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ jar:
+ description: The Jar dependency which will run the application.
+ Leave it empty for managed Integrations.
+ type: string
+ options:
+ description: A list of JVM options
+ items:
+ type: string
+ type: array
+ printCommand:
+ description: |-
+ Prints the command used the start the JVM in the container logs (default `true`)
+ Deprecated: no longer in use.
+ type: boolean
+ type: object
+ kamelets:
+ description: The configuration of Kamelets trait
+ properties:
+ auto:
+ description: Automatically inject all referenced Kamelets
+ and their default configuration (enabled by default)
+ type: boolean
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ list:
+ description: Comma separated list of Kamelet names to load
+ into the current integration
+ type: string
+ mountPoint:
+ description: The directory where the application mounts and
+ reads Kamelet spec (default `/etc/camel/kamelets`)
+ type: string
+ type: object
+ keda:
+ description: 'Deprecated: for backward compatibility.'
+ properties:
+ configuration:
+ description: TraitConfiguration parameters configuration
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ required:
+ - configuration
+ type: object
+ knative:
+ description: The configuration of Knative trait
+ properties:
+ auto:
+ description: Enable automatic discovery of all trait properties.
+ type: boolean
+ channelSinks:
+ description: |-
+ List of channels used as destination of integration routes.
+ Can contain simple channel names or full Camel URIs.
+ items:
+ type: string
+ type: array
+ channelSources:
+ description: |-
+ List of channels used as source of integration routes.
+ Can contain simple channel names or full Camel URIs.
+ items:
+ type: string
+ type: array
+ config:
+ description: Can be used to inject a Knative complete configuration
+ in JSON format.
+ type: string
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ endpointSinks:
+ description: |-
+ List of endpoints used as destination of integration routes.
+ Can contain simple endpoint names or full Camel URIs.
+ items:
+ type: string
+ type: array
+ endpointSources:
+ description: List of channels used as source of integration
+ routes.
+ items:
+ type: string
+ type: array
+ eventSinks:
+ description: |-
+ List of event types that the integration will produce.
+ Can contain simple event types or full Camel URIs (to use a specific broker).
+ items:
+ type: string
+ type: array
+ eventSources:
+ description: |-
+ List of event types that the integration will be subscribed to.
+ Can contain simple event types or full Camel URIs (to use a specific broker different from "default").
+ items:
+ type: string
+ type: array
+ filterEventType:
+ description: |-
+ Enables the default filtering for the Knative trigger using the event type
+ If this is true, the created Knative trigger uses the event type as a filter on the event stream when no other filter criteria is given. (default: true)
+ type: boolean
+ filterSourceChannels:
+ description: |-
+ Enables filtering on events based on the header "ce-knativehistory". Since this header has been removed in newer versions of
+ Knative, filtering is disabled by default.
+ type: boolean
+ filters:
+ description: |-
+ Sets filter attributes on the event stream (such as event type, source, subject and so on).
+ A list of key-value pairs that represent filter attributes and its values.
+ The syntax is KEY=VALUE, e.g., `source="my.source"`.
+ Filter attributes get set on the Knative trigger that is being created as part of this integration.
+ items:
+ type: string
+ type: array
+ namespaceLabel:
+ description: |-
+ Enables the camel-k-operator to set the "bindings.knative.dev/include=true" label to the namespace
+ As Knative requires this label to perform injection of K_SINK URL into the service.
+ If this is false, the integration pod may start and fail, read the SinkBinding Knative documentation. (default: true)
+ type: boolean
+ sinkBinding:
+ description: |-
+ Allows binding the integration to a sink via a Knative SinkBinding resource.
+ This can be used when the integration targets a single sink.
+ It's enabled by default when the integration targets a single sink
+ (except when the integration is owned by a Knative source).
+ type: boolean
+ type: object
+ knative-service:
+ description: The configuration of Knative Service trait
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ description: |-
+ The annotations added to route.
+ This can be used to set knative service specific annotations
+ CLI usage example: -t "knative-service.annotations.'haproxy.router.openshift.io/balance'=true"
+ type: object
+ auto:
+ description: |-
+ Automatically deploy the integration as Knative service when all conditions hold:
+
+
+ * Integration is using the Knative profile
+ * All routes are either starting from an HTTP based consumer or a passive consumer (e.g. `direct` is a passive consumer)
+ type: boolean
+ autoscalingMetric:
+ description: |-
+ Configures the Knative autoscaling metric property (e.g. to set `concurrency` based or `cpu` based autoscaling).
+
+
+ Refer to the Knative documentation for more information.
+ type: string
+ autoscalingTarget:
+ description: |-
+ Sets the allowed concurrency level or CPU percentage (depending on the autoscaling metric) for each Pod.
+
+
+ Refer to the Knative documentation for more information.
+ type: integer
+ class:
+ description: |-
+ Configures the Knative autoscaling class property (e.g. to set `hpa.autoscaling.knative.dev` or `kpa.autoscaling.knative.dev` autoscaling).
+
+
+ Refer to the Knative documentation for more information.
+ enum:
+ - kpa.autoscaling.knative.dev
+ - hpa.autoscaling.knative.dev
+ type: string
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ maxScale:
+ description: |-
+ An upper bound for the number of Pods that can be running in parallel for the integration.
+ Knative has its own cap value that depends on the installation.
+
+
+ Refer to the Knative documentation for more information.
+ type: integer
+ minScale:
+ description: |-
+ The minimum number of Pods that should be running at any time for the integration. It's **zero** by default, meaning that
+ the integration is scaled down to zero when not used for a configured amount of time.
+
+
+ Refer to the Knative documentation for more information.
+ type: integer
+ rolloutDuration:
+ description: |-
+ Enables to gradually shift traffic to the latest Revision and sets the rollout duration.
+ It's disabled by default and must be expressed as a Golang `time.Duration` string representation,
+ rounded to a second precision.
+ type: string
+ timeoutSeconds:
+ description: |-
+ The maximum duration in seconds that the request instance is allowed to respond to a request.
+ This field propagates to the integration pod's terminationGracePeriodSeconds
+
+
+ Refer to the Knative documentation for more information.
+ format: int64
+ type: integer
+ visibility:
+ description: |-
+ Setting `cluster-local`, Knative service becomes a private service.
+ Specifically, this option applies the `networking.knative.dev/visibility` label to Knative service.
+
+
+ Refer to the Knative documentation for more information.
+ enum:
+ - cluster-local
+ type: string
+ type: object
+ logging:
+ description: The configuration of Logging trait
+ properties:
+ color:
+ description: Colorize the log output
+ type: boolean
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ format:
+ description: Logs message format
+ type: string
+ json:
+ description: Output the logs in JSON
+ type: boolean
+ jsonPrettyPrint:
+ description: Enable "pretty printing" of the JSON logs
+ type: boolean
+ level:
+ description: Adjust the logging level (defaults to `INFO`)
+ enum:
+ - FATAL
+ - WARN
+ - INFO
+ - DEBUG
+ - TRACE
+ type: string
+ type: object
+ master:
+ description: 'Deprecated: for backward compatibility.'
+ properties:
+ configuration:
+ description: TraitConfiguration parameters configuration
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ required:
+ - configuration
+ type: object
+ mount:
+ description: The configuration of Mount trait
+ properties:
+ configs:
+ description: |-
+ A list of configuration pointing to configmap/secret.
+ The configuration are expected to be UTF-8 resources as they are processed by runtime Camel Context and tried to be parsed as property files.
+ They are also made available on the classpath in order to ease their usage directly from the Route.
+ Syntax: [configmap|secret]:name[/key], where name represents the resource name and key optionally represents the resource key to be filtered
+ items:
+ type: string
+ type: array
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ emptyDirs:
+ description: 'A list of EmptyDir volumes to be mounted. Syntax:
+ [name:/container/path]'
+ items:
+ type: string
+ type: array
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ hotReload:
+ description: |-
+ Enable "hot reload" when a secret/configmap mounted is edited (default `false`). The configmap/secret must be
+ marked with `camel.apache.org/integration` label to be taken in account. The resource will be watched for any kind change, also for
+ changes in metadata.
+ type: boolean
+ resources:
+ description: |-
+ A list of resources (text or binary content) pointing to configmap/secret.
+ The resources are expected to be any resource type (text or binary content).
+ The destination path can be either a default location or any path specified by the user.
+ Syntax: [configmap|secret]:name[/key][@path], where name represents the resource name, key optionally represents the resource key to be filtered and path represents the destination path
+ items:
+ type: string
+ type: array
+ scanKameletsImplicitLabelSecrets:
+ description: |-
+ Deprecated: include your properties in an explicit property file backed by a secret.
+ Let the operator to scan for secret labeled with `camel.apache.org/kamelet` and `camel.apache.org/kamelet.configuration`.
+ These secrets are mounted to the application and treated as plain properties file with their key/value list
+ (ie .spec.data["camel.my-property"] = my-value) (default `true`).
+ type: boolean
+ volumes:
+ description: 'A list of Persistent Volume Claims to be mounted.
+ Syntax: [pvcname:/container/path]'
+ items:
+ type: string
+ type: array
+ type: object
+ openapi:
+ description: The configuration of OpenAPI trait
+ properties:
+ configmaps:
+ description: The configmaps holding the spec of the OpenAPI
+ (compatible with > 3.0 spec only).
+ items:
+ type: string
+ type: array
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ type: object
+ owner:
+ description: The configuration of Owner trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ targetAnnotations:
+ description: The set of annotations to be transferred
+ items:
+ type: string
+ type: array
+ targetLabels:
+ description: The set of labels to be transferred
+ items:
+ type: string
+ type: array
+ type: object
+ pdb:
+ description: The configuration of PDB trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ maxUnavailable:
+ description: |-
+ The number of pods for the Integration that can be unavailable after an eviction.
+ It can be either an absolute number or a percentage (default `1` if `min-available` is also not set).
+ Only one of `max-unavailable` and `min-available` can be specified.
+ type: string
+ minAvailable:
+ description: |-
+ The number of pods for the Integration that must still be available after an eviction.
+ It can be either an absolute number or a percentage.
+ Only one of `min-available` and `max-unavailable` can be specified.
+ type: string
+ type: object
+ platform:
+ description: The configuration of Platform trait
+ properties:
+ auto:
+ description: |-
+ To automatically detect from the environment if a default platform can be created (it will be created on OpenShift or when a registry address is set).
+ Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility
+ type: boolean
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ createDefault:
+ description: |-
+ To create a default (empty) platform when the platform is missing.
+ Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility
+ type: boolean
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ global:
+ description: |-
+ Indicates if the platform should be created globally in the case of global operator (default true).
+ Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility
+ type: boolean
+ type: object
+ pod:
+ description: The configuration of Pod trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ type: object
+ prometheus:
+ description: The configuration of Prometheus trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ podMonitor:
+ description: Whether a `PodMonitor` resource is created (default
+ `true`).
+ type: boolean
+ podMonitorLabels:
+ description: The `PodMonitor` resource labels, applicable
+ when `pod-monitor` is `true`.
+ items:
+ type: string
+ type: array
+ type: object
+ pull-secret:
+ description: The configuration of Pull Secret trait
+ properties:
+ auto:
+ description: Automatically configures the platform registry
+ secret on the pod if it is of type `kubernetes.io/dockerconfigjson`.
+ type: boolean
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ imagePullerDelegation:
+ description: When using a global operator with a shared platform,
+ this enables delegation of the `system:image-puller` cluster
+ role on the operator namespace to the integration service
+ account.
+ type: boolean
+ secretName:
+ description: The pull secret name to set on the Pod. If left
+ empty this is automatically taken from the `IntegrationPlatform`
+ registry configuration.
+ type: string
+ type: object
+ quarkus:
+ description: The configuration of Quarkus trait
+ properties:
+ buildMode:
+ description: |-
+ The Quarkus mode to run: either `jvm` or `native` (default `jvm`).
+ In case both `jvm` and `native` are specified, two `IntegrationKit` resources are created,
+ with the `native` kit having precedence over the `jvm` one once ready.
+ items:
+ description: QuarkusMode is the type of Quarkus build packaging.
+ enum:
+ - jvm
+ - native
+ type: string
+ type: array
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ nativeBaseImage:
+ description: The base image to use when running a native build
+ (default `quay.io/quarkus/quarkus-micro-image:2.0`)
+ type: string
+ nativeBuilderImage:
+ description: The image containing the tooling required for
+ a native build (by default it will use the one provided
+ in the runtime catalog)
+ type: string
+ packageTypes:
+ description: |-
+ The Quarkus package types, `fast-jar` or `native` (default `fast-jar`).
+ In case both `fast-jar` and `native` are specified, two `IntegrationKit` resources are created,
+ with the native kit having precedence over the `fast-jar` one once ready.
+ The order influences the resolution of the current kit for the integration.
+ The kit corresponding to the first package type will be assigned to the
+ integration in case no existing kit that matches the integration exists.
+ Deprecated: use `build-mode` instead.
+ items:
+ description: |-
+ QuarkusPackageType is the type of Quarkus build packaging.
+ Deprecated: use `QuarkusMode` instead.
+ enum:
+ - fast-jar
+ - native
+ type: string
+ type: array
+ type: object
+ registry:
+ description: |-
+ The configuration of Registry trait (support removed since version 2.5.0).
+ Deprecated: use jvm trait or read documentation.
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ type: object
+ route:
+ description: The configuration of Route trait
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ description: |-
+ The annotations added to route.
+ This can be used to set route specific annotations
+ For annotations options see https://docs.openshift.com/container-platform/3.11/architecture/networking/routes.html#route-specific-annotations
+ CLI usage example: -t "route.annotations.'haproxy.router.openshift.io/balance'=true"
+ type: object
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ host:
+ description: To configure the host exposed by the route.
+ type: string
+ tlsCACertificate:
+ description: |-
+ The TLS CA certificate contents.
+
+
+ Refer to the OpenShift route documentation for additional information.
+ type: string
+ tlsCACertificateSecret:
+ description: |-
+ The secret name and key reference to the TLS CA certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
+
+
+ Refer to the OpenShift route documentation for additional information.
+ type: string
+ tlsCertificate:
+ description: |-
+ The TLS certificate contents.
+
+
+ Refer to the OpenShift route documentation for additional information.
+ type: string
+ tlsCertificateSecret:
+ description: |-
+ The secret name and key reference to the TLS certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
+
+
+ Refer to the OpenShift route documentation for additional information.
+ type: string
+ tlsDestinationCACertificate:
+ description: |-
+ The destination CA certificate provides the contents of the ca certificate of the final destination. When using reencrypt
+ termination this file should be provided in order to have routers use it for health checks on the secure connection.
+ If this field is not specified, the router may provide its own destination CA and perform hostname validation using
+ the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically
+ verify.
+
+
+ Refer to the OpenShift route documentation for additional information.
+ type: string
+ tlsDestinationCACertificateSecret:
+ description: |-
+ The secret name and key reference to the destination CA certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
+
+
+ Refer to the OpenShift route documentation for additional information.
+ type: string
+ tlsInsecureEdgeTerminationPolicy:
+ description: |-
+ To configure how to deal with insecure traffic, e.g. `Allow`, `Disable` or `Redirect` traffic.
+
+
+ Refer to the OpenShift route documentation for additional information.
+ enum:
+ - None
+ - Allow
+ - Redirect
+ type: string
+ tlsKey:
+ description: |-
+ The TLS certificate key contents.
+
+
+ Refer to the OpenShift route documentation for additional information.
+ type: string
+ tlsKeySecret:
+ description: |-
+ The secret name and key reference to the TLS certificate key. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
+
+
+ Refer to the OpenShift route documentation for additional information.
+ type: string
+ tlsTermination:
+ description: |-
+ The TLS termination type, like `edge`, `passthrough` or `reencrypt`.
+
+
+ Refer to the OpenShift route documentation for additional information.
+ enum:
+ - edge
+ - reencrypt
+ - passthrough
+ type: string
+ type: object
+ security-context:
+ description: The configuration of Security Context trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ runAsNonRoot:
+ description: Security Context RunAsNonRoot configuration (default
+ false).
+ type: boolean
+ runAsUser:
+ description: 'Security Context RunAsUser configuration (default
+ none): this value is automatically retrieved in Openshift
+ clusters when not explicitly set.'
+ format: int64
+ type: integer
+ seccompProfileType:
+ description: Security Context SeccompProfileType configuration
+ (default RuntimeDefault).
+ enum:
+ - Unconfined
+ - RuntimeDefault
+ type: string
+ type: object
+ service:
+ description: The configuration of Service trait
+ properties:
+ auto:
+ description: To automatically detect from the code if a Service
+ needs to be created.
+ type: boolean
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ nodePort:
+ description: |-
+ Enable Service to be exposed as NodePort (default `false`).
+ Deprecated: Use service type instead.
+ type: boolean
+ type:
+ description: The type of service to be used, either 'ClusterIP',
+ 'NodePort' or 'LoadBalancer'.
+ enum:
+ - ClusterIP
+ - NodePort
+ - LoadBalancer
+ type: string
+ type: object
+ service-binding:
+ description: The configuration of Service Binding trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ services:
+ description: List of Services in the form [[apigroup/]version:]kind:[namespace/]name
+ items:
+ type: string
+ type: array
+ type: object
+ strimzi:
+ description: 'Deprecated: for backward compatibility.'
+ properties:
+ configuration:
+ description: TraitConfiguration parameters configuration
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ required:
+ - configuration
+ type: object
+ toleration:
+ description: The configuration of Toleration trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ taints:
+ description: The list of taints to tolerate, in the form `Key[=Value]:Effect[:Seconds]`
+ items:
+ type: string
+ type: array
+ type: object
+ tracing:
+ description: 'Deprecated: for backward compatibility.'
+ properties:
+ configuration:
+ description: TraitConfiguration parameters configuration
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ required:
+ - configuration
+ type: object
+ type: object
+ type: object
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.15.0
+ labels:
+ app: camel-k
+ name: integrations.camel.apache.org
+spec:
+ group: camel.apache.org
+ names:
+ categories:
+ - kamel
+ - camel
+ kind: Integration
+ listKind: IntegrationList
+ plural: integrations
+ shortNames:
+ - it
+ singular: integration
+ scope: Namespaced
+ versions:
+ - additionalPrinterColumns:
+ - description: The integration phase
+ jsonPath: .status.phase
+ name: Phase
+ type: string
+ - description: The integration readiness
+ jsonPath: .status.conditions[?(@.type=="Ready")].status
+ name: Ready
+ type: string
+ - description: The runtime version
+ jsonPath: .status.runtimeProvider
+ name: Runtime Provider
+ type: string
+ - description: The runtime provider
+ jsonPath: .status.runtimeVersion
+ name: Runtime Version
+ type: string
+ - description: The integration kit
+ jsonPath: .status.integrationKit.name
+ name: Kit
+ type: string
+ - description: The number of pods
+ jsonPath: .status.replicas
+ name: Replicas
+ type: integer
+ name: v1
+ schema:
+ openAPIV3Schema:
+ description: Integration is the Schema for the integrations API.
+ properties:
+ apiVersion:
+ description: |-
+ APIVersion defines the versioned schema of this representation of an object.
+ Servers should convert recognized schemas to the latest internal value, and
+ may reject unrecognized values.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ type: string
+ kind:
+ description: |-
+ Kind is a string value representing the REST resource this object represents.
+ Servers may infer this from the endpoint the client submits requests to.
+ Cannot be updated.
+ In CamelCase.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: the desired Integration specification
+ properties:
+ configuration:
+ description: |-
+ Deprecated:
+ Use camel trait (camel.properties) to manage properties
+ Use mount trait (mount.configs) to manage configs
+ Use mount trait (mount.resources) to manage resources
+ Use mount trait (mount.volumes) to manage volumes
+ items:
+ description: ConfigurationSpec represents a generic configuration
+ specification.
+ properties:
+ type:
+ description: 'represents the type of configuration, ie: property,
+ configmap, secret, ...'
+ type: string
+ value:
+ description: the value to assign to the configuration (syntax
+ may vary depending on the `Type`)
+ type: string
+ required:
+ - type
+ - value
+ type: object
+ type: array
+ dependencies:
+ description: the list of Camel or Maven dependencies required by the
+ Integration
+ items:
+ type: string
+ type: array
+ flows:
+ description: a source in YAML DSL language which contain the routes
+ to run
+ items:
+ description: Flow is an unstructured object representing a Camel
+ Flow in YAML/JSON DSL.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ type: array
+ integrationKit:
+ description: the reference of the `IntegrationKit` which is used for
+ this Integration
+ properties:
+ apiVersion:
+ description: API version of the referent.
+ type: string
+ fieldPath:
+ description: |-
+ If referring to a piece of an object instead of an entire object, this string
+ should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
+ For example, if the object reference is to a container within a pod, this would take on a value like:
+ "spec.containers{name}" (where "name" refers to the name of the container that triggered
+ the event) or if no container name is specified "spec.containers[2]" (container with
+ index 2 in this pod). This syntax is chosen only to have some well-defined way of
+ referencing a part of an object.
+ TODO: this design is not final and this field is subject to change in the future.
+ type: string
+ kind:
+ description: |-
+ Kind of the referent.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ type: string
+ namespace:
+ description: |-
+ Namespace of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
+ type: string
+ resourceVersion:
+ description: |-
+ Specific resourceVersion to which this reference is made, if any.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+ type: string
+ uid:
+ description: |-
+ UID of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ profile:
+ description: the profile needed to run this Integration
+ type: string
+ replicas:
+ description: the number of `Pods` needed for the running Integration
+ format: int32
+ type: integer
+ repositories:
+ description: additional Maven repositories to be used
+ items:
+ type: string
+ type: array
+ serviceAccountName:
+ description: custom SA to use for the Integration
+ type: string
+ sources:
+ description: the sources which contain the Camel routes to run
+ items:
+ description: SourceSpec defines the configuration for one or more
+ routes to be executed in a certain Camel DSL language.
+ properties:
+ compression:
+ description: if the content is compressed (base64 encrypted)
+ type: boolean
+ content:
+ description: the source code (plain text)
+ type: string
+ contentKey:
+ description: the confimap key holding the source content
+ type: string
+ contentRef:
+ description: the confimap reference holding the source content
+ type: string
+ contentType:
+ description: the content type (tipically text or binary)
+ type: string
+ from-kamelet:
+ description: True if the spec is generated from a Kamelet
+ type: boolean
+ interceptors:
+ description: |-
+ Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader
+ uses to pre/post process sources
+ items:
+ type: string
+ type: array
+ language:
+ description: specify which is the language (Camel DSL) used
+ to interpret this source code
+ type: string
+ loader:
+ description: |-
+ Loader is an optional id of the org.apache.camel.k.RoutesLoader that will
+ interpret this source at runtime
+ type: string
+ name:
+ description: the name of the specification
+ type: string
+ path:
+ description: the path where the file is stored
+ type: string
+ property-names:
+ description: List of property names defined in the source (e.g.
+ if type is "template")
+ items:
+ type: string
+ type: array
+ rawContent:
+ description: the source code (binary)
+ format: byte
+ type: string
+ type:
+ description: Type defines the kind of source described by this
+ object
+ type: string
+ type: object
+ type: array
+ template:
+ description: Pod template customization
+ properties:
+ spec:
+ description: the specification
+ properties:
+ activeDeadlineSeconds:
+ description: ActiveDeadlineSeconds
+ format: int64
+ type: integer
+ automountServiceAccountToken:
+ description: AutomountServiceAccountToken
+ type: boolean
+ containers:
+ description: Containers
+ items:
+ description: A single application container that you want
+ to run within a pod.
+ properties:
+ args:
+ description: |-
+ Arguments to the entrypoint.
+ The container image's CMD is used if this is not provided.
+ Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
+ cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced
+ to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
+ produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless
+ of whether the variable exists or not. Cannot be updated.
+ More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
+ items:
+ type: string
+ type: array
+ command:
+ description: |-
+ Entrypoint array. Not executed within a shell.
+ The container image's ENTRYPOINT is used if this is not provided.
+ Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
+ cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced
+ to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
+ produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless
+ of whether the variable exists or not. Cannot be updated.
+ More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
+ items:
+ type: string
+ type: array
+ env:
+ description: |-
+ List of environment variables to set in the container.
+ Cannot be updated.
+ items:
+ description: EnvVar represents an environment variable
+ present in a Container.
+ properties:
+ name:
+ description: Name of the environment variable.
+ Must be a C_IDENTIFIER.
+ type: string
+ value:
+ description: |-
+ Variable references $(VAR_NAME) are expanded
+ using the previously defined environment variables in the container and
+ any service environment variables. If a variable cannot be resolved,
+ the reference in the input string will be unchanged. Double $$ are reduced
+ to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.
+ "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)".
+ Escaped references will never be expanded, regardless of whether the variable
+ exists or not.
+ Defaults to "".
+ type: string
+ valueFrom:
+ description: Source for the environment variable's
+ value. Cannot be used if value is not empty.
+ properties:
+ configMapKeyRef:
+ description: Selects a key of a ConfigMap.
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the ConfigMap
+ or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ fieldRef:
+ description: |-
+ Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,
+ spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.
+ properties:
+ apiVersion:
+ description: Version of the schema the
+ FieldPath is written in terms of, defaults
+ to "v1".
+ type: string
+ fieldPath:
+ description: Path of the field to select
+ in the specified API version.
+ type: string
+ required:
+ - fieldPath
+ type: object
+ x-kubernetes-map-type: atomic
+ resourceFieldRef:
+ description: |-
+ Selects a resource of the container: only resources limits and requests
+ (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.
+ properties:
+ containerName:
+ description: 'Container name: required
+ for volumes, optional for env vars'
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Specifies the output format
+ of the exposed resources, defaults to
+ "1"
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ description: 'Required: resource to select'
+ type: string
+ required:
+ - resource
+ type: object
+ x-kubernetes-map-type: atomic
+ secretKeyRef:
+ description: Selects a key of a secret in
+ the pod's namespace
+ properties:
+ key:
+ description: The key of the secret to
+ select from. Must be a valid secret
+ key.
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the Secret
+ or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ required:
+ - name
+ type: object
+ type: array
+ envFrom:
+ description: |-
+ List of sources to populate environment variables in the container.
+ The keys defined within a source must be a C_IDENTIFIER. All invalid keys
+ will be reported as an event when the container is starting. When a key exists in multiple
+ sources, the value associated with the last source will take precedence.
+ Values defined by an Env with a duplicate key will take precedence.
+ Cannot be updated.
+ items:
+ description: EnvFromSource represents the source of
+ a set of ConfigMaps
+ properties:
+ configMapRef:
+ description: The ConfigMap to select from
+ properties:
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the ConfigMap
+ must be defined
+ type: boolean
+ type: object
+ x-kubernetes-map-type: atomic
+ prefix:
+ description: An optional identifier to prepend
+ to each key in the ConfigMap. Must be a C_IDENTIFIER.
+ type: string
+ secretRef:
+ description: The Secret to select from
+ properties:
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the Secret must
+ be defined
+ type: boolean
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ type: array
+ image:
+ description: |-
+ Container image name.
+ More info: https://kubernetes.io/docs/concepts/containers/images
+ This field is optional to allow higher level config management to default or override
+ container images in workload controllers like Deployments and StatefulSets.
+ type: string
+ imagePullPolicy:
+ description: |-
+ Image pull policy.
+ One of Always, Never, IfNotPresent.
+ Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
+ Cannot be updated.
+ More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
+ type: string
+ lifecycle:
+ description: |-
+ Actions that the management system should take in response to container lifecycle events.
+ Cannot be updated.
+ properties:
+ postStart:
+ description: |-
+ PostStart is called immediately after a container is created. If the handler fails,
+ the container is terminated and restarted according to its restart policy.
+ Other management of the container blocks until the hook completes.
+ More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
+ properties:
+ exec:
+ description: Exec specifies the action to take.
+ properties:
+ command:
+ description: |-
+ Command is the command line to execute inside the container, the working directory for the
+ command is root ('/') in the container's filesystem. The command is simply exec'd, it is
+ not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
+ a shell, you need to explicitly call out to that shell.
+ Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ description: HTTPGet specifies the http request
+ to perform.
+ properties:
+ host:
+ description: |-
+ Host name to connect to, defaults to the pod IP. You probably want to set
+ "Host" in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the
+ request. HTTP allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom
+ header to be used in HTTP probes
+ properties:
+ name:
+ description: |-
+ The header field name.
+ This will be canonicalized upon output, so case-variant names will be understood as the same header.
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP
+ server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Name or number of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: |-
+ Scheme to use for connecting to the host.
+ Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ sleep:
+ description: Sleep represents the duration that
+ the container should sleep before being terminated.
+ properties:
+ seconds:
+ description: Seconds is the number of seconds
+ to sleep.
+ format: int64
+ type: integer
+ required:
+ - seconds
+ type: object
+ tcpSocket:
+ description: |-
+ Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept
+ for the backward compatibility. There are no validation of this field and
+ lifecycle hooks will fail in runtime when tcp handler is specified.
+ properties:
+ host:
+ description: 'Optional: Host name to connect
+ to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Number or name of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ preStop:
+ description: |-
+ PreStop is called immediately before a container is terminated due to an
+ API request or management event such as liveness/startup probe failure,
+ preemption, resource contention, etc. The handler is not called if the
+ container crashes or exits. The Pod's termination grace period countdown begins before the
+ PreStop hook is executed. Regardless of the outcome of the handler, the
+ container will eventually terminate within the Pod's termination grace
+ period (unless delayed by finalizers). Other management of the container blocks until the hook completes
+ or until the termination grace period is reached.
+ More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
+ properties:
+ exec:
+ description: Exec specifies the action to take.
+ properties:
+ command:
+ description: |-
+ Command is the command line to execute inside the container, the working directory for the
+ command is root ('/') in the container's filesystem. The command is simply exec'd, it is
+ not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
+ a shell, you need to explicitly call out to that shell.
+ Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ description: HTTPGet specifies the http request
+ to perform.
+ properties:
+ host:
+ description: |-
+ Host name to connect to, defaults to the pod IP. You probably want to set
+ "Host" in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the
+ request. HTTP allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom
+ header to be used in HTTP probes
+ properties:
+ name:
+ description: |-
+ The header field name.
+ This will be canonicalized upon output, so case-variant names will be understood as the same header.
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP
+ server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Name or number of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: |-
+ Scheme to use for connecting to the host.
+ Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ sleep:
+ description: Sleep represents the duration that
+ the container should sleep before being terminated.
+ properties:
+ seconds:
+ description: Seconds is the number of seconds
+ to sleep.
+ format: int64
+ type: integer
+ required:
+ - seconds
+ type: object
+ tcpSocket:
+ description: |-
+ Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept
+ for the backward compatibility. There are no validation of this field and
+ lifecycle hooks will fail in runtime when tcp handler is specified.
+ properties:
+ host:
+ description: 'Optional: Host name to connect
+ to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Number or name of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ type: object
+ livenessProbe:
+ description: |-
+ Periodic probe of container liveness.
+ Container will be restarted if the probe fails.
+ Cannot be updated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ properties:
+ exec:
+ description: Exec specifies the action to take.
+ properties:
+ command:
+ description: |-
+ Command is the command line to execute inside the container, the working directory for the
+ command is root ('/') in the container's filesystem. The command is simply exec'd, it is
+ not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
+ a shell, you need to explicitly call out to that shell.
+ Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ description: |-
+ Minimum consecutive failures for the probe to be considered failed after having succeeded.
+ Defaults to 3. Minimum value is 1.
+ format: int32
+ type: integer
+ grpc:
+ description: GRPC specifies an action involving
+ a GRPC port.
+ properties:
+ port:
+ description: Port number of the gRPC service.
+ Number must be in the range 1 to 65535.
+ format: int32
+ type: integer
+ service:
+ description: |-
+ Service is the name of the service to place in the gRPC HealthCheckRequest
+ (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
+
+
+ If this is not specified, the default behavior is defined by gRPC.
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ description: HTTPGet specifies the http request
+ to perform.
+ properties:
+ host:
+ description: |-
+ Host name to connect to, defaults to the pod IP. You probably want to set
+ "Host" in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the request.
+ HTTP allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom
+ header to be used in HTTP probes
+ properties:
+ name:
+ description: |-
+ The header field name.
+ This will be canonicalized upon output, so case-variant names will be understood as the same header.
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Name or number of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: |-
+ Scheme to use for connecting to the host.
+ Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ description: |-
+ Number of seconds after the container has started before liveness probes are initiated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ format: int32
+ type: integer
+ periodSeconds:
+ description: |-
+ How often (in seconds) to perform the probe.
+ Default to 10 seconds. Minimum value is 1.
+ format: int32
+ type: integer
+ successThreshold:
+ description: |-
+ Minimum consecutive successes for the probe to be considered successful after having failed.
+ Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
+ format: int32
+ type: integer
+ tcpSocket:
+ description: TCPSocket specifies an action involving
+ a TCP port.
+ properties:
+ host:
+ description: 'Optional: Host name to connect
+ to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Number or name of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ description: |-
+ Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
+ The grace period is the duration in seconds after the processes running in the pod are sent
+ a termination signal and the time when the processes are forcibly halted with a kill signal.
+ Set this value longer than the expected cleanup time for your process.
+ If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
+ value overrides the value provided by the pod spec.
+ Value must be non-negative integer. The value zero indicates stop immediately via
+ the kill signal (no opportunity to shut down).
+ This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
+ Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
+ format: int64
+ type: integer
+ timeoutSeconds:
+ description: |-
+ Number of seconds after which the probe times out.
+ Defaults to 1 second. Minimum value is 1.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ format: int32
+ type: integer
+ type: object
+ name:
+ description: |-
+ Name of the container specified as a DNS_LABEL.
+ Each container in a pod must have a unique name (DNS_LABEL).
+ Cannot be updated.
+ type: string
+ ports:
+ description: |-
+ List of ports to expose from the container. Not specifying a port here
+ DOES NOT prevent that port from being exposed. Any port which is
+ listening on the default "0.0.0.0" address inside a container will be
+ accessible from the network.
+ Modifying this array with strategic merge patch may corrupt the data.
+ For more information See https://github.com/kubernetes/kubernetes/issues/108255.
+ Cannot be updated.
+ items:
+ description: ContainerPort represents a network port
+ in a single container.
+ properties:
+ containerPort:
+ description: |-
+ Number of port to expose on the pod's IP address.
+ This must be a valid port number, 0 < x < 65536.
+ format: int32
+ type: integer
+ hostIP:
+ description: What host IP to bind the external
+ port to.
+ type: string
+ hostPort:
+ description: |-
+ Number of port to expose on the host.
+ If specified, this must be a valid port number, 0 < x < 65536.
+ If HostNetwork is specified, this must match ContainerPort.
+ Most containers do not need this.
+ format: int32
+ type: integer
+ name:
+ description: |-
+ If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
+ named port in a pod must have a unique name. Name for the port that can be
+ referred to by services.
+ type: string
+ protocol:
+ default: TCP
+ description: |-
+ Protocol for port. Must be UDP, TCP, or SCTP.
+ Defaults to "TCP".
+ type: string
+ required:
+ - containerPort
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - containerPort
+ - protocol
+ x-kubernetes-list-type: map
+ readinessProbe:
+ description: |-
+ Periodic probe of container service readiness.
+ Container will be removed from service endpoints if the probe fails.
+ Cannot be updated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ properties:
+ exec:
+ description: Exec specifies the action to take.
+ properties:
+ command:
+ description: |-
+ Command is the command line to execute inside the container, the working directory for the
+ command is root ('/') in the container's filesystem. The command is simply exec'd, it is
+ not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
+ a shell, you need to explicitly call out to that shell.
+ Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ description: |-
+ Minimum consecutive failures for the probe to be considered failed after having succeeded.
+ Defaults to 3. Minimum value is 1.
+ format: int32
+ type: integer
+ grpc:
+ description: GRPC specifies an action involving
+ a GRPC port.
+ properties:
+ port:
+ description: Port number of the gRPC service.
+ Number must be in the range 1 to 65535.
+ format: int32
+ type: integer
+ service:
+ description: |-
+ Service is the name of the service to place in the gRPC HealthCheckRequest
+ (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
+
+
+ If this is not specified, the default behavior is defined by gRPC.
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ description: HTTPGet specifies the http request
+ to perform.
+ properties:
+ host:
+ description: |-
+ Host name to connect to, defaults to the pod IP. You probably want to set
+ "Host" in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the request.
+ HTTP allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom
+ header to be used in HTTP probes
+ properties:
+ name:
+ description: |-
+ The header field name.
+ This will be canonicalized upon output, so case-variant names will be understood as the same header.
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Name or number of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: |-
+ Scheme to use for connecting to the host.
+ Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ description: |-
+ Number of seconds after the container has started before liveness probes are initiated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ format: int32
+ type: integer
+ periodSeconds:
+ description: |-
+ How often (in seconds) to perform the probe.
+ Default to 10 seconds. Minimum value is 1.
+ format: int32
+ type: integer
+ successThreshold:
+ description: |-
+ Minimum consecutive successes for the probe to be considered successful after having failed.
+ Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
+ format: int32
+ type: integer
+ tcpSocket:
+ description: TCPSocket specifies an action involving
+ a TCP port.
+ properties:
+ host:
+ description: 'Optional: Host name to connect
+ to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Number or name of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ description: |-
+ Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
+ The grace period is the duration in seconds after the processes running in the pod are sent
+ a termination signal and the time when the processes are forcibly halted with a kill signal.
+ Set this value longer than the expected cleanup time for your process.
+ If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
+ value overrides the value provided by the pod spec.
+ Value must be non-negative integer. The value zero indicates stop immediately via
+ the kill signal (no opportunity to shut down).
+ This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
+ Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
+ format: int64
+ type: integer
+ timeoutSeconds:
+ description: |-
+ Number of seconds after which the probe times out.
+ Defaults to 1 second. Minimum value is 1.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ format: int32
+ type: integer
+ type: object
+ resizePolicy:
+ description: Resources resize policy for the container.
+ items:
+ description: ContainerResizePolicy represents resource
+ resize policy for the container.
+ properties:
+ resourceName:
+ description: |-
+ Name of the resource to which this resource resize policy applies.
+ Supported values: cpu, memory.
+ type: string
+ restartPolicy:
+ description: |-
+ Restart policy to apply when specified resource is resized.
+ If not specified, it defaults to NotRequired.
+ type: string
+ required:
+ - resourceName
+ - restartPolicy
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ resources:
+ description: |-
+ Compute Resources required by this container.
+ Cannot be updated.
+ More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
+ properties:
+ claims:
+ description: |-
+ Claims lists the names of resources, defined in spec.resourceClaims,
+ that are used by this container.
+
+
+ This is an alpha field and requires enabling the
+ DynamicResourceAllocation feature gate.
+
+
+ This field is immutable. It can only be set for containers.
+ items:
+ description: ResourceClaim references one entry
+ in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: |-
+ Name must match the name of one entry in pod.spec.resourceClaims of
+ the Pod where this field is used. It makes that resource available
+ inside a container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
+ limits:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ description: |-
+ Limits describes the maximum amount of compute resources allowed.
+ More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
+ type: object
+ requests:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ description: |-
+ Requests describes the minimum amount of compute resources required.
+ If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
+ otherwise to an implementation-defined value. Requests cannot exceed Limits.
+ More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
+ type: object
+ type: object
+ restartPolicy:
+ description: |-
+ RestartPolicy defines the restart behavior of individual containers in a pod.
+ This field may only be set for init containers, and the only allowed value is "Always".
+ For non-init containers or when this field is not specified,
+ the restart behavior is defined by the Pod's restart policy and the container type.
+ Setting the RestartPolicy as "Always" for the init container will have the following effect:
+ this init container will be continually restarted on
+ exit until all regular containers have terminated. Once all regular
+ containers have completed, all init containers with restartPolicy "Always"
+ will be shut down. This lifecycle differs from normal init containers and
+ is often referred to as a "sidecar" container. Although this init
+ container still starts in the init container sequence, it does not wait
+ for the container to complete before proceeding to the next init
+ container. Instead, the next init container starts immediately after this
+ init container is started, or after any startupProbe has successfully
+ completed.
+ type: string
+ securityContext:
+ description: |-
+ SecurityContext defines the security options the container should be run with.
+ If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.
+ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
+ properties:
+ allowPrivilegeEscalation:
+ description: |-
+ AllowPrivilegeEscalation controls whether a process can gain more
+ privileges than its parent process. This bool directly controls if
+ the no_new_privs flag will be set on the container process.
+ AllowPrivilegeEscalation is true always when the container is:
+ 1) run as Privileged
+ 2) has CAP_SYS_ADMIN
+ Note that this field cannot be set when spec.os.name is windows.
+ type: boolean
+ capabilities:
+ description: |-
+ The capabilities to add/drop when running containers.
+ Defaults to the default set of capabilities granted by the container runtime.
+ Note that this field cannot be set when spec.os.name is windows.
+ properties:
+ add:
+ description: Added capabilities
+ items:
+ description: Capability represent POSIX capabilities
+ type
+ type: string
+ type: array
+ drop:
+ description: Removed capabilities
+ items:
+ description: Capability represent POSIX capabilities
+ type
+ type: string
+ type: array
+ type: object
+ privileged:
+ description: |-
+ Run container in privileged mode.
+ Processes in privileged containers are essentially equivalent to root on the host.
+ Defaults to false.
+ Note that this field cannot be set when spec.os.name is windows.
+ type: boolean
+ procMount:
+ description: |-
+ procMount denotes the type of proc mount to use for the containers.
+ The default is DefaultProcMount which uses the container runtime defaults for
+ readonly paths and masked paths.
+ This requires the ProcMountType feature flag to be enabled.
+ Note that this field cannot be set when spec.os.name is windows.
+ type: string
+ readOnlyRootFilesystem:
+ description: |-
+ Whether this container has a read-only root filesystem.
+ Default is false.
+ Note that this field cannot be set when spec.os.name is windows.
+ type: boolean
+ runAsGroup:
+ description: |-
+ The GID to run the entrypoint of the container process.
+ Uses runtime default if unset.
+ May also be set in PodSecurityContext. If set in both SecurityContext and
+ PodSecurityContext, the value specified in SecurityContext takes precedence.
+ Note that this field cannot be set when spec.os.name is windows.
+ format: int64
+ type: integer
+ runAsNonRoot:
+ description: |-
+ Indicates that the container must run as a non-root user.
+ If true, the Kubelet will validate the image at runtime to ensure that it
+ does not run as UID 0 (root) and fail to start the container if it does.
+ If unset or false, no such validation will be performed.
+ May also be set in PodSecurityContext. If set in both SecurityContext and
+ PodSecurityContext, the value specified in SecurityContext takes precedence.
+ type: boolean
+ runAsUser:
+ description: |-
+ The UID to run the entrypoint of the container process.
+ Defaults to user specified in image metadata if unspecified.
+ May also be set in PodSecurityContext. If set in both SecurityContext and
+ PodSecurityContext, the value specified in SecurityContext takes precedence.
+ Note that this field cannot be set when spec.os.name is windows.
+ format: int64
+ type: integer
+ seLinuxOptions:
+ description: |-
+ The SELinux context to be applied to the container.
+ If unspecified, the container runtime will allocate a random SELinux context for each
+ container. May also be set in PodSecurityContext. If set in both SecurityContext and
+ PodSecurityContext, the value specified in SecurityContext takes precedence.
+ Note that this field cannot be set when spec.os.name is windows.
+ properties:
+ level:
+ description: Level is SELinux level label that
+ applies to the container.
+ type: string
+ role:
+ description: Role is a SELinux role label that
+ applies to the container.
+ type: string
+ type:
+ description: Type is a SELinux type label that
+ applies to the container.
+ type: string
+ user:
+ description: User is a SELinux user label that
+ applies to the container.
+ type: string
+ type: object
+ seccompProfile:
+ description: |-
+ The seccomp options to use by this container. If seccomp options are
+ provided at both the pod & container level, the container options
+ override the pod options.
+ Note that this field cannot be set when spec.os.name is windows.
+ properties:
+ localhostProfile:
+ description: |-
+ localhostProfile indicates a profile defined in a file on the node should be used.
+ The profile must be preconfigured on the node to work.
+ Must be a descending path, relative to the kubelet's configured seccomp profile location.
+ Must be set if type is "Localhost". Must NOT be set for any other type.
+ type: string
+ type:
+ description: |-
+ type indicates which kind of seccomp profile will be applied.
+ Valid options are:
+
+
+ Localhost - a profile defined in a file on the node should be used.
+ RuntimeDefault - the container runtime default profile should be used.
+ Unconfined - no profile should be applied.
+ type: string
+ required:
+ - type
+ type: object
+ windowsOptions:
+ description: |-
+ The Windows specific settings applied to all containers.
+ If unspecified, the options from the PodSecurityContext will be used.
+ If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+ Note that this field cannot be set when spec.os.name is linux.
+ properties:
+ gmsaCredentialSpec:
+ description: |-
+ GMSACredentialSpec is where the GMSA admission webhook
+ (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the
+ GMSA credential spec named by the GMSACredentialSpecName field.
+ type: string
+ gmsaCredentialSpecName:
+ description: GMSACredentialSpecName is the name
+ of the GMSA credential spec to use.
+ type: string
+ hostProcess:
+ description: |-
+ HostProcess determines if a container should be run as a 'Host Process' container.
+ All of a Pod's containers must have the same effective HostProcess value
+ (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).
+ In addition, if HostProcess is true then HostNetwork must also be set to true.
+ type: boolean
+ runAsUserName:
+ description: |-
+ The UserName in Windows to run the entrypoint of the container process.
+ Defaults to the user specified in image metadata if unspecified.
+ May also be set in PodSecurityContext. If set in both SecurityContext and
+ PodSecurityContext, the value specified in SecurityContext takes precedence.
+ type: string
+ type: object
+ type: object
+ startupProbe:
+ description: |-
+ StartupProbe indicates that the Pod has successfully initialized.
+ If specified, no other probes are executed until this completes successfully.
+ If this probe fails, the Pod will be restarted, just as if the livenessProbe failed.
+ This can be used to provide different probe parameters at the beginning of a Pod's lifecycle,
+ when it might take a long time to load data or warm a cache, than during steady-state operation.
+ This cannot be updated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ properties:
+ exec:
+ description: Exec specifies the action to take.
+ properties:
+ command:
+ description: |-
+ Command is the command line to execute inside the container, the working directory for the
+ command is root ('/') in the container's filesystem. The command is simply exec'd, it is
+ not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
+ a shell, you need to explicitly call out to that shell.
+ Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ description: |-
+ Minimum consecutive failures for the probe to be considered failed after having succeeded.
+ Defaults to 3. Minimum value is 1.
+ format: int32
+ type: integer
+ grpc:
+ description: GRPC specifies an action involving
+ a GRPC port.
+ properties:
+ port:
+ description: Port number of the gRPC service.
+ Number must be in the range 1 to 65535.
+ format: int32
+ type: integer
+ service:
+ description: |-
+ Service is the name of the service to place in the gRPC HealthCheckRequest
+ (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
+
+
+ If this is not specified, the default behavior is defined by gRPC.
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ description: HTTPGet specifies the http request
+ to perform.
+ properties:
+ host:
+ description: |-
+ Host name to connect to, defaults to the pod IP. You probably want to set
+ "Host" in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the request.
+ HTTP allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom
+ header to be used in HTTP probes
+ properties:
+ name:
+ description: |-
+ The header field name.
+ This will be canonicalized upon output, so case-variant names will be understood as the same header.
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Name or number of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: |-
+ Scheme to use for connecting to the host.
+ Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ description: |-
+ Number of seconds after the container has started before liveness probes are initiated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ format: int32
+ type: integer
+ periodSeconds:
+ description: |-
+ How often (in seconds) to perform the probe.
+ Default to 10 seconds. Minimum value is 1.
+ format: int32
+ type: integer
+ successThreshold:
+ description: |-
+ Minimum consecutive successes for the probe to be considered successful after having failed.
+ Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
+ format: int32
+ type: integer
+ tcpSocket:
+ description: TCPSocket specifies an action involving
+ a TCP port.
+ properties:
+ host:
+ description: 'Optional: Host name to connect
+ to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Number or name of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ description: |-
+ Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
+ The grace period is the duration in seconds after the processes running in the pod are sent
+ a termination signal and the time when the processes are forcibly halted with a kill signal.
+ Set this value longer than the expected cleanup time for your process.
+ If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
+ value overrides the value provided by the pod spec.
+ Value must be non-negative integer. The value zero indicates stop immediately via
+ the kill signal (no opportunity to shut down).
+ This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
+ Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
+ format: int64
+ type: integer
+ timeoutSeconds:
+ description: |-
+ Number of seconds after which the probe times out.
+ Defaults to 1 second. Minimum value is 1.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ format: int32
+ type: integer
+ type: object
+ stdin:
+ description: |-
+ Whether this container should allocate a buffer for stdin in the container runtime. If this
+ is not set, reads from stdin in the container will always result in EOF.
+ Default is false.
+ type: boolean
+ stdinOnce:
+ description: |-
+ Whether the container runtime should close the stdin channel after it has been opened by
+ a single attach. When stdin is true the stdin stream will remain open across multiple attach
+ sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the
+ first client attaches to stdin, and then remains open and accepts data until the client disconnects,
+ at which time stdin is closed and remains closed until the container is restarted. If this
+ flag is false, a container processes that reads from stdin will never receive an EOF.
+ Default is false
+ type: boolean
+ terminationMessagePath:
+ description: |-
+ Optional: Path at which the file to which the container's termination message
+ will be written is mounted into the container's filesystem.
+ Message written is intended to be brief final status, such as an assertion failure message.
+ Will be truncated by the node if greater than 4096 bytes. The total message length across
+ all containers will be limited to 12kb.
+ Defaults to /dev/termination-log.
+ Cannot be updated.
+ type: string
+ terminationMessagePolicy:
+ description: |-
+ Indicate how the termination message should be populated. File will use the contents of
+ terminationMessagePath to populate the container status message on both success and failure.
+ FallbackToLogsOnError will use the last chunk of container log output if the termination
+ message file is empty and the container exited with an error.
+ The log output is limited to 2048 bytes or 80 lines, whichever is smaller.
+ Defaults to File.
+ Cannot be updated.
+ type: string
+ tty:
+ description: |-
+ Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.
+ Default is false.
+ type: boolean
+ volumeDevices:
+ description: volumeDevices is the list of block devices
+ to be used by the container.
+ items:
+ description: volumeDevice describes a mapping of a
+ raw block device within a container.
+ properties:
+ devicePath:
+ description: devicePath is the path inside of
+ the container that the device will be mapped
+ to.
+ type: string
+ name:
+ description: name must match the name of a persistentVolumeClaim
+ in the pod
+ type: string
+ required:
+ - devicePath
+ - name
+ type: object
+ type: array
+ volumeMounts:
+ description: |-
+ Pod volumes to mount into the container's filesystem.
+ Cannot be updated.
+ items:
+ description: VolumeMount describes a mounting of a
+ Volume within a container.
+ properties:
+ mountPath:
+ description: |-
+ Path within the container at which the volume should be mounted. Must
+ not contain ':'.
+ type: string
+ mountPropagation:
+ description: |-
+ mountPropagation determines how mounts are propagated from the host
+ to container and the other way around.
+ When not set, MountPropagationNone is used.
+ This field is beta in 1.10.
+ type: string
+ name:
+ description: This must match the Name of a Volume.
+ type: string
+ readOnly:
+ description: |-
+ Mounted read-only if true, read-write otherwise (false or unspecified).
+ Defaults to false.
+ type: boolean
+ subPath:
+ description: |-
+ Path within the volume from which the container's volume should be mounted.
+ Defaults to "" (volume's root).
+ type: string
+ subPathExpr:
+ description: |-
+ Expanded path within the volume from which the container's volume should be mounted.
+ Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.
+ Defaults to "" (volume's root).
+ SubPathExpr and SubPath are mutually exclusive.
+ type: string
+ required:
+ - mountPath
+ - name
+ type: object
+ type: array
+ workingDir:
+ description: |-
+ Container's working directory.
+ If not specified, the container runtime's default will be used, which
+ might be configured in the container image.
+ Cannot be updated.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ dnsPolicy:
+ description: DNSPolicy
+ type: string
+ ephemeralContainers:
+ description: EphemeralContainers
+ items:
+ description: |-
+ An EphemeralContainer is a temporary container that you may add to an existing Pod for
+ user-initiated activities such as debugging. Ephemeral containers have no resource or
+ scheduling guarantees, and they will not be restarted when they exit or when a Pod is
+ removed or restarted. The kubelet may evict a Pod if an ephemeral container causes the
+ Pod to exceed its resource allocation.
+
+
+ To add an ephemeral container, use the ephemeralcontainers subresource of an existing
+ Pod. Ephemeral containers may not be removed or restarted.
+ properties:
+ args:
+ description: |-
+ Arguments to the entrypoint.
+ The image's CMD is used if this is not provided.
+ Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
+ cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced
+ to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
+ produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless
+ of whether the variable exists or not. Cannot be updated.
+ More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
+ items:
+ type: string
+ type: array
+ command:
+ description: |-
+ Entrypoint array. Not executed within a shell.
+ The image's ENTRYPOINT is used if this is not provided.
+ Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
+ cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced
+ to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
+ produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless
+ of whether the variable exists or not. Cannot be updated.
+ More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
+ items:
+ type: string
+ type: array
+ env:
+ description: |-
+ List of environment variables to set in the container.
+ Cannot be updated.
+ items:
+ description: EnvVar represents an environment variable
+ present in a Container.
+ properties:
+ name:
+ description: Name of the environment variable.
+ Must be a C_IDENTIFIER.
+ type: string
+ value:
+ description: |-
+ Variable references $(VAR_NAME) are expanded
+ using the previously defined environment variables in the container and
+ any service environment variables. If a variable cannot be resolved,
+ the reference in the input string will be unchanged. Double $$ are reduced
+ to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.
+ "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)".
+ Escaped references will never be expanded, regardless of whether the variable
+ exists or not.
+ Defaults to "".
+ type: string
+ valueFrom:
+ description: Source for the environment variable's
+ value. Cannot be used if value is not empty.
+ properties:
+ configMapKeyRef:
+ description: Selects a key of a ConfigMap.
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the ConfigMap
+ or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ fieldRef:
+ description: |-
+ Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,
+ spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.
+ properties:
+ apiVersion:
+ description: Version of the schema the
+ FieldPath is written in terms of, defaults
+ to "v1".
+ type: string
+ fieldPath:
+ description: Path of the field to select
+ in the specified API version.
+ type: string
+ required:
+ - fieldPath
+ type: object
+ x-kubernetes-map-type: atomic
+ resourceFieldRef:
+ description: |-
+ Selects a resource of the container: only resources limits and requests
+ (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.
+ properties:
+ containerName:
+ description: 'Container name: required
+ for volumes, optional for env vars'
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Specifies the output format
+ of the exposed resources, defaults to
+ "1"
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ description: 'Required: resource to select'
+ type: string
+ required:
+ - resource
+ type: object
+ x-kubernetes-map-type: atomic
+ secretKeyRef:
+ description: Selects a key of a secret in
+ the pod's namespace
+ properties:
+ key:
+ description: The key of the secret to
+ select from. Must be a valid secret
+ key.
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the Secret
+ or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ required:
+ - name
+ type: object
+ type: array
+ envFrom:
+ description: |-
+ List of sources to populate environment variables in the container.
+ The keys defined within a source must be a C_IDENTIFIER. All invalid keys
+ will be reported as an event when the container is starting. When a key exists in multiple
+ sources, the value associated with the last source will take precedence.
+ Values defined by an Env with a duplicate key will take precedence.
+ Cannot be updated.
+ items:
+ description: EnvFromSource represents the source of
+ a set of ConfigMaps
+ properties:
+ configMapRef:
+ description: The ConfigMap to select from
+ properties:
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the ConfigMap
+ must be defined
+ type: boolean
+ type: object
+ x-kubernetes-map-type: atomic
+ prefix:
+ description: An optional identifier to prepend
+ to each key in the ConfigMap. Must be a C_IDENTIFIER.
+ type: string
+ secretRef:
+ description: The Secret to select from
+ properties:
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the Secret must
+ be defined
+ type: boolean
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ type: array
+ image:
+ description: |-
+ Container image name.
+ More info: https://kubernetes.io/docs/concepts/containers/images
+ type: string
+ imagePullPolicy:
+ description: |-
+ Image pull policy.
+ One of Always, Never, IfNotPresent.
+ Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
+ Cannot be updated.
+ More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
+ type: string
+ lifecycle:
+ description: Lifecycle is not allowed for ephemeral
+ containers.
+ properties:
+ postStart:
+ description: |-
+ PostStart is called immediately after a container is created. If the handler fails,
+ the container is terminated and restarted according to its restart policy.
+ Other management of the container blocks until the hook completes.
+ More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
+ properties:
+ exec:
+ description: Exec specifies the action to take.
+ properties:
+ command:
+ description: |-
+ Command is the command line to execute inside the container, the working directory for the
+ command is root ('/') in the container's filesystem. The command is simply exec'd, it is
+ not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
+ a shell, you need to explicitly call out to that shell.
+ Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ description: HTTPGet specifies the http request
+ to perform.
+ properties:
+ host:
+ description: |-
+ Host name to connect to, defaults to the pod IP. You probably want to set
+ "Host" in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the
+ request. HTTP allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom
+ header to be used in HTTP probes
+ properties:
+ name:
+ description: |-
+ The header field name.
+ This will be canonicalized upon output, so case-variant names will be understood as the same header.
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP
+ server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Name or number of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: |-
+ Scheme to use for connecting to the host.
+ Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ sleep:
+ description: Sleep represents the duration that
+ the container should sleep before being terminated.
+ properties:
+ seconds:
+ description: Seconds is the number of seconds
+ to sleep.
+ format: int64
+ type: integer
+ required:
+ - seconds
+ type: object
+ tcpSocket:
+ description: |-
+ Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept
+ for the backward compatibility. There are no validation of this field and
+ lifecycle hooks will fail in runtime when tcp handler is specified.
+ properties:
+ host:
+ description: 'Optional: Host name to connect
+ to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Number or name of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ preStop:
+ description: |-
+ PreStop is called immediately before a container is terminated due to an
+ API request or management event such as liveness/startup probe failure,
+ preemption, resource contention, etc. The handler is not called if the
+ container crashes or exits. The Pod's termination grace period countdown begins before the
+ PreStop hook is executed. Regardless of the outcome of the handler, the
+ container will eventually terminate within the Pod's termination grace
+ period (unless delayed by finalizers). Other management of the container blocks until the hook completes
+ or until the termination grace period is reached.
+ More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
+ properties:
+ exec:
+ description: Exec specifies the action to take.
+ properties:
+ command:
+ description: |-
+ Command is the command line to execute inside the container, the working directory for the
+ command is root ('/') in the container's filesystem. The command is simply exec'd, it is
+ not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
+ a shell, you need to explicitly call out to that shell.
+ Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ description: HTTPGet specifies the http request
+ to perform.
+ properties:
+ host:
+ description: |-
+ Host name to connect to, defaults to the pod IP. You probably want to set
+ "Host" in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the
+ request. HTTP allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom
+ header to be used in HTTP probes
+ properties:
+ name:
+ description: |-
+ The header field name.
+ This will be canonicalized upon output, so case-variant names will be understood as the same header.
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP
+ server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Name or number of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: |-
+ Scheme to use for connecting to the host.
+ Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ sleep:
+ description: Sleep represents the duration that
+ the container should sleep before being terminated.
+ properties:
+ seconds:
+ description: Seconds is the number of seconds
+ to sleep.
+ format: int64
+ type: integer
+ required:
+ - seconds
+ type: object
+ tcpSocket:
+ description: |-
+ Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept
+ for the backward compatibility. There are no validation of this field and
+ lifecycle hooks will fail in runtime when tcp handler is specified.
+ properties:
+ host:
+ description: 'Optional: Host name to connect
+ to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Number or name of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ type: object
+ livenessProbe:
+ description: Probes are not allowed for ephemeral containers.
+ properties:
+ exec:
+ description: Exec specifies the action to take.
+ properties:
+ command:
+ description: |-
+ Command is the command line to execute inside the container, the working directory for the
+ command is root ('/') in the container's filesystem. The command is simply exec'd, it is
+ not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
+ a shell, you need to explicitly call out to that shell.
+ Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ description: |-
+ Minimum consecutive failures for the probe to be considered failed after having succeeded.
+ Defaults to 3. Minimum value is 1.
+ format: int32
+ type: integer
+ grpc:
+ description: GRPC specifies an action involving
+ a GRPC port.
+ properties:
+ port:
+ description: Port number of the gRPC service.
+ Number must be in the range 1 to 65535.
+ format: int32
+ type: integer
+ service:
+ description: |-
+ Service is the name of the service to place in the gRPC HealthCheckRequest
+ (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
+
+
+ If this is not specified, the default behavior is defined by gRPC.
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ description: HTTPGet specifies the http request
+ to perform.
+ properties:
+ host:
+ description: |-
+ Host name to connect to, defaults to the pod IP. You probably want to set
+ "Host" in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the request.
+ HTTP allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom
+ header to be used in HTTP probes
+ properties:
+ name:
+ description: |-
+ The header field name.
+ This will be canonicalized upon output, so case-variant names will be understood as the same header.
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Name or number of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: |-
+ Scheme to use for connecting to the host.
+ Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ description: |-
+ Number of seconds after the container has started before liveness probes are initiated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ format: int32
+ type: integer
+ periodSeconds:
+ description: |-
+ How often (in seconds) to perform the probe.
+ Default to 10 seconds. Minimum value is 1.
+ format: int32
+ type: integer
+ successThreshold:
+ description: |-
+ Minimum consecutive successes for the probe to be considered successful after having failed.
+ Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
+ format: int32
+ type: integer
+ tcpSocket:
+ description: TCPSocket specifies an action involving
+ a TCP port.
+ properties:
+ host:
+ description: 'Optional: Host name to connect
+ to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Number or name of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ description: |-
+ Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
+ The grace period is the duration in seconds after the processes running in the pod are sent
+ a termination signal and the time when the processes are forcibly halted with a kill signal.
+ Set this value longer than the expected cleanup time for your process.
+ If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
+ value overrides the value provided by the pod spec.
+ Value must be non-negative integer. The value zero indicates stop immediately via
+ the kill signal (no opportunity to shut down).
+ This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
+ Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
+ format: int64
+ type: integer
+ timeoutSeconds:
+ description: |-
+ Number of seconds after which the probe times out.
+ Defaults to 1 second. Minimum value is 1.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ format: int32
+ type: integer
+ type: object
+ name:
+ description: |-
+ Name of the ephemeral container specified as a DNS_LABEL.
+ This name must be unique among all containers, init containers and ephemeral containers.
+ type: string
+ ports:
+ description: Ports are not allowed for ephemeral containers.
+ items:
+ description: ContainerPort represents a network port
+ in a single container.
+ properties:
+ containerPort:
+ description: |-
+ Number of port to expose on the pod's IP address.
+ This must be a valid port number, 0 < x < 65536.
+ format: int32
+ type: integer
+ hostIP:
+ description: What host IP to bind the external
+ port to.
+ type: string
+ hostPort:
+ description: |-
+ Number of port to expose on the host.
+ If specified, this must be a valid port number, 0 < x < 65536.
+ If HostNetwork is specified, this must match ContainerPort.
+ Most containers do not need this.
+ format: int32
+ type: integer
+ name:
+ description: |-
+ If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
+ named port in a pod must have a unique name. Name for the port that can be
+ referred to by services.
+ type: string
+ protocol:
+ default: TCP
+ description: |-
+ Protocol for port. Must be UDP, TCP, or SCTP.
+ Defaults to "TCP".
+ type: string
+ required:
+ - containerPort
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - containerPort
+ - protocol
+ x-kubernetes-list-type: map
+ readinessProbe:
+ description: Probes are not allowed for ephemeral containers.
+ properties:
+ exec:
+ description: Exec specifies the action to take.
+ properties:
+ command:
+ description: |-
+ Command is the command line to execute inside the container, the working directory for the
+ command is root ('/') in the container's filesystem. The command is simply exec'd, it is
+ not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
+ a shell, you need to explicitly call out to that shell.
+ Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ description: |-
+ Minimum consecutive failures for the probe to be considered failed after having succeeded.
+ Defaults to 3. Minimum value is 1.
+ format: int32
+ type: integer
+ grpc:
+ description: GRPC specifies an action involving
+ a GRPC port.
+ properties:
+ port:
+ description: Port number of the gRPC service.
+ Number must be in the range 1 to 65535.
+ format: int32
+ type: integer
+ service:
+ description: |-
+ Service is the name of the service to place in the gRPC HealthCheckRequest
+ (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
+
+
+ If this is not specified, the default behavior is defined by gRPC.
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ description: HTTPGet specifies the http request
+ to perform.
+ properties:
+ host:
+ description: |-
+ Host name to connect to, defaults to the pod IP. You probably want to set
+ "Host" in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the request.
+ HTTP allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom
+ header to be used in HTTP probes
+ properties:
+ name:
+ description: |-
+ The header field name.
+ This will be canonicalized upon output, so case-variant names will be understood as the same header.
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Name or number of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: |-
+ Scheme to use for connecting to the host.
+ Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ description: |-
+ Number of seconds after the container has started before liveness probes are initiated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ format: int32
+ type: integer
+ periodSeconds:
+ description: |-
+ How often (in seconds) to perform the probe.
+ Default to 10 seconds. Minimum value is 1.
+ format: int32
+ type: integer
+ successThreshold:
+ description: |-
+ Minimum consecutive successes for the probe to be considered successful after having failed.
+ Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
+ format: int32
+ type: integer
+ tcpSocket:
+ description: TCPSocket specifies an action involving
+ a TCP port.
+ properties:
+ host:
+ description: 'Optional: Host name to connect
+ to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Number or name of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ description: |-
+ Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
+ The grace period is the duration in seconds after the processes running in the pod are sent
+ a termination signal and the time when the processes are forcibly halted with a kill signal.
+ Set this value longer than the expected cleanup time for your process.
+ If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
+ value overrides the value provided by the pod spec.
+ Value must be non-negative integer. The value zero indicates stop immediately via
+ the kill signal (no opportunity to shut down).
+ This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
+ Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
+ format: int64
+ type: integer
+ timeoutSeconds:
+ description: |-
+ Number of seconds after which the probe times out.
+ Defaults to 1 second. Minimum value is 1.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ format: int32
+ type: integer
+ type: object
+ resizePolicy:
+ description: Resources resize policy for the container.
+ items:
+ description: ContainerResizePolicy represents resource
+ resize policy for the container.
+ properties:
+ resourceName:
+ description: |-
+ Name of the resource to which this resource resize policy applies.
+ Supported values: cpu, memory.
+ type: string
+ restartPolicy:
+ description: |-
+ Restart policy to apply when specified resource is resized.
+ If not specified, it defaults to NotRequired.
+ type: string
+ required:
+ - resourceName
+ - restartPolicy
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ resources:
+ description: |-
+ Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources
+ already allocated to the pod.
+ properties:
+ claims:
+ description: |-
+ Claims lists the names of resources, defined in spec.resourceClaims,
+ that are used by this container.
+
+
+ This is an alpha field and requires enabling the
+ DynamicResourceAllocation feature gate.
+
+
+ This field is immutable. It can only be set for containers.
+ items:
+ description: ResourceClaim references one entry
+ in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: |-
+ Name must match the name of one entry in pod.spec.resourceClaims of
+ the Pod where this field is used. It makes that resource available
+ inside a container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
+ limits:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ description: |-
+ Limits describes the maximum amount of compute resources allowed.
+ More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
+ type: object
+ requests:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ description: |-
+ Requests describes the minimum amount of compute resources required.
+ If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
+ otherwise to an implementation-defined value. Requests cannot exceed Limits.
+ More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
+ type: object
+ type: object
+ restartPolicy:
+ description: |-
+ Restart policy for the container to manage the restart behavior of each
+ container within a pod.
+ This may only be set for init containers. You cannot set this field on
+ ephemeral containers.
+ type: string
+ securityContext:
+ description: |-
+ Optional: SecurityContext defines the security options the ephemeral container should be run with.
+ If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.
+ properties:
+ allowPrivilegeEscalation:
+ description: |-
+ AllowPrivilegeEscalation controls whether a process can gain more
+ privileges than its parent process. This bool directly controls if
+ the no_new_privs flag will be set on the container process.
+ AllowPrivilegeEscalation is true always when the container is:
+ 1) run as Privileged
+ 2) has CAP_SYS_ADMIN
+ Note that this field cannot be set when spec.os.name is windows.
+ type: boolean
+ capabilities:
+ description: |-
+ The capabilities to add/drop when running containers.
+ Defaults to the default set of capabilities granted by the container runtime.
+ Note that this field cannot be set when spec.os.name is windows.
+ properties:
+ add:
+ description: Added capabilities
+ items:
+ description: Capability represent POSIX capabilities
+ type
+ type: string
+ type: array
+ drop:
+ description: Removed capabilities
+ items:
+ description: Capability represent POSIX capabilities
+ type
+ type: string
+ type: array
+ type: object
+ privileged:
+ description: |-
+ Run container in privileged mode.
+ Processes in privileged containers are essentially equivalent to root on the host.
+ Defaults to false.
+ Note that this field cannot be set when spec.os.name is windows.
+ type: boolean
+ procMount:
+ description: |-
+ procMount denotes the type of proc mount to use for the containers.
+ The default is DefaultProcMount which uses the container runtime defaults for
+ readonly paths and masked paths.
+ This requires the ProcMountType feature flag to be enabled.
+ Note that this field cannot be set when spec.os.name is windows.
+ type: string
+ readOnlyRootFilesystem:
+ description: |-
+ Whether this container has a read-only root filesystem.
+ Default is false.
+ Note that this field cannot be set when spec.os.name is windows.
+ type: boolean
+ runAsGroup:
+ description: |-
+ The GID to run the entrypoint of the container process.
+ Uses runtime default if unset.
+ May also be set in PodSecurityContext. If set in both SecurityContext and
+ PodSecurityContext, the value specified in SecurityContext takes precedence.
+ Note that this field cannot be set when spec.os.name is windows.
+ format: int64
+ type: integer
+ runAsNonRoot:
+ description: |-
+ Indicates that the container must run as a non-root user.
+ If true, the Kubelet will validate the image at runtime to ensure that it
+ does not run as UID 0 (root) and fail to start the container if it does.
+ If unset or false, no such validation will be performed.
+ May also be set in PodSecurityContext. If set in both SecurityContext and
+ PodSecurityContext, the value specified in SecurityContext takes precedence.
+ type: boolean
+ runAsUser:
+ description: |-
+ The UID to run the entrypoint of the container process.
+ Defaults to user specified in image metadata if unspecified.
+ May also be set in PodSecurityContext. If set in both SecurityContext and
+ PodSecurityContext, the value specified in SecurityContext takes precedence.
+ Note that this field cannot be set when spec.os.name is windows.
+ format: int64
+ type: integer
+ seLinuxOptions:
+ description: |-
+ The SELinux context to be applied to the container.
+ If unspecified, the container runtime will allocate a random SELinux context for each
+ container. May also be set in PodSecurityContext. If set in both SecurityContext and
+ PodSecurityContext, the value specified in SecurityContext takes precedence.
+ Note that this field cannot be set when spec.os.name is windows.
+ properties:
+ level:
+ description: Level is SELinux level label that
+ applies to the container.
+ type: string
+ role:
+ description: Role is a SELinux role label that
+ applies to the container.
+ type: string
+ type:
+ description: Type is a SELinux type label that
+ applies to the container.
+ type: string
+ user:
+ description: User is a SELinux user label that
+ applies to the container.
+ type: string
+ type: object
+ seccompProfile:
+ description: |-
+ The seccomp options to use by this container. If seccomp options are
+ provided at both the pod & container level, the container options
+ override the pod options.
+ Note that this field cannot be set when spec.os.name is windows.
+ properties:
+ localhostProfile:
+ description: |-
+ localhostProfile indicates a profile defined in a file on the node should be used.
+ The profile must be preconfigured on the node to work.
+ Must be a descending path, relative to the kubelet's configured seccomp profile location.
+ Must be set if type is "Localhost". Must NOT be set for any other type.
+ type: string
+ type:
+ description: |-
+ type indicates which kind of seccomp profile will be applied.
+ Valid options are:
+
+
+ Localhost - a profile defined in a file on the node should be used.
+ RuntimeDefault - the container runtime default profile should be used.
+ Unconfined - no profile should be applied.
+ type: string
+ required:
+ - type
+ type: object
+ windowsOptions:
+ description: |-
+ The Windows specific settings applied to all containers.
+ If unspecified, the options from the PodSecurityContext will be used.
+ If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+ Note that this field cannot be set when spec.os.name is linux.
+ properties:
+ gmsaCredentialSpec:
+ description: |-
+ GMSACredentialSpec is where the GMSA admission webhook
+ (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the
+ GMSA credential spec named by the GMSACredentialSpecName field.
+ type: string
+ gmsaCredentialSpecName:
+ description: GMSACredentialSpecName is the name
+ of the GMSA credential spec to use.
+ type: string
+ hostProcess:
+ description: |-
+ HostProcess determines if a container should be run as a 'Host Process' container.
+ All of a Pod's containers must have the same effective HostProcess value
+ (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).
+ In addition, if HostProcess is true then HostNetwork must also be set to true.
+ type: boolean
+ runAsUserName:
+ description: |-
+ The UserName in Windows to run the entrypoint of the container process.
+ Defaults to the user specified in image metadata if unspecified.
+ May also be set in PodSecurityContext. If set in both SecurityContext and
+ PodSecurityContext, the value specified in SecurityContext takes precedence.
+ type: string
+ type: object
+ type: object
+ startupProbe:
+ description: Probes are not allowed for ephemeral containers.
+ properties:
+ exec:
+ description: Exec specifies the action to take.
+ properties:
+ command:
+ description: |-
+ Command is the command line to execute inside the container, the working directory for the
+ command is root ('/') in the container's filesystem. The command is simply exec'd, it is
+ not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
+ a shell, you need to explicitly call out to that shell.
+ Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ description: |-
+ Minimum consecutive failures for the probe to be considered failed after having succeeded.
+ Defaults to 3. Minimum value is 1.
+ format: int32
+ type: integer
+ grpc:
+ description: GRPC specifies an action involving
+ a GRPC port.
+ properties:
+ port:
+ description: Port number of the gRPC service.
+ Number must be in the range 1 to 65535.
+ format: int32
+ type: integer
+ service:
+ description: |-
+ Service is the name of the service to place in the gRPC HealthCheckRequest
+ (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
+
+
+ If this is not specified, the default behavior is defined by gRPC.
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ description: HTTPGet specifies the http request
+ to perform.
+ properties:
+ host:
+ description: |-
+ Host name to connect to, defaults to the pod IP. You probably want to set
+ "Host" in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the request.
+ HTTP allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom
+ header to be used in HTTP probes
+ properties:
+ name:
+ description: |-
+ The header field name.
+ This will be canonicalized upon output, so case-variant names will be understood as the same header.
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Name or number of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: |-
+ Scheme to use for connecting to the host.
+ Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ description: |-
+ Number of seconds after the container has started before liveness probes are initiated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ format: int32
+ type: integer
+ periodSeconds:
+ description: |-
+ How often (in seconds) to perform the probe.
+ Default to 10 seconds. Minimum value is 1.
+ format: int32
+ type: integer
+ successThreshold:
+ description: |-
+ Minimum consecutive successes for the probe to be considered successful after having failed.
+ Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
+ format: int32
+ type: integer
+ tcpSocket:
+ description: TCPSocket specifies an action involving
+ a TCP port.
+ properties:
+ host:
+ description: 'Optional: Host name to connect
+ to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Number or name of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ description: |-
+ Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
+ The grace period is the duration in seconds after the processes running in the pod are sent
+ a termination signal and the time when the processes are forcibly halted with a kill signal.
+ Set this value longer than the expected cleanup time for your process.
+ If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
+ value overrides the value provided by the pod spec.
+ Value must be non-negative integer. The value zero indicates stop immediately via
+ the kill signal (no opportunity to shut down).
+ This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
+ Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
+ format: int64
+ type: integer
+ timeoutSeconds:
+ description: |-
+ Number of seconds after which the probe times out.
+ Defaults to 1 second. Minimum value is 1.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ format: int32
+ type: integer
+ type: object
+ stdin:
+ description: |-
+ Whether this container should allocate a buffer for stdin in the container runtime. If this
+ is not set, reads from stdin in the container will always result in EOF.
+ Default is false.
+ type: boolean
+ stdinOnce:
+ description: |-
+ Whether the container runtime should close the stdin channel after it has been opened by
+ a single attach. When stdin is true the stdin stream will remain open across multiple attach
+ sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the
+ first client attaches to stdin, and then remains open and accepts data until the client disconnects,
+ at which time stdin is closed and remains closed until the container is restarted. If this
+ flag is false, a container processes that reads from stdin will never receive an EOF.
+ Default is false
+ type: boolean
+ targetContainerName:
+ description: |-
+ If set, the name of the container from PodSpec that this ephemeral container targets.
+ The ephemeral container will be run in the namespaces (IPC, PID, etc) of this container.
+ If not set then the ephemeral container uses the namespaces configured in the Pod spec.
+
+
+ The container runtime must implement support for this feature. If the runtime does not
+ support namespace targeting then the result of setting this field is undefined.
+ type: string
+ terminationMessagePath:
+ description: |-
+ Optional: Path at which the file to which the container's termination message
+ will be written is mounted into the container's filesystem.
+ Message written is intended to be brief final status, such as an assertion failure message.
+ Will be truncated by the node if greater than 4096 bytes. The total message length across
+ all containers will be limited to 12kb.
+ Defaults to /dev/termination-log.
+ Cannot be updated.
+ type: string
+ terminationMessagePolicy:
+ description: |-
+ Indicate how the termination message should be populated. File will use the contents of
+ terminationMessagePath to populate the container status message on both success and failure.
+ FallbackToLogsOnError will use the last chunk of container log output if the termination
+ message file is empty and the container exited with an error.
+ The log output is limited to 2048 bytes or 80 lines, whichever is smaller.
+ Defaults to File.
+ Cannot be updated.
+ type: string
+ tty:
+ description: |-
+ Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.
+ Default is false.
+ type: boolean
+ volumeDevices:
+ description: volumeDevices is the list of block devices
+ to be used by the container.
+ items:
+ description: volumeDevice describes a mapping of a
+ raw block device within a container.
+ properties:
+ devicePath:
+ description: devicePath is the path inside of
+ the container that the device will be mapped
+ to.
+ type: string
+ name:
+ description: name must match the name of a persistentVolumeClaim
+ in the pod
+ type: string
+ required:
+ - devicePath
+ - name
+ type: object
+ type: array
+ volumeMounts:
+ description: |-
+ Pod volumes to mount into the container's filesystem. Subpath mounts are not allowed for ephemeral containers.
+ Cannot be updated.
+ items:
+ description: VolumeMount describes a mounting of a
+ Volume within a container.
+ properties:
+ mountPath:
+ description: |-
+ Path within the container at which the volume should be mounted. Must
+ not contain ':'.
+ type: string
+ mountPropagation:
+ description: |-
+ mountPropagation determines how mounts are propagated from the host
+ to container and the other way around.
+ When not set, MountPropagationNone is used.
+ This field is beta in 1.10.
+ type: string
+ name:
+ description: This must match the Name of a Volume.
+ type: string
+ readOnly:
+ description: |-
+ Mounted read-only if true, read-write otherwise (false or unspecified).
+ Defaults to false.
+ type: boolean
+ subPath:
+ description: |-
+ Path within the volume from which the container's volume should be mounted.
+ Defaults to "" (volume's root).
+ type: string
+ subPathExpr:
+ description: |-
+ Expanded path within the volume from which the container's volume should be mounted.
+ Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.
+ Defaults to "" (volume's root).
+ SubPathExpr and SubPath are mutually exclusive.
+ type: string
+ required:
+ - mountPath
+ - name
+ type: object
+ type: array
+ workingDir:
+ description: |-
+ Container's working directory.
+ If not specified, the container runtime's default will be used, which
+ might be configured in the container image.
+ Cannot be updated.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ initContainers:
+ description: InitContainers
+ items:
+ description: A single application container that you want
+ to run within a pod.
+ properties:
+ args:
+ description: |-
+ Arguments to the entrypoint.
+ The container image's CMD is used if this is not provided.
+ Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
+ cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced
+ to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
+ produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless
+ of whether the variable exists or not. Cannot be updated.
+ More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
+ items:
+ type: string
+ type: array
+ command:
+ description: |-
+ Entrypoint array. Not executed within a shell.
+ The container image's ENTRYPOINT is used if this is not provided.
+ Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
+ cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced
+ to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
+ produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless
+ of whether the variable exists or not. Cannot be updated.
+ More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
+ items:
+ type: string
+ type: array
+ env:
+ description: |-
+ List of environment variables to set in the container.
+ Cannot be updated.
+ items:
+ description: EnvVar represents an environment variable
+ present in a Container.
+ properties:
+ name:
+ description: Name of the environment variable.
+ Must be a C_IDENTIFIER.
+ type: string
+ value:
+ description: |-
+ Variable references $(VAR_NAME) are expanded
+ using the previously defined environment variables in the container and
+ any service environment variables. If a variable cannot be resolved,
+ the reference in the input string will be unchanged. Double $$ are reduced
+ to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.
+ "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)".
+ Escaped references will never be expanded, regardless of whether the variable
+ exists or not.
+ Defaults to "".
+ type: string
+ valueFrom:
+ description: Source for the environment variable's
+ value. Cannot be used if value is not empty.
+ properties:
+ configMapKeyRef:
+ description: Selects a key of a ConfigMap.
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the ConfigMap
+ or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ fieldRef:
+ description: |-
+ Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,
+ spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.
+ properties:
+ apiVersion:
+ description: Version of the schema the
+ FieldPath is written in terms of, defaults
+ to "v1".
+ type: string
+ fieldPath:
+ description: Path of the field to select
+ in the specified API version.
+ type: string
+ required:
+ - fieldPath
+ type: object
+ x-kubernetes-map-type: atomic
+ resourceFieldRef:
+ description: |-
+ Selects a resource of the container: only resources limits and requests
+ (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.
+ properties:
+ containerName:
+ description: 'Container name: required
+ for volumes, optional for env vars'
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Specifies the output format
+ of the exposed resources, defaults to
+ "1"
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ description: 'Required: resource to select'
+ type: string
+ required:
+ - resource
+ type: object
+ x-kubernetes-map-type: atomic
+ secretKeyRef:
+ description: Selects a key of a secret in
+ the pod's namespace
+ properties:
+ key:
+ description: The key of the secret to
+ select from. Must be a valid secret
+ key.
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the Secret
+ or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ required:
+ - name
+ type: object
+ type: array
+ envFrom:
+ description: |-
+ List of sources to populate environment variables in the container.
+ The keys defined within a source must be a C_IDENTIFIER. All invalid keys
+ will be reported as an event when the container is starting. When a key exists in multiple
+ sources, the value associated with the last source will take precedence.
+ Values defined by an Env with a duplicate key will take precedence.
+ Cannot be updated.
+ items:
+ description: EnvFromSource represents the source of
+ a set of ConfigMaps
+ properties:
+ configMapRef:
+ description: The ConfigMap to select from
+ properties:
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the ConfigMap
+ must be defined
+ type: boolean
+ type: object
+ x-kubernetes-map-type: atomic
+ prefix:
+ description: An optional identifier to prepend
+ to each key in the ConfigMap. Must be a C_IDENTIFIER.
+ type: string
+ secretRef:
+ description: The Secret to select from
+ properties:
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the Secret must
+ be defined
+ type: boolean
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ type: array
+ image:
+ description: |-
+ Container image name.
+ More info: https://kubernetes.io/docs/concepts/containers/images
+ This field is optional to allow higher level config management to default or override
+ container images in workload controllers like Deployments and StatefulSets.
+ type: string
+ imagePullPolicy:
+ description: |-
+ Image pull policy.
+ One of Always, Never, IfNotPresent.
+ Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
+ Cannot be updated.
+ More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
+ type: string
+ lifecycle:
+ description: |-
+ Actions that the management system should take in response to container lifecycle events.
+ Cannot be updated.
+ properties:
+ postStart:
+ description: |-
+ PostStart is called immediately after a container is created. If the handler fails,
+ the container is terminated and restarted according to its restart policy.
+ Other management of the container blocks until the hook completes.
+ More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
+ properties:
+ exec:
+ description: Exec specifies the action to take.
+ properties:
+ command:
+ description: |-
+ Command is the command line to execute inside the container, the working directory for the
+ command is root ('/') in the container's filesystem. The command is simply exec'd, it is
+ not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
+ a shell, you need to explicitly call out to that shell.
+ Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ description: HTTPGet specifies the http request
+ to perform.
+ properties:
+ host:
+ description: |-
+ Host name to connect to, defaults to the pod IP. You probably want to set
+ "Host" in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the
+ request. HTTP allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom
+ header to be used in HTTP probes
+ properties:
+ name:
+ description: |-
+ The header field name.
+ This will be canonicalized upon output, so case-variant names will be understood as the same header.
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP
+ server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Name or number of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: |-
+ Scheme to use for connecting to the host.
+ Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ sleep:
+ description: Sleep represents the duration that
+ the container should sleep before being terminated.
+ properties:
+ seconds:
+ description: Seconds is the number of seconds
+ to sleep.
+ format: int64
+ type: integer
+ required:
+ - seconds
+ type: object
+ tcpSocket:
+ description: |-
+ Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept
+ for the backward compatibility. There are no validation of this field and
+ lifecycle hooks will fail in runtime when tcp handler is specified.
+ properties:
+ host:
+ description: 'Optional: Host name to connect
+ to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Number or name of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ preStop:
+ description: |-
+ PreStop is called immediately before a container is terminated due to an
+ API request or management event such as liveness/startup probe failure,
+ preemption, resource contention, etc. The handler is not called if the
+ container crashes or exits. The Pod's termination grace period countdown begins before the
+ PreStop hook is executed. Regardless of the outcome of the handler, the
+ container will eventually terminate within the Pod's termination grace
+ period (unless delayed by finalizers). Other management of the container blocks until the hook completes
+ or until the termination grace period is reached.
+ More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
+ properties:
+ exec:
+ description: Exec specifies the action to take.
+ properties:
+ command:
+ description: |-
+ Command is the command line to execute inside the container, the working directory for the
+ command is root ('/') in the container's filesystem. The command is simply exec'd, it is
+ not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
+ a shell, you need to explicitly call out to that shell.
+ Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ description: HTTPGet specifies the http request
+ to perform.
+ properties:
+ host:
+ description: |-
+ Host name to connect to, defaults to the pod IP. You probably want to set
+ "Host" in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the
+ request. HTTP allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom
+ header to be used in HTTP probes
+ properties:
+ name:
+ description: |-
+ The header field name.
+ This will be canonicalized upon output, so case-variant names will be understood as the same header.
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP
+ server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Name or number of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: |-
+ Scheme to use for connecting to the host.
+ Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ sleep:
+ description: Sleep represents the duration that
+ the container should sleep before being terminated.
+ properties:
+ seconds:
+ description: Seconds is the number of seconds
+ to sleep.
+ format: int64
+ type: integer
+ required:
+ - seconds
+ type: object
+ tcpSocket:
+ description: |-
+ Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept
+ for the backward compatibility. There are no validation of this field and
+ lifecycle hooks will fail in runtime when tcp handler is specified.
+ properties:
+ host:
+ description: 'Optional: Host name to connect
+ to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Number or name of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ type: object
+ livenessProbe:
+ description: |-
+ Periodic probe of container liveness.
+ Container will be restarted if the probe fails.
+ Cannot be updated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ properties:
+ exec:
+ description: Exec specifies the action to take.
+ properties:
+ command:
+ description: |-
+ Command is the command line to execute inside the container, the working directory for the
+ command is root ('/') in the container's filesystem. The command is simply exec'd, it is
+ not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
+ a shell, you need to explicitly call out to that shell.
+ Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ description: |-
+ Minimum consecutive failures for the probe to be considered failed after having succeeded.
+ Defaults to 3. Minimum value is 1.
+ format: int32
+ type: integer
+ grpc:
+ description: GRPC specifies an action involving
+ a GRPC port.
+ properties:
+ port:
+ description: Port number of the gRPC service.
+ Number must be in the range 1 to 65535.
+ format: int32
+ type: integer
+ service:
+ description: |-
+ Service is the name of the service to place in the gRPC HealthCheckRequest
+ (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
+
+
+ If this is not specified, the default behavior is defined by gRPC.
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ description: HTTPGet specifies the http request
+ to perform.
+ properties:
+ host:
+ description: |-
+ Host name to connect to, defaults to the pod IP. You probably want to set
+ "Host" in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the request.
+ HTTP allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom
+ header to be used in HTTP probes
+ properties:
+ name:
+ description: |-
+ The header field name.
+ This will be canonicalized upon output, so case-variant names will be understood as the same header.
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Name or number of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: |-
+ Scheme to use for connecting to the host.
+ Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ description: |-
+ Number of seconds after the container has started before liveness probes are initiated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ format: int32
+ type: integer
+ periodSeconds:
+ description: |-
+ How often (in seconds) to perform the probe.
+ Default to 10 seconds. Minimum value is 1.
+ format: int32
+ type: integer
+ successThreshold:
+ description: |-
+ Minimum consecutive successes for the probe to be considered successful after having failed.
+ Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
+ format: int32
+ type: integer
+ tcpSocket:
+ description: TCPSocket specifies an action involving
+ a TCP port.
+ properties:
+ host:
+ description: 'Optional: Host name to connect
+ to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Number or name of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ description: |-
+ Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
+ The grace period is the duration in seconds after the processes running in the pod are sent
+ a termination signal and the time when the processes are forcibly halted with a kill signal.
+ Set this value longer than the expected cleanup time for your process.
+ If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
+ value overrides the value provided by the pod spec.
+ Value must be non-negative integer. The value zero indicates stop immediately via
+ the kill signal (no opportunity to shut down).
+ This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
+ Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
+ format: int64
+ type: integer
+ timeoutSeconds:
+ description: |-
+ Number of seconds after which the probe times out.
+ Defaults to 1 second. Minimum value is 1.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ format: int32
+ type: integer
+ type: object
+ name:
+ description: |-
+ Name of the container specified as a DNS_LABEL.
+ Each container in a pod must have a unique name (DNS_LABEL).
+ Cannot be updated.
+ type: string
+ ports:
+ description: |-
+ List of ports to expose from the container. Not specifying a port here
+ DOES NOT prevent that port from being exposed. Any port which is
+ listening on the default "0.0.0.0" address inside a container will be
+ accessible from the network.
+ Modifying this array with strategic merge patch may corrupt the data.
+ For more information See https://github.com/kubernetes/kubernetes/issues/108255.
+ Cannot be updated.
+ items:
+ description: ContainerPort represents a network port
+ in a single container.
+ properties:
+ containerPort:
+ description: |-
+ Number of port to expose on the pod's IP address.
+ This must be a valid port number, 0 < x < 65536.
+ format: int32
+ type: integer
+ hostIP:
+ description: What host IP to bind the external
+ port to.
+ type: string
+ hostPort:
+ description: |-
+ Number of port to expose on the host.
+ If specified, this must be a valid port number, 0 < x < 65536.
+ If HostNetwork is specified, this must match ContainerPort.
+ Most containers do not need this.
+ format: int32
+ type: integer
+ name:
+ description: |-
+ If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
+ named port in a pod must have a unique name. Name for the port that can be
+ referred to by services.
+ type: string
+ protocol:
+ default: TCP
+ description: |-
+ Protocol for port. Must be UDP, TCP, or SCTP.
+ Defaults to "TCP".
+ type: string
+ required:
+ - containerPort
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - containerPort
+ - protocol
+ x-kubernetes-list-type: map
+ readinessProbe:
+ description: |-
+ Periodic probe of container service readiness.
+ Container will be removed from service endpoints if the probe fails.
+ Cannot be updated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ properties:
+ exec:
+ description: Exec specifies the action to take.
+ properties:
+ command:
+ description: |-
+ Command is the command line to execute inside the container, the working directory for the
+ command is root ('/') in the container's filesystem. The command is simply exec'd, it is
+ not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
+ a shell, you need to explicitly call out to that shell.
+ Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ description: |-
+ Minimum consecutive failures for the probe to be considered failed after having succeeded.
+ Defaults to 3. Minimum value is 1.
+ format: int32
+ type: integer
+ grpc:
+ description: GRPC specifies an action involving
+ a GRPC port.
+ properties:
+ port:
+ description: Port number of the gRPC service.
+ Number must be in the range 1 to 65535.
+ format: int32
+ type: integer
+ service:
+ description: |-
+ Service is the name of the service to place in the gRPC HealthCheckRequest
+ (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
+
+
+ If this is not specified, the default behavior is defined by gRPC.
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ description: HTTPGet specifies the http request
+ to perform.
+ properties:
+ host:
+ description: |-
+ Host name to connect to, defaults to the pod IP. You probably want to set
+ "Host" in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the request.
+ HTTP allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom
+ header to be used in HTTP probes
+ properties:
+ name:
+ description: |-
+ The header field name.
+ This will be canonicalized upon output, so case-variant names will be understood as the same header.
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Name or number of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: |-
+ Scheme to use for connecting to the host.
+ Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ description: |-
+ Number of seconds after the container has started before liveness probes are initiated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ format: int32
+ type: integer
+ periodSeconds:
+ description: |-
+ How often (in seconds) to perform the probe.
+ Default to 10 seconds. Minimum value is 1.
+ format: int32
+ type: integer
+ successThreshold:
+ description: |-
+ Minimum consecutive successes for the probe to be considered successful after having failed.
+ Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
+ format: int32
+ type: integer
+ tcpSocket:
+ description: TCPSocket specifies an action involving
+ a TCP port.
+ properties:
+ host:
+ description: 'Optional: Host name to connect
+ to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Number or name of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ description: |-
+ Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
+ The grace period is the duration in seconds after the processes running in the pod are sent
+ a termination signal and the time when the processes are forcibly halted with a kill signal.
+ Set this value longer than the expected cleanup time for your process.
+ If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
+ value overrides the value provided by the pod spec.
+ Value must be non-negative integer. The value zero indicates stop immediately via
+ the kill signal (no opportunity to shut down).
+ This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
+ Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
+ format: int64
+ type: integer
+ timeoutSeconds:
+ description: |-
+ Number of seconds after which the probe times out.
+ Defaults to 1 second. Minimum value is 1.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ format: int32
+ type: integer
+ type: object
+ resizePolicy:
+ description: Resources resize policy for the container.
+ items:
+ description: ContainerResizePolicy represents resource
+ resize policy for the container.
+ properties:
+ resourceName:
+ description: |-
+ Name of the resource to which this resource resize policy applies.
+ Supported values: cpu, memory.
+ type: string
+ restartPolicy:
+ description: |-
+ Restart policy to apply when specified resource is resized.
+ If not specified, it defaults to NotRequired.
+ type: string
+ required:
+ - resourceName
+ - restartPolicy
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ resources:
+ description: |-
+ Compute Resources required by this container.
+ Cannot be updated.
+ More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
+ properties:
+ claims:
+ description: |-
+ Claims lists the names of resources, defined in spec.resourceClaims,
+ that are used by this container.
+
+
+ This is an alpha field and requires enabling the
+ DynamicResourceAllocation feature gate.
+
+
+ This field is immutable. It can only be set for containers.
+ items:
+ description: ResourceClaim references one entry
+ in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: |-
+ Name must match the name of one entry in pod.spec.resourceClaims of
+ the Pod where this field is used. It makes that resource available
+ inside a container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
+ limits:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ description: |-
+ Limits describes the maximum amount of compute resources allowed.
+ More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
+ type: object
+ requests:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ description: |-
+ Requests describes the minimum amount of compute resources required.
+ If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
+ otherwise to an implementation-defined value. Requests cannot exceed Limits.
+ More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
+ type: object
+ type: object
+ restartPolicy:
+ description: |-
+ RestartPolicy defines the restart behavior of individual containers in a pod.
+ This field may only be set for init containers, and the only allowed value is "Always".
+ For non-init containers or when this field is not specified,
+ the restart behavior is defined by the Pod's restart policy and the container type.
+ Setting the RestartPolicy as "Always" for the init container will have the following effect:
+ this init container will be continually restarted on
+ exit until all regular containers have terminated. Once all regular
+ containers have completed, all init containers with restartPolicy "Always"
+ will be shut down. This lifecycle differs from normal init containers and
+ is often referred to as a "sidecar" container. Although this init
+ container still starts in the init container sequence, it does not wait
+ for the container to complete before proceeding to the next init
+ container. Instead, the next init container starts immediately after this
+ init container is started, or after any startupProbe has successfully
+ completed.
+ type: string
+ securityContext:
+ description: |-
+ SecurityContext defines the security options the container should be run with.
+ If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.
+ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
+ properties:
+ allowPrivilegeEscalation:
+ description: |-
+ AllowPrivilegeEscalation controls whether a process can gain more
+ privileges than its parent process. This bool directly controls if
+ the no_new_privs flag will be set on the container process.
+ AllowPrivilegeEscalation is true always when the container is:
+ 1) run as Privileged
+ 2) has CAP_SYS_ADMIN
+ Note that this field cannot be set when spec.os.name is windows.
+ type: boolean
+ capabilities:
+ description: |-
+ The capabilities to add/drop when running containers.
+ Defaults to the default set of capabilities granted by the container runtime.
+ Note that this field cannot be set when spec.os.name is windows.
+ properties:
+ add:
+ description: Added capabilities
+ items:
+ description: Capability represent POSIX capabilities
+ type
+ type: string
+ type: array
+ drop:
+ description: Removed capabilities
+ items:
+ description: Capability represent POSIX capabilities
+ type
+ type: string
+ type: array
+ type: object
+ privileged:
+ description: |-
+ Run container in privileged mode.
+ Processes in privileged containers are essentially equivalent to root on the host.
+ Defaults to false.
+ Note that this field cannot be set when spec.os.name is windows.
+ type: boolean
+ procMount:
+ description: |-
+ procMount denotes the type of proc mount to use for the containers.
+ The default is DefaultProcMount which uses the container runtime defaults for
+ readonly paths and masked paths.
+ This requires the ProcMountType feature flag to be enabled.
+ Note that this field cannot be set when spec.os.name is windows.
+ type: string
+ readOnlyRootFilesystem:
+ description: |-
+ Whether this container has a read-only root filesystem.
+ Default is false.
+ Note that this field cannot be set when spec.os.name is windows.
+ type: boolean
+ runAsGroup:
+ description: |-
+ The GID to run the entrypoint of the container process.
+ Uses runtime default if unset.
+ May also be set in PodSecurityContext. If set in both SecurityContext and
+ PodSecurityContext, the value specified in SecurityContext takes precedence.
+ Note that this field cannot be set when spec.os.name is windows.
+ format: int64
+ type: integer
+ runAsNonRoot:
+ description: |-
+ Indicates that the container must run as a non-root user.
+ If true, the Kubelet will validate the image at runtime to ensure that it
+ does not run as UID 0 (root) and fail to start the container if it does.
+ If unset or false, no such validation will be performed.
+ May also be set in PodSecurityContext. If set in both SecurityContext and
+ PodSecurityContext, the value specified in SecurityContext takes precedence.
+ type: boolean
+ runAsUser:
+ description: |-
+ The UID to run the entrypoint of the container process.
+ Defaults to user specified in image metadata if unspecified.
+ May also be set in PodSecurityContext. If set in both SecurityContext and
+ PodSecurityContext, the value specified in SecurityContext takes precedence.
+ Note that this field cannot be set when spec.os.name is windows.
+ format: int64
+ type: integer
+ seLinuxOptions:
+ description: |-
+ The SELinux context to be applied to the container.
+ If unspecified, the container runtime will allocate a random SELinux context for each
+ container. May also be set in PodSecurityContext. If set in both SecurityContext and
+ PodSecurityContext, the value specified in SecurityContext takes precedence.
+ Note that this field cannot be set when spec.os.name is windows.
+ properties:
+ level:
+ description: Level is SELinux level label that
+ applies to the container.
+ type: string
+ role:
+ description: Role is a SELinux role label that
+ applies to the container.
+ type: string
+ type:
+ description: Type is a SELinux type label that
+ applies to the container.
+ type: string
+ user:
+ description: User is a SELinux user label that
+ applies to the container.
+ type: string
+ type: object
+ seccompProfile:
+ description: |-
+ The seccomp options to use by this container. If seccomp options are
+ provided at both the pod & container level, the container options
+ override the pod options.
+ Note that this field cannot be set when spec.os.name is windows.
+ properties:
+ localhostProfile:
+ description: |-
+ localhostProfile indicates a profile defined in a file on the node should be used.
+ The profile must be preconfigured on the node to work.
+ Must be a descending path, relative to the kubelet's configured seccomp profile location.
+ Must be set if type is "Localhost". Must NOT be set for any other type.
+ type: string
+ type:
+ description: |-
+ type indicates which kind of seccomp profile will be applied.
+ Valid options are:
+
+
+ Localhost - a profile defined in a file on the node should be used.
+ RuntimeDefault - the container runtime default profile should be used.
+ Unconfined - no profile should be applied.
+ type: string
+ required:
+ - type
+ type: object
+ windowsOptions:
+ description: |-
+ The Windows specific settings applied to all containers.
+ If unspecified, the options from the PodSecurityContext will be used.
+ If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+ Note that this field cannot be set when spec.os.name is linux.
+ properties:
+ gmsaCredentialSpec:
+ description: |-
+ GMSACredentialSpec is where the GMSA admission webhook
+ (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the
+ GMSA credential spec named by the GMSACredentialSpecName field.
+ type: string
+ gmsaCredentialSpecName:
+ description: GMSACredentialSpecName is the name
+ of the GMSA credential spec to use.
+ type: string
+ hostProcess:
+ description: |-
+ HostProcess determines if a container should be run as a 'Host Process' container.
+ All of a Pod's containers must have the same effective HostProcess value
+ (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).
+ In addition, if HostProcess is true then HostNetwork must also be set to true.
+ type: boolean
+ runAsUserName:
+ description: |-
+ The UserName in Windows to run the entrypoint of the container process.
+ Defaults to the user specified in image metadata if unspecified.
+ May also be set in PodSecurityContext. If set in both SecurityContext and
+ PodSecurityContext, the value specified in SecurityContext takes precedence.
+ type: string
+ type: object
+ type: object
+ startupProbe:
+ description: |-
+ StartupProbe indicates that the Pod has successfully initialized.
+ If specified, no other probes are executed until this completes successfully.
+ If this probe fails, the Pod will be restarted, just as if the livenessProbe failed.
+ This can be used to provide different probe parameters at the beginning of a Pod's lifecycle,
+ when it might take a long time to load data or warm a cache, than during steady-state operation.
+ This cannot be updated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ properties:
+ exec:
+ description: Exec specifies the action to take.
+ properties:
+ command:
+ description: |-
+ Command is the command line to execute inside the container, the working directory for the
+ command is root ('/') in the container's filesystem. The command is simply exec'd, it is
+ not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
+ a shell, you need to explicitly call out to that shell.
+ Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ description: |-
+ Minimum consecutive failures for the probe to be considered failed after having succeeded.
+ Defaults to 3. Minimum value is 1.
+ format: int32
+ type: integer
+ grpc:
+ description: GRPC specifies an action involving
+ a GRPC port.
+ properties:
+ port:
+ description: Port number of the gRPC service.
+ Number must be in the range 1 to 65535.
+ format: int32
+ type: integer
+ service:
+ description: |-
+ Service is the name of the service to place in the gRPC HealthCheckRequest
+ (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
+
+
+ If this is not specified, the default behavior is defined by gRPC.
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ description: HTTPGet specifies the http request
+ to perform.
+ properties:
+ host:
+ description: |-
+ Host name to connect to, defaults to the pod IP. You probably want to set
+ "Host" in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the request.
+ HTTP allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom
+ header to be used in HTTP probes
+ properties:
+ name:
+ description: |-
+ The header field name.
+ This will be canonicalized upon output, so case-variant names will be understood as the same header.
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Name or number of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: |-
+ Scheme to use for connecting to the host.
+ Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ description: |-
+ Number of seconds after the container has started before liveness probes are initiated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ format: int32
+ type: integer
+ periodSeconds:
+ description: |-
+ How often (in seconds) to perform the probe.
+ Default to 10 seconds. Minimum value is 1.
+ format: int32
+ type: integer
+ successThreshold:
+ description: |-
+ Minimum consecutive successes for the probe to be considered successful after having failed.
+ Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
+ format: int32
+ type: integer
+ tcpSocket:
+ description: TCPSocket specifies an action involving
+ a TCP port.
+ properties:
+ host:
+ description: 'Optional: Host name to connect
+ to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Number or name of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ description: |-
+ Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
+ The grace period is the duration in seconds after the processes running in the pod are sent
+ a termination signal and the time when the processes are forcibly halted with a kill signal.
+ Set this value longer than the expected cleanup time for your process.
+ If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
+ value overrides the value provided by the pod spec.
+ Value must be non-negative integer. The value zero indicates stop immediately via
+ the kill signal (no opportunity to shut down).
+ This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
+ Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
+ format: int64
+ type: integer
+ timeoutSeconds:
+ description: |-
+ Number of seconds after which the probe times out.
+ Defaults to 1 second. Minimum value is 1.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ format: int32
+ type: integer
+ type: object
+ stdin:
+ description: |-
+ Whether this container should allocate a buffer for stdin in the container runtime. If this
+ is not set, reads from stdin in the container will always result in EOF.
+ Default is false.
+ type: boolean
+ stdinOnce:
+ description: |-
+ Whether the container runtime should close the stdin channel after it has been opened by
+ a single attach. When stdin is true the stdin stream will remain open across multiple attach
+ sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the
+ first client attaches to stdin, and then remains open and accepts data until the client disconnects,
+ at which time stdin is closed and remains closed until the container is restarted. If this
+ flag is false, a container processes that reads from stdin will never receive an EOF.
+ Default is false
+ type: boolean
+ terminationMessagePath:
+ description: |-
+ Optional: Path at which the file to which the container's termination message
+ will be written is mounted into the container's filesystem.
+ Message written is intended to be brief final status, such as an assertion failure message.
+ Will be truncated by the node if greater than 4096 bytes. The total message length across
+ all containers will be limited to 12kb.
+ Defaults to /dev/termination-log.
+ Cannot be updated.
+ type: string
+ terminationMessagePolicy:
+ description: |-
+ Indicate how the termination message should be populated. File will use the contents of
+ terminationMessagePath to populate the container status message on both success and failure.
+ FallbackToLogsOnError will use the last chunk of container log output if the termination
+ message file is empty and the container exited with an error.
+ The log output is limited to 2048 bytes or 80 lines, whichever is smaller.
+ Defaults to File.
+ Cannot be updated.
+ type: string
+ tty:
+ description: |-
+ Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.
+ Default is false.
+ type: boolean
+ volumeDevices:
+ description: volumeDevices is the list of block devices
+ to be used by the container.
+ items:
+ description: volumeDevice describes a mapping of a
+ raw block device within a container.
+ properties:
+ devicePath:
+ description: devicePath is the path inside of
+ the container that the device will be mapped
+ to.
+ type: string
+ name:
+ description: name must match the name of a persistentVolumeClaim
+ in the pod
+ type: string
+ required:
+ - devicePath
+ - name
+ type: object
+ type: array
+ volumeMounts:
+ description: |-
+ Pod volumes to mount into the container's filesystem.
+ Cannot be updated.
+ items:
+ description: VolumeMount describes a mounting of a
+ Volume within a container.
+ properties:
+ mountPath:
+ description: |-
+ Path within the container at which the volume should be mounted. Must
+ not contain ':'.
+ type: string
+ mountPropagation:
+ description: |-
+ mountPropagation determines how mounts are propagated from the host
+ to container and the other way around.
+ When not set, MountPropagationNone is used.
+ This field is beta in 1.10.
+ type: string
+ name:
+ description: This must match the Name of a Volume.
+ type: string
+ readOnly:
+ description: |-
+ Mounted read-only if true, read-write otherwise (false or unspecified).
+ Defaults to false.
+ type: boolean
+ subPath:
+ description: |-
+ Path within the volume from which the container's volume should be mounted.
+ Defaults to "" (volume's root).
+ type: string
+ subPathExpr:
+ description: |-
+ Expanded path within the volume from which the container's volume should be mounted.
+ Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.
+ Defaults to "" (volume's root).
+ SubPathExpr and SubPath are mutually exclusive.
+ type: string
+ required:
+ - mountPath
+ - name
+ type: object
+ type: array
+ workingDir:
+ description: |-
+ Container's working directory.
+ If not specified, the container runtime's default will be used, which
+ might be configured in the container image.
+ Cannot be updated.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ nodeSelector:
+ additionalProperties:
+ type: string
+ description: NodeSelector
+ type: object
+ restartPolicy:
+ description: RestartPolicy
+ type: string
+ securityContext:
+ description: PodSecurityContext
+ properties:
+ fsGroup:
+ description: |-
+ A special supplemental group that applies to all containers in a pod.
+ Some volume types allow the Kubelet to change the ownership of that volume
+ to be owned by the pod:
+
+
+ 1. The owning GID will be the FSGroup
+ 2. The setgid bit is set (new files created in the volume will be owned by FSGroup)
+ 3. The permission bits are OR'd with rw-rw----
+
+
+ If unset, the Kubelet will not modify the ownership and permissions of any volume.
+ Note that this field cannot be set when spec.os.name is windows.
+ format: int64
+ type: integer
+ fsGroupChangePolicy:
+ description: |-
+ fsGroupChangePolicy defines behavior of changing ownership and permission of the volume
+ before being exposed inside Pod. This field will only apply to
+ volume types which support fsGroup based ownership(and permissions).
+ It will have no effect on ephemeral volume types such as: secret, configmaps
+ and emptydir.
+ Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used.
+ Note that this field cannot be set when spec.os.name is windows.
+ type: string
+ runAsGroup:
+ description: |-
+ The GID to run the entrypoint of the container process.
+ Uses runtime default if unset.
+ May also be set in SecurityContext. If set in both SecurityContext and
+ PodSecurityContext, the value specified in SecurityContext takes precedence
+ for that container.
+ Note that this field cannot be set when spec.os.name is windows.
+ format: int64
+ type: integer
+ runAsNonRoot:
+ description: |-
+ Indicates that the container must run as a non-root user.
+ If true, the Kubelet will validate the image at runtime to ensure that it
+ does not run as UID 0 (root) and fail to start the container if it does.
+ If unset or false, no such validation will be performed.
+ May also be set in SecurityContext. If set in both SecurityContext and
+ PodSecurityContext, the value specified in SecurityContext takes precedence.
+ type: boolean
+ runAsUser:
+ description: |-
+ The UID to run the entrypoint of the container process.
+ Defaults to user specified in image metadata if unspecified.
+ May also be set in SecurityContext. If set in both SecurityContext and
+ PodSecurityContext, the value specified in SecurityContext takes precedence
+ for that container.
+ Note that this field cannot be set when spec.os.name is windows.
+ format: int64
+ type: integer
+ seLinuxOptions:
+ description: |-
+ The SELinux context to be applied to all containers.
+ If unspecified, the container runtime will allocate a random SELinux context for each
+ container. May also be set in SecurityContext. If set in
+ both SecurityContext and PodSecurityContext, the value specified in SecurityContext
+ takes precedence for that container.
+ Note that this field cannot be set when spec.os.name is windows.
+ properties:
+ level:
+ description: Level is SELinux level label that applies
+ to the container.
+ type: string
+ role:
+ description: Role is a SELinux role label that applies
+ to the container.
+ type: string
+ type:
+ description: Type is a SELinux type label that applies
+ to the container.
+ type: string
+ user:
+ description: User is a SELinux user label that applies
+ to the container.
+ type: string
+ type: object
+ seccompProfile:
+ description: |-
+ The seccomp options to use by the containers in this pod.
+ Note that this field cannot be set when spec.os.name is windows.
+ properties:
+ localhostProfile:
+ description: |-
+ localhostProfile indicates a profile defined in a file on the node should be used.
+ The profile must be preconfigured on the node to work.
+ Must be a descending path, relative to the kubelet's configured seccomp profile location.
+ Must be set if type is "Localhost". Must NOT be set for any other type.
+ type: string
+ type:
+ description: |-
+ type indicates which kind of seccomp profile will be applied.
+ Valid options are:
+
+
+ Localhost - a profile defined in a file on the node should be used.
+ RuntimeDefault - the container runtime default profile should be used.
+ Unconfined - no profile should be applied.
+ type: string
+ required:
+ - type
+ type: object
+ supplementalGroups:
+ description: |-
+ A list of groups applied to the first process run in each container, in addition
+ to the container's primary GID, the fsGroup (if specified), and group memberships
+ defined in the container image for the uid of the container process. If unspecified,
+ no additional groups are added to any container. Note that group memberships
+ defined in the container image for the uid of the container process are still effective,
+ even if they are not included in this list.
+ Note that this field cannot be set when spec.os.name is windows.
+ items:
+ format: int64
+ type: integer
+ type: array
+ sysctls:
+ description: |-
+ Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported
+ sysctls (by the container runtime) might fail to launch.
+ Note that this field cannot be set when spec.os.name is windows.
+ items:
+ description: Sysctl defines a kernel parameter to be
+ set
+ properties:
+ name:
+ description: Name of a property to set
+ type: string
+ value:
+ description: Value of a property to set
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ windowsOptions:
+ description: |-
+ The Windows specific settings applied to all containers.
+ If unspecified, the options within a container's SecurityContext will be used.
+ If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+ Note that this field cannot be set when spec.os.name is linux.
+ properties:
+ gmsaCredentialSpec:
+ description: |-
+ GMSACredentialSpec is where the GMSA admission webhook
+ (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the
+ GMSA credential spec named by the GMSACredentialSpecName field.
+ type: string
+ gmsaCredentialSpecName:
+ description: GMSACredentialSpecName is the name of
+ the GMSA credential spec to use.
+ type: string
+ hostProcess:
+ description: |-
+ HostProcess determines if a container should be run as a 'Host Process' container.
+ All of a Pod's containers must have the same effective HostProcess value
+ (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).
+ In addition, if HostProcess is true then HostNetwork must also be set to true.
+ type: boolean
+ runAsUserName:
+ description: |-
+ The UserName in Windows to run the entrypoint of the container process.
+ Defaults to the user specified in image metadata if unspecified.
+ May also be set in PodSecurityContext. If set in both SecurityContext and
+ PodSecurityContext, the value specified in SecurityContext takes precedence.
+ type: string
+ type: object
+ type: object
+ terminationGracePeriodSeconds:
+ description: TerminationGracePeriodSeconds
+ format: int64
+ type: integer
+ topologySpreadConstraints:
+ description: TopologySpreadConstraints
+ items:
+ description: TopologySpreadConstraint specifies how to spread
+ matching pods among the given topology.
+ properties:
+ labelSelector:
+ description: |-
+ LabelSelector is used to find matching pods.
+ Pods that match this label selector are counted to determine the number of pods
+ in their corresponding topology domain.
+ properties:
+ matchExpressions:
+ description: matchExpressions is a list of label
+ selector requirements. The requirements are ANDed.
+ items:
+ description: |-
+ A label selector requirement is a selector that contains values, a key, and an operator that
+ relates the key and values.
+ properties:
+ key:
+ description: key is the label key that the
+ selector applies to.
+ type: string
+ operator:
+ description: |-
+ operator represents a key's relationship to a set of values.
+ Valid operators are In, NotIn, Exists and DoesNotExist.
+ type: string
+ values:
+ description: |-
+ values is an array of string values. If the operator is In or NotIn,
+ the values array must be non-empty. If the operator is Exists or DoesNotExist,
+ the values array must be empty. This array is replaced during a strategic
+ merge patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: |-
+ matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
+ map is equivalent to an element of matchExpressions, whose key field is "key", the
+ operator is "In", and the values array contains only "value". The requirements are ANDed.
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ matchLabelKeys:
+ description: |-
+ MatchLabelKeys is a set of pod label keys to select the pods over which
+ spreading will be calculated. The keys are used to lookup values from the
+ incoming pod labels, those key-value labels are ANDed with labelSelector
+ to select the group of existing pods over which spreading will be calculated
+ for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.
+ MatchLabelKeys cannot be set when LabelSelector isn't set.
+ Keys that don't exist in the incoming pod labels will
+ be ignored. A null or empty list means only match against labelSelector.
+
+
+ This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default).
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ maxSkew:
+ description: |-
+ MaxSkew describes the degree to which pods may be unevenly distributed.
+ When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference
+ between the number of matching pods in the target topology and the global minimum.
+ The global minimum is the minimum number of matching pods in an eligible domain
+ or zero if the number of eligible domains is less than MinDomains.
+ For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same
+ labelSelector spread as 2/2/1:
+ In this case, the global minimum is 1.
+ | zone1 | zone2 | zone3 |
+ | P P | P P | P |
+ - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2;
+ scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2)
+ violate MaxSkew(1).
+ - if MaxSkew is 2, incoming pod can be scheduled onto any zone.
+ When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence
+ to topologies that satisfy it.
+ It's a required field. Default value is 1 and 0 is not allowed.
+ format: int32
+ type: integer
+ minDomains:
+ description: |-
+ MinDomains indicates a minimum number of eligible domains.
+ When the number of eligible domains with matching topology keys is less than minDomains,
+ Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed.
+ And when the number of eligible domains with matching topology keys equals or greater than minDomains,
+ this value has no effect on scheduling.
+ As a result, when the number of eligible domains is less than minDomains,
+ scheduler won't schedule more than maxSkew Pods to those domains.
+ If value is nil, the constraint behaves as if MinDomains is equal to 1.
+ Valid values are integers greater than 0.
+ When value is not nil, WhenUnsatisfiable must be DoNotSchedule.
+
+
+ For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same
+ labelSelector spread as 2/2/2:
+ | zone1 | zone2 | zone3 |
+ | P P | P P | P P |
+ The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0.
+ In this situation, new pod with the same labelSelector cannot be scheduled,
+ because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,
+ it will violate MaxSkew.
+
+
+ This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default).
+ format: int32
+ type: integer
+ nodeAffinityPolicy:
+ description: |-
+ NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector
+ when calculating pod topology spread skew. Options are:
+ - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.
+ - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.
+
+
+ If this value is nil, the behavior is equivalent to the Honor policy.
+ This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.
+ type: string
+ nodeTaintsPolicy:
+ description: |-
+ NodeTaintsPolicy indicates how we will treat node taints when calculating
+ pod topology spread skew. Options are:
+ - Honor: nodes without taints, along with tainted nodes for which the incoming pod
+ has a toleration, are included.
+ - Ignore: node taints are ignored. All nodes are included.
+
+
+ If this value is nil, the behavior is equivalent to the Ignore policy.
+ This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.
+ type: string
+ topologyKey:
+ description: |-
+ TopologyKey is the key of node labels. Nodes that have a label with this key
+ and identical values are considered to be in the same topology.
+ We consider each as a "bucket", and try to put balanced number
+ of pods into each bucket.
+ We define a domain as a particular instance of a topology.
+ Also, we define an eligible domain as a domain whose nodes meet the requirements of
+ nodeAffinityPolicy and nodeTaintsPolicy.
+ e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology.
+ And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology.
+ It's a required field.
+ type: string
+ whenUnsatisfiable:
+ description: |-
+ WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy
+ the spread constraint.
+ - DoNotSchedule (default) tells the scheduler not to schedule it.
+ - ScheduleAnyway tells the scheduler to schedule the pod in any location,
+ but giving higher precedence to topologies that would help reduce the
+ skew.
+ A constraint is considered "Unsatisfiable" for an incoming pod
+ if and only if every possible node assignment for that pod would violate
+ "MaxSkew" on some topology.
+ For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same
+ labelSelector spread as 3/1/1:
+ | zone1 | zone2 | zone3 |
+ | P P P | P | P |
+ If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled
+ to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies
+ MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler
+ won't make it *more* imbalanced.
+ It's a required field.
+ type: string
+ required:
+ - maxSkew
+ - topologyKey
+ - whenUnsatisfiable
+ type: object
+ type: array
+ volumes:
+ description: Volumes
+ items:
+ description: Volume represents a named volume in a pod that
+ may be accessed by any container in the pod.
+ properties:
+ awsElasticBlockStore:
+ description: |-
+ awsElasticBlockStore represents an AWS Disk resource that is attached to a
+ kubelet's host machine and then exposed to the pod.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
+ properties:
+ fsType:
+ description: |-
+ fsType is the filesystem type of the volume that you want to mount.
+ Tip: Ensure that the filesystem type is supported by the host operating system.
+ Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
+ TODO: how do we prevent errors in the filesystem from compromising the machine
+ type: string
+ partition:
+ description: |-
+ partition is the partition in the volume that you want to mount.
+ If omitted, the default is to mount by volume name.
+ Examples: For volume /dev/sda1, you specify the partition as "1".
+ Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty).
+ format: int32
+ type: integer
+ readOnly:
+ description: |-
+ readOnly value true will force the readOnly setting in VolumeMounts.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
+ type: boolean
+ volumeID:
+ description: |-
+ volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume).
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
+ type: string
+ required:
+ - volumeID
+ type: object
+ azureDisk:
+ description: azureDisk represents an Azure Data Disk
+ mount on the host and bind mount to the pod.
+ properties:
+ cachingMode:
+ description: 'cachingMode is the Host Caching mode:
+ None, Read Only, Read Write.'
+ type: string
+ diskName:
+ description: diskName is the Name of the data disk
+ in the blob storage
+ type: string
+ diskURI:
+ description: diskURI is the URI of data disk in
+ the blob storage
+ type: string
+ fsType:
+ description: |-
+ fsType is Filesystem type to mount.
+ Must be a filesystem type supported by the host operating system.
+ Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+ type: string
+ kind:
+ description: 'kind expected values are Shared: multiple
+ blob disks per storage account Dedicated: single
+ blob disk per storage account Managed: azure
+ managed data disk (only in managed availability
+ set). defaults to shared'
+ type: string
+ readOnly:
+ description: |-
+ readOnly Defaults to false (read/write). ReadOnly here will force
+ the ReadOnly setting in VolumeMounts.
+ type: boolean
+ required:
+ - diskName
+ - diskURI
+ type: object
+ azureFile:
+ description: azureFile represents an Azure File Service
+ mount on the host and bind mount to the pod.
+ properties:
+ readOnly:
+ description: |-
+ readOnly defaults to false (read/write). ReadOnly here will force
+ the ReadOnly setting in VolumeMounts.
+ type: boolean
+ secretName:
+ description: secretName is the name of secret that
+ contains Azure Storage Account Name and Key
+ type: string
+ shareName:
+ description: shareName is the azure share Name
+ type: string
+ required:
+ - secretName
+ - shareName
+ type: object
+ cephfs:
+ description: cephFS represents a Ceph FS mount on the
+ host that shares a pod's lifetime
+ properties:
+ monitors:
+ description: |-
+ monitors is Required: Monitors is a collection of Ceph monitors
+ More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
+ items:
+ type: string
+ type: array
+ path:
+ description: 'path is Optional: Used as the mounted
+ root, rather than the full Ceph tree, default
+ is /'
+ type: string
+ readOnly:
+ description: |-
+ readOnly is Optional: Defaults to false (read/write). ReadOnly here will force
+ the ReadOnly setting in VolumeMounts.
+ More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
+ type: boolean
+ secretFile:
+ description: |-
+ secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret
+ More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
+ type: string
+ secretRef:
+ description: |-
+ secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.
+ More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
+ properties:
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ user:
+ description: |-
+ user is optional: User is the rados user name, default is admin
+ More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
+ type: string
+ required:
+ - monitors
+ type: object
+ cinder:
+ description: |-
+ cinder represents a cinder volume attached and mounted on kubelets host machine.
+ More info: https://examples.k8s.io/mysql-cinder-pd/README.md
+ properties:
+ fsType:
+ description: |-
+ fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host operating system.
+ Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+ More info: https://examples.k8s.io/mysql-cinder-pd/README.md
+ type: string
+ readOnly:
+ description: |-
+ readOnly defaults to false (read/write). ReadOnly here will force
+ the ReadOnly setting in VolumeMounts.
+ More info: https://examples.k8s.io/mysql-cinder-pd/README.md
+ type: boolean
+ secretRef:
+ description: |-
+ secretRef is optional: points to a secret object containing parameters used to connect
+ to OpenStack.
+ properties:
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ volumeID:
+ description: |-
+ volumeID used to identify the volume in cinder.
+ More info: https://examples.k8s.io/mysql-cinder-pd/README.md
+ type: string
+ required:
+ - volumeID
+ type: object
+ configMap:
+ description: configMap represents a configMap that should
+ populate this volume
+ properties:
+ defaultMode:
+ description: |-
+ defaultMode is optional: mode bits used to set permissions on created files by default.
+ Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
+ YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
+ Defaults to 0644.
+ Directories within the path are not affected by this setting.
+ This might be in conflict with other options that affect the file
+ mode, like fsGroup, and the result can be other mode bits set.
+ format: int32
+ type: integer
+ items:
+ description: |-
+ items if unspecified, each key-value pair in the Data field of the referenced
+ ConfigMap will be projected into the volume as a file whose name is the
+ key and content is the value. If specified, the listed keys will be
+ projected into the specified paths, and unlisted keys will not be
+ present. If a key is specified which is not present in the ConfigMap,
+ the volume setup will error unless it is marked optional. Paths must be
+ relative and may not contain the '..' path or start with '..'.
+ items:
+ description: Maps a string key to a path within
+ a volume.
+ properties:
+ key:
+ description: key is the key to project.
+ type: string
+ mode:
+ description: |-
+ mode is Optional: mode bits used to set permissions on this file.
+ Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
+ YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
+ If not specified, the volume defaultMode will be used.
+ This might be in conflict with other options that affect the file
+ mode, like fsGroup, and the result can be other mode bits set.
+ format: int32
+ type: integer
+ path:
+ description: |-
+ path is the relative path of the file to map the key to.
+ May not be an absolute path.
+ May not contain the path element '..'.
+ May not start with the string '..'.
+ type: string
+ required:
+ - key
+ - path
+ type: object
+ type: array
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: optional specify whether the ConfigMap
+ or its keys must be defined
+ type: boolean
+ type: object
+ x-kubernetes-map-type: atomic
+ csi:
+ description: csi (Container Storage Interface) represents
+ ephemeral storage that is handled by certain external
+ CSI drivers (Beta feature).
+ properties:
+ driver:
+ description: |-
+ driver is the name of the CSI driver that handles this volume.
+ Consult with your admin for the correct name as registered in the cluster.
+ type: string
+ fsType:
+ description: |-
+ fsType to mount. Ex. "ext4", "xfs", "ntfs".
+ If not provided, the empty value is passed to the associated CSI driver
+ which will determine the default filesystem to apply.
+ type: string
+ nodePublishSecretRef:
+ description: |-
+ nodePublishSecretRef is a reference to the secret object containing
+ sensitive information to pass to the CSI driver to complete the CSI
+ NodePublishVolume and NodeUnpublishVolume calls.
+ This field is optional, and may be empty if no secret is required. If the
+ secret object contains more than one secret, all secret references are passed.
+ properties:
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ readOnly:
+ description: |-
+ readOnly specifies a read-only configuration for the volume.
+ Defaults to false (read/write).
+ type: boolean
+ volumeAttributes:
+ additionalProperties:
+ type: string
+ description: |-
+ volumeAttributes stores driver-specific properties that are passed to the CSI
+ driver. Consult your driver's documentation for supported values.
+ type: object
+ required:
+ - driver
+ type: object
+ downwardAPI:
+ description: downwardAPI represents downward API about
+ the pod that should populate this volume
+ properties:
+ defaultMode:
+ description: |-
+ Optional: mode bits to use on created files by default. Must be a
+ Optional: mode bits used to set permissions on created files by default.
+ Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
+ YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
+ Defaults to 0644.
+ Directories within the path are not affected by this setting.
+ This might be in conflict with other options that affect the file
+ mode, like fsGroup, and the result can be other mode bits set.
+ format: int32
+ type: integer
+ items:
+ description: Items is a list of downward API volume
+ file
+ items:
+ description: DownwardAPIVolumeFile represents
+ information to create the file containing the
+ pod field
+ properties:
+ fieldRef:
+ description: 'Required: Selects a field of
+ the pod: only annotations, labels, name
+ and namespace are supported.'
+ properties:
+ apiVersion:
+ description: Version of the schema the
+ FieldPath is written in terms of, defaults
+ to "v1".
+ type: string
+ fieldPath:
+ description: Path of the field to select
+ in the specified API version.
+ type: string
+ required:
+ - fieldPath
+ type: object
+ x-kubernetes-map-type: atomic
+ mode:
+ description: |-
+ Optional: mode bits used to set permissions on this file, must be an octal value
+ between 0000 and 0777 or a decimal value between 0 and 511.
+ YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
+ If not specified, the volume defaultMode will be used.
+ This might be in conflict with other options that affect the file
+ mode, like fsGroup, and the result can be other mode bits set.
+ format: int32
+ type: integer
+ path:
+ description: 'Required: Path is the relative
+ path name of the file to be created. Must
+ not be absolute or contain the ''..'' path.
+ Must be utf-8 encoded. The first item of
+ the relative path must not start with ''..'''
+ type: string
+ resourceFieldRef:
+ description: |-
+ Selects a resource of the container: only resources limits and requests
+ (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.
+ properties:
+ containerName:
+ description: 'Container name: required
+ for volumes, optional for env vars'
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Specifies the output format
+ of the exposed resources, defaults to
+ "1"
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ description: 'Required: resource to select'
+ type: string
+ required:
+ - resource
+ type: object
+ x-kubernetes-map-type: atomic
+ required:
+ - path
+ type: object
+ type: array
+ type: object
+ emptyDir:
+ description: |-
+ emptyDir represents a temporary directory that shares a pod's lifetime.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir
+ properties:
+ medium:
+ description: |-
+ medium represents what type of storage medium should back this directory.
+ The default is "" which means to use the node's default medium.
+ Must be an empty string (default) or Memory.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir
+ type: string
+ sizeLimit:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ sizeLimit is the total amount of local storage required for this EmptyDir volume.
+ The size limit is also applicable for memory medium.
+ The maximum usage on memory medium EmptyDir would be the minimum value between
+ the SizeLimit specified here and the sum of memory limits of all containers in a pod.
+ The default is nil which means that the limit is undefined.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ ephemeral:
+ description: |-
+ ephemeral represents a volume that is handled by a cluster storage driver.
+ The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts,
+ and deleted when the pod is removed.
+
+
+ Use this if:
+ a) the volume is only needed while the pod runs,
+ b) features of normal volumes like restoring from snapshot or capacity
+ tracking are needed,
+ c) the storage driver is specified through a storage class, and
+ d) the storage driver supports dynamic volume provisioning through
+ a PersistentVolumeClaim (see EphemeralVolumeSource for more
+ information on the connection between this volume type
+ and PersistentVolumeClaim).
+
+
+ Use PersistentVolumeClaim or one of the vendor-specific
+ APIs for volumes that persist for longer than the lifecycle
+ of an individual pod.
+
+
+ Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to
+ be used that way - see the documentation of the driver for
+ more information.
+
+
+ A pod can use both types of ephemeral volumes and
+ persistent volumes at the same time.
+ properties:
+ volumeClaimTemplate:
+ description: |-
+ Will be used to create a stand-alone PVC to provision the volume.
+ The pod in which this EphemeralVolumeSource is embedded will be the
+ owner of the PVC, i.e. the PVC will be deleted together with the
+ pod. The name of the PVC will be `-` where
+ `` is the name from the `PodSpec.Volumes` array
+ entry. Pod validation will reject the pod if the concatenated name
+ is not valid for a PVC (for example, too long).
+
+
+ An existing PVC with that name that is not owned by the pod
+ will *not* be used for the pod to avoid using an unrelated
+ volume by mistake. Starting the pod is then blocked until
+ the unrelated PVC is removed. If such a pre-created PVC is
+ meant to be used by the pod, the PVC has to updated with an
+ owner reference to the pod once the pod exists. Normally
+ this should not be necessary, but it may be useful when
+ manually reconstructing a broken cluster.
+
+
+ This field is read-only and no changes will be made by Kubernetes
+ to the PVC after it has been created.
+
+
+ Required, must not be nil.
+ properties:
+ metadata:
+ description: |-
+ May contain labels and annotations that will be copied into the PVC
+ when creating it. No other fields are allowed and will be rejected during
+ validation.
+ type: object
+ spec:
+ description: |-
+ The specification for the PersistentVolumeClaim. The entire content is
+ copied unchanged into the PVC that gets created from this
+ template. The same fields as in a PersistentVolumeClaim
+ are also valid here.
+ properties:
+ accessModes:
+ description: |-
+ accessModes contains the desired access modes the volume should have.
+ More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1
+ items:
+ type: string
+ type: array
+ dataSource:
+ description: |-
+ dataSource field can be used to specify either:
+ * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)
+ * An existing PVC (PersistentVolumeClaim)
+ If the provisioner or an external controller can support the specified data source,
+ it will create a new volume based on the contents of the specified data source.
+ When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,
+ and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.
+ If the namespace is specified, then dataSourceRef will not be copied to dataSource.
+ properties:
+ apiGroup:
+ description: |-
+ APIGroup is the group for the resource being referenced.
+ If APIGroup is not specified, the specified Kind must be in the core API group.
+ For any other third-party types, APIGroup is required.
+ type: string
+ kind:
+ description: Kind is the type of resource
+ being referenced
+ type: string
+ name:
+ description: Name is the name of resource
+ being referenced
+ type: string
+ required:
+ - kind
+ - name
+ type: object
+ x-kubernetes-map-type: atomic
+ dataSourceRef:
+ description: |-
+ dataSourceRef specifies the object from which to populate the volume with data, if a non-empty
+ volume is desired. This may be any object from a non-empty API group (non
+ core object) or a PersistentVolumeClaim object.
+ When this field is specified, volume binding will only succeed if the type of
+ the specified object matches some installed volume populator or dynamic
+ provisioner.
+ This field will replace the functionality of the dataSource field and as such
+ if both fields are non-empty, they must have the same value. For backwards
+ compatibility, when namespace isn't specified in dataSourceRef,
+ both fields (dataSource and dataSourceRef) will be set to the same
+ value automatically if one of them is empty and the other is non-empty.
+ When namespace is specified in dataSourceRef,
+ dataSource isn't set to the same value and must be empty.
+ There are three important differences between dataSource and dataSourceRef:
+ * While dataSource only allows two specific types of objects, dataSourceRef
+ allows any non-core object, as well as PersistentVolumeClaim objects.
+ * While dataSource ignores disallowed values (dropping them), dataSourceRef
+ preserves all values, and generates an error if a disallowed value is
+ specified.
+ * While dataSource only allows local objects, dataSourceRef allows objects
+ in any namespaces.
+ (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.
+ (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.
+ properties:
+ apiGroup:
+ description: |-
+ APIGroup is the group for the resource being referenced.
+ If APIGroup is not specified, the specified Kind must be in the core API group.
+ For any other third-party types, APIGroup is required.
+ type: string
+ kind:
+ description: Kind is the type of resource
+ being referenced
+ type: string
+ name:
+ description: Name is the name of resource
+ being referenced
+ type: string
+ namespace:
+ description: |-
+ Namespace is the namespace of resource being referenced
+ Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.
+ (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.
+ type: string
+ required:
+ - kind
+ - name
+ type: object
+ resources:
+ description: |-
+ resources represents the minimum resources the volume should have.
+ If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements
+ that are lower than previous value but must still be higher than capacity recorded in the
+ status field of the claim.
+ More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
+ properties:
+ limits:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ description: |-
+ Limits describes the maximum amount of compute resources allowed.
+ More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
+ type: object
+ requests:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ description: |-
+ Requests describes the minimum amount of compute resources required.
+ If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
+ otherwise to an implementation-defined value. Requests cannot exceed Limits.
+ More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
+ type: object
+ type: object
+ selector:
+ description: selector is a label query over
+ volumes to consider for binding.
+ properties:
+ matchExpressions:
+ description: matchExpressions is a list
+ of label selector requirements. The
+ requirements are ANDed.
+ items:
+ description: |-
+ A label selector requirement is a selector that contains values, a key, and an operator that
+ relates the key and values.
+ properties:
+ key:
+ description: key is the label
+ key that the selector applies
+ to.
+ type: string
+ operator:
+ description: |-
+ operator represents a key's relationship to a set of values.
+ Valid operators are In, NotIn, Exists and DoesNotExist.
+ type: string
+ values:
+ description: |-
+ values is an array of string values. If the operator is In or NotIn,
+ the values array must be non-empty. If the operator is Exists or DoesNotExist,
+ the values array must be empty. This array is replaced during a strategic
+ merge patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: |-
+ matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
+ map is equivalent to an element of matchExpressions, whose key field is "key", the
+ operator is "In", and the values array contains only "value". The requirements are ANDed.
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ storageClassName:
+ description: |-
+ storageClassName is the name of the StorageClass required by the claim.
+ More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1
+ type: string
+ volumeAttributesClassName:
+ description: |-
+ volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.
+ If specified, the CSI driver will create or update the volume with the attributes defined
+ in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,
+ it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass
+ will be applied to the claim but it's not allowed to reset this field to empty string once it is set.
+ If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass
+ will be set by the persistentvolume controller if it exists.
+ If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be
+ set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource
+ exists.
+ More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass
+ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.
+ type: string
+ volumeMode:
+ description: |-
+ volumeMode defines what type of volume is required by the claim.
+ Value of Filesystem is implied when not included in claim spec.
+ type: string
+ volumeName:
+ description: volumeName is the binding reference
+ to the PersistentVolume backing this claim.
+ type: string
+ type: object
+ required:
+ - spec
+ type: object
+ type: object
+ fc:
+ description: fc represents a Fibre Channel resource
+ that is attached to a kubelet's host machine and then
+ exposed to the pod.
+ properties:
+ fsType:
+ description: |-
+ fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host operating system.
+ Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+ TODO: how do we prevent errors in the filesystem from compromising the machine
+ type: string
+ lun:
+ description: 'lun is Optional: FC target lun number'
+ format: int32
+ type: integer
+ readOnly:
+ description: |-
+ readOnly is Optional: Defaults to false (read/write). ReadOnly here will force
+ the ReadOnly setting in VolumeMounts.
+ type: boolean
+ targetWWNs:
+ description: 'targetWWNs is Optional: FC target
+ worldwide names (WWNs)'
+ items:
+ type: string
+ type: array
+ wwids:
+ description: |-
+ wwids Optional: FC volume world wide identifiers (wwids)
+ Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously.
+ items:
+ type: string
+ type: array
+ type: object
+ flexVolume:
+ description: |-
+ flexVolume represents a generic volume resource that is
+ provisioned/attached using an exec based plugin.
+ properties:
+ driver:
+ description: driver is the name of the driver to
+ use for this volume.
+ type: string
+ fsType:
+ description: |-
+ fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host operating system.
+ Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script.
+ type: string
+ options:
+ additionalProperties:
+ type: string
+ description: 'options is Optional: this field holds
+ extra command options if any.'
+ type: object
+ readOnly:
+ description: |-
+ readOnly is Optional: defaults to false (read/write). ReadOnly here will force
+ the ReadOnly setting in VolumeMounts.
+ type: boolean
+ secretRef:
+ description: |-
+ secretRef is Optional: secretRef is reference to the secret object containing
+ sensitive information to pass to the plugin scripts. This may be
+ empty if no secret object is specified. If the secret object
+ contains more than one secret, all secrets are passed to the plugin
+ scripts.
+ properties:
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ required:
+ - driver
+ type: object
+ flocker:
+ description: flocker represents a Flocker volume attached
+ to a kubelet's host machine. This depends on the Flocker
+ control service being running
+ properties:
+ datasetName:
+ description: |-
+ datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker
+ should be considered as deprecated
+ type: string
+ datasetUUID:
+ description: datasetUUID is the UUID of the dataset.
+ This is unique identifier of a Flocker dataset
+ type: string
+ type: object
+ gcePersistentDisk:
+ description: |-
+ gcePersistentDisk represents a GCE Disk resource that is attached to a
+ kubelet's host machine and then exposed to the pod.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
+ properties:
+ fsType:
+ description: |-
+ fsType is filesystem type of the volume that you want to mount.
+ Tip: Ensure that the filesystem type is supported by the host operating system.
+ Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
+ TODO: how do we prevent errors in the filesystem from compromising the machine
+ type: string
+ partition:
+ description: |-
+ partition is the partition in the volume that you want to mount.
+ If omitted, the default is to mount by volume name.
+ Examples: For volume /dev/sda1, you specify the partition as "1".
+ Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty).
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
+ format: int32
+ type: integer
+ pdName:
+ description: |-
+ pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
+ type: string
+ readOnly:
+ description: |-
+ readOnly here will force the ReadOnly setting in VolumeMounts.
+ Defaults to false.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
+ type: boolean
+ required:
+ - pdName
+ type: object
+ gitRepo:
+ description: |-
+ gitRepo represents a git repository at a particular revision.
+ DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an
+ EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir
+ into the Pod's container.
+ properties:
+ directory:
+ description: |-
+ directory is the target directory name.
+ Must not contain or start with '..'. If '.' is supplied, the volume directory will be the
+ git repository. Otherwise, if specified, the volume will contain the git repository in
+ the subdirectory with the given name.
+ type: string
+ repository:
+ description: repository is the URL
+ type: string
+ revision:
+ description: revision is the commit hash for the
+ specified revision.
+ type: string
+ required:
+ - repository
+ type: object
+ glusterfs:
+ description: |-
+ glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.
+ More info: https://examples.k8s.io/volumes/glusterfs/README.md
+ properties:
+ endpoints:
+ description: |-
+ endpoints is the endpoint name that details Glusterfs topology.
+ More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod
+ type: string
+ path:
+ description: |-
+ path is the Glusterfs volume path.
+ More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod
+ type: string
+ readOnly:
+ description: |-
+ readOnly here will force the Glusterfs volume to be mounted with read-only permissions.
+ Defaults to false.
+ More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod
+ type: boolean
+ required:
+ - endpoints
+ - path
+ type: object
+ hostPath:
+ description: |-
+ hostPath represents a pre-existing file or directory on the host
+ machine that is directly exposed to the container. This is generally
+ used for system agents or other privileged things that are allowed
+ to see the host machine. Most containers will NOT need this.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
+ ---
+ TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not
+ mount host directories as read/write.
+ properties:
+ path:
+ description: |-
+ path of the directory on the host.
+ If the path is a symlink, it will follow the link to the real path.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
+ type: string
+ type:
+ description: |-
+ type for HostPath Volume
+ Defaults to ""
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
+ type: string
+ required:
+ - path
+ type: object
+ iscsi:
+ description: |-
+ iscsi represents an ISCSI Disk resource that is attached to a
+ kubelet's host machine and then exposed to the pod.
+ More info: https://examples.k8s.io/volumes/iscsi/README.md
+ properties:
+ chapAuthDiscovery:
+ description: chapAuthDiscovery defines whether support
+ iSCSI Discovery CHAP authentication
+ type: boolean
+ chapAuthSession:
+ description: chapAuthSession defines whether support
+ iSCSI Session CHAP authentication
+ type: boolean
+ fsType:
+ description: |-
+ fsType is the filesystem type of the volume that you want to mount.
+ Tip: Ensure that the filesystem type is supported by the host operating system.
+ Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi
+ TODO: how do we prevent errors in the filesystem from compromising the machine
+ type: string
+ initiatorName:
+ description: |-
+ initiatorName is the custom iSCSI Initiator Name.
+ If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface
+ : will be created for the connection.
+ type: string
+ iqn:
+ description: iqn is the target iSCSI Qualified Name.
+ type: string
+ iscsiInterface:
+ description: |-
+ iscsiInterface is the interface Name that uses an iSCSI transport.
+ Defaults to 'default' (tcp).
+ type: string
+ lun:
+ description: lun represents iSCSI Target Lun number.
+ format: int32
+ type: integer
+ portals:
+ description: |-
+ portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port
+ is other than default (typically TCP ports 860 and 3260).
+ items:
+ type: string
+ type: array
+ readOnly:
+ description: |-
+ readOnly here will force the ReadOnly setting in VolumeMounts.
+ Defaults to false.
+ type: boolean
+ secretRef:
+ description: secretRef is the CHAP Secret for iSCSI
+ target and initiator authentication
+ properties:
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ targetPortal:
+ description: |-
+ targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port
+ is other than default (typically TCP ports 860 and 3260).
+ type: string
+ required:
+ - iqn
+ - lun
+ - targetPortal
+ type: object
+ name:
+ description: |-
+ name of the volume.
+ Must be a DNS_LABEL and unique within the pod.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ type: string
+ nfs:
+ description: |-
+ nfs represents an NFS mount on the host that shares a pod's lifetime
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs
+ properties:
+ path:
+ description: |-
+ path that is exported by the NFS server.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs
+ type: string
+ readOnly:
+ description: |-
+ readOnly here will force the NFS export to be mounted with read-only permissions.
+ Defaults to false.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs
+ type: boolean
+ server:
+ description: |-
+ server is the hostname or IP address of the NFS server.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs
+ type: string
+ required:
+ - path
+ - server
+ type: object
+ persistentVolumeClaim:
+ description: |-
+ persistentVolumeClaimVolumeSource represents a reference to a
+ PersistentVolumeClaim in the same namespace.
+ More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims
+ properties:
+ claimName:
+ description: |-
+ claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume.
+ More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims
+ type: string
+ readOnly:
+ description: |-
+ readOnly Will force the ReadOnly setting in VolumeMounts.
+ Default false.
+ type: boolean
+ required:
+ - claimName
+ type: object
+ photonPersistentDisk:
+ description: photonPersistentDisk represents a PhotonController
+ persistent disk attached and mounted on kubelets host
+ machine
+ properties:
+ fsType:
+ description: |-
+ fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host operating system.
+ Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+ type: string
+ pdID:
+ description: pdID is the ID that identifies Photon
+ Controller persistent disk
+ type: string
+ required:
+ - pdID
+ type: object
+ portworxVolume:
+ description: portworxVolume represents a portworx volume
+ attached and mounted on kubelets host machine
+ properties:
+ fsType:
+ description: |-
+ fSType represents the filesystem type to mount
+ Must be a filesystem type supported by the host operating system.
+ Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified.
+ type: string
+ readOnly:
+ description: |-
+ readOnly defaults to false (read/write). ReadOnly here will force
+ the ReadOnly setting in VolumeMounts.
+ type: boolean
+ volumeID:
+ description: volumeID uniquely identifies a Portworx
+ volume
+ type: string
+ required:
+ - volumeID
+ type: object
+ projected:
+ description: projected items for all in one resources
+ secrets, configmaps, and downward API
+ properties:
+ defaultMode:
+ description: |-
+ defaultMode are the mode bits used to set permissions on created files by default.
+ Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
+ YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
+ Directories within the path are not affected by this setting.
+ This might be in conflict with other options that affect the file
+ mode, like fsGroup, and the result can be other mode bits set.
+ format: int32
+ type: integer
+ sources:
+ description: sources is the list of volume projections
+ items:
+ description: Projection that may be projected
+ along with other supported volume types
+ properties:
+ clusterTrustBundle:
+ description: |-
+ ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field
+ of ClusterTrustBundle objects in an auto-updating file.
+
+
+ Alpha, gated by the ClusterTrustBundleProjection feature gate.
+
+
+ ClusterTrustBundle objects can either be selected by name, or by the
+ combination of signer name and a label selector.
+
+
+ Kubelet performs aggressive normalization of the PEM contents written
+ into the pod filesystem. Esoteric PEM features such as inter-block
+ comments and block headers are stripped. Certificates are deduplicated.
+ The ordering of certificates within the file is arbitrary, and Kubelet
+ may change the order over time.
+ properties:
+ labelSelector:
+ description: |-
+ Select all ClusterTrustBundles that match this label selector. Only has
+ effect if signerName is set. Mutually-exclusive with name. If unset,
+ interpreted as "match nothing". If set but empty, interpreted as "match
+ everything".
+ properties:
+ matchExpressions:
+ description: matchExpressions is a
+ list of label selector requirements.
+ The requirements are ANDed.
+ items:
+ description: |-
+ A label selector requirement is a selector that contains values, a key, and an operator that
+ relates the key and values.
+ properties:
+ key:
+ description: key is the label
+ key that the selector applies
+ to.
+ type: string
+ operator:
+ description: |-
+ operator represents a key's relationship to a set of values.
+ Valid operators are In, NotIn, Exists and DoesNotExist.
+ type: string
+ values:
+ description: |-
+ values is an array of string values. If the operator is In or NotIn,
+ the values array must be non-empty. If the operator is Exists or DoesNotExist,
+ the values array must be empty. This array is replaced during a strategic
+ merge patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: |-
+ matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
+ map is equivalent to an element of matchExpressions, whose key field is "key", the
+ operator is "In", and the values array contains only "value". The requirements are ANDed.
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ name:
+ description: |-
+ Select a single ClusterTrustBundle by object name. Mutually-exclusive
+ with signerName and labelSelector.
+ type: string
+ optional:
+ description: |-
+ If true, don't block pod startup if the referenced ClusterTrustBundle(s)
+ aren't available. If using name, then the named ClusterTrustBundle is
+ allowed not to exist. If using signerName, then the combination of
+ signerName and labelSelector is allowed to match zero
+ ClusterTrustBundles.
+ type: boolean
+ path:
+ description: Relative path from the volume
+ root to write the bundle.
+ type: string
+ signerName:
+ description: |-
+ Select all ClusterTrustBundles that match this signer name.
+ Mutually-exclusive with name. The contents of all selected
+ ClusterTrustBundles will be unified and deduplicated.
+ type: string
+ required:
+ - path
+ type: object
+ configMap:
+ description: configMap information about the
+ configMap data to project
+ properties:
+ items:
+ description: |-
+ items if unspecified, each key-value pair in the Data field of the referenced
+ ConfigMap will be projected into the volume as a file whose name is the
+ key and content is the value. If specified, the listed keys will be
+ projected into the specified paths, and unlisted keys will not be
+ present. If a key is specified which is not present in the ConfigMap,
+ the volume setup will error unless it is marked optional. Paths must be
+ relative and may not contain the '..' path or start with '..'.
+ items:
+ description: Maps a string key to a
+ path within a volume.
+ properties:
+ key:
+ description: key is the key to project.
+ type: string
+ mode:
+ description: |-
+ mode is Optional: mode bits used to set permissions on this file.
+ Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
+ YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
+ If not specified, the volume defaultMode will be used.
+ This might be in conflict with other options that affect the file
+ mode, like fsGroup, and the result can be other mode bits set.
+ format: int32
+ type: integer
+ path:
+ description: |-
+ path is the relative path of the file to map the key to.
+ May not be an absolute path.
+ May not contain the path element '..'.
+ May not start with the string '..'.
+ type: string
+ required:
+ - key
+ - path
+ type: object
+ type: array
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: optional specify whether
+ the ConfigMap or its keys must be defined
+ type: boolean
+ type: object
+ x-kubernetes-map-type: atomic
+ downwardAPI:
+ description: downwardAPI information about
+ the downwardAPI data to project
+ properties:
+ items:
+ description: Items is a list of DownwardAPIVolume
+ file
+ items:
+ description: DownwardAPIVolumeFile represents
+ information to create the file containing
+ the pod field
+ properties:
+ fieldRef:
+ description: 'Required: Selects
+ a field of the pod: only annotations,
+ labels, name and namespace are
+ supported.'
+ properties:
+ apiVersion:
+ description: Version of the
+ schema the FieldPath is written
+ in terms of, defaults to "v1".
+ type: string
+ fieldPath:
+ description: Path of the field
+ to select in the specified
+ API version.
+ type: string
+ required:
+ - fieldPath
+ type: object
+ x-kubernetes-map-type: atomic
+ mode:
+ description: |-
+ Optional: mode bits used to set permissions on this file, must be an octal value
+ between 0000 and 0777 or a decimal value between 0 and 511.
+ YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
+ If not specified, the volume defaultMode will be used.
+ This might be in conflict with other options that affect the file
+ mode, like fsGroup, and the result can be other mode bits set.
+ format: int32
+ type: integer
+ path:
+ description: 'Required: Path is the
+ relative path name of the file
+ to be created. Must not be absolute
+ or contain the ''..'' path. Must
+ be utf-8 encoded. The first item
+ of the relative path must not
+ start with ''..'''
+ type: string
+ resourceFieldRef:
+ description: |-
+ Selects a resource of the container: only resources limits and requests
+ (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.
+ properties:
+ containerName:
+ description: 'Container name:
+ required for volumes, optional
+ for env vars'
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Specifies the output
+ format of the exposed resources,
+ defaults to "1"
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ description: 'Required: resource
+ to select'
+ type: string
+ required:
+ - resource
+ type: object
+ x-kubernetes-map-type: atomic
+ required:
+ - path
+ type: object
+ type: array
+ type: object
+ secret:
+ description: secret information about the
+ secret data to project
+ properties:
+ items:
+ description: |-
+ items if unspecified, each key-value pair in the Data field of the referenced
+ Secret will be projected into the volume as a file whose name is the
+ key and content is the value. If specified, the listed keys will be
+ projected into the specified paths, and unlisted keys will not be
+ present. If a key is specified which is not present in the Secret,
+ the volume setup will error unless it is marked optional. Paths must be
+ relative and may not contain the '..' path or start with '..'.
+ items:
+ description: Maps a string key to a
+ path within a volume.
+ properties:
+ key:
+ description: key is the key to project.
+ type: string
+ mode:
+ description: |-
+ mode is Optional: mode bits used to set permissions on this file.
+ Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
+ YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
+ If not specified, the volume defaultMode will be used.
+ This might be in conflict with other options that affect the file
+ mode, like fsGroup, and the result can be other mode bits set.
+ format: int32
+ type: integer
+ path:
+ description: |-
+ path is the relative path of the file to map the key to.
+ May not be an absolute path.
+ May not contain the path element '..'.
+ May not start with the string '..'.
+ type: string
+ required:
+ - key
+ - path
+ type: object
+ type: array
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: optional field specify whether
+ the Secret or its key must be defined
+ type: boolean
+ type: object
+ x-kubernetes-map-type: atomic
+ serviceAccountToken:
+ description: serviceAccountToken is information
+ about the serviceAccountToken data to project
+ properties:
+ audience:
+ description: |-
+ audience is the intended audience of the token. A recipient of a token
+ must identify itself with an identifier specified in the audience of the
+ token, and otherwise should reject the token. The audience defaults to the
+ identifier of the apiserver.
+ type: string
+ expirationSeconds:
+ description: |-
+ expirationSeconds is the requested duration of validity of the service
+ account token. As the token approaches expiration, the kubelet volume
+ plugin will proactively rotate the service account token. The kubelet will
+ start trying to rotate the token if the token is older than 80 percent of
+ its time to live or if the token is older than 24 hours.Defaults to 1 hour
+ and must be at least 10 minutes.
+ format: int64
+ type: integer
+ path:
+ description: |-
+ path is the path relative to the mount point of the file to project the
+ token into.
+ type: string
+ required:
+ - path
+ type: object
+ type: object
+ type: array
+ type: object
+ quobyte:
+ description: quobyte represents a Quobyte mount on the
+ host that shares a pod's lifetime
+ properties:
+ group:
+ description: |-
+ group to map volume access to
+ Default is no group
+ type: string
+ readOnly:
+ description: |-
+ readOnly here will force the Quobyte volume to be mounted with read-only permissions.
+ Defaults to false.
+ type: boolean
+ registry:
+ description: |-
+ registry represents a single or multiple Quobyte Registry services
+ specified as a string as host:port pair (multiple entries are separated with commas)
+ which acts as the central registry for volumes
+ type: string
+ tenant:
+ description: |-
+ tenant owning the given Quobyte volume in the Backend
+ Used with dynamically provisioned Quobyte volumes, value is set by the plugin
+ type: string
+ user:
+ description: |-
+ user to map volume access to
+ Defaults to serivceaccount user
+ type: string
+ volume:
+ description: volume is a string that references
+ an already created Quobyte volume by name.
+ type: string
+ required:
+ - registry
+ - volume
+ type: object
+ rbd:
+ description: |-
+ rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.
+ More info: https://examples.k8s.io/volumes/rbd/README.md
+ properties:
+ fsType:
+ description: |-
+ fsType is the filesystem type of the volume that you want to mount.
+ Tip: Ensure that the filesystem type is supported by the host operating system.
+ Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd
+ TODO: how do we prevent errors in the filesystem from compromising the machine
+ type: string
+ image:
+ description: |-
+ image is the rados image name.
+ More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
+ type: string
+ keyring:
+ description: |-
+ keyring is the path to key ring for RBDUser.
+ Default is /etc/ceph/keyring.
+ More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
+ type: string
+ monitors:
+ description: |-
+ monitors is a collection of Ceph monitors.
+ More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
+ items:
+ type: string
+ type: array
+ pool:
+ description: |-
+ pool is the rados pool name.
+ Default is rbd.
+ More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
+ type: string
+ readOnly:
+ description: |-
+ readOnly here will force the ReadOnly setting in VolumeMounts.
+ Defaults to false.
+ More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
+ type: boolean
+ secretRef:
+ description: |-
+ secretRef is name of the authentication secret for RBDUser. If provided
+ overrides keyring.
+ Default is nil.
+ More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
+ properties:
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ user:
+ description: |-
+ user is the rados user name.
+ Default is admin.
+ More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
+ type: string
+ required:
+ - image
+ - monitors
+ type: object
+ scaleIO:
+ description: scaleIO represents a ScaleIO persistent
+ volume attached and mounted on Kubernetes nodes.
+ properties:
+ fsType:
+ description: |-
+ fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host operating system.
+ Ex. "ext4", "xfs", "ntfs".
+ Default is "xfs".
+ type: string
+ gateway:
+ description: gateway is the host address of the
+ ScaleIO API Gateway.
+ type: string
+ protectionDomain:
+ description: protectionDomain is the name of the
+ ScaleIO Protection Domain for the configured storage.
+ type: string
+ readOnly:
+ description: |-
+ readOnly Defaults to false (read/write). ReadOnly here will force
+ the ReadOnly setting in VolumeMounts.
+ type: boolean
+ secretRef:
+ description: |-
+ secretRef references to the secret for ScaleIO user and other
+ sensitive information. If this is not provided, Login operation will fail.
+ properties:
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ sslEnabled:
+ description: sslEnabled Flag enable/disable SSL
+ communication with Gateway, default false
+ type: boolean
+ storageMode:
+ description: |-
+ storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned.
+ Default is ThinProvisioned.
+ type: string
+ storagePool:
+ description: storagePool is the ScaleIO Storage
+ Pool associated with the protection domain.
+ type: string
+ system:
+ description: system is the name of the storage system
+ as configured in ScaleIO.
+ type: string
+ volumeName:
+ description: |-
+ volumeName is the name of a volume already created in the ScaleIO system
+ that is associated with this volume source.
+ type: string
+ required:
+ - gateway
+ - secretRef
+ - system
+ type: object
+ secret:
+ description: |-
+ secret represents a secret that should populate this volume.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#secret
+ properties:
+ defaultMode:
+ description: |-
+ defaultMode is Optional: mode bits used to set permissions on created files by default.
+ Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
+ YAML accepts both octal and decimal values, JSON requires decimal values
+ for mode bits. Defaults to 0644.
+ Directories within the path are not affected by this setting.
+ This might be in conflict with other options that affect the file
+ mode, like fsGroup, and the result can be other mode bits set.
+ format: int32
+ type: integer
+ items:
+ description: |-
+ items If unspecified, each key-value pair in the Data field of the referenced
+ Secret will be projected into the volume as a file whose name is the
+ key and content is the value. If specified, the listed keys will be
+ projected into the specified paths, and unlisted keys will not be
+ present. If a key is specified which is not present in the Secret,
+ the volume setup will error unless it is marked optional. Paths must be
+ relative and may not contain the '..' path or start with '..'.
+ items:
+ description: Maps a string key to a path within
+ a volume.
+ properties:
+ key:
+ description: key is the key to project.
+ type: string
+ mode:
+ description: |-
+ mode is Optional: mode bits used to set permissions on this file.
+ Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
+ YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
+ If not specified, the volume defaultMode will be used.
+ This might be in conflict with other options that affect the file
+ mode, like fsGroup, and the result can be other mode bits set.
+ format: int32
+ type: integer
+ path:
+ description: |-
+ path is the relative path of the file to map the key to.
+ May not be an absolute path.
+ May not contain the path element '..'.
+ May not start with the string '..'.
+ type: string
+ required:
+ - key
+ - path
+ type: object
+ type: array
+ optional:
+ description: optional field specify whether the
+ Secret or its keys must be defined
+ type: boolean
+ secretName:
+ description: |-
+ secretName is the name of the secret in the pod's namespace to use.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#secret
+ type: string
+ type: object
+ storageos:
+ description: storageOS represents a StorageOS volume
+ attached and mounted on Kubernetes nodes.
+ properties:
+ fsType:
+ description: |-
+ fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host operating system.
+ Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+ type: string
+ readOnly:
+ description: |-
+ readOnly defaults to false (read/write). ReadOnly here will force
+ the ReadOnly setting in VolumeMounts.
+ type: boolean
+ secretRef:
+ description: |-
+ secretRef specifies the secret to use for obtaining the StorageOS API
+ credentials. If not specified, default values will be attempted.
+ properties:
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ volumeName:
+ description: |-
+ volumeName is the human-readable name of the StorageOS volume. Volume
+ names are only unique within a namespace.
+ type: string
+ volumeNamespace:
+ description: |-
+ volumeNamespace specifies the scope of the volume within StorageOS. If no
+ namespace is specified then the Pod's namespace will be used. This allows the
+ Kubernetes name scoping to be mirrored within StorageOS for tighter integration.
+ Set VolumeName to any name to override the default behaviour.
+ Set to "default" if you are not using namespaces within StorageOS.
+ Namespaces that do not pre-exist within StorageOS will be created.
+ type: string
+ type: object
+ vsphereVolume:
+ description: vsphereVolume represents a vSphere volume
+ attached and mounted on kubelets host machine
+ properties:
+ fsType:
+ description: |-
+ fsType is filesystem type to mount.
+ Must be a filesystem type supported by the host operating system.
+ Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+ type: string
+ storagePolicyID:
+ description: storagePolicyID is the storage Policy
+ Based Management (SPBM) profile ID associated
+ with the StoragePolicyName.
+ type: string
+ storagePolicyName:
+ description: storagePolicyName is the storage Policy
+ Based Management (SPBM) profile name.
+ type: string
+ volumePath:
+ description: volumePath is the path that identifies
+ vSphere volume vmdk
+ type: string
+ required:
+ - volumePath
+ type: object
+ required:
+ - name
+ type: object
+ type: array
+ required:
+ - containers
+ type: object
+ type: object
+ traits:
+ description: the traits needed to run this Integration
+ properties:
+ 3scale:
+ description: 'Deprecated: for backward compatibility.'
+ properties:
+ configuration:
+ description: TraitConfiguration parameters configuration
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ required:
+ - configuration
+ type: object
+ addons:
+ additionalProperties:
+ description: AddonTrait represents the configuration of an addon
+ trait.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ description: The extension point with addon traits
+ type: object
+ affinity:
+ description: The configuration of Affinity trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ nodeAffinityLabels:
+ description: Defines a set of nodes the integration pod(s)
+ are eligible to be scheduled on, based on labels on the
+ node.
+ items:
+ type: string
+ type: array
+ podAffinity:
+ description: Always co-locates multiple replicas of the integration
+ in the same node (default `false`).
+ type: boolean
+ podAffinityLabels:
+ description: |-
+ Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the
+ integration pod(s) should be co-located with.
+ items:
+ type: string
+ type: array
+ podAntiAffinity:
+ description: Never co-locates multiple replicas of the integration
+ in the same node (default `false`).
+ type: boolean
+ podAntiAffinityLabels:
+ description: |-
+ Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the
+ integration pod(s) should not be co-located with.
+ items:
+ type: string
+ type: array
+ type: object
+ builder:
+ description: The configuration of Builder trait
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ description: When using `pod` strategy, annotation to use
+ for the builder pod.
+ type: object
+ baseImage:
+ description: |-
+ Specify a base image. In order to have the application working properly it must be a container image which has a Java JDK
+ installed and ready to use on path (ie `/usr/bin/java`).
+ type: string
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ incrementalImageBuild:
+ description: Use the incremental image build option, to reuse
+ existing containers (default `true`)
+ type: boolean
+ limitCPU:
+ description: |-
+ When using `pod` strategy, the maximum amount of CPU required by the pod builder.
+ Deprecated: use TasksRequestCPU instead with task name `builder`.
+ type: string
+ limitMemory:
+ description: |-
+ When using `pod` strategy, the maximum amount of memory required by the pod builder.
+ Deprecated: use TasksRequestCPU instead with task name `builder`.
+ type: string
+ mavenProfiles:
+ description: |-
+ A list of references pointing to configmaps/secrets that contains a maven profile.
+ This configmap/secret is a resource of the IntegrationKit created, therefore it needs to be present in the namespace where the operator is going to create the IntegrationKit.
+ The content of the maven profile is expected to be a text containing a valid maven profile starting with `` and ending with `` that will be integrated as an inline profile in the POM.
+ Syntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = profile.xml).
+ items:
+ type: string
+ type: array
+ nodeSelector:
+ additionalProperties:
+ type: string
+ description: Defines a set of nodes the builder pod is eligible
+ to be scheduled on, based on labels on the node.
+ type: object
+ orderStrategy:
+ description: The build order strategy to use, either `dependencies`,
+ `fifo` or `sequential` (default is the platform default)
+ enum:
+ - dependencies
+ - fifo
+ - sequential
+ type: string
+ platforms:
+ description: The list of manifest platforms to use to build
+ a container image (default `linux/amd64`).
+ items:
+ type: string
+ type: array
+ properties:
+ description: A list of properties to be provided to the build
+ task
+ items:
+ type: string
+ type: array
+ requestCPU:
+ description: |-
+ When using `pod` strategy, the minimum amount of CPU required by the pod builder.
+ Deprecated: use TasksRequestCPU instead with task name `builder`.
+ type: string
+ requestMemory:
+ description: |-
+ When using `pod` strategy, the minimum amount of memory required by the pod builder.
+ Deprecated: use TasksRequestCPU instead with task name `builder`.
+ type: string
+ strategy:
+ description: The strategy to use, either `pod` or `routine`
+ (default `routine`)
+ enum:
+ - pod
+ - routine
+ type: string
+ tasks:
+ description: A list of tasks to be executed (available only
+ when using `pod` strategy) with format `;;`.
+ items:
+ type: string
+ type: array
+ tasksFilter:
+ description: |-
+ A list of tasks sorted by the order of execution in a csv format, ie, `,,...`.
+ Mind that you must include also the operator tasks (`builder`, `quarkus-native`, `package`, `jib`, `s2i`)
+ if you need to execute them. Useful only with `pod` strategy.
+ type: string
+ tasksLimitCPU:
+ description: A list of limit cpu configuration for the specific
+ task with format `:`.
+ items:
+ type: string
+ type: array
+ tasksLimitMemory:
+ description: A list of limit memory configuration for the
+ specific task with format `:`.
+ items:
+ type: string
+ type: array
+ tasksRequestCPU:
+ description: A list of request cpu configuration for the specific
+ task with format `:`.
+ items:
+ type: string
+ type: array
+ tasksRequestMemory:
+ description: A list of request memory configuration for the
+ specific task with format `:`.
+ items:
+ type: string
+ type: array
+ verbose:
+ description: |-
+ Enable verbose logging on build components that support it (e.g. Kaniko build pod).
+ Deprecated no longer in use
+ type: boolean
+ type: object
+ camel:
+ description: The configuration of Camel trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ properties:
+ description: A list of properties to be provided to the Integration
+ runtime
+ items:
+ type: string
+ type: array
+ runtimeVersion:
+ description: |-
+ The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform.
+ You can use a fixed version (for example "3.2.3") or a semantic version (for example "3.x") which will try to resolve
+ to the best matching Catalog existing on the cluster.
+ type: string
+ type: object
+ container:
+ description: The configuration of Container trait
+ properties:
+ allowPrivilegeEscalation:
+ description: Security Context AllowPrivilegeEscalation configuration
+ (default false).
+ type: boolean
+ auto:
+ description: To automatically enable the trait
+ type: boolean
+ capabilitiesAdd:
+ description: Security Context Capabilities Add configuration
+ (default none).
+ items:
+ description: Capability represent POSIX capabilities type
+ type: string
+ type: array
+ capabilitiesDrop:
+ description: Security Context Capabilities Drop configuration
+ (default ALL).
+ items:
+ description: Capability represent POSIX capabilities type
+ type: string
+ type: array
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ expose:
+ description: Can be used to enable/disable exposure via kubernetes
+ Service.
+ type: boolean
+ image:
+ description: |-
+ The main container image to use for the Integration. When using this parameter the operator will create a synthetic IntegrationKit which
+ won't be able to execute traits requiring CamelCatalog. If the container image you're using is coming from an IntegrationKit, use instead
+ Integration `.spec.integrationKit` parameter. If you're moving the Integration across environments, you will also need to create an "external" IntegrationKit.
+ type: string
+ imagePullPolicy:
+ description: 'The pull policy: Always|Never|IfNotPresent'
+ enum:
+ - Always
+ - Never
+ - IfNotPresent
+ type: string
+ limitCPU:
+ description: The maximum amount of CPU to be provided (default
+ 500 millicores).
+ type: string
+ limitMemory:
+ description: The maximum amount of memory to be provided (default
+ 512 Mi).
+ type: string
+ name:
+ description: The main container name. It's named `integration`
+ by default.
+ type: string
+ port:
+ description: To configure a different port exposed by the
+ container (default `8080`).
+ type: integer
+ portName:
+ description: To configure a different port name for the port
+ exposed by the container. It defaults to `http` only when
+ the `expose` parameter is true.
+ type: string
+ requestCPU:
+ description: The minimum amount of CPU required (default 125
+ millicores).
+ type: string
+ requestMemory:
+ description: The minimum amount of memory required (default
+ 128 Mi).
+ type: string
+ runAsNonRoot:
+ description: Security Context RunAsNonRoot configuration (default
+ false).
+ type: boolean
+ runAsUser:
+ description: 'Security Context RunAsUser configuration (default
+ none): this value is automatically retrieved in Openshift
+ clusters when not explicitly set.'
+ format: int64
+ type: integer
+ seccompProfileType:
+ description: Security Context SeccompProfileType configuration
+ (default RuntimeDefault).
+ enum:
+ - Unconfined
+ - RuntimeDefault
+ type: string
+ servicePort:
+ description: To configure under which service port the container
+ port is to be exposed (default `80`).
+ type: integer
+ servicePortName:
+ description: To configure under which service port name the
+ container port is to be exposed (default `http`).
+ type: string
+ type: object
+ cron:
+ description: The configuration of Cron trait
+ properties:
+ activeDeadlineSeconds:
+ description: |-
+ Specifies the duration in seconds, relative to the start time, that the job
+ may be continuously active before it is considered to be failed.
+ It defaults to 60s.
+ format: int64
+ type: integer
+ auto:
+ description: |-
+ Automatically deploy the integration as CronJob when all routes are
+ either starting from a periodic consumer (only `cron`, `timer` and `quartz` are supported) or a passive consumer (e.g. `direct` is a passive consumer).
+
+
+ It's required that all periodic consumers have the same period, and it can be expressed as cron schedule (e.g. `1m` can be expressed as `0/1 * * * *`,
+ while `35m` or `50s` cannot).
+ type: boolean
+ backoffLimit:
+ description: |-
+ Specifies the number of retries before marking the job failed.
+ It defaults to 2.
+ format: int32
+ type: integer
+ components:
+ description: |-
+ A comma separated list of the Camel components that need to be customized in order for them to work when the schedule is triggered externally by Kubernetes.
+ A specific customizer is activated for each specified component. E.g. for the `timer` component, the `cron-timer` customizer is
+ activated (it's present in the `org.apache.camel.k:camel-k-cron` library).
+
+
+ Supported components are currently: `cron`, `timer` and `quartz`.
+ type: string
+ concurrencyPolicy:
+ description: |-
+ Specifies how to treat concurrent executions of a Job.
+ Valid values are:
+ - "Allow": allows CronJobs to run concurrently;
+ - "Forbid" (default): forbids concurrent runs, skipping next run if previous run hasn't finished yet;
+ - "Replace": cancels currently running job and replaces it with a new one
+ enum:
+ - Allow
+ - Forbid
+ - Replace
+ type: string
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ fallback:
+ description: |-
+ Use the default Camel implementation of the `cron` endpoint (`quartz`) instead of trying to materialize the integration
+ as Kubernetes CronJob.
+ type: boolean
+ schedule:
+ description: |-
+ The CronJob schedule for the whole integration. If multiple routes are declared, they must have the same schedule for this
+ mechanism to work correctly.
+ type: string
+ startingDeadlineSeconds:
+ description: |-
+ Optional deadline in seconds for starting the job if it misses scheduled
+ time for any reason. Missed jobs executions will be counted as failed ones.
+ format: int64
+ type: integer
+ timeZone:
+ description: The timezone that the CronJob will run on
+ type: string
+ type: object
+ dependencies:
+ description: The configuration of Dependencies trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ type: object
+ deployer:
+ description: The configuration of Deployer trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ kind:
+ description: Allows to explicitly select the desired deployment
+ kind between `deployment`, `cron-job` or `knative-service`
+ when creating the resources for running the integration.
+ enum:
+ - deployment
+ - cron-job
+ - knative-service
+ type: string
+ useSSA:
+ description: |-
+ Use server-side apply to update the owned resources (default `true`).
+ Note that it automatically falls back to client-side patching, if SSA is not available, e.g., on old Kubernetes clusters.
+ type: boolean
+ type: object
+ deployment:
+ description: The configuration of Deployment trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ progressDeadlineSeconds:
+ description: |-
+ The maximum time in seconds for the deployment to make progress before it
+ is considered to be failed. It defaults to `60s`.
+ format: int32
+ type: integer
+ rollingUpdateMaxSurge:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ The maximum number of pods that can be scheduled above the desired number of
+ pods.
+ Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
+ This can not be 0 if MaxUnavailable is 0.
+ Absolute number is calculated from percentage by rounding up.
+ Defaults to `25%`.
+ x-kubernetes-int-or-string: true
+ rollingUpdateMaxUnavailable:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ The maximum number of pods that can be unavailable during the update.
+ Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
+ Absolute number is calculated from percentage by rounding down.
+ This can not be 0 if MaxSurge is 0.
+ Defaults to `25%`.
+ x-kubernetes-int-or-string: true
+ strategy:
+ description: The deployment strategy to use to replace existing
+ pods with new ones.
+ enum:
+ - Recreate
+ - RollingUpdate
+ type: string
+ type: object
+ environment:
+ description: The configuration of Environment trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ containerMeta:
+ description: Enables injection of `NAMESPACE` and `POD_NAME`
+ environment variables (default `true`)
+ type: boolean
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ httpProxy:
+ description: Propagates the `HTTP_PROXY`, `HTTPS_PROXY` and
+ `NO_PROXY` environment variables (default `true`)
+ type: boolean
+ vars:
+ description: |-
+ A list of environment variables to be added to the integration container.
+ The syntax is KEY=VALUE, e.g., `MY_VAR="my value"`.
+ These take precedence over the previously defined environment variables.
+ items:
+ type: string
+ type: array
+ type: object
+ error-handler:
+ description: The configuration of Error Handler trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ ref:
+ description: The error handler ref name provided or found
+ in application properties
+ type: string
+ type: object
+ gc:
+ description: The configuration of GC trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ discoveryCache:
+ description: |-
+ Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`).
+ Deprecated: to be removed from trait configuration.
+ enum:
+ - disabled
+ - disk
+ - memory
+ type: string
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ type: object
+ health:
+ description: The configuration of Health trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ livenessFailureThreshold:
+ description: Minimum consecutive failures for the liveness
+ probe to be considered failed after having succeeded.
+ format: int32
+ type: integer
+ livenessInitialDelay:
+ description: Number of seconds after the container has started
+ before the liveness probe is initiated.
+ format: int32
+ type: integer
+ livenessPeriod:
+ description: How often to perform the liveness probe.
+ format: int32
+ type: integer
+ livenessProbe:
+ description: The liveness probe path to use (default provided
+ by the Catalog runtime used).
+ type: string
+ livenessProbeEnabled:
+ description: Configures the liveness probe for the integration
+ container (default `false`).
+ type: boolean
+ livenessScheme:
+ description: Scheme to use when connecting to the liveness
+ probe (default `HTTP`).
+ type: string
+ livenessSuccessThreshold:
+ description: Minimum consecutive successes for the liveness
+ probe to be considered successful after having failed.
+ format: int32
+ type: integer
+ livenessTimeout:
+ description: Number of seconds after which the liveness probe
+ times out.
+ format: int32
+ type: integer
+ readinessFailureThreshold:
+ description: Minimum consecutive failures for the readiness
+ probe to be considered failed after having succeeded.
+ format: int32
+ type: integer
+ readinessInitialDelay:
+ description: Number of seconds after the container has started
+ before the readiness probe is initiated.
+ format: int32
+ type: integer
+ readinessPeriod:
+ description: How often to perform the readiness probe.
+ format: int32
+ type: integer
+ readinessProbe:
+ description: The readiness probe path to use (default provided
+ by the Catalog runtime used).
+ type: string
+ readinessProbeEnabled:
+ description: Configures the readiness probe for the integration
+ container (default `true`).
+ type: boolean
+ readinessScheme:
+ description: Scheme to use when connecting to the readiness
+ probe (default `HTTP`).
+ type: string
+ readinessSuccessThreshold:
+ description: Minimum consecutive successes for the readiness
+ probe to be considered successful after having failed.
+ format: int32
+ type: integer
+ readinessTimeout:
+ description: Number of seconds after which the readiness probe
+ times out.
+ format: int32
+ type: integer
+ startupFailureThreshold:
+ description: Minimum consecutive failures for the startup
+ probe to be considered failed after having succeeded.
+ format: int32
+ type: integer
+ startupInitialDelay:
+ description: Number of seconds after the container has started
+ before the startup probe is initiated.
+ format: int32
+ type: integer
+ startupPeriod:
+ description: How often to perform the startup probe.
+ format: int32
+ type: integer
+ startupProbe:
+ description: The startup probe path to use (default provided
+ by the Catalog runtime used).
+ type: string
+ startupProbeEnabled:
+ description: Configures the startup probe for the integration
+ container (default `false`).
+ type: boolean
+ startupScheme:
+ description: Scheme to use when connecting to the startup
+ probe (default `HTTP`).
+ type: string
+ startupSuccessThreshold:
+ description: Minimum consecutive successes for the startup
+ probe to be considered successful after having failed.
+ format: int32
+ type: integer
+ startupTimeout:
+ description: Number of seconds after which the startup probe
+ times out.
+ format: int32
+ type: integer
+ type: object
+ ingress:
+ description: The configuration of Ingress trait
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ description: |-
+ The annotations added to the ingress.
+ This can be used to set controller specific annotations, e.g., when using the NGINX Ingress controller:
+ See https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md
+ type: object
+ auto:
+ description: To automatically add an ingress whenever the
+ integration uses an HTTP endpoint consumer.
+ type: boolean
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ host:
+ description: To configure the host exposed by the ingress.
+ type: string
+ path:
+ description: To configure the path exposed by the ingress
+ (default `/`).
+ type: string
+ pathType:
+ description: |-
+ To configure the path type exposed by the ingress.
+ One of `Exact`, `Prefix`, `ImplementationSpecific` (default to `Prefix`).
+ enum:
+ - Exact
+ - Prefix
+ - ImplementationSpecific
+ type: string
+ tlsHosts:
+ description: To configure tls hosts
+ items:
+ type: string
+ type: array
+ tlsSecretName:
+ description: To configure tls secret name
+ type: string
+ type: object
+ istio:
+ description: The configuration of Istio trait
+ properties:
+ allow:
+ description: Configures a (comma-separated) list of CIDR subnets
+ that should not be intercepted by the Istio proxy (`10.0.0.0/8,172.16.0.0/12,192.168.0.0/16`
+ by default).
+ type: string
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ inject:
+ description: Forces the value for labels `sidecar.istio.io/inject`.
+ By default the label is set to `true` on deployment and
+ not set on Knative Service.
+ type: boolean
+ type: object
+ jolokia:
+ description: The configuration of Jolokia trait
+ properties:
+ CACert:
+ description: |-
+ The PEM encoded CA certification file path, used to verify client certificates,
+ applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`
+ (default `/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt` for OpenShift).
+ type: string
+ clientPrincipal:
+ description: |-
+ The principal(s) which must be given in a client certificate to allow access to the Jolokia endpoint,
+ applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`
+ (default `clientPrincipal=cn=system:master-proxy`, `cn=hawtio-online.hawtio.svc` and `cn=fuse-console.fuse.svc` for OpenShift).
+ items:
+ type: string
+ type: array
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ discoveryEnabled:
+ description: Listen for multicast requests (default `false`)
+ type: boolean
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ extendedClientCheck:
+ description: |-
+ Mandate the client certificate contains a client flag in the extended key usage section,
+ applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`
+ (default `true` for OpenShift).
+ type: boolean
+ host:
+ description: |-
+ The Host address to which the Jolokia agent should bind to. If `"\*"` or `"0.0.0.0"` is given,
+ the servers binds to every network interface (default `"*"`).
+ type: string
+ options:
+ description: |-
+ A list of additional Jolokia options as defined
+ in https://jolokia.org/reference/html/agents.html#agent-jvm-config[JVM agent configuration options]
+ items:
+ type: string
+ type: array
+ password:
+ description: The password used for authentication, applicable
+ when the `user` option is set.
+ type: string
+ port:
+ description: The Jolokia endpoint port (default `8778`).
+ type: integer
+ protocol:
+ description: The protocol to use, either `http` or `https`
+ (default `https` for OpenShift)
+ type: string
+ useSSLClientAuthentication:
+ description: Whether client certificates should be used for
+ authentication (default `true` for OpenShift).
+ type: boolean
+ user:
+ description: The user to be used for authentication
+ type: string
+ type: object
+ jvm:
+ description: The configuration of JVM trait
+ properties:
+ classpath:
+ description: Additional JVM classpath (use `Linux` classpath
+ separator)
+ type: string
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ debug:
+ description: Activates remote debugging, so that a debugger
+ can be attached to the JVM, e.g., using port-forwarding
+ type: boolean
+ debugAddress:
+ description: Transport address at which to listen for the
+ newly launched JVM (default `*:5005`)
+ type: string
+ debugSuspend:
+ description: Suspends the target JVM immediately before the
+ main class is loaded
+ type: boolean
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ jar:
+ description: The Jar dependency which will run the application.
+ Leave it empty for managed Integrations.
+ type: string
+ options:
+ description: A list of JVM options
+ items:
+ type: string
+ type: array
+ printCommand:
+ description: |-
+ Prints the command used the start the JVM in the container logs (default `true`)
+ Deprecated: no longer in use.
+ type: boolean
+ type: object
+ kamelets:
+ description: The configuration of Kamelets trait
+ properties:
+ auto:
+ description: Automatically inject all referenced Kamelets
+ and their default configuration (enabled by default)
+ type: boolean
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ list:
+ description: Comma separated list of Kamelet names to load
+ into the current integration
+ type: string
+ mountPoint:
+ description: The directory where the application mounts and
+ reads Kamelet spec (default `/etc/camel/kamelets`)
+ type: string
+ type: object
+ keda:
+ description: 'Deprecated: for backward compatibility.'
+ properties:
+ configuration:
+ description: TraitConfiguration parameters configuration
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ required:
+ - configuration
+ type: object
+ knative:
+ description: The configuration of Knative trait
+ properties:
+ auto:
+ description: Enable automatic discovery of all trait properties.
+ type: boolean
+ channelSinks:
+ description: |-
+ List of channels used as destination of integration routes.
+ Can contain simple channel names or full Camel URIs.
+ items:
+ type: string
+ type: array
+ channelSources:
+ description: |-
+ List of channels used as source of integration routes.
+ Can contain simple channel names or full Camel URIs.
+ items:
+ type: string
+ type: array
+ config:
+ description: Can be used to inject a Knative complete configuration
+ in JSON format.
+ type: string
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ endpointSinks:
+ description: |-
+ List of endpoints used as destination of integration routes.
+ Can contain simple endpoint names or full Camel URIs.
+ items:
+ type: string
+ type: array
+ endpointSources:
+ description: List of channels used as source of integration
+ routes.
+ items:
+ type: string
+ type: array
+ eventSinks:
+ description: |-
+ List of event types that the integration will produce.
+ Can contain simple event types or full Camel URIs (to use a specific broker).
+ items:
+ type: string
+ type: array
+ eventSources:
+ description: |-
+ List of event types that the integration will be subscribed to.
+ Can contain simple event types or full Camel URIs (to use a specific broker different from "default").
+ items:
+ type: string
+ type: array
+ filterEventType:
+ description: |-
+ Enables the default filtering for the Knative trigger using the event type
+ If this is true, the created Knative trigger uses the event type as a filter on the event stream when no other filter criteria is given. (default: true)
+ type: boolean
+ filterSourceChannels:
+ description: |-
+ Enables filtering on events based on the header "ce-knativehistory". Since this header has been removed in newer versions of
+ Knative, filtering is disabled by default.
+ type: boolean
+ filters:
+ description: |-
+ Sets filter attributes on the event stream (such as event type, source, subject and so on).
+ A list of key-value pairs that represent filter attributes and its values.
+ The syntax is KEY=VALUE, e.g., `source="my.source"`.
+ Filter attributes get set on the Knative trigger that is being created as part of this integration.
+ items:
+ type: string
+ type: array
+ namespaceLabel:
+ description: |-
+ Enables the camel-k-operator to set the "bindings.knative.dev/include=true" label to the namespace
+ As Knative requires this label to perform injection of K_SINK URL into the service.
+ If this is false, the integration pod may start and fail, read the SinkBinding Knative documentation. (default: true)
+ type: boolean
+ sinkBinding:
+ description: |-
+ Allows binding the integration to a sink via a Knative SinkBinding resource.
+ This can be used when the integration targets a single sink.
+ It's enabled by default when the integration targets a single sink
+ (except when the integration is owned by a Knative source).
+ type: boolean
+ type: object
+ knative-service:
+ description: The configuration of Knative Service trait
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ description: |-
+ The annotations added to route.
+ This can be used to set knative service specific annotations
+ CLI usage example: -t "knative-service.annotations.'haproxy.router.openshift.io/balance'=true"
+ type: object
+ auto:
+ description: |-
+ Automatically deploy the integration as Knative service when all conditions hold:
+
+
+ * Integration is using the Knative profile
+ * All routes are either starting from an HTTP based consumer or a passive consumer (e.g. `direct` is a passive consumer)
+ type: boolean
+ autoscalingMetric:
+ description: |-
+ Configures the Knative autoscaling metric property (e.g. to set `concurrency` based or `cpu` based autoscaling).
+
+
+ Refer to the Knative documentation for more information.
+ type: string
+ autoscalingTarget:
+ description: |-
+ Sets the allowed concurrency level or CPU percentage (depending on the autoscaling metric) for each Pod.
+
+
+ Refer to the Knative documentation for more information.
+ type: integer
+ class:
+ description: |-
+ Configures the Knative autoscaling class property (e.g. to set `hpa.autoscaling.knative.dev` or `kpa.autoscaling.knative.dev` autoscaling).
+
+
+ Refer to the Knative documentation for more information.
+ enum:
+ - kpa.autoscaling.knative.dev
+ - hpa.autoscaling.knative.dev
+ type: string
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ maxScale:
+ description: |-
+ An upper bound for the number of Pods that can be running in parallel for the integration.
+ Knative has its own cap value that depends on the installation.
+
+
+ Refer to the Knative documentation for more information.
+ type: integer
+ minScale:
+ description: |-
+ The minimum number of Pods that should be running at any time for the integration. It's **zero** by default, meaning that
+ the integration is scaled down to zero when not used for a configured amount of time.
+
+
+ Refer to the Knative documentation for more information.
+ type: integer
+ rolloutDuration:
+ description: |-
+ Enables to gradually shift traffic to the latest Revision and sets the rollout duration.
+ It's disabled by default and must be expressed as a Golang `time.Duration` string representation,
+ rounded to a second precision.
+ type: string
+ timeoutSeconds:
+ description: |-
+ The maximum duration in seconds that the request instance is allowed to respond to a request.
+ This field propagates to the integration pod's terminationGracePeriodSeconds
+
+
+ Refer to the Knative documentation for more information.
+ format: int64
+ type: integer
+ visibility:
+ description: |-
+ Setting `cluster-local`, Knative service becomes a private service.
+ Specifically, this option applies the `networking.knative.dev/visibility` label to Knative service.
+
+
+ Refer to the Knative documentation for more information.
+ enum:
+ - cluster-local
+ type: string
+ type: object
+ logging:
+ description: The configuration of Logging trait
+ properties:
+ color:
+ description: Colorize the log output
+ type: boolean
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ format:
+ description: Logs message format
+ type: string
+ json:
+ description: Output the logs in JSON
+ type: boolean
+ jsonPrettyPrint:
+ description: Enable "pretty printing" of the JSON logs
+ type: boolean
+ level:
+ description: Adjust the logging level (defaults to `INFO`)
+ enum:
+ - FATAL
+ - WARN
+ - INFO
+ - DEBUG
+ - TRACE
+ type: string
+ type: object
+ master:
+ description: 'Deprecated: for backward compatibility.'
+ properties:
+ configuration:
+ description: TraitConfiguration parameters configuration
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ required:
+ - configuration
+ type: object
+ mount:
+ description: The configuration of Mount trait
+ properties:
+ configs:
+ description: |-
+ A list of configuration pointing to configmap/secret.
+ The configuration are expected to be UTF-8 resources as they are processed by runtime Camel Context and tried to be parsed as property files.
+ They are also made available on the classpath in order to ease their usage directly from the Route.
+ Syntax: [configmap|secret]:name[/key], where name represents the resource name and key optionally represents the resource key to be filtered
+ items:
+ type: string
+ type: array
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ emptyDirs:
+ description: 'A list of EmptyDir volumes to be mounted. Syntax:
+ [name:/container/path]'
+ items:
+ type: string
+ type: array
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ hotReload:
+ description: |-
+ Enable "hot reload" when a secret/configmap mounted is edited (default `false`). The configmap/secret must be
+ marked with `camel.apache.org/integration` label to be taken in account. The resource will be watched for any kind change, also for
+ changes in metadata.
+ type: boolean
+ resources:
+ description: |-
+ A list of resources (text or binary content) pointing to configmap/secret.
+ The resources are expected to be any resource type (text or binary content).
+ The destination path can be either a default location or any path specified by the user.
+ Syntax: [configmap|secret]:name[/key][@path], where name represents the resource name, key optionally represents the resource key to be filtered and path represents the destination path
+ items:
+ type: string
+ type: array
+ scanKameletsImplicitLabelSecrets:
+ description: |-
+ Deprecated: include your properties in an explicit property file backed by a secret.
+ Let the operator to scan for secret labeled with `camel.apache.org/kamelet` and `camel.apache.org/kamelet.configuration`.
+ These secrets are mounted to the application and treated as plain properties file with their key/value list
+ (ie .spec.data["camel.my-property"] = my-value) (default `true`).
+ type: boolean
+ volumes:
+ description: 'A list of Persistent Volume Claims to be mounted.
+ Syntax: [pvcname:/container/path]'
+ items:
+ type: string
+ type: array
+ type: object
+ openapi:
+ description: The configuration of OpenAPI trait
+ properties:
+ configmaps:
+ description: The configmaps holding the spec of the OpenAPI
+ (compatible with > 3.0 spec only).
+ items:
+ type: string
+ type: array
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ type: object
+ owner:
+ description: The configuration of Owner trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ targetAnnotations:
+ description: The set of annotations to be transferred
+ items:
+ type: string
+ type: array
+ targetLabels:
+ description: The set of labels to be transferred
+ items:
+ type: string
+ type: array
+ type: object
+ pdb:
+ description: The configuration of PDB trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ maxUnavailable:
+ description: |-
+ The number of pods for the Integration that can be unavailable after an eviction.
+ It can be either an absolute number or a percentage (default `1` if `min-available` is also not set).
+ Only one of `max-unavailable` and `min-available` can be specified.
+ type: string
+ minAvailable:
+ description: |-
+ The number of pods for the Integration that must still be available after an eviction.
+ It can be either an absolute number or a percentage.
+ Only one of `min-available` and `max-unavailable` can be specified.
+ type: string
+ type: object
+ platform:
+ description: The configuration of Platform trait
+ properties:
+ auto:
+ description: |-
+ To automatically detect from the environment if a default platform can be created (it will be created on OpenShift or when a registry address is set).
+ Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility
+ type: boolean
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ createDefault:
+ description: |-
+ To create a default (empty) platform when the platform is missing.
+ Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility
+ type: boolean
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ global:
+ description: |-
+ Indicates if the platform should be created globally in the case of global operator (default true).
+ Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility
+ type: boolean
+ type: object
+ pod:
+ description: The configuration of Pod trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ type: object
+ prometheus:
+ description: The configuration of Prometheus trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ podMonitor:
+ description: Whether a `PodMonitor` resource is created (default
+ `true`).
+ type: boolean
+ podMonitorLabels:
+ description: The `PodMonitor` resource labels, applicable
+ when `pod-monitor` is `true`.
+ items:
+ type: string
+ type: array
+ type: object
+ pull-secret:
+ description: The configuration of Pull Secret trait
+ properties:
+ auto:
+ description: Automatically configures the platform registry
+ secret on the pod if it is of type `kubernetes.io/dockerconfigjson`.
+ type: boolean
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ imagePullerDelegation:
+ description: When using a global operator with a shared platform,
+ this enables delegation of the `system:image-puller` cluster
+ role on the operator namespace to the integration service
+ account.
+ type: boolean
+ secretName:
+ description: The pull secret name to set on the Pod. If left
+ empty this is automatically taken from the `IntegrationPlatform`
+ registry configuration.
+ type: string
+ type: object
+ quarkus:
+ description: The configuration of Quarkus trait
+ properties:
+ buildMode:
+ description: |-
+ The Quarkus mode to run: either `jvm` or `native` (default `jvm`).
+ In case both `jvm` and `native` are specified, two `IntegrationKit` resources are created,
+ with the `native` kit having precedence over the `jvm` one once ready.
+ items:
+ description: QuarkusMode is the type of Quarkus build packaging.
+ enum:
+ - jvm
+ - native
+ type: string
+ type: array
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ nativeBaseImage:
+ description: The base image to use when running a native build
+ (default `quay.io/quarkus/quarkus-micro-image:2.0`)
+ type: string
+ nativeBuilderImage:
+ description: The image containing the tooling required for
+ a native build (by default it will use the one provided
+ in the runtime catalog)
+ type: string
+ packageTypes:
+ description: |-
+ The Quarkus package types, `fast-jar` or `native` (default `fast-jar`).
+ In case both `fast-jar` and `native` are specified, two `IntegrationKit` resources are created,
+ with the native kit having precedence over the `fast-jar` one once ready.
+ The order influences the resolution of the current kit for the integration.
+ The kit corresponding to the first package type will be assigned to the
+ integration in case no existing kit that matches the integration exists.
+ Deprecated: use `build-mode` instead.
+ items:
+ description: |-
+ QuarkusPackageType is the type of Quarkus build packaging.
+ Deprecated: use `QuarkusMode` instead.
+ enum:
+ - fast-jar
+ - native
+ type: string
+ type: array
+ type: object
+ registry:
+ description: |-
+ The configuration of Registry trait (support removed since version 2.5.0).
+ Deprecated: use jvm trait or read documentation.
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ type: object
+ route:
+ description: The configuration of Route trait
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ description: |-
+ The annotations added to route.
+ This can be used to set route specific annotations
+ For annotations options see https://docs.openshift.com/container-platform/3.11/architecture/networking/routes.html#route-specific-annotations
+ CLI usage example: -t "route.annotations.'haproxy.router.openshift.io/balance'=true"
+ type: object
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ host:
+ description: To configure the host exposed by the route.
+ type: string
+ tlsCACertificate:
+ description: |-
+ The TLS CA certificate contents.
+
+
+ Refer to the OpenShift route documentation for additional information.
+ type: string
+ tlsCACertificateSecret:
+ description: |-
+ The secret name and key reference to the TLS CA certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
+
+
+ Refer to the OpenShift route documentation for additional information.
+ type: string
+ tlsCertificate:
+ description: |-
+ The TLS certificate contents.
+
+
+ Refer to the OpenShift route documentation for additional information.
+ type: string
+ tlsCertificateSecret:
+ description: |-
+ The secret name and key reference to the TLS certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
+
+
+ Refer to the OpenShift route documentation for additional information.
+ type: string
+ tlsDestinationCACertificate:
+ description: |-
+ The destination CA certificate provides the contents of the ca certificate of the final destination. When using reencrypt
+ termination this file should be provided in order to have routers use it for health checks on the secure connection.
+ If this field is not specified, the router may provide its own destination CA and perform hostname validation using
+ the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically
+ verify.
+
+
+ Refer to the OpenShift route documentation for additional information.
+ type: string
+ tlsDestinationCACertificateSecret:
+ description: |-
+ The secret name and key reference to the destination CA certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
+
+
+ Refer to the OpenShift route documentation for additional information.
+ type: string
+ tlsInsecureEdgeTerminationPolicy:
+ description: |-
+ To configure how to deal with insecure traffic, e.g. `Allow`, `Disable` or `Redirect` traffic.
+
+
+ Refer to the OpenShift route documentation for additional information.
+ enum:
+ - None
+ - Allow
+ - Redirect
+ type: string
+ tlsKey:
+ description: |-
+ The TLS certificate key contents.
+
+
+ Refer to the OpenShift route documentation for additional information.
+ type: string
+ tlsKeySecret:
+ description: |-
+ The secret name and key reference to the TLS certificate key. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
+
+
+ Refer to the OpenShift route documentation for additional information.
+ type: string
+ tlsTermination:
+ description: |-
+ The TLS termination type, like `edge`, `passthrough` or `reencrypt`.
+
+
+ Refer to the OpenShift route documentation for additional information.
+ enum:
+ - edge
+ - reencrypt
+ - passthrough
+ type: string
+ type: object
+ security-context:
+ description: The configuration of Security Context trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ runAsNonRoot:
+ description: Security Context RunAsNonRoot configuration (default
+ false).
+ type: boolean
+ runAsUser:
+ description: 'Security Context RunAsUser configuration (default
+ none): this value is automatically retrieved in Openshift
+ clusters when not explicitly set.'
+ format: int64
+ type: integer
+ seccompProfileType:
+ description: Security Context SeccompProfileType configuration
+ (default RuntimeDefault).
+ enum:
+ - Unconfined
+ - RuntimeDefault
+ type: string
+ type: object
+ service:
+ description: The configuration of Service trait
+ properties:
+ auto:
+ description: To automatically detect from the code if a Service
+ needs to be created.
+ type: boolean
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ nodePort:
+ description: |-
+ Enable Service to be exposed as NodePort (default `false`).
+ Deprecated: Use service type instead.
+ type: boolean
+ type:
+ description: The type of service to be used, either 'ClusterIP',
+ 'NodePort' or 'LoadBalancer'.
+ enum:
+ - ClusterIP
+ - NodePort
+ - LoadBalancer
+ type: string
+ type: object
+ service-binding:
+ description: The configuration of Service Binding trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ services:
+ description: List of Services in the form [[apigroup/]version:]kind:[namespace/]name
+ items:
+ type: string
+ type: array
+ type: object
+ strimzi:
+ description: 'Deprecated: for backward compatibility.'
+ properties:
+ configuration:
+ description: TraitConfiguration parameters configuration
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ required:
+ - configuration
+ type: object
+ toleration:
+ description: The configuration of Toleration trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait. All
+ traits share this common property.
+ type: boolean
+ taints:
+ description: The list of taints to tolerate, in the form `Key[=Value]:Effect[:Seconds]`
+ items:
+ type: string
+ type: array
+ type: object
+ tracing:
+ description: 'Deprecated: for backward compatibility.'
+ properties:
+ configuration:
+ description: TraitConfiguration parameters configuration
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ required:
+ - configuration
+ type: object
+ type: object
+ type: object
+ status:
+ description: the status of the Integration
+ properties:
+ capabilities:
+ description: features offered by the Integration
+ items:
+ type: string
+ type: array
+ conditions:
+ description: a list of events happened for the Integration
+ items:
+ description: IntegrationCondition describes the state of a resource
+ at a certain point.
+ properties:
+ firstTruthyTime:
+ description: First time the condition status transitioned to
+ True.
+ format: date-time
+ type: string
+ lastTransitionTime:
+ description: Last time the condition transitioned from one status
+ to another.
+ format: date-time
+ type: string
+ lastUpdateTime:
+ description: The last time this condition was updated.
+ format: date-time
+ type: string
+ message:
+ description: A human-readable message indicating details about
+ the transition.
+ type: string
+ pods:
+ description: Pods collect health and conditions information
+ from the owned PODs
+ items:
+ properties:
+ condition:
+ description: PodCondition contains details for the current
+ condition of this pod.
+ properties:
+ lastProbeTime:
+ description: Last time we probed the condition.
+ format: date-time
+ type: string
+ lastTransitionTime:
+ description: Last time the condition transitioned
+ from one status to another.
+ format: date-time
+ type: string
+ message:
+ description: Human-readable message indicating details
+ about last transition.
+ type: string
+ reason:
+ description: Unique, one-word, CamelCase reason for
+ the condition's last transition.
+ type: string
+ status:
+ description: |-
+ Status is the status of the condition.
+ Can be True, False, Unknown.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions
+ type: string
+ type:
+ description: |-
+ Type is the type of the condition.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions
+ type: string
+ required:
+ - status
+ - type
+ type: object
+ health:
+ items:
+ properties:
+ data:
+ description: |-
+ RawMessage is a raw encoded JSON value.
+ It implements Marshaler and Unmarshaler and can
+ be used to delay JSON decoding or precompute a JSON encoding.
+ x-kubernetes-preserve-unknown-fields: true
+ name:
+ type: string
+ status:
+ type: string
+ type: object
+ type: array
+ name:
+ type: string
+ required:
+ - condition
+ type: object
+ type: array
+ reason:
+ description: The reason for the condition's last transition.
+ type: string
+ status:
+ description: Status of the condition, one of True, False, Unknown.
+ type: string
+ type:
+ description: Type of integration condition.
+ type: string
+ required:
+ - status
+ - type
+ type: object
+ type: array
+ configuration:
+ description: |-
+ Deprecated:
+ a list of configuration specification
+ items:
+ description: ConfigurationSpec represents a generic configuration
+ specification.
+ properties:
+ type:
+ description: 'represents the type of configuration, ie: property,
+ configmap, secret, ...'
+ type: string
+ value:
+ description: the value to assign to the configuration (syntax
+ may vary depending on the `Type`)
+ type: string
+ required:
+ - type
+ - value
+ type: object
+ type: array
+ dependencies:
+ description: a list of dependencies needed by the application
+ items:
+ type: string
+ type: array
+ digest:
+ description: the digest calculated for this Integration
+ type: string
+ generatedSources:
+ description: a list of sources generated for this Integration
+ items:
+ description: SourceSpec defines the configuration for one or more
+ routes to be executed in a certain Camel DSL language.
+ properties:
+ compression:
+ description: if the content is compressed (base64 encrypted)
+ type: boolean
+ content:
+ description: the source code (plain text)
+ type: string
+ contentKey:
+ description: the confimap key holding the source content
+ type: string
+ contentRef:
+ description: the confimap reference holding the source content
+ type: string
+ contentType:
+ description: the content type (tipically text or binary)
+ type: string
+ from-kamelet:
+ description: True if the spec is generated from a Kamelet
+ type: boolean
+ interceptors:
+ description: |-
+ Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader
+ uses to pre/post process sources
+ items:
+ type: string
+ type: array
+ language:
+ description: specify which is the language (Camel DSL) used
+ to interpret this source code
+ type: string
+ loader:
+ description: |-
+ Loader is an optional id of the org.apache.camel.k.RoutesLoader that will
+ interpret this source at runtime
+ type: string
+ name:
+ description: the name of the specification
+ type: string
+ path:
+ description: the path where the file is stored
+ type: string
+ property-names:
+ description: List of property names defined in the source (e.g.
+ if type is "template")
+ items:
+ type: string
+ type: array
+ rawContent:
+ description: the source code (binary)
+ format: byte
+ type: string
+ type:
+ description: Type defines the kind of source described by this
+ object
+ type: string
+ type: object
+ type: array
+ image:
+ description: the container image used
+ type: string
+ integrationKit:
+ description: the reference of the `IntegrationKit` which is used for
+ this Integration
+ properties:
+ apiVersion:
+ description: API version of the referent.
+ type: string
+ fieldPath:
+ description: |-
+ If referring to a piece of an object instead of an entire object, this string
+ should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
+ For example, if the object reference is to a container within a pod, this would take on a value like:
+ "spec.containers{name}" (where "name" refers to the name of the container that triggered
+ the event) or if no container name is specified "spec.containers[2]" (container with
+ index 2 in this pod). This syntax is chosen only to have some well-defined way of
+ referencing a part of an object.
+ TODO: this design is not final and this field is subject to change in the future.
+ type: string
+ kind:
+ description: |-
+ Kind of the referent.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ type: string
+ namespace:
+ description: |-
+ Namespace of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
+ type: string
+ resourceVersion:
+ description: |-
+ Specific resourceVersion to which this reference is made, if any.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+ type: string
+ uid:
+ description: |-
+ UID of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ lastInitTimestamp:
+ description: the timestamp representing the last time when this integration
+ was initialized.
+ format: date-time
+ type: string
+ observedGeneration:
+ description: ObservedGeneration is the most recent generation observed
+ for this Integration.
+ format: int64
+ type: integer
+ phase:
+ description: the actual phase
+ type: string
+ platform:
+ description: The IntegrationPlatform watching this Integration
+ type: string
+ profile:
+ description: the profile needed to run this Integration
+ type: string
+ replicas:
+ description: the number of replicas
+ format: int32
+ type: integer
+ runtimeProvider:
+ description: the runtime provider targeted for this Integration
+ type: string
+ runtimeVersion:
+ description: the runtime version targeted for this Integration
+ type: string
+ selector:
+ description: label selector
+ type: string
+ version:
+ description: the operator version
+ type: string
+ type: object
+ type: object
+ served: true
+ storage: true
+ subresources:
+ scale:
+ labelSelectorPath: .status.selector
+ specReplicasPath: .spec.replicas
+ statusReplicasPath: .status.replicas
+ status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.15.0
+ labels:
+ app: camel-k
+ name: kameletbindings.camel.apache.org
+spec:
+ group: camel.apache.org
+ names:
+ categories:
+ - kamel
+ - camel
+ kind: KameletBinding
+ listKind: KameletBindingList
+ plural: kameletbindings
+ shortNames:
+ - klb
+ singular: kameletbinding
+ scope: Namespaced
+ versions:
+ - additionalPrinterColumns:
+ - description: The Kamelet Binding phase
+ jsonPath: .status.phase
+ name: Phase
+ type: string
+ - description: The number of pods
+ jsonPath: .status.replicas
+ name: Replicas
+ type: integer
+ deprecated: true
+ deprecationWarning: v1apha1.KameletBinding is deprecated, please, use v1.Pipe
+ instead
+ name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: KameletBinding is the Schema for the kamelets binding API.
+ properties:
+ apiVersion:
+ description: |-
+ APIVersion defines the versioned schema of this representation of an object.
+ Servers should convert recognized schemas to the latest internal value, and
+ may reject unrecognized values.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ type: string
+ kind:
+ description: |-
+ Kind is a string value representing the REST resource this object represents.
+ Servers may infer this from the endpoint the client submits requests to.
+ Cannot be updated.
+ In CamelCase.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: the specification of a KameletBinding
+ properties:
+ errorHandler:
+ description: ErrorHandler is an optional handler called upon an error
+ occurring in the integration
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ integration:
+ description: Integration is an optional integration used to specify
+ custom parameters
+ properties:
+ configuration:
+ description: |-
+ Deprecated:
+ Use camel trait (camel.properties) to manage properties
+ Use mount trait (mount.configs) to manage configs
+ Use mount trait (mount.resources) to manage resources
+ Use mount trait (mount.volumes) to manage volumes
+ items:
+ description: ConfigurationSpec represents a generic configuration
+ specification.
+ properties:
+ type:
+ description: 'represents the type of configuration, ie:
+ property, configmap, secret, ...'
+ type: string
+ value:
+ description: the value to assign to the configuration (syntax
+ may vary depending on the `Type`)
+ type: string
+ required:
+ - type
+ - value
+ type: object
+ type: array
+ dependencies:
+ description: the list of Camel or Maven dependencies required
+ by the Integration
+ items:
+ type: string
+ type: array
+ flows:
+ description: a source in YAML DSL language which contain the routes
+ to run
+ items:
+ description: Flow is an unstructured object representing a Camel
+ Flow in YAML/JSON DSL.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ type: array
+ integrationKit:
+ description: the reference of the `IntegrationKit` which is used
+ for this Integration
+ properties:
+ apiVersion:
+ description: API version of the referent.
+ type: string
+ fieldPath:
+ description: |-
+ If referring to a piece of an object instead of an entire object, this string
+ should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
+ For example, if the object reference is to a container within a pod, this would take on a value like:
+ "spec.containers{name}" (where "name" refers to the name of the container that triggered
+ the event) or if no container name is specified "spec.containers[2]" (container with
+ index 2 in this pod). This syntax is chosen only to have some well-defined way of
+ referencing a part of an object.
+ TODO: this design is not final and this field is subject to change in the future.
+ type: string
+ kind:
+ description: |-
+ Kind of the referent.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ type: string
+ namespace:
+ description: |-
+ Namespace of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
+ type: string
+ resourceVersion:
+ description: |-
+ Specific resourceVersion to which this reference is made, if any.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+ type: string
+ uid:
+ description: |-
+ UID of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ profile:
+ description: the profile needed to run this Integration
+ type: string
+ replicas:
+ description: the number of `Pods` needed for the running Integration
+ format: int32
+ type: integer
+ repositories:
+ description: additional Maven repositories to be used
+ items:
+ type: string
+ type: array
+ serviceAccountName:
+ description: custom SA to use for the Integration
+ type: string
+ sources:
+ description: the sources which contain the Camel routes to run
+ items:
+ description: SourceSpec defines the configuration for one or
+ more routes to be executed in a certain Camel DSL language.
+ properties:
+ compression:
+ description: if the content is compressed (base64 encrypted)
+ type: boolean
+ content:
+ description: the source code (plain text)
+ type: string
+ contentKey:
+ description: the confimap key holding the source content
+ type: string
+ contentRef:
+ description: the confimap reference holding the source content
+ type: string
+ contentType:
+ description: the content type (tipically text or binary)
+ type: string
+ from-kamelet:
+ description: True if the spec is generated from a Kamelet
+ type: boolean
+ interceptors:
+ description: |-
+ Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader
+ uses to pre/post process sources
+ items:
+ type: string
+ type: array
+ language:
+ description: specify which is the language (Camel DSL) used
+ to interpret this source code
+ type: string
+ loader:
+ description: |-
+ Loader is an optional id of the org.apache.camel.k.RoutesLoader that will
+ interpret this source at runtime
+ type: string
+ name:
+ description: the name of the specification
+ type: string
+ path:
+ description: the path where the file is stored
+ type: string
+ property-names:
+ description: List of property names defined in the source
+ (e.g. if type is "template")
+ items:
+ type: string
+ type: array
+ rawContent:
+ description: the source code (binary)
+ format: byte
+ type: string
+ type:
+ description: Type defines the kind of source described by
+ this object
+ type: string
+ type: object
+ type: array
+ template:
+ description: Pod template customization
+ properties:
+ spec:
+ description: the specification
+ properties:
+ activeDeadlineSeconds:
+ description: ActiveDeadlineSeconds
+ format: int64
+ type: integer
+ automountServiceAccountToken:
+ description: AutomountServiceAccountToken
+ type: boolean
+ containers:
+ description: Containers
+ items:
+ description: A single application container that you
+ want to run within a pod.
+ properties:
+ args:
+ description: |-
+ Arguments to the entrypoint.
+ The container image's CMD is used if this is not provided.
+ Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
+ cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced
+ to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
+ produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless
+ of whether the variable exists or not. Cannot be updated.
+ More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
+ items:
+ type: string
+ type: array
+ command:
+ description: |-
+ Entrypoint array. Not executed within a shell.
+ The container image's ENTRYPOINT is used if this is not provided.
+ Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
+ cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced
+ to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
+ produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless
+ of whether the variable exists or not. Cannot be updated.
+ More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
+ items:
+ type: string
+ type: array
+ env:
+ description: |-
+ List of environment variables to set in the container.
+ Cannot be updated.
+ items:
+ description: EnvVar represents an environment
+ variable present in a Container.
+ properties:
+ name:
+ description: Name of the environment variable.
+ Must be a C_IDENTIFIER.
+ type: string
+ value:
+ description: |-
+ Variable references $(VAR_NAME) are expanded
+ using the previously defined environment variables in the container and
+ any service environment variables. If a variable cannot be resolved,
+ the reference in the input string will be unchanged. Double $$ are reduced
+ to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.
+ "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)".
+ Escaped references will never be expanded, regardless of whether the variable
+ exists or not.
+ Defaults to "".
+ type: string
+ valueFrom:
+ description: Source for the environment variable's
+ value. Cannot be used if value is not empty.
+ properties:
+ configMapKeyRef:
+ description: Selects a key of a ConfigMap.
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the ConfigMap
+ or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ fieldRef:
+ description: |-
+ Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,
+ spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.
+ properties:
+ apiVersion:
+ description: Version of the schema
+ the FieldPath is written in terms
+ of, defaults to "v1".
+ type: string
+ fieldPath:
+ description: Path of the field to
+ select in the specified API version.
+ type: string
+ required:
+ - fieldPath
+ type: object
+ x-kubernetes-map-type: atomic
+ resourceFieldRef:
+ description: |-
+ Selects a resource of the container: only resources limits and requests
+ (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.
+ properties:
+ containerName:
+ description: 'Container name: required
+ for volumes, optional for env vars'
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Specifies the output
+ format of the exposed resources,
+ defaults to "1"
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ description: 'Required: resource to
+ select'
+ type: string
+ required:
+ - resource
+ type: object
+ x-kubernetes-map-type: atomic
+ secretKeyRef:
+ description: Selects a key of a secret
+ in the pod's namespace
+ properties:
+ key:
+ description: The key of the secret
+ to select from. Must be a valid
+ secret key.
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the Secret
+ or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ required:
+ - name
+ type: object
+ type: array
+ envFrom:
+ description: |-
+ List of sources to populate environment variables in the container.
+ The keys defined within a source must be a C_IDENTIFIER. All invalid keys
+ will be reported as an event when the container is starting. When a key exists in multiple
+ sources, the value associated with the last source will take precedence.
+ Values defined by an Env with a duplicate key will take precedence.
+ Cannot be updated.
+ items:
+ description: EnvFromSource represents the source
+ of a set of ConfigMaps
+ properties:
+ configMapRef:
+ description: The ConfigMap to select from
+ properties:
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the ConfigMap
+ must be defined
+ type: boolean
+ type: object
+ x-kubernetes-map-type: atomic
+ prefix:
+ description: An optional identifier to prepend
+ to each key in the ConfigMap. Must be a
+ C_IDENTIFIER.
+ type: string
+ secretRef:
+ description: The Secret to select from
+ properties:
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the Secret
+ must be defined
+ type: boolean
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ type: array
+ image:
+ description: |-
+ Container image name.
+ More info: https://kubernetes.io/docs/concepts/containers/images
+ This field is optional to allow higher level config management to default or override
+ container images in workload controllers like Deployments and StatefulSets.
+ type: string
+ imagePullPolicy:
+ description: |-
+ Image pull policy.
+ One of Always, Never, IfNotPresent.
+ Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
+ Cannot be updated.
+ More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
+ type: string
+ lifecycle:
+ description: |-
+ Actions that the management system should take in response to container lifecycle events.
+ Cannot be updated.
+ properties:
+ postStart:
+ description: |-
+ PostStart is called immediately after a container is created. If the handler fails,
+ the container is terminated and restarted according to its restart policy.
+ Other management of the container blocks until the hook completes.
+ More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
+ properties:
+ exec:
+ description: Exec specifies the action to
+ take.
+ properties:
+ command:
+ description: |-
+ Command is the command line to execute inside the container, the working directory for the
+ command is root ('/') in the container's filesystem. The command is simply exec'd, it is
+ not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
+ a shell, you need to explicitly call out to that shell.
+ Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ description: HTTPGet specifies the http
+ request to perform.
+ properties:
+ host:
+ description: |-
+ Host name to connect to, defaults to the pod IP. You probably want to set
+ "Host" in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in
+ the request. HTTP allows repeated
+ headers.
+ items:
+ description: HTTPHeader describes
+ a custom header to be used in HTTP
+ probes
+ properties:
+ name:
+ description: |-
+ The header field name.
+ This will be canonicalized upon output, so case-variant names will be understood as the same header.
+ type: string
+ value:
+ description: The header field
+ value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP
+ server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Name or number of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: |-
+ Scheme to use for connecting to the host.
+ Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ sleep:
+ description: Sleep represents the duration
+ that the container should sleep before
+ being terminated.
+ properties:
+ seconds:
+ description: Seconds is the number of
+ seconds to sleep.
+ format: int64
+ type: integer
+ required:
+ - seconds
+ type: object
+ tcpSocket:
+ description: |-
+ Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept
+ for the backward compatibility. There are no validation of this field and
+ lifecycle hooks will fail in runtime when tcp handler is specified.
+ properties:
+ host:
+ description: 'Optional: Host name to
+ connect to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Number or name of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ preStop:
+ description: |-
+ PreStop is called immediately before a container is terminated due to an
+ API request or management event such as liveness/startup probe failure,
+ preemption, resource contention, etc. The handler is not called if the
+ container crashes or exits. The Pod's termination grace period countdown begins before the
+ PreStop hook is executed. Regardless of the outcome of the handler, the
+ container will eventually terminate within the Pod's termination grace
+ period (unless delayed by finalizers). Other management of the container blocks until the hook completes
+ or until the termination grace period is reached.
+ More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
+ properties:
+ exec:
+ description: Exec specifies the action to
+ take.
+ properties:
+ command:
+ description: |-
+ Command is the command line to execute inside the container, the working directory for the
+ command is root ('/') in the container's filesystem. The command is simply exec'd, it is
+ not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
+ a shell, you need to explicitly call out to that shell.
+ Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ description: HTTPGet specifies the http
+ request to perform.
+ properties:
+ host:
+ description: |-
+ Host name to connect to, defaults to the pod IP. You probably want to set
+ "Host" in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in
+ the request. HTTP allows repeated
+ headers.
+ items:
+ description: HTTPHeader describes
+ a custom header to be used in HTTP
+ probes
+ properties:
+ name:
+ description: |-
+ The header field name.
+ This will be canonicalized upon output, so case-variant names will be understood as the same header.
+ type: string
+ value:
+ description: The header field
+ value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP
+ server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Name or number of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: |-
+ Scheme to use for connecting to the host.
+ Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ sleep:
+ description: Sleep represents the duration
+ that the container should sleep before
+ being terminated.
+ properties:
+ seconds:
+ description: Seconds is the number of
+ seconds to sleep.
+ format: int64
+ type: integer
+ required:
+ - seconds
+ type: object
+ tcpSocket:
+ description: |-
+ Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept
+ for the backward compatibility. There are no validation of this field and
+ lifecycle hooks will fail in runtime when tcp handler is specified.
+ properties:
+ host:
+ description: 'Optional: Host name to
+ connect to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Number or name of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ type: object
+ livenessProbe:
+ description: |-
+ Periodic probe of container liveness.
+ Container will be restarted if the probe fails.
+ Cannot be updated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ properties:
+ exec:
+ description: Exec specifies the action to take.
+ properties:
+ command:
+ description: |-
+ Command is the command line to execute inside the container, the working directory for the
+ command is root ('/') in the container's filesystem. The command is simply exec'd, it is
+ not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
+ a shell, you need to explicitly call out to that shell.
+ Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ description: |-
+ Minimum consecutive failures for the probe to be considered failed after having succeeded.
+ Defaults to 3. Minimum value is 1.
+ format: int32
+ type: integer
+ grpc:
+ description: GRPC specifies an action involving
+ a GRPC port.
+ properties:
+ port:
+ description: Port number of the gRPC service.
+ Number must be in the range 1 to 65535.
+ format: int32
+ type: integer
+ service:
+ description: |-
+ Service is the name of the service to place in the gRPC HealthCheckRequest
+ (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
+
+
+ If this is not specified, the default behavior is defined by gRPC.
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ description: HTTPGet specifies the http request
+ to perform.
+ properties:
+ host:
+ description: |-
+ Host name to connect to, defaults to the pod IP. You probably want to set
+ "Host" in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the
+ request. HTTP allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom
+ header to be used in HTTP probes
+ properties:
+ name:
+ description: |-
+ The header field name.
+ This will be canonicalized upon output, so case-variant names will be understood as the same header.
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP
+ server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Name or number of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: |-
+ Scheme to use for connecting to the host.
+ Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ description: |-
+ Number of seconds after the container has started before liveness probes are initiated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ format: int32
+ type: integer
+ periodSeconds:
+ description: |-
+ How often (in seconds) to perform the probe.
+ Default to 10 seconds. Minimum value is 1.
+ format: int32
+ type: integer
+ successThreshold:
+ description: |-
+ Minimum consecutive successes for the probe to be considered successful after having failed.
+ Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
+ format: int32
+ type: integer
+ tcpSocket:
+ description: TCPSocket specifies an action involving
+ a TCP port.
+ properties:
+ host:
+ description: 'Optional: Host name to connect
+ to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Number or name of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ description: |-
+ Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
+ The grace period is the duration in seconds after the processes running in the pod are sent
+ a termination signal and the time when the processes are forcibly halted with a kill signal.
+ Set this value longer than the expected cleanup time for your process.
+ If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
+ value overrides the value provided by the pod spec.
+ Value must be non-negative integer. The value zero indicates stop immediately via
+ the kill signal (no opportunity to shut down).
+ This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
+ Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
+ format: int64
+ type: integer
+ timeoutSeconds:
+ description: |-
+ Number of seconds after which the probe times out.
+ Defaults to 1 second. Minimum value is 1.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ format: int32
+ type: integer
+ type: object
+ name:
+ description: |-
+ Name of the container specified as a DNS_LABEL.
+ Each container in a pod must have a unique name (DNS_LABEL).
+ Cannot be updated.
+ type: string
+ ports:
+ description: |-
+ List of ports to expose from the container. Not specifying a port here
+ DOES NOT prevent that port from being exposed. Any port which is
+ listening on the default "0.0.0.0" address inside a container will be
+ accessible from the network.
+ Modifying this array with strategic merge patch may corrupt the data.
+ For more information See https://github.com/kubernetes/kubernetes/issues/108255.
+ Cannot be updated.
+ items:
+ description: ContainerPort represents a network
+ port in a single container.
+ properties:
+ containerPort:
+ description: |-
+ Number of port to expose on the pod's IP address.
+ This must be a valid port number, 0 < x < 65536.
+ format: int32
+ type: integer
+ hostIP:
+ description: What host IP to bind the external
+ port to.
+ type: string
+ hostPort:
+ description: |-
+ Number of port to expose on the host.
+ If specified, this must be a valid port number, 0 < x < 65536.
+ If HostNetwork is specified, this must match ContainerPort.
+ Most containers do not need this.
+ format: int32
+ type: integer
+ name:
+ description: |-
+ If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
+ named port in a pod must have a unique name. Name for the port that can be
+ referred to by services.
+ type: string
+ protocol:
+ default: TCP
+ description: |-
+ Protocol for port. Must be UDP, TCP, or SCTP.
+ Defaults to "TCP".
+ type: string
+ required:
+ - containerPort
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - containerPort
+ - protocol
+ x-kubernetes-list-type: map
+ readinessProbe:
+ description: |-
+ Periodic probe of container service readiness.
+ Container will be removed from service endpoints if the probe fails.
+ Cannot be updated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ properties:
+ exec:
+ description: Exec specifies the action to take.
+ properties:
+ command:
+ description: |-
+ Command is the command line to execute inside the container, the working directory for the
+ command is root ('/') in the container's filesystem. The command is simply exec'd, it is
+ not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
+ a shell, you need to explicitly call out to that shell.
+ Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ description: |-
+ Minimum consecutive failures for the probe to be considered failed after having succeeded.
+ Defaults to 3. Minimum value is 1.
+ format: int32
+ type: integer
+ grpc:
+ description: GRPC specifies an action involving
+ a GRPC port.
+ properties:
+ port:
+ description: Port number of the gRPC service.
+ Number must be in the range 1 to 65535.
+ format: int32
+ type: integer
+ service:
+ description: |-
+ Service is the name of the service to place in the gRPC HealthCheckRequest
+ (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
+
+
+ If this is not specified, the default behavior is defined by gRPC.
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ description: HTTPGet specifies the http request
+ to perform.
+ properties:
+ host:
+ description: |-
+ Host name to connect to, defaults to the pod IP. You probably want to set
+ "Host" in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the
+ request. HTTP allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom
+ header to be used in HTTP probes
+ properties:
+ name:
+ description: |-
+ The header field name.
+ This will be canonicalized upon output, so case-variant names will be understood as the same header.
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP
+ server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Name or number of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: |-
+ Scheme to use for connecting to the host.
+ Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ description: |-
+ Number of seconds after the container has started before liveness probes are initiated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ format: int32
+ type: integer
+ periodSeconds:
+ description: |-
+ How often (in seconds) to perform the probe.
+ Default to 10 seconds. Minimum value is 1.
+ format: int32
+ type: integer
+ successThreshold:
+ description: |-
+ Minimum consecutive successes for the probe to be considered successful after having failed.
+ Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
+ format: int32
+ type: integer
+ tcpSocket:
+ description: TCPSocket specifies an action involving
+ a TCP port.
+ properties:
+ host:
+ description: 'Optional: Host name to connect
+ to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Number or name of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ description: |-
+ Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
+ The grace period is the duration in seconds after the processes running in the pod are sent
+ a termination signal and the time when the processes are forcibly halted with a kill signal.
+ Set this value longer than the expected cleanup time for your process.
+ If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
+ value overrides the value provided by the pod spec.
+ Value must be non-negative integer. The value zero indicates stop immediately via
+ the kill signal (no opportunity to shut down).
+ This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
+ Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
+ format: int64
+ type: integer
+ timeoutSeconds:
+ description: |-
+ Number of seconds after which the probe times out.
+ Defaults to 1 second. Minimum value is 1.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ format: int32
+ type: integer
+ type: object
+ resizePolicy:
+ description: Resources resize policy for the container.
+ items:
+ description: ContainerResizePolicy represents
+ resource resize policy for the container.
+ properties:
+ resourceName:
+ description: |-
+ Name of the resource to which this resource resize policy applies.
+ Supported values: cpu, memory.
+ type: string
+ restartPolicy:
+ description: |-
+ Restart policy to apply when specified resource is resized.
+ If not specified, it defaults to NotRequired.
+ type: string
+ required:
+ - resourceName
+ - restartPolicy
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ resources:
+ description: |-
+ Compute Resources required by this container.
+ Cannot be updated.
+ More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
+ properties:
+ claims:
+ description: |-
+ Claims lists the names of resources, defined in spec.resourceClaims,
+ that are used by this container.
+
+
+ This is an alpha field and requires enabling the
+ DynamicResourceAllocation feature gate.
+
+
+ This field is immutable. It can only be set for containers.
+ items:
+ description: ResourceClaim references one
+ entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: |-
+ Name must match the name of one entry in pod.spec.resourceClaims of
+ the Pod where this field is used. It makes that resource available
+ inside a container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
+ limits:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ description: |-
+ Limits describes the maximum amount of compute resources allowed.
+ More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
+ type: object
+ requests:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ description: |-
+ Requests describes the minimum amount of compute resources required.
+ If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
+ otherwise to an implementation-defined value. Requests cannot exceed Limits.
+ More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
+ type: object
+ type: object
+ restartPolicy:
+ description: |-
+ RestartPolicy defines the restart behavior of individual containers in a pod.
+ This field may only be set for init containers, and the only allowed value is "Always".
+ For non-init containers or when this field is not specified,
+ the restart behavior is defined by the Pod's restart policy and the container type.
+ Setting the RestartPolicy as "Always" for the init container will have the following effect:
+ this init container will be continually restarted on
+ exit until all regular containers have terminated. Once all regular
+ containers have completed, all init containers with restartPolicy "Always"
+ will be shut down. This lifecycle differs from normal init containers and
+ is often referred to as a "sidecar" container. Although this init
+ container still starts in the init container sequence, it does not wait
+ for the container to complete before proceeding to the next init
+ container. Instead, the next init container starts immediately after this
+ init container is started, or after any startupProbe has successfully
+ completed.
+ type: string
+ securityContext:
+ description: |-
+ SecurityContext defines the security options the container should be run with.
+ If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.
+ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
+ properties:
+ allowPrivilegeEscalation:
+ description: |-
+ AllowPrivilegeEscalation controls whether a process can gain more
+ privileges than its parent process. This bool directly controls if
+ the no_new_privs flag will be set on the container process.
+ AllowPrivilegeEscalation is true always when the container is:
+ 1) run as Privileged
+ 2) has CAP_SYS_ADMIN
+ Note that this field cannot be set when spec.os.name is windows.
+ type: boolean
+ capabilities:
+ description: |-
+ The capabilities to add/drop when running containers.
+ Defaults to the default set of capabilities granted by the container runtime.
+ Note that this field cannot be set when spec.os.name is windows.
+ properties:
+ add:
+ description: Added capabilities
+ items:
+ description: Capability represent POSIX
+ capabilities type
+ type: string
+ type: array
+ drop:
+ description: Removed capabilities
+ items:
+ description: Capability represent POSIX
+ capabilities type
+ type: string
+ type: array
+ type: object
+ privileged:
+ description: |-
+ Run container in privileged mode.
+ Processes in privileged containers are essentially equivalent to root on the host.
+ Defaults to false.
+ Note that this field cannot be set when spec.os.name is windows.
+ type: boolean
+ procMount:
+ description: |-
+ procMount denotes the type of proc mount to use for the containers.
+ The default is DefaultProcMount which uses the container runtime defaults for
+ readonly paths and masked paths.
+ This requires the ProcMountType feature flag to be enabled.
+ Note that this field cannot be set when spec.os.name is windows.
+ type: string
+ readOnlyRootFilesystem:
+ description: |-
+ Whether this container has a read-only root filesystem.
+ Default is false.
+ Note that this field cannot be set when spec.os.name is windows.
+ type: boolean
+ runAsGroup:
+ description: |-
+ The GID to run the entrypoint of the container process.
+ Uses runtime default if unset.
+ May also be set in PodSecurityContext. If set in both SecurityContext and
+ PodSecurityContext, the value specified in SecurityContext takes precedence.
+ Note that this field cannot be set when spec.os.name is windows.
+ format: int64
+ type: integer
+ runAsNonRoot:
+ description: |-
+ Indicates that the container must run as a non-root user.
+ If true, the Kubelet will validate the image at runtime to ensure that it
+ does not run as UID 0 (root) and fail to start the container if it does.
+ If unset or false, no such validation will be performed.
+ May also be set in PodSecurityContext. If set in both SecurityContext and
+ PodSecurityContext, the value specified in SecurityContext takes precedence.
+ type: boolean
+ runAsUser:
+ description: |-
+ The UID to run the entrypoint of the container process.
+ Defaults to user specified in image metadata if unspecified.
+ May also be set in PodSecurityContext. If set in both SecurityContext and
+ PodSecurityContext, the value specified in SecurityContext takes precedence.
+ Note that this field cannot be set when spec.os.name is windows.
+ format: int64
+ type: integer
+ seLinuxOptions:
+ description: |-
+ The SELinux context to be applied to the container.
+ If unspecified, the container runtime will allocate a random SELinux context for each
+ container. May also be set in PodSecurityContext. If set in both SecurityContext and
+ PodSecurityContext, the value specified in SecurityContext takes precedence.
+ Note that this field cannot be set when spec.os.name is windows.
+ properties:
+ level:
+ description: Level is SELinux level label
+ that applies to the container.
+ type: string
+ role:
+ description: Role is a SELinux role label
+ that applies to the container.
+ type: string
+ type:
+ description: Type is a SELinux type label
+ that applies to the container.
+ type: string
+ user:
+ description: User is a SELinux user label
+ that applies to the container.
+ type: string
+ type: object
+ seccompProfile:
+ description: |-
+ The seccomp options to use by this container. If seccomp options are
+ provided at both the pod & container level, the container options
+ override the pod options.
+ Note that this field cannot be set when spec.os.name is windows.
+ properties:
+ localhostProfile:
+ description: |-
+ localhostProfile indicates a profile defined in a file on the node should be used.
+ The profile must be preconfigured on the node to work.
+ Must be a descending path, relative to the kubelet's configured seccomp profile location.
+ Must be set if type is "Localhost". Must NOT be set for any other type.
+ type: string
+ type:
+ description: |-
+ type indicates which kind of seccomp profile will be applied.
+ Valid options are:
+
+
+ Localhost - a profile defined in a file on the node should be used.
+ RuntimeDefault - the container runtime default profile should be used.
+ Unconfined - no profile should be applied.
+ type: string
+ required:
+ - type
+ type: object
+ windowsOptions:
+ description: |-
+ The Windows specific settings applied to all containers.
+ If unspecified, the options from the PodSecurityContext will be used.
+ If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+ Note that this field cannot be set when spec.os.name is linux.
+ properties:
+ gmsaCredentialSpec:
+ description: |-
+ GMSACredentialSpec is where the GMSA admission webhook
+ (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the
+ GMSA credential spec named by the GMSACredentialSpecName field.
+ type: string
+ gmsaCredentialSpecName:
+ description: GMSACredentialSpecName is the
+ name of the GMSA credential spec to use.
+ type: string
+ hostProcess:
+ description: |-
+ HostProcess determines if a container should be run as a 'Host Process' container.
+ All of a Pod's containers must have the same effective HostProcess value
+ (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).
+ In addition, if HostProcess is true then HostNetwork must also be set to true.
+ type: boolean
+ runAsUserName:
+ description: |-
+ The UserName in Windows to run the entrypoint of the container process.
+ Defaults to the user specified in image metadata if unspecified.
+ May also be set in PodSecurityContext. If set in both SecurityContext and
+ PodSecurityContext, the value specified in SecurityContext takes precedence.
+ type: string
+ type: object
+ type: object
+ startupProbe:
+ description: |-
+ StartupProbe indicates that the Pod has successfully initialized.
+ If specified, no other probes are executed until this completes successfully.
+ If this probe fails, the Pod will be restarted, just as if the livenessProbe failed.
+ This can be used to provide different probe parameters at the beginning of a Pod's lifecycle,
+ when it might take a long time to load data or warm a cache, than during steady-state operation.
+ This cannot be updated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ properties:
+ exec:
+ description: Exec specifies the action to take.
+ properties:
+ command:
+ description: |-
+ Command is the command line to execute inside the container, the working directory for the
+ command is root ('/') in the container's filesystem. The command is simply exec'd, it is
+ not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
+ a shell, you need to explicitly call out to that shell.
+ Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ description: |-
+ Minimum consecutive failures for the probe to be considered failed after having succeeded.
+ Defaults to 3. Minimum value is 1.
+ format: int32
+ type: integer
+ grpc:
+ description: GRPC specifies an action involving
+ a GRPC port.
+ properties:
+ port:
+ description: Port number of the gRPC service.
+ Number must be in the range 1 to 65535.
+ format: int32
+ type: integer
+ service:
+ description: |-
+ Service is the name of the service to place in the gRPC HealthCheckRequest
+ (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
+
+
+ If this is not specified, the default behavior is defined by gRPC.
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ description: HTTPGet specifies the http request
+ to perform.
+ properties:
+ host:
+ description: |-
+ Host name to connect to, defaults to the pod IP. You probably want to set
+ "Host" in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the
+ request. HTTP allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom
+ header to be used in HTTP probes
+ properties:
+ name:
+ description: |-
+ The header field name.
+ This will be canonicalized upon output, so case-variant names will be understood as the same header.
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP
+ server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Name or number of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: |-
+ Scheme to use for connecting to the host.
+ Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ description: |-
+ Number of seconds after the container has started before liveness probes are initiated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ format: int32
+ type: integer
+ periodSeconds:
+ description: |-
+ How often (in seconds) to perform the probe.
+ Default to 10 seconds. Minimum value is 1.
+ format: int32
+ type: integer
+ successThreshold:
+ description: |-
+ Minimum consecutive successes for the probe to be considered successful after having failed.
+ Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
+ format: int32
+ type: integer
+ tcpSocket:
+ description: TCPSocket specifies an action involving
+ a TCP port.
+ properties:
+ host:
+ description: 'Optional: Host name to connect
+ to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Number or name of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ description: |-
+ Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
+ The grace period is the duration in seconds after the processes running in the pod are sent
+ a termination signal and the time when the processes are forcibly halted with a kill signal.
+ Set this value longer than the expected cleanup time for your process.
+ If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
+ value overrides the value provided by the pod spec.
+ Value must be non-negative integer. The value zero indicates stop immediately via
+ the kill signal (no opportunity to shut down).
+ This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
+ Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
+ format: int64
+ type: integer
+ timeoutSeconds:
+ description: |-
+ Number of seconds after which the probe times out.
+ Defaults to 1 second. Minimum value is 1.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ format: int32
+ type: integer
+ type: object
+ stdin:
+ description: |-
+ Whether this container should allocate a buffer for stdin in the container runtime. If this
+ is not set, reads from stdin in the container will always result in EOF.
+ Default is false.
+ type: boolean
+ stdinOnce:
+ description: |-
+ Whether the container runtime should close the stdin channel after it has been opened by
+ a single attach. When stdin is true the stdin stream will remain open across multiple attach
+ sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the
+ first client attaches to stdin, and then remains open and accepts data until the client disconnects,
+ at which time stdin is closed and remains closed until the container is restarted. If this
+ flag is false, a container processes that reads from stdin will never receive an EOF.
+ Default is false
+ type: boolean
+ terminationMessagePath:
+ description: |-
+ Optional: Path at which the file to which the container's termination message
+ will be written is mounted into the container's filesystem.
+ Message written is intended to be brief final status, such as an assertion failure message.
+ Will be truncated by the node if greater than 4096 bytes. The total message length across
+ all containers will be limited to 12kb.
+ Defaults to /dev/termination-log.
+ Cannot be updated.
+ type: string
+ terminationMessagePolicy:
+ description: |-
+ Indicate how the termination message should be populated. File will use the contents of
+ terminationMessagePath to populate the container status message on both success and failure.
+ FallbackToLogsOnError will use the last chunk of container log output if the termination
+ message file is empty and the container exited with an error.
+ The log output is limited to 2048 bytes or 80 lines, whichever is smaller.
+ Defaults to File.
+ Cannot be updated.
+ type: string
+ tty:
+ description: |-
+ Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.
+ Default is false.
+ type: boolean
+ volumeDevices:
+ description: volumeDevices is the list of block
+ devices to be used by the container.
+ items:
+ description: volumeDevice describes a mapping
+ of a raw block device within a container.
+ properties:
+ devicePath:
+ description: devicePath is the path inside
+ of the container that the device will be
+ mapped to.
+ type: string
+ name:
+ description: name must match the name of a
+ persistentVolumeClaim in the pod
+ type: string
+ required:
+ - devicePath
+ - name
+ type: object
+ type: array
+ volumeMounts:
+ description: |-
+ Pod volumes to mount into the container's filesystem.
+ Cannot be updated.
+ items:
+ description: VolumeMount describes a mounting
+ of a Volume within a container.
+ properties:
+ mountPath:
+ description: |-
+ Path within the container at which the volume should be mounted. Must
+ not contain ':'.
+ type: string
+ mountPropagation:
+ description: |-
+ mountPropagation determines how mounts are propagated from the host
+ to container and the other way around.
+ When not set, MountPropagationNone is used.
+ This field is beta in 1.10.
+ type: string
+ name:
+ description: This must match the Name of a
+ Volume.
+ type: string
+ readOnly:
+ description: |-
+ Mounted read-only if true, read-write otherwise (false or unspecified).
+ Defaults to false.
+ type: boolean
+ subPath:
+ description: |-
+ Path within the volume from which the container's volume should be mounted.
+ Defaults to "" (volume's root).
+ type: string
+ subPathExpr:
+ description: |-
+ Expanded path within the volume from which the container's volume should be mounted.
+ Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.
+ Defaults to "" (volume's root).
+ SubPathExpr and SubPath are mutually exclusive.
+ type: string
+ required:
+ - mountPath
+ - name
+ type: object
+ type: array
+ workingDir:
+ description: |-
+ Container's working directory.
+ If not specified, the container runtime's default will be used, which
+ might be configured in the container image.
+ Cannot be updated.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ dnsPolicy:
+ description: DNSPolicy
+ type: string
+ ephemeralContainers:
+ description: EphemeralContainers
+ items:
+ description: |-
+ An EphemeralContainer is a temporary container that you may add to an existing Pod for
+ user-initiated activities such as debugging. Ephemeral containers have no resource or
+ scheduling guarantees, and they will not be restarted when they exit or when a Pod is
+ removed or restarted. The kubelet may evict a Pod if an ephemeral container causes the
+ Pod to exceed its resource allocation.
+
+
+ To add an ephemeral container, use the ephemeralcontainers subresource of an existing
+ Pod. Ephemeral containers may not be removed or restarted.
+ properties:
+ args:
+ description: |-
+ Arguments to the entrypoint.
+ The image's CMD is used if this is not provided.
+ Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
+ cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced
+ to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
+ produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless
+ of whether the variable exists or not. Cannot be updated.
+ More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
+ items:
+ type: string
+ type: array
+ command:
+ description: |-
+ Entrypoint array. Not executed within a shell.
+ The image's ENTRYPOINT is used if this is not provided.
+ Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
+ cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced
+ to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
+ produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless
+ of whether the variable exists or not. Cannot be updated.
+ More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
+ items:
+ type: string
+ type: array
+ env:
+ description: |-
+ List of environment variables to set in the container.
+ Cannot be updated.
+ items:
+ description: EnvVar represents an environment
+ variable present in a Container.
+ properties:
+ name:
+ description: Name of the environment variable.
+ Must be a C_IDENTIFIER.
+ type: string
+ value:
+ description: |-
+ Variable references $(VAR_NAME) are expanded
+ using the previously defined environment variables in the container and
+ any service environment variables. If a variable cannot be resolved,
+ the reference in the input string will be unchanged. Double $$ are reduced
+ to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.
+ "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)".
+ Escaped references will never be expanded, regardless of whether the variable
+ exists or not.
+ Defaults to "".
+ type: string
+ valueFrom:
+ description: Source for the environment variable's
+ value. Cannot be used if value is not empty.
+ properties:
+ configMapKeyRef:
+ description: Selects a key of a ConfigMap.
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the ConfigMap
+ or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ fieldRef:
+ description: |-
+ Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,
+ spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.
+ properties:
+ apiVersion:
+ description: Version of the schema
+ the FieldPath is written in terms
+ of, defaults to "v1".
+ type: string
+ fieldPath:
+ description: Path of the field to
+ select in the specified API version.
+ type: string
+ required:
+ - fieldPath
+ type: object
+ x-kubernetes-map-type: atomic
+ resourceFieldRef:
+ description: |-
+ Selects a resource of the container: only resources limits and requests
+ (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.
+ properties:
+ containerName:
+ description: 'Container name: required
+ for volumes, optional for env vars'
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Specifies the output
+ format of the exposed resources,
+ defaults to "1"
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ description: 'Required: resource to
+ select'
+ type: string
+ required:
+ - resource
+ type: object
+ x-kubernetes-map-type: atomic
+ secretKeyRef:
+ description: Selects a key of a secret
+ in the pod's namespace
+ properties:
+ key:
+ description: The key of the secret
+ to select from. Must be a valid
+ secret key.
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the Secret
+ or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ required:
+ - name
+ type: object
+ type: array
+ envFrom:
+ description: |-
+ List of sources to populate environment variables in the container.
+ The keys defined within a source must be a C_IDENTIFIER. All invalid keys
+ will be reported as an event when the container is starting. When a key exists in multiple
+ sources, the value associated with the last source will take precedence.
+ Values defined by an Env with a duplicate key will take precedence.
+ Cannot be updated.
+ items:
+ description: EnvFromSource represents the source
+ of a set of ConfigMaps
+ properties:
+ configMapRef:
+ description: The ConfigMap to select from
+ properties:
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the ConfigMap
+ must be defined
+ type: boolean
+ type: object
+ x-kubernetes-map-type: atomic
+ prefix:
+ description: An optional identifier to prepend
+ to each key in the ConfigMap. Must be a
+ C_IDENTIFIER.
+ type: string
+ secretRef:
+ description: The Secret to select from
+ properties:
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the Secret
+ must be defined
+ type: boolean
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ type: array
+ image:
+ description: |-
+ Container image name.
+ More info: https://kubernetes.io/docs/concepts/containers/images
+ type: string
+ imagePullPolicy:
+ description: |-
+ Image pull policy.
+ One of Always, Never, IfNotPresent.
+ Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
+ Cannot be updated.
+ More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
+ type: string
+ lifecycle:
+ description: Lifecycle is not allowed for ephemeral
+ containers.
+ properties:
+ postStart:
+ description: |-
+ PostStart is called immediately after a container is created. If the handler fails,
+ the container is terminated and restarted according to its restart policy.
+ Other management of the container blocks until the hook completes.
+ More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
+ properties:
+ exec:
+ description: Exec specifies the action to
+ take.
+ properties:
+ command:
+ description: |-
+ Command is the command line to execute inside the container, the working directory for the
+ command is root ('/') in the container's filesystem. The command is simply exec'd, it is
+ not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
+ a shell, you need to explicitly call out to that shell.
+ Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ description: HTTPGet specifies the http
+ request to perform.
+ properties:
+ host:
+ description: |-
+ Host name to connect to, defaults to the pod IP. You probably want to set
+ "Host" in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in
+ the request. HTTP allows repeated
+ headers.
+ items:
+ description: HTTPHeader describes
+ a custom header to be used in HTTP
+ probes
+ properties:
+ name:
+ description: |-
+ The header field name.
+ This will be canonicalized upon output, so case-variant names will be understood as the same header.
+ type: string
+ value:
+ description: The header field
+ value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP
+ server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Name or number of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: |-
+ Scheme to use for connecting to the host.
+ Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ sleep:
+ description: Sleep represents the duration
+ that the container should sleep before
+ being terminated.
+ properties:
+ seconds:
+ description: Seconds is the number of
+ seconds to sleep.
+ format: int64
+ type: integer
+ required:
+ - seconds
+ type: object
+ tcpSocket:
+ description: |-
+ Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept
+ for the backward compatibility. There are no validation of this field and
+ lifecycle hooks will fail in runtime when tcp handler is specified.
+ properties:
+ host:
+ description: 'Optional: Host name to
+ connect to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Number or name of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ preStop:
+ description: |-
+ PreStop is called immediately before a container is terminated due to an
+ API request or management event such as liveness/startup probe failure,
+ preemption, resource contention, etc. The handler is not called if the
+ container crashes or exits. The Pod's termination grace period countdown begins before the
+ PreStop hook is executed. Regardless of the outcome of the handler, the
+ container will eventually terminate within the Pod's termination grace
+ period (unless delayed by finalizers). Other management of the container blocks until the hook completes
+ or until the termination grace period is reached.
+ More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
+ properties:
+ exec:
+ description: Exec specifies the action to
+ take.
+ properties:
+ command:
+ description: |-
+ Command is the command line to execute inside the container, the working directory for the
+ command is root ('/') in the container's filesystem. The command is simply exec'd, it is
+ not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
+ a shell, you need to explicitly call out to that shell.
+ Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ description: HTTPGet specifies the http
+ request to perform.
+ properties:
+ host:
+ description: |-
+ Host name to connect to, defaults to the pod IP. You probably want to set
+ "Host" in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in
+ the request. HTTP allows repeated
+ headers.
+ items:
+ description: HTTPHeader describes
+ a custom header to be used in HTTP
+ probes
+ properties:
+ name:
+ description: |-
+ The header field name.
+ This will be canonicalized upon output, so case-variant names will be understood as the same header.
+ type: string
+ value:
+ description: The header field
+ value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP
+ server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Name or number of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: |-
+ Scheme to use for connecting to the host.
+ Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ sleep:
+ description: Sleep represents the duration
+ that the container should sleep before
+ being terminated.
+ properties:
+ seconds:
+ description: Seconds is the number of
+ seconds to sleep.
+ format: int64
+ type: integer
+ required:
+ - seconds
+ type: object
+ tcpSocket:
+ description: |-
+ Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept
+ for the backward compatibility. There are no validation of this field and
+ lifecycle hooks will fail in runtime when tcp handler is specified.
+ properties:
+ host:
+ description: 'Optional: Host name to
+ connect to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Number or name of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ type: object
+ livenessProbe:
+ description: Probes are not allowed for ephemeral
+ containers.
+ properties:
+ exec:
+ description: Exec specifies the action to take.
+ properties:
+ command:
+ description: |-
+ Command is the command line to execute inside the container, the working directory for the
+ command is root ('/') in the container's filesystem. The command is simply exec'd, it is
+ not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
+ a shell, you need to explicitly call out to that shell.
+ Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ description: |-
+ Minimum consecutive failures for the probe to be considered failed after having succeeded.
+ Defaults to 3. Minimum value is 1.
+ format: int32
+ type: integer
+ grpc:
+ description: GRPC specifies an action involving
+ a GRPC port.
+ properties:
+ port:
+ description: Port number of the gRPC service.
+ Number must be in the range 1 to 65535.
+ format: int32
+ type: integer
+ service:
+ description: |-
+ Service is the name of the service to place in the gRPC HealthCheckRequest
+ (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
+
+
+ If this is not specified, the default behavior is defined by gRPC.
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ description: HTTPGet specifies the http request
+ to perform.
+ properties:
+ host:
+ description: |-
+ Host name to connect to, defaults to the pod IP. You probably want to set
+ "Host" in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the
+ request. HTTP allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom
+ header to be used in HTTP probes
+ properties:
+ name:
+ description: |-
+ The header field name.
+ This will be canonicalized upon output, so case-variant names will be understood as the same header.
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP
+ server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Name or number of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: |-
+ Scheme to use for connecting to the host.
+ Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ description: |-
+ Number of seconds after the container has started before liveness probes are initiated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ format: int32
+ type: integer
+ periodSeconds:
+ description: |-
+ How often (in seconds) to perform the probe.
+ Default to 10 seconds. Minimum value is 1.
+ format: int32
+ type: integer
+ successThreshold:
+ description: |-
+ Minimum consecutive successes for the probe to be considered successful after having failed.
+ Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
+ format: int32
+ type: integer
+ tcpSocket:
+ description: TCPSocket specifies an action involving
+ a TCP port.
+ properties:
+ host:
+ description: 'Optional: Host name to connect
+ to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Number or name of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ description: |-
+ Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
+ The grace period is the duration in seconds after the processes running in the pod are sent
+ a termination signal and the time when the processes are forcibly halted with a kill signal.
+ Set this value longer than the expected cleanup time for your process.
+ If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
+ value overrides the value provided by the pod spec.
+ Value must be non-negative integer. The value zero indicates stop immediately via
+ the kill signal (no opportunity to shut down).
+ This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
+ Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
+ format: int64
+ type: integer
+ timeoutSeconds:
+ description: |-
+ Number of seconds after which the probe times out.
+ Defaults to 1 second. Minimum value is 1.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ format: int32
+ type: integer
+ type: object
+ name:
+ description: |-
+ Name of the ephemeral container specified as a DNS_LABEL.
+ This name must be unique among all containers, init containers and ephemeral containers.
+ type: string
+ ports:
+ description: Ports are not allowed for ephemeral
+ containers.
+ items:
+ description: ContainerPort represents a network
+ port in a single container.
+ properties:
+ containerPort:
+ description: |-
+ Number of port to expose on the pod's IP address.
+ This must be a valid port number, 0 < x < 65536.
+ format: int32
+ type: integer
+ hostIP:
+ description: What host IP to bind the external
+ port to.
+ type: string
+ hostPort:
+ description: |-
+ Number of port to expose on the host.
+ If specified, this must be a valid port number, 0 < x < 65536.
+ If HostNetwork is specified, this must match ContainerPort.
+ Most containers do not need this.
+ format: int32
+ type: integer
+ name:
+ description: |-
+ If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
+ named port in a pod must have a unique name. Name for the port that can be
+ referred to by services.
+ type: string
+ protocol:
+ default: TCP
+ description: |-
+ Protocol for port. Must be UDP, TCP, or SCTP.
+ Defaults to "TCP".
+ type: string
+ required:
+ - containerPort
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - containerPort
+ - protocol
+ x-kubernetes-list-type: map
+ readinessProbe:
+ description: Probes are not allowed for ephemeral
+ containers.
+ properties:
+ exec:
+ description: Exec specifies the action to take.
+ properties:
+ command:
+ description: |-
+ Command is the command line to execute inside the container, the working directory for the
+ command is root ('/') in the container's filesystem. The command is simply exec'd, it is
+ not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
+ a shell, you need to explicitly call out to that shell.
+ Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ description: |-
+ Minimum consecutive failures for the probe to be considered failed after having succeeded.
+ Defaults to 3. Minimum value is 1.
+ format: int32
+ type: integer
+ grpc:
+ description: GRPC specifies an action involving
+ a GRPC port.
+ properties:
+ port:
+ description: Port number of the gRPC service.
+ Number must be in the range 1 to 65535.
+ format: int32
+ type: integer
+ service:
+ description: |-
+ Service is the name of the service to place in the gRPC HealthCheckRequest
+ (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
+
+
+ If this is not specified, the default behavior is defined by gRPC.
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ description: HTTPGet specifies the http request
+ to perform.
+ properties:
+ host:
+ description: |-
+ Host name to connect to, defaults to the pod IP. You probably want to set
+ "Host" in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the
+ request. HTTP allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom
+ header to be used in HTTP probes
+ properties:
+ name:
+ description: |-
+ The header field name.
+ This will be canonicalized upon output, so case-variant names will be understood as the same header.
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP
+ server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Name or number of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: |-
+ Scheme to use for connecting to the host.
+ Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ description: |-
+ Number of seconds after the container has started before liveness probes are initiated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ format: int32
+ type: integer
+ periodSeconds:
+ description: |-
+ How often (in seconds) to perform the probe.
+ Default to 10 seconds. Minimum value is 1.
+ format: int32
+ type: integer
+ successThreshold:
+ description: |-
+ Minimum consecutive successes for the probe to be considered successful after having failed.
+ Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
+ format: int32
+ type: integer
+ tcpSocket:
+ description: TCPSocket specifies an action involving
+ a TCP port.
+ properties:
+ host:
+ description: 'Optional: Host name to connect
+ to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Number or name of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ description: |-
+ Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
+ The grace period is the duration in seconds after the processes running in the pod are sent
+ a termination signal and the time when the processes are forcibly halted with a kill signal.
+ Set this value longer than the expected cleanup time for your process.
+ If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
+ value overrides the value provided by the pod spec.
+ Value must be non-negative integer. The value zero indicates stop immediately via
+ the kill signal (no opportunity to shut down).
+ This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
+ Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
+ format: int64
+ type: integer
+ timeoutSeconds:
+ description: |-
+ Number of seconds after which the probe times out.
+ Defaults to 1 second. Minimum value is 1.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ format: int32
+ type: integer
+ type: object
+ resizePolicy:
+ description: Resources resize policy for the container.
+ items:
+ description: ContainerResizePolicy represents
+ resource resize policy for the container.
+ properties:
+ resourceName:
+ description: |-
+ Name of the resource to which this resource resize policy applies.
+ Supported values: cpu, memory.
+ type: string
+ restartPolicy:
+ description: |-
+ Restart policy to apply when specified resource is resized.
+ If not specified, it defaults to NotRequired.
+ type: string
+ required:
+ - resourceName
+ - restartPolicy
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ resources:
+ description: |-
+ Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources
+ already allocated to the pod.
+ properties:
+ claims:
+ description: |-
+ Claims lists the names of resources, defined in spec.resourceClaims,
+ that are used by this container.
+
+
+ This is an alpha field and requires enabling the
+ DynamicResourceAllocation feature gate.
+
+
+ This field is immutable. It can only be set for containers.
+ items:
+ description: ResourceClaim references one
+ entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: |-
+ Name must match the name of one entry in pod.spec.resourceClaims of
+ the Pod where this field is used. It makes that resource available
+ inside a container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
+ limits:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ description: |-
+ Limits describes the maximum amount of compute resources allowed.
+ More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
+ type: object
+ requests:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ description: |-
+ Requests describes the minimum amount of compute resources required.
+ If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
+ otherwise to an implementation-defined value. Requests cannot exceed Limits.
+ More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
+ type: object
+ type: object
+ restartPolicy:
+ description: |-
+ Restart policy for the container to manage the restart behavior of each
+ container within a pod.
+ This may only be set for init containers. You cannot set this field on
+ ephemeral containers.
+ type: string
+ securityContext:
+ description: |-
+ Optional: SecurityContext defines the security options the ephemeral container should be run with.
+ If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.
+ properties:
+ allowPrivilegeEscalation:
+ description: |-
+ AllowPrivilegeEscalation controls whether a process can gain more
+ privileges than its parent process. This bool directly controls if
+ the no_new_privs flag will be set on the container process.
+ AllowPrivilegeEscalation is true always when the container is:
+ 1) run as Privileged
+ 2) has CAP_SYS_ADMIN
+ Note that this field cannot be set when spec.os.name is windows.
+ type: boolean
+ capabilities:
+ description: |-
+ The capabilities to add/drop when running containers.
+ Defaults to the default set of capabilities granted by the container runtime.
+ Note that this field cannot be set when spec.os.name is windows.
+ properties:
+ add:
+ description: Added capabilities
+ items:
+ description: Capability represent POSIX
+ capabilities type
+ type: string
+ type: array
+ drop:
+ description: Removed capabilities
+ items:
+ description: Capability represent POSIX
+ capabilities type
+ type: string
+ type: array
+ type: object
+ privileged:
+ description: |-
+ Run container in privileged mode.
+ Processes in privileged containers are essentially equivalent to root on the host.
+ Defaults to false.
+ Note that this field cannot be set when spec.os.name is windows.
+ type: boolean
+ procMount:
+ description: |-
+ procMount denotes the type of proc mount to use for the containers.
+ The default is DefaultProcMount which uses the container runtime defaults for
+ readonly paths and masked paths.
+ This requires the ProcMountType feature flag to be enabled.
+ Note that this field cannot be set when spec.os.name is windows.
+ type: string
+ readOnlyRootFilesystem:
+ description: |-
+ Whether this container has a read-only root filesystem.
+ Default is false.
+ Note that this field cannot be set when spec.os.name is windows.
+ type: boolean
+ runAsGroup:
+ description: |-
+ The GID to run the entrypoint of the container process.
+ Uses runtime default if unset.
+ May also be set in PodSecurityContext. If set in both SecurityContext and
+ PodSecurityContext, the value specified in SecurityContext takes precedence.
+ Note that this field cannot be set when spec.os.name is windows.
+ format: int64
+ type: integer
+ runAsNonRoot:
+ description: |-
+ Indicates that the container must run as a non-root user.
+ If true, the Kubelet will validate the image at runtime to ensure that it
+ does not run as UID 0 (root) and fail to start the container if it does.
+ If unset or false, no such validation will be performed.
+ May also be set in PodSecurityContext. If set in both SecurityContext and
+ PodSecurityContext, the value specified in SecurityContext takes precedence.
+ type: boolean
+ runAsUser:
+ description: |-
+ The UID to run the entrypoint of the container process.
+ Defaults to user specified in image metadata if unspecified.
+ May also be set in PodSecurityContext. If set in both SecurityContext and
+ PodSecurityContext, the value specified in SecurityContext takes precedence.
+ Note that this field cannot be set when spec.os.name is windows.
+ format: int64
+ type: integer
+ seLinuxOptions:
+ description: |-
+ The SELinux context to be applied to the container.
+ If unspecified, the container runtime will allocate a random SELinux context for each
+ container. May also be set in PodSecurityContext. If set in both SecurityContext and
+ PodSecurityContext, the value specified in SecurityContext takes precedence.
+ Note that this field cannot be set when spec.os.name is windows.
+ properties:
+ level:
+ description: Level is SELinux level label
+ that applies to the container.
+ type: string
+ role:
+ description: Role is a SELinux role label
+ that applies to the container.
+ type: string
+ type:
+ description: Type is a SELinux type label
+ that applies to the container.
+ type: string
+ user:
+ description: User is a SELinux user label
+ that applies to the container.
+ type: string
+ type: object
+ seccompProfile:
+ description: |-
+ The seccomp options to use by this container. If seccomp options are
+ provided at both the pod & container level, the container options
+ override the pod options.
+ Note that this field cannot be set when spec.os.name is windows.
+ properties:
+ localhostProfile:
+ description: |-
+ localhostProfile indicates a profile defined in a file on the node should be used.
+ The profile must be preconfigured on the node to work.
+ Must be a descending path, relative to the kubelet's configured seccomp profile location.
+ Must be set if type is "Localhost". Must NOT be set for any other type.
+ type: string
+ type:
+ description: |-
+ type indicates which kind of seccomp profile will be applied.
+ Valid options are:
+
+
+ Localhost - a profile defined in a file on the node should be used.
+ RuntimeDefault - the container runtime default profile should be used.
+ Unconfined - no profile should be applied.
+ type: string
+ required:
+ - type
+ type: object
+ windowsOptions:
+ description: |-
+ The Windows specific settings applied to all containers.
+ If unspecified, the options from the PodSecurityContext will be used.
+ If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+ Note that this field cannot be set when spec.os.name is linux.
+ properties:
+ gmsaCredentialSpec:
+ description: |-
+ GMSACredentialSpec is where the GMSA admission webhook
+ (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the
+ GMSA credential spec named by the GMSACredentialSpecName field.
+ type: string
+ gmsaCredentialSpecName:
+ description: GMSACredentialSpecName is the
+ name of the GMSA credential spec to use.
+ type: string
+ hostProcess:
+ description: |-
+ HostProcess determines if a container should be run as a 'Host Process' container.
+ All of a Pod's containers must have the same effective HostProcess value
+ (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).
+ In addition, if HostProcess is true then HostNetwork must also be set to true.
+ type: boolean
+ runAsUserName:
+ description: |-
+ The UserName in Windows to run the entrypoint of the container process.
+ Defaults to the user specified in image metadata if unspecified.
+ May also be set in PodSecurityContext. If set in both SecurityContext and
+ PodSecurityContext, the value specified in SecurityContext takes precedence.
+ type: string
+ type: object
+ type: object
+ startupProbe:
+ description: Probes are not allowed for ephemeral
+ containers.
+ properties:
+ exec:
+ description: Exec specifies the action to take.
+ properties:
+ command:
+ description: |-
+ Command is the command line to execute inside the container, the working directory for the
+ command is root ('/') in the container's filesystem. The command is simply exec'd, it is
+ not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
+ a shell, you need to explicitly call out to that shell.
+ Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ description: |-
+ Minimum consecutive failures for the probe to be considered failed after having succeeded.
+ Defaults to 3. Minimum value is 1.
+ format: int32
+ type: integer
+ grpc:
+ description: GRPC specifies an action involving
+ a GRPC port.
+ properties:
+ port:
+ description: Port number of the gRPC service.
+ Number must be in the range 1 to 65535.
+ format: int32
+ type: integer
+ service:
+ description: |-
+ Service is the name of the service to place in the gRPC HealthCheckRequest
+ (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
+
+
+ If this is not specified, the default behavior is defined by gRPC.
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ description: HTTPGet specifies the http request
+ to perform.
+ properties:
+ host:
+ description: |-
+ Host name to connect to, defaults to the pod IP. You probably want to set
+ "Host" in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the
+ request. HTTP allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom
+ header to be used in HTTP probes
+ properties:
+ name:
+ description: |-
+ The header field name.
+ This will be canonicalized upon output, so case-variant names will be understood as the same header.
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP
+ server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Name or number of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: |-
+ Scheme to use for connecting to the host.
+ Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ description: |-
+ Number of seconds after the container has started before liveness probes are initiated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ format: int32
+ type: integer
+ periodSeconds:
+ description: |-
+ How often (in seconds) to perform the probe.
+ Default to 10 seconds. Minimum value is 1.
+ format: int32
+ type: integer
+ successThreshold:
+ description: |-
+ Minimum consecutive successes for the probe to be considered successful after having failed.
+ Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
+ format: int32
+ type: integer
+ tcpSocket:
+ description: TCPSocket specifies an action involving
+ a TCP port.
+ properties:
+ host:
+ description: 'Optional: Host name to connect
+ to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Number or name of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ description: |-
+ Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
+ The grace period is the duration in seconds after the processes running in the pod are sent
+ a termination signal and the time when the processes are forcibly halted with a kill signal.
+ Set this value longer than the expected cleanup time for your process.
+ If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
+ value overrides the value provided by the pod spec.
+ Value must be non-negative integer. The value zero indicates stop immediately via
+ the kill signal (no opportunity to shut down).
+ This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
+ Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
+ format: int64
+ type: integer
+ timeoutSeconds:
+ description: |-
+ Number of seconds after which the probe times out.
+ Defaults to 1 second. Minimum value is 1.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ format: int32
+ type: integer
+ type: object
+ stdin:
+ description: |-
+ Whether this container should allocate a buffer for stdin in the container runtime. If this
+ is not set, reads from stdin in the container will always result in EOF.
+ Default is false.
+ type: boolean
+ stdinOnce:
+ description: |-
+ Whether the container runtime should close the stdin channel after it has been opened by
+ a single attach. When stdin is true the stdin stream will remain open across multiple attach
+ sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the
+ first client attaches to stdin, and then remains open and accepts data until the client disconnects,
+ at which time stdin is closed and remains closed until the container is restarted. If this
+ flag is false, a container processes that reads from stdin will never receive an EOF.
+ Default is false
+ type: boolean
+ targetContainerName:
+ description: |-
+ If set, the name of the container from PodSpec that this ephemeral container targets.
+ The ephemeral container will be run in the namespaces (IPC, PID, etc) of this container.
+ If not set then the ephemeral container uses the namespaces configured in the Pod spec.
+
+
+ The container runtime must implement support for this feature. If the runtime does not
+ support namespace targeting then the result of setting this field is undefined.
+ type: string
+ terminationMessagePath:
+ description: |-
+ Optional: Path at which the file to which the container's termination message
+ will be written is mounted into the container's filesystem.
+ Message written is intended to be brief final status, such as an assertion failure message.
+ Will be truncated by the node if greater than 4096 bytes. The total message length across
+ all containers will be limited to 12kb.
+ Defaults to /dev/termination-log.
+ Cannot be updated.
+ type: string
+ terminationMessagePolicy:
+ description: |-
+ Indicate how the termination message should be populated. File will use the contents of
+ terminationMessagePath to populate the container status message on both success and failure.
+ FallbackToLogsOnError will use the last chunk of container log output if the termination
+ message file is empty and the container exited with an error.
+ The log output is limited to 2048 bytes or 80 lines, whichever is smaller.
+ Defaults to File.
+ Cannot be updated.
+ type: string
+ tty:
+ description: |-
+ Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.
+ Default is false.
+ type: boolean
+ volumeDevices:
+ description: volumeDevices is the list of block
+ devices to be used by the container.
+ items:
+ description: volumeDevice describes a mapping
+ of a raw block device within a container.
+ properties:
+ devicePath:
+ description: devicePath is the path inside
+ of the container that the device will be
+ mapped to.
+ type: string
+ name:
+ description: name must match the name of a
+ persistentVolumeClaim in the pod
+ type: string
+ required:
+ - devicePath
+ - name
+ type: object
+ type: array
+ volumeMounts:
+ description: |-
+ Pod volumes to mount into the container's filesystem. Subpath mounts are not allowed for ephemeral containers.
+ Cannot be updated.
+ items:
+ description: VolumeMount describes a mounting
+ of a Volume within a container.
+ properties:
+ mountPath:
+ description: |-
+ Path within the container at which the volume should be mounted. Must
+ not contain ':'.
+ type: string
+ mountPropagation:
+ description: |-
+ mountPropagation determines how mounts are propagated from the host
+ to container and the other way around.
+ When not set, MountPropagationNone is used.
+ This field is beta in 1.10.
+ type: string
+ name:
+ description: This must match the Name of a
+ Volume.
+ type: string
+ readOnly:
+ description: |-
+ Mounted read-only if true, read-write otherwise (false or unspecified).
+ Defaults to false.
+ type: boolean
+ subPath:
+ description: |-
+ Path within the volume from which the container's volume should be mounted.
+ Defaults to "" (volume's root).
+ type: string
+ subPathExpr:
+ description: |-
+ Expanded path within the volume from which the container's volume should be mounted.
+ Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.
+ Defaults to "" (volume's root).
+ SubPathExpr and SubPath are mutually exclusive.
+ type: string
+ required:
+ - mountPath
+ - name
+ type: object
+ type: array
+ workingDir:
+ description: |-
+ Container's working directory.
+ If not specified, the container runtime's default will be used, which
+ might be configured in the container image.
+ Cannot be updated.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ initContainers:
+ description: InitContainers
+ items:
+ description: A single application container that you
+ want to run within a pod.
+ properties:
+ args:
+ description: |-
+ Arguments to the entrypoint.
+ The container image's CMD is used if this is not provided.
+ Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
+ cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced
+ to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
+ produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless
+ of whether the variable exists or not. Cannot be updated.
+ More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
+ items:
+ type: string
+ type: array
+ command:
+ description: |-
+ Entrypoint array. Not executed within a shell.
+ The container image's ENTRYPOINT is used if this is not provided.
+ Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
+ cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced
+ to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
+ produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless
+ of whether the variable exists or not. Cannot be updated.
+ More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
+ items:
+ type: string
+ type: array
+ env:
+ description: |-
+ List of environment variables to set in the container.
+ Cannot be updated.
+ items:
+ description: EnvVar represents an environment
+ variable present in a Container.
+ properties:
+ name:
+ description: Name of the environment variable.
+ Must be a C_IDENTIFIER.
+ type: string
+ value:
+ description: |-
+ Variable references $(VAR_NAME) are expanded
+ using the previously defined environment variables in the container and
+ any service environment variables. If a variable cannot be resolved,
+ the reference in the input string will be unchanged. Double $$ are reduced
+ to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.
+ "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)".
+ Escaped references will never be expanded, regardless of whether the variable
+ exists or not.
+ Defaults to "".
+ type: string
+ valueFrom:
+ description: Source for the environment variable's
+ value. Cannot be used if value is not empty.
+ properties:
+ configMapKeyRef:
+ description: Selects a key of a ConfigMap.
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the ConfigMap
+ or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ fieldRef:
+ description: |-
+ Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,
+ spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.
+ properties:
+ apiVersion:
+ description: Version of the schema
+ the FieldPath is written in terms
+ of, defaults to "v1".
+ type: string
+ fieldPath:
+ description: Path of the field to
+ select in the specified API version.
+ type: string
+ required:
+ - fieldPath
+ type: object
+ x-kubernetes-map-type: atomic
+ resourceFieldRef:
+ description: |-
+ Selects a resource of the container: only resources limits and requests
+ (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.
+ properties:
+ containerName:
+ description: 'Container name: required
+ for volumes, optional for env vars'
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Specifies the output
+ format of the exposed resources,
+ defaults to "1"
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ description: 'Required: resource to
+ select'
+ type: string
+ required:
+ - resource
+ type: object
+ x-kubernetes-map-type: atomic
+ secretKeyRef:
+ description: Selects a key of a secret
+ in the pod's namespace
+ properties:
+ key:
+ description: The key of the secret
+ to select from. Must be a valid
+ secret key.
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the Secret
+ or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ required:
+ - name
+ type: object
+ type: array
+ envFrom:
+ description: |-
+ List of sources to populate environment variables in the container.
+ The keys defined within a source must be a C_IDENTIFIER. All invalid keys
+ will be reported as an event when the container is starting. When a key exists in multiple
+ sources, the value associated with the last source will take precedence.
+ Values defined by an Env with a duplicate key will take precedence.
+ Cannot be updated.
+ items:
+ description: EnvFromSource represents the source
+ of a set of ConfigMaps
+ properties:
+ configMapRef:
+ description: The ConfigMap to select from
+ properties:
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the ConfigMap
+ must be defined
+ type: boolean
+ type: object
+ x-kubernetes-map-type: atomic
+ prefix:
+ description: An optional identifier to prepend
+ to each key in the ConfigMap. Must be a
+ C_IDENTIFIER.
+ type: string
+ secretRef:
+ description: The Secret to select from
+ properties:
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the Secret
+ must be defined
+ type: boolean
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ type: array
+ image:
+ description: |-
+ Container image name.
+ More info: https://kubernetes.io/docs/concepts/containers/images
+ This field is optional to allow higher level config management to default or override
+ container images in workload controllers like Deployments and StatefulSets.
+ type: string
+ imagePullPolicy:
+ description: |-
+ Image pull policy.
+ One of Always, Never, IfNotPresent.
+ Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
+ Cannot be updated.
+ More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
+ type: string
+ lifecycle:
+ description: |-
+ Actions that the management system should take in response to container lifecycle events.
+ Cannot be updated.
+ properties:
+ postStart:
+ description: |-
+ PostStart is called immediately after a container is created. If the handler fails,
+ the container is terminated and restarted according to its restart policy.
+ Other management of the container blocks until the hook completes.
+ More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
+ properties:
+ exec:
+ description: Exec specifies the action to
+ take.
+ properties:
+ command:
+ description: |-
+ Command is the command line to execute inside the container, the working directory for the
+ command is root ('/') in the container's filesystem. The command is simply exec'd, it is
+ not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
+ a shell, you need to explicitly call out to that shell.
+ Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ description: HTTPGet specifies the http
+ request to perform.
+ properties:
+ host:
+ description: |-
+ Host name to connect to, defaults to the pod IP. You probably want to set
+ "Host" in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in
+ the request. HTTP allows repeated
+ headers.
+ items:
+ description: HTTPHeader describes
+ a custom header to be used in HTTP
+ probes
+ properties:
+ name:
+ description: |-
+ The header field name.
+ This will be canonicalized upon output, so case-variant names will be understood as the same header.
+ type: string
+ value:
+ description: The header field
+ value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP
+ server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Name or number of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: |-
+ Scheme to use for connecting to the host.
+ Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ sleep:
+ description: Sleep represents the duration
+ that the container should sleep before
+ being terminated.
+ properties:
+ seconds:
+ description: Seconds is the number of
+ seconds to sleep.
+ format: int64
+ type: integer
+ required:
+ - seconds
+ type: object
+ tcpSocket:
+ description: |-
+ Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept
+ for the backward compatibility. There are no validation of this field and
+ lifecycle hooks will fail in runtime when tcp handler is specified.
+ properties:
+ host:
+ description: 'Optional: Host name to
+ connect to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Number or name of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ preStop:
+ description: |-
+ PreStop is called immediately before a container is terminated due to an
+ API request or management event such as liveness/startup probe failure,
+ preemption, resource contention, etc. The handler is not called if the
+ container crashes or exits. The Pod's termination grace period countdown begins before the
+ PreStop hook is executed. Regardless of the outcome of the handler, the
+ container will eventually terminate within the Pod's termination grace
+ period (unless delayed by finalizers). Other management of the container blocks until the hook completes
+ or until the termination grace period is reached.
+ More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
+ properties:
+ exec:
+ description: Exec specifies the action to
+ take.
+ properties:
+ command:
+ description: |-
+ Command is the command line to execute inside the container, the working directory for the
+ command is root ('/') in the container's filesystem. The command is simply exec'd, it is
+ not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
+ a shell, you need to explicitly call out to that shell.
+ Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ description: HTTPGet specifies the http
+ request to perform.
+ properties:
+ host:
+ description: |-
+ Host name to connect to, defaults to the pod IP. You probably want to set
+ "Host" in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in
+ the request. HTTP allows repeated
+ headers.
+ items:
+ description: HTTPHeader describes
+ a custom header to be used in HTTP
+ probes
+ properties:
+ name:
+ description: |-
+ The header field name.
+ This will be canonicalized upon output, so case-variant names will be understood as the same header.
+ type: string
+ value:
+ description: The header field
+ value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP
+ server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Name or number of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: |-
+ Scheme to use for connecting to the host.
+ Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ sleep:
+ description: Sleep represents the duration
+ that the container should sleep before
+ being terminated.
+ properties:
+ seconds:
+ description: Seconds is the number of
+ seconds to sleep.
+ format: int64
+ type: integer
+ required:
+ - seconds
+ type: object
+ tcpSocket:
+ description: |-
+ Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept
+ for the backward compatibility. There are no validation of this field and
+ lifecycle hooks will fail in runtime when tcp handler is specified.
+ properties:
+ host:
+ description: 'Optional: Host name to
+ connect to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Number or name of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ type: object
+ livenessProbe:
+ description: |-
+ Periodic probe of container liveness.
+ Container will be restarted if the probe fails.
+ Cannot be updated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ properties:
+ exec:
+ description: Exec specifies the action to take.
+ properties:
+ command:
+ description: |-
+ Command is the command line to execute inside the container, the working directory for the
+ command is root ('/') in the container's filesystem. The command is simply exec'd, it is
+ not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
+ a shell, you need to explicitly call out to that shell.
+ Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ description: |-
+ Minimum consecutive failures for the probe to be considered failed after having succeeded.
+ Defaults to 3. Minimum value is 1.
+ format: int32
+ type: integer
+ grpc:
+ description: GRPC specifies an action involving
+ a GRPC port.
+ properties:
+ port:
+ description: Port number of the gRPC service.
+ Number must be in the range 1 to 65535.
+ format: int32
+ type: integer
+ service:
+ description: |-
+ Service is the name of the service to place in the gRPC HealthCheckRequest
+ (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
+
+
+ If this is not specified, the default behavior is defined by gRPC.
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ description: HTTPGet specifies the http request
+ to perform.
+ properties:
+ host:
+ description: |-
+ Host name to connect to, defaults to the pod IP. You probably want to set
+ "Host" in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the
+ request. HTTP allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom
+ header to be used in HTTP probes
+ properties:
+ name:
+ description: |-
+ The header field name.
+ This will be canonicalized upon output, so case-variant names will be understood as the same header.
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP
+ server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Name or number of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: |-
+ Scheme to use for connecting to the host.
+ Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ description: |-
+ Number of seconds after the container has started before liveness probes are initiated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ format: int32
+ type: integer
+ periodSeconds:
+ description: |-
+ How often (in seconds) to perform the probe.
+ Default to 10 seconds. Minimum value is 1.
+ format: int32
+ type: integer
+ successThreshold:
+ description: |-
+ Minimum consecutive successes for the probe to be considered successful after having failed.
+ Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
+ format: int32
+ type: integer
+ tcpSocket:
+ description: TCPSocket specifies an action involving
+ a TCP port.
+ properties:
+ host:
+ description: 'Optional: Host name to connect
+ to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Number or name of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ description: |-
+ Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
+ The grace period is the duration in seconds after the processes running in the pod are sent
+ a termination signal and the time when the processes are forcibly halted with a kill signal.
+ Set this value longer than the expected cleanup time for your process.
+ If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
+ value overrides the value provided by the pod spec.
+ Value must be non-negative integer. The value zero indicates stop immediately via
+ the kill signal (no opportunity to shut down).
+ This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
+ Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
+ format: int64
+ type: integer
+ timeoutSeconds:
+ description: |-
+ Number of seconds after which the probe times out.
+ Defaults to 1 second. Minimum value is 1.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ format: int32
+ type: integer
+ type: object
+ name:
+ description: |-
+ Name of the container specified as a DNS_LABEL.
+ Each container in a pod must have a unique name (DNS_LABEL).
+ Cannot be updated.
+ type: string
+ ports:
+ description: |-
+ List of ports to expose from the container. Not specifying a port here
+ DOES NOT prevent that port from being exposed. Any port which is
+ listening on the default "0.0.0.0" address inside a container will be
+ accessible from the network.
+ Modifying this array with strategic merge patch may corrupt the data.
+ For more information See https://github.com/kubernetes/kubernetes/issues/108255.
+ Cannot be updated.
+ items:
+ description: ContainerPort represents a network
+ port in a single container.
+ properties:
+ containerPort:
+ description: |-
+ Number of port to expose on the pod's IP address.
+ This must be a valid port number, 0 < x < 65536.
+ format: int32
+ type: integer
+ hostIP:
+ description: What host IP to bind the external
+ port to.
+ type: string
+ hostPort:
+ description: |-
+ Number of port to expose on the host.
+ If specified, this must be a valid port number, 0 < x < 65536.
+ If HostNetwork is specified, this must match ContainerPort.
+ Most containers do not need this.
+ format: int32
+ type: integer
+ name:
+ description: |-
+ If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
+ named port in a pod must have a unique name. Name for the port that can be
+ referred to by services.
+ type: string
+ protocol:
+ default: TCP
+ description: |-
+ Protocol for port. Must be UDP, TCP, or SCTP.
+ Defaults to "TCP".
+ type: string
+ required:
+ - containerPort
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - containerPort
+ - protocol
+ x-kubernetes-list-type: map
+ readinessProbe:
+ description: |-
+ Periodic probe of container service readiness.
+ Container will be removed from service endpoints if the probe fails.
+ Cannot be updated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ properties:
+ exec:
+ description: Exec specifies the action to take.
+ properties:
+ command:
+ description: |-
+ Command is the command line to execute inside the container, the working directory for the
+ command is root ('/') in the container's filesystem. The command is simply exec'd, it is
+ not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
+ a shell, you need to explicitly call out to that shell.
+ Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ description: |-
+ Minimum consecutive failures for the probe to be considered failed after having succeeded.
+ Defaults to 3. Minimum value is 1.
+ format: int32
+ type: integer
+ grpc:
+ description: GRPC specifies an action involving
+ a GRPC port.
+ properties:
+ port:
+ description: Port number of the gRPC service.
+ Number must be in the range 1 to 65535.
+ format: int32
+ type: integer
+ service:
+ description: |-
+ Service is the name of the service to place in the gRPC HealthCheckRequest
+ (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
+
+
+ If this is not specified, the default behavior is defined by gRPC.
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ description: HTTPGet specifies the http request
+ to perform.
+ properties:
+ host:
+ description: |-
+ Host name to connect to, defaults to the pod IP. You probably want to set
+ "Host" in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the
+ request. HTTP allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom
+ header to be used in HTTP probes
+ properties:
+ name:
+ description: |-
+ The header field name.
+ This will be canonicalized upon output, so case-variant names will be understood as the same header.
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP
+ server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Name or number of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: |-
+ Scheme to use for connecting to the host.
+ Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ description: |-
+ Number of seconds after the container has started before liveness probes are initiated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ format: int32
+ type: integer
+ periodSeconds:
+ description: |-
+ How often (in seconds) to perform the probe.
+ Default to 10 seconds. Minimum value is 1.
+ format: int32
+ type: integer
+ successThreshold:
+ description: |-
+ Minimum consecutive successes for the probe to be considered successful after having failed.
+ Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
+ format: int32
+ type: integer
+ tcpSocket:
+ description: TCPSocket specifies an action involving
+ a TCP port.
+ properties:
+ host:
+ description: 'Optional: Host name to connect
+ to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Number or name of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ description: |-
+ Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
+ The grace period is the duration in seconds after the processes running in the pod are sent
+ a termination signal and the time when the processes are forcibly halted with a kill signal.
+ Set this value longer than the expected cleanup time for your process.
+ If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
+ value overrides the value provided by the pod spec.
+ Value must be non-negative integer. The value zero indicates stop immediately via
+ the kill signal (no opportunity to shut down).
+ This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
+ Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
+ format: int64
+ type: integer
+ timeoutSeconds:
+ description: |-
+ Number of seconds after which the probe times out.
+ Defaults to 1 second. Minimum value is 1.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ format: int32
+ type: integer
+ type: object
+ resizePolicy:
+ description: Resources resize policy for the container.
+ items:
+ description: ContainerResizePolicy represents
+ resource resize policy for the container.
+ properties:
+ resourceName:
+ description: |-
+ Name of the resource to which this resource resize policy applies.
+ Supported values: cpu, memory.
+ type: string
+ restartPolicy:
+ description: |-
+ Restart policy to apply when specified resource is resized.
+ If not specified, it defaults to NotRequired.
+ type: string
+ required:
+ - resourceName
+ - restartPolicy
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ resources:
+ description: |-
+ Compute Resources required by this container.
+ Cannot be updated.
+ More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
+ properties:
+ claims:
+ description: |-
+ Claims lists the names of resources, defined in spec.resourceClaims,
+ that are used by this container.
+
+
+ This is an alpha field and requires enabling the
+ DynamicResourceAllocation feature gate.
+
+
+ This field is immutable. It can only be set for containers.
+ items:
+ description: ResourceClaim references one
+ entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: |-
+ Name must match the name of one entry in pod.spec.resourceClaims of
+ the Pod where this field is used. It makes that resource available
+ inside a container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
+ limits:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ description: |-
+ Limits describes the maximum amount of compute resources allowed.
+ More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
+ type: object
+ requests:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ description: |-
+ Requests describes the minimum amount of compute resources required.
+ If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
+ otherwise to an implementation-defined value. Requests cannot exceed Limits.
+ More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
+ type: object
+ type: object
+ restartPolicy:
+ description: |-
+ RestartPolicy defines the restart behavior of individual containers in a pod.
+ This field may only be set for init containers, and the only allowed value is "Always".
+ For non-init containers or when this field is not specified,
+ the restart behavior is defined by the Pod's restart policy and the container type.
+ Setting the RestartPolicy as "Always" for the init container will have the following effect:
+ this init container will be continually restarted on
+ exit until all regular containers have terminated. Once all regular
+ containers have completed, all init containers with restartPolicy "Always"
+ will be shut down. This lifecycle differs from normal init containers and
+ is often referred to as a "sidecar" container. Although this init
+ container still starts in the init container sequence, it does not wait
+ for the container to complete before proceeding to the next init
+ container. Instead, the next init container starts immediately after this
+ init container is started, or after any startupProbe has successfully
+ completed.
+ type: string
+ securityContext:
+ description: |-
+ SecurityContext defines the security options the container should be run with.
+ If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.
+ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
+ properties:
+ allowPrivilegeEscalation:
+ description: |-
+ AllowPrivilegeEscalation controls whether a process can gain more
+ privileges than its parent process. This bool directly controls if
+ the no_new_privs flag will be set on the container process.
+ AllowPrivilegeEscalation is true always when the container is:
+ 1) run as Privileged
+ 2) has CAP_SYS_ADMIN
+ Note that this field cannot be set when spec.os.name is windows.
+ type: boolean
+ capabilities:
+ description: |-
+ The capabilities to add/drop when running containers.
+ Defaults to the default set of capabilities granted by the container runtime.
+ Note that this field cannot be set when spec.os.name is windows.
+ properties:
+ add:
+ description: Added capabilities
+ items:
+ description: Capability represent POSIX
+ capabilities type
+ type: string
+ type: array
+ drop:
+ description: Removed capabilities
+ items:
+ description: Capability represent POSIX
+ capabilities type
+ type: string
+ type: array
+ type: object
+ privileged:
+ description: |-
+ Run container in privileged mode.
+ Processes in privileged containers are essentially equivalent to root on the host.
+ Defaults to false.
+ Note that this field cannot be set when spec.os.name is windows.
+ type: boolean
+ procMount:
+ description: |-
+ procMount denotes the type of proc mount to use for the containers.
+ The default is DefaultProcMount which uses the container runtime defaults for
+ readonly paths and masked paths.
+ This requires the ProcMountType feature flag to be enabled.
+ Note that this field cannot be set when spec.os.name is windows.
+ type: string
+ readOnlyRootFilesystem:
+ description: |-
+ Whether this container has a read-only root filesystem.
+ Default is false.
+ Note that this field cannot be set when spec.os.name is windows.
+ type: boolean
+ runAsGroup:
+ description: |-
+ The GID to run the entrypoint of the container process.
+ Uses runtime default if unset.
+ May also be set in PodSecurityContext. If set in both SecurityContext and
+ PodSecurityContext, the value specified in SecurityContext takes precedence.
+ Note that this field cannot be set when spec.os.name is windows.
+ format: int64
+ type: integer
+ runAsNonRoot:
+ description: |-
+ Indicates that the container must run as a non-root user.
+ If true, the Kubelet will validate the image at runtime to ensure that it
+ does not run as UID 0 (root) and fail to start the container if it does.
+ If unset or false, no such validation will be performed.
+ May also be set in PodSecurityContext. If set in both SecurityContext and
+ PodSecurityContext, the value specified in SecurityContext takes precedence.
+ type: boolean
+ runAsUser:
+ description: |-
+ The UID to run the entrypoint of the container process.
+ Defaults to user specified in image metadata if unspecified.
+ May also be set in PodSecurityContext. If set in both SecurityContext and
+ PodSecurityContext, the value specified in SecurityContext takes precedence.
+ Note that this field cannot be set when spec.os.name is windows.
+ format: int64
+ type: integer
+ seLinuxOptions:
+ description: |-
+ The SELinux context to be applied to the container.
+ If unspecified, the container runtime will allocate a random SELinux context for each
+ container. May also be set in PodSecurityContext. If set in both SecurityContext and
+ PodSecurityContext, the value specified in SecurityContext takes precedence.
+ Note that this field cannot be set when spec.os.name is windows.
+ properties:
+ level:
+ description: Level is SELinux level label
+ that applies to the container.
+ type: string
+ role:
+ description: Role is a SELinux role label
+ that applies to the container.
+ type: string
+ type:
+ description: Type is a SELinux type label
+ that applies to the container.
+ type: string
+ user:
+ description: User is a SELinux user label
+ that applies to the container.
+ type: string
+ type: object
+ seccompProfile:
+ description: |-
+ The seccomp options to use by this container. If seccomp options are
+ provided at both the pod & container level, the container options
+ override the pod options.
+ Note that this field cannot be set when spec.os.name is windows.
+ properties:
+ localhostProfile:
+ description: |-
+ localhostProfile indicates a profile defined in a file on the node should be used.
+ The profile must be preconfigured on the node to work.
+ Must be a descending path, relative to the kubelet's configured seccomp profile location.
+ Must be set if type is "Localhost". Must NOT be set for any other type.
+ type: string
+ type:
+ description: |-
+ type indicates which kind of seccomp profile will be applied.
+ Valid options are:
+
+
+ Localhost - a profile defined in a file on the node should be used.
+ RuntimeDefault - the container runtime default profile should be used.
+ Unconfined - no profile should be applied.
+ type: string
+ required:
+ - type
+ type: object
+ windowsOptions:
+ description: |-
+ The Windows specific settings applied to all containers.
+ If unspecified, the options from the PodSecurityContext will be used.
+ If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+ Note that this field cannot be set when spec.os.name is linux.
+ properties:
+ gmsaCredentialSpec:
+ description: |-
+ GMSACredentialSpec is where the GMSA admission webhook
+ (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the
+ GMSA credential spec named by the GMSACredentialSpecName field.
+ type: string
+ gmsaCredentialSpecName:
+ description: GMSACredentialSpecName is the
+ name of the GMSA credential spec to use.
+ type: string
+ hostProcess:
+ description: |-
+ HostProcess determines if a container should be run as a 'Host Process' container.
+ All of a Pod's containers must have the same effective HostProcess value
+ (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).
+ In addition, if HostProcess is true then HostNetwork must also be set to true.
+ type: boolean
+ runAsUserName:
+ description: |-
+ The UserName in Windows to run the entrypoint of the container process.
+ Defaults to the user specified in image metadata if unspecified.
+ May also be set in PodSecurityContext. If set in both SecurityContext and
+ PodSecurityContext, the value specified in SecurityContext takes precedence.
+ type: string
+ type: object
+ type: object
+ startupProbe:
+ description: |-
+ StartupProbe indicates that the Pod has successfully initialized.
+ If specified, no other probes are executed until this completes successfully.
+ If this probe fails, the Pod will be restarted, just as if the livenessProbe failed.
+ This can be used to provide different probe parameters at the beginning of a Pod's lifecycle,
+ when it might take a long time to load data or warm a cache, than during steady-state operation.
+ This cannot be updated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ properties:
+ exec:
+ description: Exec specifies the action to take.
+ properties:
+ command:
+ description: |-
+ Command is the command line to execute inside the container, the working directory for the
+ command is root ('/') in the container's filesystem. The command is simply exec'd, it is
+ not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
+ a shell, you need to explicitly call out to that shell.
+ Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ description: |-
+ Minimum consecutive failures for the probe to be considered failed after having succeeded.
+ Defaults to 3. Minimum value is 1.
+ format: int32
+ type: integer
+ grpc:
+ description: GRPC specifies an action involving
+ a GRPC port.
+ properties:
+ port:
+ description: Port number of the gRPC service.
+ Number must be in the range 1 to 65535.
+ format: int32
+ type: integer
+ service:
+ description: |-
+ Service is the name of the service to place in the gRPC HealthCheckRequest
+ (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
+
+
+ If this is not specified, the default behavior is defined by gRPC.
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ description: HTTPGet specifies the http request
+ to perform.
+ properties:
+ host:
+ description: |-
+ Host name to connect to, defaults to the pod IP. You probably want to set
+ "Host" in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the
+ request. HTTP allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom
+ header to be used in HTTP probes
+ properties:
+ name:
+ description: |-
+ The header field name.
+ This will be canonicalized upon output, so case-variant names will be understood as the same header.
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP
+ server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Name or number of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: |-
+ Scheme to use for connecting to the host.
+ Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ description: |-
+ Number of seconds after the container has started before liveness probes are initiated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ format: int32
+ type: integer
+ periodSeconds:
+ description: |-
+ How often (in seconds) to perform the probe.
+ Default to 10 seconds. Minimum value is 1.
+ format: int32
+ type: integer
+ successThreshold:
+ description: |-
+ Minimum consecutive successes for the probe to be considered successful after having failed.
+ Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
+ format: int32
+ type: integer
+ tcpSocket:
+ description: TCPSocket specifies an action involving
+ a TCP port.
+ properties:
+ host:
+ description: 'Optional: Host name to connect
+ to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Number or name of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ description: |-
+ Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
+ The grace period is the duration in seconds after the processes running in the pod are sent
+ a termination signal and the time when the processes are forcibly halted with a kill signal.
+ Set this value longer than the expected cleanup time for your process.
+ If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
+ value overrides the value provided by the pod spec.
+ Value must be non-negative integer. The value zero indicates stop immediately via
+ the kill signal (no opportunity to shut down).
+ This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
+ Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
+ format: int64
+ type: integer
+ timeoutSeconds:
+ description: |-
+ Number of seconds after which the probe times out.
+ Defaults to 1 second. Minimum value is 1.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ format: int32
+ type: integer
+ type: object
+ stdin:
+ description: |-
+ Whether this container should allocate a buffer for stdin in the container runtime. If this
+ is not set, reads from stdin in the container will always result in EOF.
+ Default is false.
+ type: boolean
+ stdinOnce:
+ description: |-
+ Whether the container runtime should close the stdin channel after it has been opened by
+ a single attach. When stdin is true the stdin stream will remain open across multiple attach
+ sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the
+ first client attaches to stdin, and then remains open and accepts data until the client disconnects,
+ at which time stdin is closed and remains closed until the container is restarted. If this
+ flag is false, a container processes that reads from stdin will never receive an EOF.
+ Default is false
+ type: boolean
+ terminationMessagePath:
+ description: |-
+ Optional: Path at which the file to which the container's termination message
+ will be written is mounted into the container's filesystem.
+ Message written is intended to be brief final status, such as an assertion failure message.
+ Will be truncated by the node if greater than 4096 bytes. The total message length across
+ all containers will be limited to 12kb.
+ Defaults to /dev/termination-log.
+ Cannot be updated.
+ type: string
+ terminationMessagePolicy:
+ description: |-
+ Indicate how the termination message should be populated. File will use the contents of
+ terminationMessagePath to populate the container status message on both success and failure.
+ FallbackToLogsOnError will use the last chunk of container log output if the termination
+ message file is empty and the container exited with an error.
+ The log output is limited to 2048 bytes or 80 lines, whichever is smaller.
+ Defaults to File.
+ Cannot be updated.
+ type: string
+ tty:
+ description: |-
+ Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.
+ Default is false.
+ type: boolean
+ volumeDevices:
+ description: volumeDevices is the list of block
+ devices to be used by the container.
+ items:
+ description: volumeDevice describes a mapping
+ of a raw block device within a container.
+ properties:
+ devicePath:
+ description: devicePath is the path inside
+ of the container that the device will be
+ mapped to.
+ type: string
+ name:
+ description: name must match the name of a
+ persistentVolumeClaim in the pod
+ type: string
+ required:
+ - devicePath
+ - name
+ type: object
+ type: array
+ volumeMounts:
+ description: |-
+ Pod volumes to mount into the container's filesystem.
+ Cannot be updated.
+ items:
+ description: VolumeMount describes a mounting
+ of a Volume within a container.
+ properties:
+ mountPath:
+ description: |-
+ Path within the container at which the volume should be mounted. Must
+ not contain ':'.
+ type: string
+ mountPropagation:
+ description: |-
+ mountPropagation determines how mounts are propagated from the host
+ to container and the other way around.
+ When not set, MountPropagationNone is used.
+ This field is beta in 1.10.
+ type: string
+ name:
+ description: This must match the Name of a
+ Volume.
+ type: string
+ readOnly:
+ description: |-
+ Mounted read-only if true, read-write otherwise (false or unspecified).
+ Defaults to false.
+ type: boolean
+ subPath:
+ description: |-
+ Path within the volume from which the container's volume should be mounted.
+ Defaults to "" (volume's root).
+ type: string
+ subPathExpr:
+ description: |-
+ Expanded path within the volume from which the container's volume should be mounted.
+ Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.
+ Defaults to "" (volume's root).
+ SubPathExpr and SubPath are mutually exclusive.
+ type: string
+ required:
+ - mountPath
+ - name
+ type: object
+ type: array
+ workingDir:
+ description: |-
+ Container's working directory.
+ If not specified, the container runtime's default will be used, which
+ might be configured in the container image.
+ Cannot be updated.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ nodeSelector:
+ additionalProperties:
+ type: string
+ description: NodeSelector
+ type: object
+ restartPolicy:
+ description: RestartPolicy
+ type: string
+ securityContext:
+ description: PodSecurityContext
+ properties:
+ fsGroup:
+ description: |-
+ A special supplemental group that applies to all containers in a pod.
+ Some volume types allow the Kubelet to change the ownership of that volume
+ to be owned by the pod:
+
+
+ 1. The owning GID will be the FSGroup
+ 2. The setgid bit is set (new files created in the volume will be owned by FSGroup)
+ 3. The permission bits are OR'd with rw-rw----
+
+
+ If unset, the Kubelet will not modify the ownership and permissions of any volume.
+ Note that this field cannot be set when spec.os.name is windows.
+ format: int64
+ type: integer
+ fsGroupChangePolicy:
+ description: |-
+ fsGroupChangePolicy defines behavior of changing ownership and permission of the volume
+ before being exposed inside Pod. This field will only apply to
+ volume types which support fsGroup based ownership(and permissions).
+ It will have no effect on ephemeral volume types such as: secret, configmaps
+ and emptydir.
+ Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used.
+ Note that this field cannot be set when spec.os.name is windows.
+ type: string
+ runAsGroup:
+ description: |-
+ The GID to run the entrypoint of the container process.
+ Uses runtime default if unset.
+ May also be set in SecurityContext. If set in both SecurityContext and
+ PodSecurityContext, the value specified in SecurityContext takes precedence
+ for that container.
+ Note that this field cannot be set when spec.os.name is windows.
+ format: int64
+ type: integer
+ runAsNonRoot:
+ description: |-
+ Indicates that the container must run as a non-root user.
+ If true, the Kubelet will validate the image at runtime to ensure that it
+ does not run as UID 0 (root) and fail to start the container if it does.
+ If unset or false, no such validation will be performed.
+ May also be set in SecurityContext. If set in both SecurityContext and
+ PodSecurityContext, the value specified in SecurityContext takes precedence.
+ type: boolean
+ runAsUser:
+ description: |-
+ The UID to run the entrypoint of the container process.
+ Defaults to user specified in image metadata if unspecified.
+ May also be set in SecurityContext. If set in both SecurityContext and
+ PodSecurityContext, the value specified in SecurityContext takes precedence
+ for that container.
+ Note that this field cannot be set when spec.os.name is windows.
+ format: int64
+ type: integer
+ seLinuxOptions:
+ description: |-
+ The SELinux context to be applied to all containers.
+ If unspecified, the container runtime will allocate a random SELinux context for each
+ container. May also be set in SecurityContext. If set in
+ both SecurityContext and PodSecurityContext, the value specified in SecurityContext
+ takes precedence for that container.
+ Note that this field cannot be set when spec.os.name is windows.
+ properties:
+ level:
+ description: Level is SELinux level label that
+ applies to the container.
+ type: string
+ role:
+ description: Role is a SELinux role label that
+ applies to the container.
+ type: string
+ type:
+ description: Type is a SELinux type label that
+ applies to the container.
+ type: string
+ user:
+ description: User is a SELinux user label that
+ applies to the container.
+ type: string
+ type: object
+ seccompProfile:
+ description: |-
+ The seccomp options to use by the containers in this pod.
+ Note that this field cannot be set when spec.os.name is windows.
+ properties:
+ localhostProfile:
+ description: |-
+ localhostProfile indicates a profile defined in a file on the node should be used.
+ The profile must be preconfigured on the node to work.
+ Must be a descending path, relative to the kubelet's configured seccomp profile location.
+ Must be set if type is "Localhost". Must NOT be set for any other type.
+ type: string
+ type:
+ description: |-
+ type indicates which kind of seccomp profile will be applied.
+ Valid options are:
+
+
+ Localhost - a profile defined in a file on the node should be used.
+ RuntimeDefault - the container runtime default profile should be used.
+ Unconfined - no profile should be applied.
+ type: string
+ required:
+ - type
+ type: object
+ supplementalGroups:
+ description: |-
+ A list of groups applied to the first process run in each container, in addition
+ to the container's primary GID, the fsGroup (if specified), and group memberships
+ defined in the container image for the uid of the container process. If unspecified,
+ no additional groups are added to any container. Note that group memberships
+ defined in the container image for the uid of the container process are still effective,
+ even if they are not included in this list.
+ Note that this field cannot be set when spec.os.name is windows.
+ items:
+ format: int64
+ type: integer
+ type: array
+ sysctls:
+ description: |-
+ Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported
+ sysctls (by the container runtime) might fail to launch.
+ Note that this field cannot be set when spec.os.name is windows.
+ items:
+ description: Sysctl defines a kernel parameter to
+ be set
+ properties:
+ name:
+ description: Name of a property to set
+ type: string
+ value:
+ description: Value of a property to set
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ windowsOptions:
+ description: |-
+ The Windows specific settings applied to all containers.
+ If unspecified, the options within a container's SecurityContext will be used.
+ If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+ Note that this field cannot be set when spec.os.name is linux.
+ properties:
+ gmsaCredentialSpec:
+ description: |-
+ GMSACredentialSpec is where the GMSA admission webhook
+ (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the
+ GMSA credential spec named by the GMSACredentialSpecName field.
+ type: string
+ gmsaCredentialSpecName:
+ description: GMSACredentialSpecName is the name
+ of the GMSA credential spec to use.
+ type: string
+ hostProcess:
+ description: |-
+ HostProcess determines if a container should be run as a 'Host Process' container.
+ All of a Pod's containers must have the same effective HostProcess value
+ (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).
+ In addition, if HostProcess is true then HostNetwork must also be set to true.
+ type: boolean
+ runAsUserName:
+ description: |-
+ The UserName in Windows to run the entrypoint of the container process.
+ Defaults to the user specified in image metadata if unspecified.
+ May also be set in PodSecurityContext. If set in both SecurityContext and
+ PodSecurityContext, the value specified in SecurityContext takes precedence.
+ type: string
+ type: object
+ type: object
+ terminationGracePeriodSeconds:
+ description: TerminationGracePeriodSeconds
+ format: int64
+ type: integer
+ topologySpreadConstraints:
+ description: TopologySpreadConstraints
+ items:
+ description: TopologySpreadConstraint specifies how
+ to spread matching pods among the given topology.
+ properties:
+ labelSelector:
+ description: |-
+ LabelSelector is used to find matching pods.
+ Pods that match this label selector are counted to determine the number of pods
+ in their corresponding topology domain.
+ properties:
+ matchExpressions:
+ description: matchExpressions is a list of label
+ selector requirements. The requirements are
+ ANDed.
+ items:
+ description: |-
+ A label selector requirement is a selector that contains values, a key, and an operator that
+ relates the key and values.
+ properties:
+ key:
+ description: key is the label key that
+ the selector applies to.
+ type: string
+ operator:
+ description: |-
+ operator represents a key's relationship to a set of values.
+ Valid operators are In, NotIn, Exists and DoesNotExist.
+ type: string
+ values:
+ description: |-
+ values is an array of string values. If the operator is In or NotIn,
+ the values array must be non-empty. If the operator is Exists or DoesNotExist,
+ the values array must be empty. This array is replaced during a strategic
+ merge patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: |-
+ matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
+ map is equivalent to an element of matchExpressions, whose key field is "key", the
+ operator is "In", and the values array contains only "value". The requirements are ANDed.
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ matchLabelKeys:
+ description: |-
+ MatchLabelKeys is a set of pod label keys to select the pods over which
+ spreading will be calculated. The keys are used to lookup values from the
+ incoming pod labels, those key-value labels are ANDed with labelSelector
+ to select the group of existing pods over which spreading will be calculated
+ for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.
+ MatchLabelKeys cannot be set when LabelSelector isn't set.
+ Keys that don't exist in the incoming pod labels will
+ be ignored. A null or empty list means only match against labelSelector.
+
+
+ This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default).
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ maxSkew:
+ description: |-
+ MaxSkew describes the degree to which pods may be unevenly distributed.
+ When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference
+ between the number of matching pods in the target topology and the global minimum.
+ The global minimum is the minimum number of matching pods in an eligible domain
+ or zero if the number of eligible domains is less than MinDomains.
+ For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same
+ labelSelector spread as 2/2/1:
+ In this case, the global minimum is 1.
+ | zone1 | zone2 | zone3 |
+ | P P | P P | P |
+ - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2;
+ scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2)
+ violate MaxSkew(1).
+ - if MaxSkew is 2, incoming pod can be scheduled onto any zone.
+ When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence
+ to topologies that satisfy it.
+ It's a required field. Default value is 1 and 0 is not allowed.
+ format: int32
+ type: integer
+ minDomains:
+ description: |-
+ MinDomains indicates a minimum number of eligible domains.
+ When the number of eligible domains with matching topology keys is less than minDomains,
+ Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed.
+ And when the number of eligible domains with matching topology keys equals or greater than minDomains,
+ this value has no effect on scheduling.
+ As a result, when the number of eligible domains is less than minDomains,
+ scheduler won't schedule more than maxSkew Pods to those domains.
+ If value is nil, the constraint behaves as if MinDomains is equal to 1.
+ Valid values are integers greater than 0.
+ When value is not nil, WhenUnsatisfiable must be DoNotSchedule.
+
+
+ For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same
+ labelSelector spread as 2/2/2:
+ | zone1 | zone2 | zone3 |
+ | P P | P P | P P |
+ The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0.
+ In this situation, new pod with the same labelSelector cannot be scheduled,
+ because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,
+ it will violate MaxSkew.
+
+
+ This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default).
+ format: int32
+ type: integer
+ nodeAffinityPolicy:
+ description: |-
+ NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector
+ when calculating pod topology spread skew. Options are:
+ - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.
+ - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.
+
+
+ If this value is nil, the behavior is equivalent to the Honor policy.
+ This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.
+ type: string
+ nodeTaintsPolicy:
+ description: |-
+ NodeTaintsPolicy indicates how we will treat node taints when calculating
+ pod topology spread skew. Options are:
+ - Honor: nodes without taints, along with tainted nodes for which the incoming pod
+ has a toleration, are included.
+ - Ignore: node taints are ignored. All nodes are included.
+
+
+ If this value is nil, the behavior is equivalent to the Ignore policy.
+ This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.
+ type: string
+ topologyKey:
+ description: |-
+ TopologyKey is the key of node labels. Nodes that have a label with this key
+ and identical values are considered to be in the same topology.
+ We consider each as a "bucket", and try to put balanced number
+ of pods into each bucket.
+ We define a domain as a particular instance of a topology.
+ Also, we define an eligible domain as a domain whose nodes meet the requirements of
+ nodeAffinityPolicy and nodeTaintsPolicy.
+ e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology.
+ And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology.
+ It's a required field.
+ type: string
+ whenUnsatisfiable:
+ description: |-
+ WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy
+ the spread constraint.
+ - DoNotSchedule (default) tells the scheduler not to schedule it.
+ - ScheduleAnyway tells the scheduler to schedule the pod in any location,
+ but giving higher precedence to topologies that would help reduce the
+ skew.
+ A constraint is considered "Unsatisfiable" for an incoming pod
+ if and only if every possible node assignment for that pod would violate
+ "MaxSkew" on some topology.
+ For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same
+ labelSelector spread as 3/1/1:
+ | zone1 | zone2 | zone3 |
+ | P P P | P | P |
+ If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled
+ to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies
+ MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler
+ won't make it *more* imbalanced.
+ It's a required field.
+ type: string
+ required:
+ - maxSkew
+ - topologyKey
+ - whenUnsatisfiable
+ type: object
+ type: array
+ volumes:
+ description: Volumes
+ items:
+ description: Volume represents a named volume in a pod
+ that may be accessed by any container in the pod.
+ properties:
+ awsElasticBlockStore:
+ description: |-
+ awsElasticBlockStore represents an AWS Disk resource that is attached to a
+ kubelet's host machine and then exposed to the pod.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
+ properties:
+ fsType:
+ description: |-
+ fsType is the filesystem type of the volume that you want to mount.
+ Tip: Ensure that the filesystem type is supported by the host operating system.
+ Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
+ TODO: how do we prevent errors in the filesystem from compromising the machine
+ type: string
+ partition:
+ description: |-
+ partition is the partition in the volume that you want to mount.
+ If omitted, the default is to mount by volume name.
+ Examples: For volume /dev/sda1, you specify the partition as "1".
+ Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty).
+ format: int32
+ type: integer
+ readOnly:
+ description: |-
+ readOnly value true will force the readOnly setting in VolumeMounts.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
+ type: boolean
+ volumeID:
+ description: |-
+ volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume).
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
+ type: string
+ required:
+ - volumeID
+ type: object
+ azureDisk:
+ description: azureDisk represents an Azure Data
+ Disk mount on the host and bind mount to the pod.
+ properties:
+ cachingMode:
+ description: 'cachingMode is the Host Caching
+ mode: None, Read Only, Read Write.'
+ type: string
+ diskName:
+ description: diskName is the Name of the data
+ disk in the blob storage
+ type: string
+ diskURI:
+ description: diskURI is the URI of data disk
+ in the blob storage
+ type: string
+ fsType:
+ description: |-
+ fsType is Filesystem type to mount.
+ Must be a filesystem type supported by the host operating system.
+ Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+ type: string
+ kind:
+ description: 'kind expected values are Shared:
+ multiple blob disks per storage account Dedicated:
+ single blob disk per storage account Managed:
+ azure managed data disk (only in managed availability
+ set). defaults to shared'
+ type: string
+ readOnly:
+ description: |-
+ readOnly Defaults to false (read/write). ReadOnly here will force
+ the ReadOnly setting in VolumeMounts.
+ type: boolean
+ required:
+ - diskName
+ - diskURI
+ type: object
+ azureFile:
+ description: azureFile represents an Azure File
+ Service mount on the host and bind mount to the
+ pod.
+ properties:
+ readOnly:
+ description: |-
+ readOnly defaults to false (read/write). ReadOnly here will force
+ the ReadOnly setting in VolumeMounts.
+ type: boolean
+ secretName:
+ description: secretName is the name of secret
+ that contains Azure Storage Account Name and
+ Key
+ type: string
+ shareName:
+ description: shareName is the azure share Name
+ type: string
+ required:
+ - secretName
+ - shareName
+ type: object
+ cephfs:
+ description: cephFS represents a Ceph FS mount on
+ the host that shares a pod's lifetime
+ properties:
+ monitors:
+ description: |-
+ monitors is Required: Monitors is a collection of Ceph monitors
+ More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
+ items:
+ type: string
+ type: array
+ path:
+ description: 'path is Optional: Used as the
+ mounted root, rather than the full Ceph tree,
+ default is /'
+ type: string
+ readOnly:
+ description: |-
+ readOnly is Optional: Defaults to false (read/write). ReadOnly here will force
+ the ReadOnly setting in VolumeMounts.
+ More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
+ type: boolean
+ secretFile:
+ description: |-
+ secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret
+ More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
+ type: string
+ secretRef:
+ description: |-
+ secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.
+ More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
+ properties:
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ user:
+ description: |-
+ user is optional: User is the rados user name, default is admin
+ More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
+ type: string
+ required:
+ - monitors
+ type: object
+ cinder:
+ description: |-
+ cinder represents a cinder volume attached and mounted on kubelets host machine.
+ More info: https://examples.k8s.io/mysql-cinder-pd/README.md
+ properties:
+ fsType:
+ description: |-
+ fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host operating system.
+ Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+ More info: https://examples.k8s.io/mysql-cinder-pd/README.md
+ type: string
+ readOnly:
+ description: |-
+ readOnly defaults to false (read/write). ReadOnly here will force
+ the ReadOnly setting in VolumeMounts.
+ More info: https://examples.k8s.io/mysql-cinder-pd/README.md
+ type: boolean
+ secretRef:
+ description: |-
+ secretRef is optional: points to a secret object containing parameters used to connect
+ to OpenStack.
+ properties:
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ volumeID:
+ description: |-
+ volumeID used to identify the volume in cinder.
+ More info: https://examples.k8s.io/mysql-cinder-pd/README.md
+ type: string
+ required:
+ - volumeID
+ type: object
+ configMap:
+ description: configMap represents a configMap that
+ should populate this volume
+ properties:
+ defaultMode:
+ description: |-
+ defaultMode is optional: mode bits used to set permissions on created files by default.
+ Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
+ YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
+ Defaults to 0644.
+ Directories within the path are not affected by this setting.
+ This might be in conflict with other options that affect the file
+ mode, like fsGroup, and the result can be other mode bits set.
+ format: int32
+ type: integer
+ items:
+ description: |-
+ items if unspecified, each key-value pair in the Data field of the referenced
+ ConfigMap will be projected into the volume as a file whose name is the
+ key and content is the value. If specified, the listed keys will be
+ projected into the specified paths, and unlisted keys will not be
+ present. If a key is specified which is not present in the ConfigMap,
+ the volume setup will error unless it is marked optional. Paths must be
+ relative and may not contain the '..' path or start with '..'.
+ items:
+ description: Maps a string key to a path within
+ a volume.
+ properties:
+ key:
+ description: key is the key to project.
+ type: string
+ mode:
+ description: |-
+ mode is Optional: mode bits used to set permissions on this file.
+ Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
+ YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
+ If not specified, the volume defaultMode will be used.
+ This might be in conflict with other options that affect the file
+ mode, like fsGroup, and the result can be other mode bits set.
+ format: int32
+ type: integer
+ path:
+ description: |-
+ path is the relative path of the file to map the key to.
+ May not be an absolute path.
+ May not contain the path element '..'.
+ May not start with the string '..'.
+ type: string
+ required:
+ - key
+ - path
+ type: object
+ type: array
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: optional specify whether the ConfigMap
+ or its keys must be defined
+ type: boolean
+ type: object
+ x-kubernetes-map-type: atomic
+ csi:
+ description: csi (Container Storage Interface) represents
+ ephemeral storage that is handled by certain external
+ CSI drivers (Beta feature).
+ properties:
+ driver:
+ description: |-
+ driver is the name of the CSI driver that handles this volume.
+ Consult with your admin for the correct name as registered in the cluster.
+ type: string
+ fsType:
+ description: |-
+ fsType to mount. Ex. "ext4", "xfs", "ntfs".
+ If not provided, the empty value is passed to the associated CSI driver
+ which will determine the default filesystem to apply.
+ type: string
+ nodePublishSecretRef:
+ description: |-
+ nodePublishSecretRef is a reference to the secret object containing
+ sensitive information to pass to the CSI driver to complete the CSI
+ NodePublishVolume and NodeUnpublishVolume calls.
+ This field is optional, and may be empty if no secret is required. If the
+ secret object contains more than one secret, all secret references are passed.
+ properties:
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ readOnly:
+ description: |-
+ readOnly specifies a read-only configuration for the volume.
+ Defaults to false (read/write).
+ type: boolean
+ volumeAttributes:
+ additionalProperties:
+ type: string
+ description: |-
+ volumeAttributes stores driver-specific properties that are passed to the CSI
+ driver. Consult your driver's documentation for supported values.
+ type: object
+ required:
+ - driver
+ type: object
+ downwardAPI:
+ description: downwardAPI represents downward API
+ about the pod that should populate this volume
+ properties:
+ defaultMode:
+ description: |-
+ Optional: mode bits to use on created files by default. Must be a
+ Optional: mode bits used to set permissions on created files by default.
+ Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
+ YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
+ Defaults to 0644.
+ Directories within the path are not affected by this setting.
+ This might be in conflict with other options that affect the file
+ mode, like fsGroup, and the result can be other mode bits set.
+ format: int32
+ type: integer
+ items:
+ description: Items is a list of downward API
+ volume file
+ items:
+ description: DownwardAPIVolumeFile represents
+ information to create the file containing
+ the pod field
+ properties:
+ fieldRef:
+ description: 'Required: Selects a field
+ of the pod: only annotations, labels,
+ name and namespace are supported.'
+ properties:
+ apiVersion:
+ description: Version of the schema
+ the FieldPath is written in terms
+ of, defaults to "v1".
+ type: string
+ fieldPath:
+ description: Path of the field to
+ select in the specified API version.
+ type: string
+ required:
+ - fieldPath
+ type: object
+ x-kubernetes-map-type: atomic
+ mode:
+ description: |-
+ Optional: mode bits used to set permissions on this file, must be an octal value
+ between 0000 and 0777 or a decimal value between 0 and 511.
+ YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
+ If not specified, the volume defaultMode will be used.
+ This might be in conflict with other options that affect the file
+ mode, like fsGroup, and the result can be other mode bits set.
+ format: int32
+ type: integer
+ path:
+ description: 'Required: Path is the relative
+ path name of the file to be created.
+ Must not be absolute or contain the
+ ''..'' path. Must be utf-8 encoded.
+ The first item of the relative path
+ must not start with ''..'''
+ type: string
+ resourceFieldRef:
+ description: |-
+ Selects a resource of the container: only resources limits and requests
+ (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.
+ properties:
+ containerName:
+ description: 'Container name: required
+ for volumes, optional for env vars'
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Specifies the output
+ format of the exposed resources,
+ defaults to "1"
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ description: 'Required: resource to
+ select'
+ type: string
+ required:
+ - resource
+ type: object
+ x-kubernetes-map-type: atomic
+ required:
+ - path
+ type: object
+ type: array
+ type: object
+ emptyDir:
+ description: |-
+ emptyDir represents a temporary directory that shares a pod's lifetime.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir
+ properties:
+ medium:
+ description: |-
+ medium represents what type of storage medium should back this directory.
+ The default is "" which means to use the node's default medium.
+ Must be an empty string (default) or Memory.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir
+ type: string
+ sizeLimit:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ sizeLimit is the total amount of local storage required for this EmptyDir volume.
+ The size limit is also applicable for memory medium.
+ The maximum usage on memory medium EmptyDir would be the minimum value between
+ the SizeLimit specified here and the sum of memory limits of all containers in a pod.
+ The default is nil which means that the limit is undefined.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ ephemeral:
+ description: |-
+ ephemeral represents a volume that is handled by a cluster storage driver.
+ The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts,
+ and deleted when the pod is removed.
+
+
+ Use this if:
+ a) the volume is only needed while the pod runs,
+ b) features of normal volumes like restoring from snapshot or capacity
+ tracking are needed,
+ c) the storage driver is specified through a storage class, and
+ d) the storage driver supports dynamic volume provisioning through
+ a PersistentVolumeClaim (see EphemeralVolumeSource for more
+ information on the connection between this volume type
+ and PersistentVolumeClaim).
+
+
+ Use PersistentVolumeClaim or one of the vendor-specific
+ APIs for volumes that persist for longer than the lifecycle
+ of an individual pod.
+
+
+ Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to
+ be used that way - see the documentation of the driver for
+ more information.
+
+
+ A pod can use both types of ephemeral volumes and
+ persistent volumes at the same time.
+ properties:
+ volumeClaimTemplate:
+ description: |-
+ Will be used to create a stand-alone PVC to provision the volume.
+ The pod in which this EphemeralVolumeSource is embedded will be the
+ owner of the PVC, i.e. the PVC will be deleted together with the
+ pod. The name of the PVC will be `-` where
+ `` is the name from the `PodSpec.Volumes` array
+ entry. Pod validation will reject the pod if the concatenated name
+ is not valid for a PVC (for example, too long).
+
+
+ An existing PVC with that name that is not owned by the pod
+ will *not* be used for the pod to avoid using an unrelated
+ volume by mistake. Starting the pod is then blocked until
+ the unrelated PVC is removed. If such a pre-created PVC is
+ meant to be used by the pod, the PVC has to updated with an
+ owner reference to the pod once the pod exists. Normally
+ this should not be necessary, but it may be useful when
+ manually reconstructing a broken cluster.
+
+
+ This field is read-only and no changes will be made by Kubernetes
+ to the PVC after it has been created.
+
+
+ Required, must not be nil.
+ properties:
+ metadata:
+ description: |-
+ May contain labels and annotations that will be copied into the PVC
+ when creating it. No other fields are allowed and will be rejected during
+ validation.
+ type: object
+ spec:
+ description: |-
+ The specification for the PersistentVolumeClaim. The entire content is
+ copied unchanged into the PVC that gets created from this
+ template. The same fields as in a PersistentVolumeClaim
+ are also valid here.
+ properties:
+ accessModes:
+ description: |-
+ accessModes contains the desired access modes the volume should have.
+ More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1
+ items:
+ type: string
+ type: array
+ dataSource:
+ description: |-
+ dataSource field can be used to specify either:
+ * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)
+ * An existing PVC (PersistentVolumeClaim)
+ If the provisioner or an external controller can support the specified data source,
+ it will create a new volume based on the contents of the specified data source.
+ When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,
+ and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.
+ If the namespace is specified, then dataSourceRef will not be copied to dataSource.
+ properties:
+ apiGroup:
+ description: |-
+ APIGroup is the group for the resource being referenced.
+ If APIGroup is not specified, the specified Kind must be in the core API group.
+ For any other third-party types, APIGroup is required.
+ type: string
+ kind:
+ description: Kind is the type of
+ resource being referenced
+ type: string
+ name:
+ description: Name is the name of
+ resource being referenced
+ type: string
+ required:
+ - kind
+ - name
+ type: object
+ x-kubernetes-map-type: atomic
+ dataSourceRef:
+ description: |-
+ dataSourceRef specifies the object from which to populate the volume with data, if a non-empty
+ volume is desired. This may be any object from a non-empty API group (non
+ core object) or a PersistentVolumeClaim object.
+ When this field is specified, volume binding will only succeed if the type of
+ the specified object matches some installed volume populator or dynamic
+ provisioner.
+ This field will replace the functionality of the dataSource field and as such
+ if both fields are non-empty, they must have the same value. For backwards
+ compatibility, when namespace isn't specified in dataSourceRef,
+ both fields (dataSource and dataSourceRef) will be set to the same
+ value automatically if one of them is empty and the other is non-empty.
+ When namespace is specified in dataSourceRef,
+ dataSource isn't set to the same value and must be empty.
+ There are three important differences between dataSource and dataSourceRef:
+ * While dataSource only allows two specific types of objects, dataSourceRef
+ allows any non-core object, as well as PersistentVolumeClaim objects.
+ * While dataSource ignores disallowed values (dropping them), dataSourceRef
+ preserves all values, and generates an error if a disallowed value is
+ specified.
+ * While dataSource only allows local objects, dataSourceRef allows objects
+ in any namespaces.
+ (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.
+ (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.
+ properties:
+ apiGroup:
+ description: |-
+ APIGroup is the group for the resource being referenced.
+ If APIGroup is not specified, the specified Kind must be in the core API group.
+ For any other third-party types, APIGroup is required.
+ type: string
+ kind:
+ description: Kind is the type of
+ resource being referenced
+ type: string
+ name:
+ description: Name is the name of
+ resource being referenced
+ type: string
+ namespace:
+ description: |-
+ Namespace is the namespace of resource being referenced
+ Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.
+ (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.
+ type: string
+ required:
+ - kind
+ - name
+ type: object
+ resources:
+ description: |-
+ resources represents the minimum resources the volume should have.
+ If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements
+ that are lower than previous value but must still be higher than capacity recorded in the
+ status field of the claim.
+ More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
+ properties:
+ limits:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ description: |-
+ Limits describes the maximum amount of compute resources allowed.
+ More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
+ type: object
+ requests:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ description: |-
+ Requests describes the minimum amount of compute resources required.
+ If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
+ otherwise to an implementation-defined value. Requests cannot exceed Limits.
+ More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
+ type: object
+ type: object
+ selector:
+ description: selector is a label query
+ over volumes to consider for binding.
+ properties:
+ matchExpressions:
+ description: matchExpressions is
+ a list of label selector requirements.
+ The requirements are ANDed.
+ items:
+ description: |-
+ A label selector requirement is a selector that contains values, a key, and an operator that
+ relates the key and values.
+ properties:
+ key:
+ description: key is the label
+ key that the selector applies
+ to.
+ type: string
+ operator:
+ description: |-
+ operator represents a key's relationship to a set of values.
+ Valid operators are In, NotIn, Exists and DoesNotExist.
+ type: string
+ values:
+ description: |-
+ values is an array of string values. If the operator is In or NotIn,
+ the values array must be non-empty. If the operator is Exists or DoesNotExist,
+ the values array must be empty. This array is replaced during a strategic
+ merge patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: |-
+ matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
+ map is equivalent to an element of matchExpressions, whose key field is "key", the
+ operator is "In", and the values array contains only "value". The requirements are ANDed.
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ storageClassName:
+ description: |-
+ storageClassName is the name of the StorageClass required by the claim.
+ More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1
+ type: string
+ volumeAttributesClassName:
+ description: |-
+ volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.
+ If specified, the CSI driver will create or update the volume with the attributes defined
+ in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,
+ it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass
+ will be applied to the claim but it's not allowed to reset this field to empty string once it is set.
+ If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass
+ will be set by the persistentvolume controller if it exists.
+ If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be
+ set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource
+ exists.
+ More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass
+ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.
+ type: string
+ volumeMode:
+ description: |-
+ volumeMode defines what type of volume is required by the claim.
+ Value of Filesystem is implied when not included in claim spec.
+ type: string
+ volumeName:
+ description: volumeName is the binding
+ reference to the PersistentVolume
+ backing this claim.
+ type: string
+ type: object
+ required:
+ - spec
+ type: object
+ type: object
+ fc:
+ description: fc represents a Fibre Channel resource
+ that is attached to a kubelet's host machine and
+ then exposed to the pod.
+ properties:
+ fsType:
+ description: |-
+ fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host operating system.
+ Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+ TODO: how do we prevent errors in the filesystem from compromising the machine
+ type: string
+ lun:
+ description: 'lun is Optional: FC target lun
+ number'
+ format: int32
+ type: integer
+ readOnly:
+ description: |-
+ readOnly is Optional: Defaults to false (read/write). ReadOnly here will force
+ the ReadOnly setting in VolumeMounts.
+ type: boolean
+ targetWWNs:
+ description: 'targetWWNs is Optional: FC target
+ worldwide names (WWNs)'
+ items:
+ type: string
+ type: array
+ wwids:
+ description: |-
+ wwids Optional: FC volume world wide identifiers (wwids)
+ Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously.
+ items:
+ type: string
+ type: array
+ type: object
+ flexVolume:
+ description: |-
+ flexVolume represents a generic volume resource that is
+ provisioned/attached using an exec based plugin.
+ properties:
+ driver:
+ description: driver is the name of the driver
+ to use for this volume.
+ type: string
+ fsType:
+ description: |-
+ fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host operating system.
+ Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script.
+ type: string
+ options:
+ additionalProperties:
+ type: string
+ description: 'options is Optional: this field
+ holds extra command options if any.'
+ type: object
+ readOnly:
+ description: |-
+ readOnly is Optional: defaults to false (read/write). ReadOnly here will force
+ the ReadOnly setting in VolumeMounts.
+ type: boolean
+ secretRef:
+ description: |-
+ secretRef is Optional: secretRef is reference to the secret object containing
+ sensitive information to pass to the plugin scripts. This may be
+ empty if no secret object is specified. If the secret object
+ contains more than one secret, all secrets are passed to the plugin
+ scripts.
+ properties:
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ required:
+ - driver
+ type: object
+ flocker:
+ description: flocker represents a Flocker volume
+ attached to a kubelet's host machine. This depends
+ on the Flocker control service being running
+ properties:
+ datasetName:
+ description: |-
+ datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker
+ should be considered as deprecated
+ type: string
+ datasetUUID:
+ description: datasetUUID is the UUID of the
+ dataset. This is unique identifier of a Flocker
+ dataset
+ type: string
+ type: object
+ gcePersistentDisk:
+ description: |-
+ gcePersistentDisk represents a GCE Disk resource that is attached to a
+ kubelet's host machine and then exposed to the pod.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
+ properties:
+ fsType:
+ description: |-
+ fsType is filesystem type of the volume that you want to mount.
+ Tip: Ensure that the filesystem type is supported by the host operating system.
+ Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
+ TODO: how do we prevent errors in the filesystem from compromising the machine
+ type: string
+ partition:
+ description: |-
+ partition is the partition in the volume that you want to mount.
+ If omitted, the default is to mount by volume name.
+ Examples: For volume /dev/sda1, you specify the partition as "1".
+ Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty).
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
+ format: int32
+ type: integer
+ pdName:
+ description: |-
+ pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
+ type: string
+ readOnly:
+ description: |-
+ readOnly here will force the ReadOnly setting in VolumeMounts.
+ Defaults to false.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
+ type: boolean
+ required:
+ - pdName
+ type: object
+ gitRepo:
+ description: |-
+ gitRepo represents a git repository at a particular revision.
+ DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an
+ EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir
+ into the Pod's container.
+ properties:
+ directory:
+ description: |-
+ directory is the target directory name.
+ Must not contain or start with '..'. If '.' is supplied, the volume directory will be the
+ git repository. Otherwise, if specified, the volume will contain the git repository in
+ the subdirectory with the given name.
+ type: string
+ repository:
+ description: repository is the URL
+ type: string
+ revision:
+ description: revision is the commit hash for
+ the specified revision.
+ type: string
+ required:
+ - repository
+ type: object
+ glusterfs:
+ description: |-
+ glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.
+ More info: https://examples.k8s.io/volumes/glusterfs/README.md
+ properties:
+ endpoints:
+ description: |-
+ endpoints is the endpoint name that details Glusterfs topology.
+ More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod
+ type: string
+ path:
+ description: |-
+ path is the Glusterfs volume path.
+ More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod
+ type: string
+ readOnly:
+ description: |-
+ readOnly here will force the Glusterfs volume to be mounted with read-only permissions.
+ Defaults to false.
+ More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod
+ type: boolean
+ required:
+ - endpoints
+ - path
+ type: object
+ hostPath:
+ description: |-
+ hostPath represents a pre-existing file or directory on the host
+ machine that is directly exposed to the container. This is generally
+ used for system agents or other privileged things that are allowed
+ to see the host machine. Most containers will NOT need this.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
+ ---
+ TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not
+ mount host directories as read/write.
+ properties:
+ path:
+ description: |-
+ path of the directory on the host.
+ If the path is a symlink, it will follow the link to the real path.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
+ type: string
+ type:
+ description: |-
+ type for HostPath Volume
+ Defaults to ""
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
+ type: string
+ required:
+ - path
+ type: object
+ iscsi:
+ description: |-
+ iscsi represents an ISCSI Disk resource that is attached to a
+ kubelet's host machine and then exposed to the pod.
+ More info: https://examples.k8s.io/volumes/iscsi/README.md
+ properties:
+ chapAuthDiscovery:
+ description: chapAuthDiscovery defines whether
+ support iSCSI Discovery CHAP authentication
+ type: boolean
+ chapAuthSession:
+ description: chapAuthSession defines whether
+ support iSCSI Session CHAP authentication
+ type: boolean
+ fsType:
+ description: |-
+ fsType is the filesystem type of the volume that you want to mount.
+ Tip: Ensure that the filesystem type is supported by the host operating system.
+ Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi
+ TODO: how do we prevent errors in the filesystem from compromising the machine
+ type: string
+ initiatorName:
+ description: |-
+ initiatorName is the custom iSCSI Initiator Name.
+ If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface
+ : will be created for the connection.
+ type: string
+ iqn:
+ description: iqn is the target iSCSI Qualified
+ Name.
+ type: string
+ iscsiInterface:
+ description: |-
+ iscsiInterface is the interface Name that uses an iSCSI transport.
+ Defaults to 'default' (tcp).
+ type: string
+ lun:
+ description: lun represents iSCSI Target Lun
+ number.
+ format: int32
+ type: integer
+ portals:
+ description: |-
+ portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port
+ is other than default (typically TCP ports 860 and 3260).
+ items:
+ type: string
+ type: array
+ readOnly:
+ description: |-
+ readOnly here will force the ReadOnly setting in VolumeMounts.
+ Defaults to false.
+ type: boolean
+ secretRef:
+ description: secretRef is the CHAP Secret for
+ iSCSI target and initiator authentication
+ properties:
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ targetPortal:
+ description: |-
+ targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port
+ is other than default (typically TCP ports 860 and 3260).
+ type: string
+ required:
+ - iqn
+ - lun
+ - targetPortal
+ type: object
+ name:
+ description: |-
+ name of the volume.
+ Must be a DNS_LABEL and unique within the pod.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ type: string
+ nfs:
+ description: |-
+ nfs represents an NFS mount on the host that shares a pod's lifetime
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs
+ properties:
+ path:
+ description: |-
+ path that is exported by the NFS server.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs
+ type: string
+ readOnly:
+ description: |-
+ readOnly here will force the NFS export to be mounted with read-only permissions.
+ Defaults to false.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs
+ type: boolean
+ server:
+ description: |-
+ server is the hostname or IP address of the NFS server.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs
+ type: string
+ required:
+ - path
+ - server
+ type: object
+ persistentVolumeClaim:
+ description: |-
+ persistentVolumeClaimVolumeSource represents a reference to a
+ PersistentVolumeClaim in the same namespace.
+ More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims
+ properties:
+ claimName:
+ description: |-
+ claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume.
+ More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims
+ type: string
+ readOnly:
+ description: |-
+ readOnly Will force the ReadOnly setting in VolumeMounts.
+ Default false.
+ type: boolean
+ required:
+ - claimName
+ type: object
+ photonPersistentDisk:
+ description: photonPersistentDisk represents a PhotonController
+ persistent disk attached and mounted on kubelets
+ host machine
+ properties:
+ fsType:
+ description: |-
+ fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host operating system.
+ Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+ type: string
+ pdID:
+ description: pdID is the ID that identifies
+ Photon Controller persistent disk
+ type: string
+ required:
+ - pdID
+ type: object
+ portworxVolume:
+ description: portworxVolume represents a portworx
+ volume attached and mounted on kubelets host machine
+ properties:
+ fsType:
+ description: |-
+ fSType represents the filesystem type to mount
+ Must be a filesystem type supported by the host operating system.
+ Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified.
+ type: string
+ readOnly:
+ description: |-
+ readOnly defaults to false (read/write). ReadOnly here will force
+ the ReadOnly setting in VolumeMounts.
+ type: boolean
+ volumeID:
+ description: volumeID uniquely identifies a
+ Portworx volume
+ type: string
+ required:
+ - volumeID
+ type: object
+ projected:
+ description: projected items for all in one resources
+ secrets, configmaps, and downward API
+ properties:
+ defaultMode:
+ description: |-
+ defaultMode are the mode bits used to set permissions on created files by default.
+ Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
+ YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
+ Directories within the path are not affected by this setting.
+ This might be in conflict with other options that affect the file
+ mode, like fsGroup, and the result can be other mode bits set.
+ format: int32
+ type: integer
+ sources:
+ description: sources is the list of volume projections
+ items:
+ description: Projection that may be projected
+ along with other supported volume types
+ properties:
+ clusterTrustBundle:
+ description: |-
+ ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field
+ of ClusterTrustBundle objects in an auto-updating file.
+
+
+ Alpha, gated by the ClusterTrustBundleProjection feature gate.
+
+
+ ClusterTrustBundle objects can either be selected by name, or by the
+ combination of signer name and a label selector.
+
+
+ Kubelet performs aggressive normalization of the PEM contents written
+ into the pod filesystem. Esoteric PEM features such as inter-block
+ comments and block headers are stripped. Certificates are deduplicated.
+ The ordering of certificates within the file is arbitrary, and Kubelet
+ may change the order over time.
+ properties:
+ labelSelector:
+ description: |-
+ Select all ClusterTrustBundles that match this label selector. Only has
+ effect if signerName is set. Mutually-exclusive with name. If unset,
+ interpreted as "match nothing". If set but empty, interpreted as "match
+ everything".
+ properties:
+ matchExpressions:
+ description: matchExpressions
+ is a list of label selector
+ requirements. The requirements
+ are ANDed.
+ items:
+ description: |-
+ A label selector requirement is a selector that contains values, a key, and an operator that
+ relates the key and values.
+ properties:
+ key:
+ description: key is the
+ label key that the selector
+ applies to.
+ type: string
+ operator:
+ description: |-
+ operator represents a key's relationship to a set of values.
+ Valid operators are In, NotIn, Exists and DoesNotExist.
+ type: string
+ values:
+ description: |-
+ values is an array of string values. If the operator is In or NotIn,
+ the values array must be non-empty. If the operator is Exists or DoesNotExist,
+ the values array must be empty. This array is replaced during a strategic
+ merge patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: |-
+ matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
+ map is equivalent to an element of matchExpressions, whose key field is "key", the
+ operator is "In", and the values array contains only "value". The requirements are ANDed.
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ name:
+ description: |-
+ Select a single ClusterTrustBundle by object name. Mutually-exclusive
+ with signerName and labelSelector.
+ type: string
+ optional:
+ description: |-
+ If true, don't block pod startup if the referenced ClusterTrustBundle(s)
+ aren't available. If using name, then the named ClusterTrustBundle is
+ allowed not to exist. If using signerName, then the combination of
+ signerName and labelSelector is allowed to match zero
+ ClusterTrustBundles.
+ type: boolean
+ path:
+ description: Relative path from the
+ volume root to write the bundle.
+ type: string
+ signerName:
+ description: |-
+ Select all ClusterTrustBundles that match this signer name.
+ Mutually-exclusive with name. The contents of all selected
+ ClusterTrustBundles will be unified and deduplicated.
+ type: string
+ required:
+ - path
+ type: object
+ configMap:
+ description: configMap information about
+ the configMap data to project
+ properties:
+ items:
+ description: |-
+ items if unspecified, each key-value pair in the Data field of the referenced
+ ConfigMap will be projected into the volume as a file whose name is the
+ key and content is the value. If specified, the listed keys will be
+ projected into the specified paths, and unlisted keys will not be
+ present. If a key is specified which is not present in the ConfigMap,
+ the volume setup will error unless it is marked optional. Paths must be
+ relative and may not contain the '..' path or start with '..'.
+ items:
+ description: Maps a string key to
+ a path within a volume.
+ properties:
+ key:
+ description: key is the key
+ to project.
+ type: string
+ mode:
+ description: |-
+ mode is Optional: mode bits used to set permissions on this file.
+ Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
+ YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
+ If not specified, the volume defaultMode will be used.
+ This might be in conflict with other options that affect the file
+ mode, like fsGroup, and the result can be other mode bits set.
+ format: int32
+ type: integer
+ path:
+ description: |-
+ path is the relative path of the file to map the key to.
+ May not be an absolute path.
+ May not contain the path element '..'.
+ May not start with the string '..'.
+ type: string
+ required:
+ - key
+ - path
+ type: object
+ type: array
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: optional specify whether
+ the ConfigMap or its keys must be
+ defined
+ type: boolean
+ type: object
+ x-kubernetes-map-type: atomic
+ downwardAPI:
+ description: downwardAPI information about
+ the downwardAPI data to project
+ properties:
+ items:
+ description: Items is a list of DownwardAPIVolume
+ file
+ items:
+ description: DownwardAPIVolumeFile
+ represents information to create
+ the file containing the pod field
+ properties:
+ fieldRef:
+ description: 'Required: Selects
+ a field of the pod: only annotations,
+ labels, name and namespace
+ are supported.'
+ properties:
+ apiVersion:
+ description: Version of
+ the schema the FieldPath
+ is written in terms of,
+ defaults to "v1".
+ type: string
+ fieldPath:
+ description: Path of the
+ field to select in the
+ specified API version.
+ type: string
+ required:
+ - fieldPath
+ type: object
+ x-kubernetes-map-type: atomic
+ mode:
+ description: |-
+ Optional: mode bits used to set permissions on this file, must be an octal value
+ between 0000 and 0777 or a decimal value between 0 and 511.
+ YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
+ If not specified, the volume defaultMode will be used.
+ This might be in conflict with other options that affect the file
+ mode, like fsGroup, and the result can be other mode bits set.
+ format: int32
+ type: integer
+ path:
+ description: 'Required: Path
+ is the relative path name
+ of the file to be created.
+ Must not be absolute or contain
+ the ''..'' path. Must be utf-8
+ encoded. The first item of
+ the relative path must not
+ start with ''..'''
+ type: string
+ resourceFieldRef:
+ description: |-
+ Selects a resource of the container: only resources limits and requests
+ (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.
+ properties:
+ containerName:
+ description: 'Container
+ name: required for volumes,
+ optional for env vars'
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Specifies the
+ output format of the exposed
+ resources, defaults to
+ "1"
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ description: 'Required:
+ resource to select'
+ type: string
+ required:
+ - resource
+ type: object
+ x-kubernetes-map-type: atomic
+ required:
+ - path
+ type: object
+ type: array
+ type: object
+ secret:
+ description: secret information about
+ the secret data to project
+ properties:
+ items:
+ description: |-
+ items if unspecified, each key-value pair in the Data field of the referenced
+ Secret will be projected into the volume as a file whose name is the
+ key and content is the value. If specified, the listed keys will be
+ projected into the specified paths, and unlisted keys will not be
+ present. If a key is specified which is not present in the Secret,
+ the volume setup will error unless it is marked optional. Paths must be
+ relative and may not contain the '..' path or start with '..'.
+ items:
+ description: Maps a string key to
+ a path within a volume.
+ properties:
+ key:
+ description: key is the key
+ to project.
+ type: string
+ mode:
+ description: |-
+ mode is Optional: mode bits used to set permissions on this file.
+ Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
+ YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
+ If not specified, the volume defaultMode will be used.
+ This might be in conflict with other options that affect the file
+ mode, like fsGroup, and the result can be other mode bits set.
+ format: int32
+ type: integer
+ path:
+ description: |-
+ path is the relative path of the file to map the key to.
+ May not be an absolute path.
+ May not contain the path element '..'.
+ May not start with the string '..'.
+ type: string
+ required:
+ - key
+ - path
+ type: object
+ type: array
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: optional field specify
+ whether the Secret or its key must
+ be defined
+ type: boolean
+ type: object
+ x-kubernetes-map-type: atomic
+ serviceAccountToken:
+ description: serviceAccountToken is information
+ about the serviceAccountToken data to
+ project
+ properties:
+ audience:
+ description: |-
+ audience is the intended audience of the token. A recipient of a token
+ must identify itself with an identifier specified in the audience of the
+ token, and otherwise should reject the token. The audience defaults to the
+ identifier of the apiserver.
+ type: string
+ expirationSeconds:
+ description: |-
+ expirationSeconds is the requested duration of validity of the service
+ account token. As the token approaches expiration, the kubelet volume
+ plugin will proactively rotate the service account token. The kubelet will
+ start trying to rotate the token if the token is older than 80 percent of
+ its time to live or if the token is older than 24 hours.Defaults to 1 hour
+ and must be at least 10 minutes.
+ format: int64
+ type: integer
+ path:
+ description: |-
+ path is the path relative to the mount point of the file to project the
+ token into.
+ type: string
+ required:
+ - path
+ type: object
+ type: object
+ type: array
+ type: object
+ quobyte:
+ description: quobyte represents a Quobyte mount
+ on the host that shares a pod's lifetime
+ properties:
+ group:
+ description: |-
+ group to map volume access to
+ Default is no group
+ type: string
+ readOnly:
+ description: |-
+ readOnly here will force the Quobyte volume to be mounted with read-only permissions.
+ Defaults to false.
+ type: boolean
+ registry:
+ description: |-
+ registry represents a single or multiple Quobyte Registry services
+ specified as a string as host:port pair (multiple entries are separated with commas)
+ which acts as the central registry for volumes
+ type: string
+ tenant:
+ description: |-
+ tenant owning the given Quobyte volume in the Backend
+ Used with dynamically provisioned Quobyte volumes, value is set by the plugin
+ type: string
+ user:
+ description: |-
+ user to map volume access to
+ Defaults to serivceaccount user
+ type: string
+ volume:
+ description: volume is a string that references
+ an already created Quobyte volume by name.
+ type: string
+ required:
+ - registry
+ - volume
+ type: object
+ rbd:
+ description: |-
+ rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.
+ More info: https://examples.k8s.io/volumes/rbd/README.md
+ properties:
+ fsType:
+ description: |-
+ fsType is the filesystem type of the volume that you want to mount.
+ Tip: Ensure that the filesystem type is supported by the host operating system.
+ Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd
+ TODO: how do we prevent errors in the filesystem from compromising the machine
+ type: string
+ image:
+ description: |-
+ image is the rados image name.
+ More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
+ type: string
+ keyring:
+ description: |-
+ keyring is the path to key ring for RBDUser.
+ Default is /etc/ceph/keyring.
+ More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
+ type: string
+ monitors:
+ description: |-
+ monitors is a collection of Ceph monitors.
+ More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
+ items:
+ type: string
+ type: array
+ pool:
+ description: |-
+ pool is the rados pool name.
+ Default is rbd.
+ More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
+ type: string
+ readOnly:
+ description: |-
+ readOnly here will force the ReadOnly setting in VolumeMounts.
+ Defaults to false.
+ More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
+ type: boolean
+ secretRef:
+ description: |-
+ secretRef is name of the authentication secret for RBDUser. If provided
+ overrides keyring.
+ Default is nil.
+ More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
+ properties:
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ user:
+ description: |-
+ user is the rados user name.
+ Default is admin.
+ More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
+ type: string
+ required:
+ - image
+ - monitors
+ type: object
+ scaleIO:
+ description: scaleIO represents a ScaleIO persistent
+ volume attached and mounted on Kubernetes nodes.
+ properties:
+ fsType:
+ description: |-
+ fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host operating system.
+ Ex. "ext4", "xfs", "ntfs".
+ Default is "xfs".
+ type: string
+ gateway:
+ description: gateway is the host address of
+ the ScaleIO API Gateway.
+ type: string
+ protectionDomain:
+ description: protectionDomain is the name of
+ the ScaleIO Protection Domain for the configured
+ storage.
+ type: string
+ readOnly:
+ description: |-
+ readOnly Defaults to false (read/write). ReadOnly here will force
+ the ReadOnly setting in VolumeMounts.
+ type: boolean
+ secretRef:
+ description: |-
+ secretRef references to the secret for ScaleIO user and other
+ sensitive information. If this is not provided, Login operation will fail.
+ properties:
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ sslEnabled:
+ description: sslEnabled Flag enable/disable
+ SSL communication with Gateway, default false
+ type: boolean
+ storageMode:
+ description: |-
+ storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned.
+ Default is ThinProvisioned.
+ type: string
+ storagePool:
+ description: storagePool is the ScaleIO Storage
+ Pool associated with the protection domain.
+ type: string
+ system:
+ description: system is the name of the storage
+ system as configured in ScaleIO.
+ type: string
+ volumeName:
+ description: |-
+ volumeName is the name of a volume already created in the ScaleIO system
+ that is associated with this volume source.
+ type: string
+ required:
+ - gateway
+ - secretRef
+ - system
+ type: object
+ secret:
+ description: |-
+ secret represents a secret that should populate this volume.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#secret
+ properties:
+ defaultMode:
+ description: |-
+ defaultMode is Optional: mode bits used to set permissions on created files by default.
+ Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
+ YAML accepts both octal and decimal values, JSON requires decimal values
+ for mode bits. Defaults to 0644.
+ Directories within the path are not affected by this setting.
+ This might be in conflict with other options that affect the file
+ mode, like fsGroup, and the result can be other mode bits set.
+ format: int32
+ type: integer
+ items:
+ description: |-
+ items If unspecified, each key-value pair in the Data field of the referenced
+ Secret will be projected into the volume as a file whose name is the
+ key and content is the value. If specified, the listed keys will be
+ projected into the specified paths, and unlisted keys will not be
+ present. If a key is specified which is not present in the Secret,
+ the volume setup will error unless it is marked optional. Paths must be
+ relative and may not contain the '..' path or start with '..'.
+ items:
+ description: Maps a string key to a path within
+ a volume.
+ properties:
+ key:
+ description: key is the key to project.
+ type: string
+ mode:
+ description: |-
+ mode is Optional: mode bits used to set permissions on this file.
+ Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
+ YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
+ If not specified, the volume defaultMode will be used.
+ This might be in conflict with other options that affect the file
+ mode, like fsGroup, and the result can be other mode bits set.
+ format: int32
+ type: integer
+ path:
+ description: |-
+ path is the relative path of the file to map the key to.
+ May not be an absolute path.
+ May not contain the path element '..'.
+ May not start with the string '..'.
+ type: string
+ required:
+ - key
+ - path
+ type: object
+ type: array
+ optional:
+ description: optional field specify whether
+ the Secret or its keys must be defined
+ type: boolean
+ secretName:
+ description: |-
+ secretName is the name of the secret in the pod's namespace to use.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#secret
+ type: string
+ type: object
+ storageos:
+ description: storageOS represents a StorageOS volume
+ attached and mounted on Kubernetes nodes.
+ properties:
+ fsType:
+ description: |-
+ fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host operating system.
+ Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+ type: string
+ readOnly:
+ description: |-
+ readOnly defaults to false (read/write). ReadOnly here will force
+ the ReadOnly setting in VolumeMounts.
+ type: boolean
+ secretRef:
+ description: |-
+ secretRef specifies the secret to use for obtaining the StorageOS API
+ credentials. If not specified, default values will be attempted.
+ properties:
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ volumeName:
+ description: |-
+ volumeName is the human-readable name of the StorageOS volume. Volume
+ names are only unique within a namespace.
+ type: string
+ volumeNamespace:
+ description: |-
+ volumeNamespace specifies the scope of the volume within StorageOS. If no
+ namespace is specified then the Pod's namespace will be used. This allows the
+ Kubernetes name scoping to be mirrored within StorageOS for tighter integration.
+ Set VolumeName to any name to override the default behaviour.
+ Set to "default" if you are not using namespaces within StorageOS.
+ Namespaces that do not pre-exist within StorageOS will be created.
+ type: string
+ type: object
+ vsphereVolume:
+ description: vsphereVolume represents a vSphere
+ volume attached and mounted on kubelets host machine
+ properties:
+ fsType:
+ description: |-
+ fsType is filesystem type to mount.
+ Must be a filesystem type supported by the host operating system.
+ Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+ type: string
+ storagePolicyID:
+ description: storagePolicyID is the storage
+ Policy Based Management (SPBM) profile ID
+ associated with the StoragePolicyName.
+ type: string
+ storagePolicyName:
+ description: storagePolicyName is the storage
+ Policy Based Management (SPBM) profile name.
+ type: string
+ volumePath:
+ description: volumePath is the path that identifies
+ vSphere volume vmdk
+ type: string
+ required:
+ - volumePath
+ type: object
+ required:
+ - name
+ type: object
+ type: array
+ required:
+ - containers
+ type: object
+ type: object
+ traits:
+ description: the traits needed to run this Integration
+ properties:
+ 3scale:
+ description: 'Deprecated: for backward compatibility.'
+ properties:
+ configuration:
+ description: TraitConfiguration parameters configuration
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ required:
+ - configuration
+ type: object
+ addons:
+ additionalProperties:
+ description: AddonTrait represents the configuration of
+ an addon trait.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ description: The extension point with addon traits
+ type: object
+ affinity:
+ description: The configuration of Affinity trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait.
+ All traits share this common property.
+ type: boolean
+ nodeAffinityLabels:
+ description: Defines a set of nodes the integration pod(s)
+ are eligible to be scheduled on, based on labels on
+ the node.
+ items:
+ type: string
+ type: array
+ podAffinity:
+ description: Always co-locates multiple replicas of the
+ integration in the same node (default `false`).
+ type: boolean
+ podAffinityLabels:
+ description: |-
+ Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the
+ integration pod(s) should be co-located with.
+ items:
+ type: string
+ type: array
+ podAntiAffinity:
+ description: Never co-locates multiple replicas of the
+ integration in the same node (default `false`).
+ type: boolean
+ podAntiAffinityLabels:
+ description: |-
+ Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the
+ integration pod(s) should not be co-located with.
+ items:
+ type: string
+ type: array
+ type: object
+ builder:
+ description: The configuration of Builder trait
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ description: When using `pod` strategy, annotation to
+ use for the builder pod.
+ type: object
+ baseImage:
+ description: |-
+ Specify a base image. In order to have the application working properly it must be a container image which has a Java JDK
+ installed and ready to use on path (ie `/usr/bin/java`).
+ type: string
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ incrementalImageBuild:
+ description: Use the incremental image build option, to
+ reuse existing containers (default `true`)
+ type: boolean
+ limitCPU:
+ description: |-
+ When using `pod` strategy, the maximum amount of CPU required by the pod builder.
+ Deprecated: use TasksRequestCPU instead with task name `builder`.
+ type: string
+ limitMemory:
+ description: |-
+ When using `pod` strategy, the maximum amount of memory required by the pod builder.
+ Deprecated: use TasksRequestCPU instead with task name `builder`.
+ type: string
+ mavenProfiles:
+ description: |-
+ A list of references pointing to configmaps/secrets that contains a maven profile.
+ This configmap/secret is a resource of the IntegrationKit created, therefore it needs to be present in the namespace where the operator is going to create the IntegrationKit.
+ The content of the maven profile is expected to be a text containing a valid maven profile starting with `` and ending with `` that will be integrated as an inline profile in the POM.
+ Syntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = profile.xml).
+ items:
+ type: string
+ type: array
+ nodeSelector:
+ additionalProperties:
+ type: string
+ description: Defines a set of nodes the builder pod is
+ eligible to be scheduled on, based on labels on the
+ node.
+ type: object
+ orderStrategy:
+ description: The build order strategy to use, either `dependencies`,
+ `fifo` or `sequential` (default is the platform default)
+ enum:
+ - dependencies
+ - fifo
+ - sequential
+ type: string
+ platforms:
+ description: The list of manifest platforms to use to
+ build a container image (default `linux/amd64`).
+ items:
+ type: string
+ type: array
+ properties:
+ description: A list of properties to be provided to the
+ build task
+ items:
+ type: string
+ type: array
+ requestCPU:
+ description: |-
+ When using `pod` strategy, the minimum amount of CPU required by the pod builder.
+ Deprecated: use TasksRequestCPU instead with task name `builder`.
+ type: string
+ requestMemory:
+ description: |-
+ When using `pod` strategy, the minimum amount of memory required by the pod builder.
+ Deprecated: use TasksRequestCPU instead with task name `builder`.
+ type: string
+ strategy:
+ description: The strategy to use, either `pod` or `routine`
+ (default `routine`)
+ enum:
+ - pod
+ - routine
+ type: string
+ tasks:
+ description: A list of tasks to be executed (available
+ only when using `pod` strategy) with format `;;`.
+ items:
+ type: string
+ type: array
+ tasksFilter:
+ description: |-
+ A list of tasks sorted by the order of execution in a csv format, ie, `,,...`.
+ Mind that you must include also the operator tasks (`builder`, `quarkus-native`, `package`, `jib`, `s2i`)
+ if you need to execute them. Useful only with `pod` strategy.
+ type: string
+ tasksLimitCPU:
+ description: A list of limit cpu configuration for the
+ specific task with format `:`.
+ items:
+ type: string
+ type: array
+ tasksLimitMemory:
+ description: A list of limit memory configuration for
+ the specific task with format `:`.
+ items:
+ type: string
+ type: array
+ tasksRequestCPU:
+ description: A list of request cpu configuration for the
+ specific task with format `:`.
+ items:
+ type: string
+ type: array
+ tasksRequestMemory:
+ description: A list of request memory configuration for
+ the specific task with format `:`.
+ items:
+ type: string
+ type: array
+ verbose:
+ description: |-
+ Enable verbose logging on build components that support it (e.g. Kaniko build pod).
+ Deprecated no longer in use
+ type: boolean
+ type: object
+ camel:
+ description: The configuration of Camel trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ properties:
+ description: A list of properties to be provided to the
+ Integration runtime
+ items:
+ type: string
+ type: array
+ runtimeVersion:
+ description: |-
+ The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform.
+ You can use a fixed version (for example "3.2.3") or a semantic version (for example "3.x") which will try to resolve
+ to the best matching Catalog existing on the cluster.
+ type: string
+ type: object
+ container:
+ description: The configuration of Container trait
+ properties:
+ allowPrivilegeEscalation:
+ description: Security Context AllowPrivilegeEscalation
+ configuration (default false).
+ type: boolean
+ auto:
+ description: To automatically enable the trait
+ type: boolean
+ capabilitiesAdd:
+ description: Security Context Capabilities Add configuration
+ (default none).
+ items:
+ description: Capability represent POSIX capabilities
+ type
+ type: string
+ type: array
+ capabilitiesDrop:
+ description: Security Context Capabilities Drop configuration
+ (default ALL).
+ items:
+ description: Capability represent POSIX capabilities
+ type
+ type: string
+ type: array
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ expose:
+ description: Can be used to enable/disable exposure via
+ kubernetes Service.
+ type: boolean
+ image:
+ description: |-
+ The main container image to use for the Integration. When using this parameter the operator will create a synthetic IntegrationKit which
+ won't be able to execute traits requiring CamelCatalog. If the container image you're using is coming from an IntegrationKit, use instead
+ Integration `.spec.integrationKit` parameter. If you're moving the Integration across environments, you will also need to create an "external" IntegrationKit.
+ type: string
+ imagePullPolicy:
+ description: 'The pull policy: Always|Never|IfNotPresent'
+ enum:
+ - Always
+ - Never
+ - IfNotPresent
+ type: string
+ limitCPU:
+ description: The maximum amount of CPU to be provided
+ (default 500 millicores).
+ type: string
+ limitMemory:
+ description: The maximum amount of memory to be provided
+ (default 512 Mi).
+ type: string
+ name:
+ description: The main container name. It's named `integration`
+ by default.
+ type: string
+ port:
+ description: To configure a different port exposed by
+ the container (default `8080`).
+ type: integer
+ portName:
+ description: To configure a different port name for the
+ port exposed by the container. It defaults to `http`
+ only when the `expose` parameter is true.
+ type: string
+ requestCPU:
+ description: The minimum amount of CPU required (default
+ 125 millicores).
+ type: string
+ requestMemory:
+ description: The minimum amount of memory required (default
+ 128 Mi).
+ type: string
+ runAsNonRoot:
+ description: Security Context RunAsNonRoot configuration
+ (default false).
+ type: boolean
+ runAsUser:
+ description: 'Security Context RunAsUser configuration
+ (default none): this value is automatically retrieved
+ in Openshift clusters when not explicitly set.'
+ format: int64
+ type: integer
+ seccompProfileType:
+ description: Security Context SeccompProfileType configuration
+ (default RuntimeDefault).
+ enum:
+ - Unconfined
+ - RuntimeDefault
+ type: string
+ servicePort:
+ description: To configure under which service port the
+ container port is to be exposed (default `80`).
+ type: integer
+ servicePortName:
+ description: To configure under which service port name
+ the container port is to be exposed (default `http`).
+ type: string
+ type: object
+ cron:
+ description: The configuration of Cron trait
+ properties:
+ activeDeadlineSeconds:
+ description: |-
+ Specifies the duration in seconds, relative to the start time, that the job
+ may be continuously active before it is considered to be failed.
+ It defaults to 60s.
+ format: int64
+ type: integer
+ auto:
+ description: |-
+ Automatically deploy the integration as CronJob when all routes are
+ either starting from a periodic consumer (only `cron`, `timer` and `quartz` are supported) or a passive consumer (e.g. `direct` is a passive consumer).
+
+
+ It's required that all periodic consumers have the same period, and it can be expressed as cron schedule (e.g. `1m` can be expressed as `0/1 * * * *`,
+ while `35m` or `50s` cannot).
+ type: boolean
+ backoffLimit:
+ description: |-
+ Specifies the number of retries before marking the job failed.
+ It defaults to 2.
+ format: int32
+ type: integer
+ components:
+ description: |-
+ A comma separated list of the Camel components that need to be customized in order for them to work when the schedule is triggered externally by Kubernetes.
+ A specific customizer is activated for each specified component. E.g. for the `timer` component, the `cron-timer` customizer is
+ activated (it's present in the `org.apache.camel.k:camel-k-cron` library).
+
+
+ Supported components are currently: `cron`, `timer` and `quartz`.
+ type: string
+ concurrencyPolicy:
+ description: |-
+ Specifies how to treat concurrent executions of a Job.
+ Valid values are:
+ - "Allow": allows CronJobs to run concurrently;
+ - "Forbid" (default): forbids concurrent runs, skipping next run if previous run hasn't finished yet;
+ - "Replace": cancels currently running job and replaces it with a new one
+ enum:
+ - Allow
+ - Forbid
+ - Replace
+ type: string
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait.
+ All traits share this common property.
+ type: boolean
+ fallback:
+ description: |-
+ Use the default Camel implementation of the `cron` endpoint (`quartz`) instead of trying to materialize the integration
+ as Kubernetes CronJob.
+ type: boolean
+ schedule:
+ description: |-
+ The CronJob schedule for the whole integration. If multiple routes are declared, they must have the same schedule for this
+ mechanism to work correctly.
+ type: string
+ startingDeadlineSeconds:
+ description: |-
+ Optional deadline in seconds for starting the job if it misses scheduled
+ time for any reason. Missed jobs executions will be counted as failed ones.
+ format: int64
+ type: integer
+ timeZone:
+ description: The timezone that the CronJob will run on
+ type: string
+ type: object
+ dependencies:
+ description: The configuration of Dependencies trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ type: object
+ deployer:
+ description: The configuration of Deployer trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ kind:
+ description: Allows to explicitly select the desired deployment
+ kind between `deployment`, `cron-job` or `knative-service`
+ when creating the resources for running the integration.
+ enum:
+ - deployment
+ - cron-job
+ - knative-service
+ type: string
+ useSSA:
+ description: |-
+ Use server-side apply to update the owned resources (default `true`).
+ Note that it automatically falls back to client-side patching, if SSA is not available, e.g., on old Kubernetes clusters.
+ type: boolean
+ type: object
+ deployment:
+ description: The configuration of Deployment trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ progressDeadlineSeconds:
+ description: |-
+ The maximum time in seconds for the deployment to make progress before it
+ is considered to be failed. It defaults to `60s`.
+ format: int32
+ type: integer
+ rollingUpdateMaxSurge:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ The maximum number of pods that can be scheduled above the desired number of
+ pods.
+ Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
+ This can not be 0 if MaxUnavailable is 0.
+ Absolute number is calculated from percentage by rounding up.
+ Defaults to `25%`.
+ x-kubernetes-int-or-string: true
+ rollingUpdateMaxUnavailable:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ The maximum number of pods that can be unavailable during the update.
+ Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
+ Absolute number is calculated from percentage by rounding down.
+ This can not be 0 if MaxSurge is 0.
+ Defaults to `25%`.
+ x-kubernetes-int-or-string: true
+ strategy:
+ description: The deployment strategy to use to replace
+ existing pods with new ones.
+ enum:
+ - Recreate
+ - RollingUpdate
+ type: string
+ type: object
+ environment:
+ description: The configuration of Environment trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ containerMeta:
+ description: Enables injection of `NAMESPACE` and `POD_NAME`
+ environment variables (default `true`)
+ type: boolean
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ httpProxy:
+ description: Propagates the `HTTP_PROXY`, `HTTPS_PROXY`
+ and `NO_PROXY` environment variables (default `true`)
+ type: boolean
+ vars:
+ description: |-
+ A list of environment variables to be added to the integration container.
+ The syntax is KEY=VALUE, e.g., `MY_VAR="my value"`.
+ These take precedence over the previously defined environment variables.
+ items:
+ type: string
+ type: array
+ type: object
+ error-handler:
+ description: The configuration of Error Handler trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ ref:
+ description: The error handler ref name provided or found
+ in application properties
+ type: string
+ type: object
+ gc:
+ description: The configuration of GC trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ discoveryCache:
+ description: |-
+ Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`).
+ Deprecated: to be removed from trait configuration.
+ enum:
+ - disabled
+ - disk
+ - memory
+ type: string
+ enabled:
+ description: Can be used to enable or disable a trait.
+ All traits share this common property.
+ type: boolean
+ type: object
+ health:
+ description: The configuration of Health trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait.
+ All traits share this common property.
+ type: boolean
+ livenessFailureThreshold:
+ description: Minimum consecutive failures for the liveness
+ probe to be considered failed after having succeeded.
+ format: int32
+ type: integer
+ livenessInitialDelay:
+ description: Number of seconds after the container has
+ started before the liveness probe is initiated.
+ format: int32
+ type: integer
+ livenessPeriod:
+ description: How often to perform the liveness probe.
+ format: int32
+ type: integer
+ livenessProbe:
+ description: The liveness probe path to use (default provided
+ by the Catalog runtime used).
+ type: string
+ livenessProbeEnabled:
+ description: Configures the liveness probe for the integration
+ container (default `false`).
+ type: boolean
+ livenessScheme:
+ description: Scheme to use when connecting to the liveness
+ probe (default `HTTP`).
+ type: string
+ livenessSuccessThreshold:
+ description: Minimum consecutive successes for the liveness
+ probe to be considered successful after having failed.
+ format: int32
+ type: integer
+ livenessTimeout:
+ description: Number of seconds after which the liveness
+ probe times out.
+ format: int32
+ type: integer
+ readinessFailureThreshold:
+ description: Minimum consecutive failures for the readiness
+ probe to be considered failed after having succeeded.
+ format: int32
+ type: integer
+ readinessInitialDelay:
+ description: Number of seconds after the container has
+ started before the readiness probe is initiated.
+ format: int32
+ type: integer
+ readinessPeriod:
+ description: How often to perform the readiness probe.
+ format: int32
+ type: integer
+ readinessProbe:
+ description: The readiness probe path to use (default
+ provided by the Catalog runtime used).
+ type: string
+ readinessProbeEnabled:
+ description: Configures the readiness probe for the integration
+ container (default `true`).
+ type: boolean
+ readinessScheme:
+ description: Scheme to use when connecting to the readiness
+ probe (default `HTTP`).
+ type: string
+ readinessSuccessThreshold:
+ description: Minimum consecutive successes for the readiness
+ probe to be considered successful after having failed.
+ format: int32
+ type: integer
+ readinessTimeout:
+ description: Number of seconds after which the readiness
+ probe times out.
+ format: int32
+ type: integer
+ startupFailureThreshold:
+ description: Minimum consecutive failures for the startup
+ probe to be considered failed after having succeeded.
+ format: int32
+ type: integer
+ startupInitialDelay:
+ description: Number of seconds after the container has
+ started before the startup probe is initiated.
+ format: int32
+ type: integer
+ startupPeriod:
+ description: How often to perform the startup probe.
+ format: int32
+ type: integer
+ startupProbe:
+ description: The startup probe path to use (default provided
+ by the Catalog runtime used).
+ type: string
+ startupProbeEnabled:
+ description: Configures the startup probe for the integration
+ container (default `false`).
+ type: boolean
+ startupScheme:
+ description: Scheme to use when connecting to the startup
+ probe (default `HTTP`).
+ type: string
+ startupSuccessThreshold:
+ description: Minimum consecutive successes for the startup
+ probe to be considered successful after having failed.
+ format: int32
+ type: integer
+ startupTimeout:
+ description: Number of seconds after which the startup
+ probe times out.
+ format: int32
+ type: integer
+ type: object
+ ingress:
+ description: The configuration of Ingress trait
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ description: |-
+ The annotations added to the ingress.
+ This can be used to set controller specific annotations, e.g., when using the NGINX Ingress controller:
+ See https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md
+ type: object
+ auto:
+ description: To automatically add an ingress whenever
+ the integration uses an HTTP endpoint consumer.
+ type: boolean
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait.
+ All traits share this common property.
+ type: boolean
+ host:
+ description: To configure the host exposed by the ingress.
+ type: string
+ path:
+ description: To configure the path exposed by the ingress
+ (default `/`).
+ type: string
+ pathType:
+ description: |-
+ To configure the path type exposed by the ingress.
+ One of `Exact`, `Prefix`, `ImplementationSpecific` (default to `Prefix`).
+ enum:
+ - Exact
+ - Prefix
+ - ImplementationSpecific
+ type: string
+ tlsHosts:
+ description: To configure tls hosts
+ items:
+ type: string
+ type: array
+ tlsSecretName:
+ description: To configure tls secret name
+ type: string
+ type: object
+ istio:
+ description: The configuration of Istio trait
+ properties:
+ allow:
+ description: Configures a (comma-separated) list of CIDR
+ subnets that should not be intercepted by the Istio
+ proxy (`10.0.0.0/8,172.16.0.0/12,192.168.0.0/16` by
+ default).
+ type: string
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait.
+ All traits share this common property.
+ type: boolean
+ inject:
+ description: Forces the value for labels `sidecar.istio.io/inject`.
+ By default the label is set to `true` on deployment
+ and not set on Knative Service.
+ type: boolean
+ type: object
+ jolokia:
+ description: The configuration of Jolokia trait
+ properties:
+ CACert:
+ description: |-
+ The PEM encoded CA certification file path, used to verify client certificates,
+ applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`
+ (default `/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt` for OpenShift).
+ type: string
+ clientPrincipal:
+ description: |-
+ The principal(s) which must be given in a client certificate to allow access to the Jolokia endpoint,
+ applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`
+ (default `clientPrincipal=cn=system:master-proxy`, `cn=hawtio-online.hawtio.svc` and `cn=fuse-console.fuse.svc` for OpenShift).
+ items:
+ type: string
+ type: array
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ discoveryEnabled:
+ description: Listen for multicast requests (default `false`)
+ type: boolean
+ enabled:
+ description: Can be used to enable or disable a trait.
+ All traits share this common property.
+ type: boolean
+ extendedClientCheck:
+ description: |-
+ Mandate the client certificate contains a client flag in the extended key usage section,
+ applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`
+ (default `true` for OpenShift).
+ type: boolean
+ host:
+ description: |-
+ The Host address to which the Jolokia agent should bind to. If `"\*"` or `"0.0.0.0"` is given,
+ the servers binds to every network interface (default `"*"`).
+ type: string
+ options:
+ description: |-
+ A list of additional Jolokia options as defined
+ in https://jolokia.org/reference/html/agents.html#agent-jvm-config[JVM agent configuration options]
+ items:
+ type: string
+ type: array
+ password:
+ description: The password used for authentication, applicable
+ when the `user` option is set.
+ type: string
+ port:
+ description: The Jolokia endpoint port (default `8778`).
+ type: integer
+ protocol:
+ description: The protocol to use, either `http` or `https`
+ (default `https` for OpenShift)
+ type: string
+ useSSLClientAuthentication:
+ description: Whether client certificates should be used
+ for authentication (default `true` for OpenShift).
+ type: boolean
+ user:
+ description: The user to be used for authentication
+ type: string
+ type: object
+ jvm:
+ description: The configuration of JVM trait
+ properties:
+ classpath:
+ description: Additional JVM classpath (use `Linux` classpath
+ separator)
+ type: string
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ debug:
+ description: Activates remote debugging, so that a debugger
+ can be attached to the JVM, e.g., using port-forwarding
+ type: boolean
+ debugAddress:
+ description: Transport address at which to listen for
+ the newly launched JVM (default `*:5005`)
+ type: string
+ debugSuspend:
+ description: Suspends the target JVM immediately before
+ the main class is loaded
+ type: boolean
+ enabled:
+ description: Can be used to enable or disable a trait.
+ All traits share this common property.
+ type: boolean
+ jar:
+ description: The Jar dependency which will run the application.
+ Leave it empty for managed Integrations.
+ type: string
+ options:
+ description: A list of JVM options
+ items:
+ type: string
+ type: array
+ printCommand:
+ description: |-
+ Prints the command used the start the JVM in the container logs (default `true`)
+ Deprecated: no longer in use.
+ type: boolean
+ type: object
+ kamelets:
+ description: The configuration of Kamelets trait
+ properties:
+ auto:
+ description: Automatically inject all referenced Kamelets
+ and their default configuration (enabled by default)
+ type: boolean
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait.
+ All traits share this common property.
+ type: boolean
+ list:
+ description: Comma separated list of Kamelet names to
+ load into the current integration
+ type: string
+ mountPoint:
+ description: The directory where the application mounts
+ and reads Kamelet spec (default `/etc/camel/kamelets`)
+ type: string
+ type: object
+ keda:
+ description: 'Deprecated: for backward compatibility.'
+ properties:
+ configuration:
+ description: TraitConfiguration parameters configuration
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ required:
+ - configuration
+ type: object
+ knative:
+ description: The configuration of Knative trait
+ properties:
+ auto:
+ description: Enable automatic discovery of all trait properties.
+ type: boolean
+ channelSinks:
+ description: |-
+ List of channels used as destination of integration routes.
+ Can contain simple channel names or full Camel URIs.
+ items:
+ type: string
+ type: array
+ channelSources:
+ description: |-
+ List of channels used as source of integration routes.
+ Can contain simple channel names or full Camel URIs.
+ items:
+ type: string
+ type: array
+ config:
+ description: Can be used to inject a Knative complete
+ configuration in JSON format.
+ type: string
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait.
+ All traits share this common property.
+ type: boolean
+ endpointSinks:
+ description: |-
+ List of endpoints used as destination of integration routes.
+ Can contain simple endpoint names or full Camel URIs.
+ items:
+ type: string
+ type: array
+ endpointSources:
+ description: List of channels used as source of integration
+ routes.
+ items:
+ type: string
+ type: array
+ eventSinks:
+ description: |-
+ List of event types that the integration will produce.
+ Can contain simple event types or full Camel URIs (to use a specific broker).
+ items:
+ type: string
+ type: array
+ eventSources:
+ description: |-
+ List of event types that the integration will be subscribed to.
+ Can contain simple event types or full Camel URIs (to use a specific broker different from "default").
+ items:
+ type: string
+ type: array
+ filterEventType:
+ description: |-
+ Enables the default filtering for the Knative trigger using the event type
+ If this is true, the created Knative trigger uses the event type as a filter on the event stream when no other filter criteria is given. (default: true)
+ type: boolean
+ filterSourceChannels:
+ description: |-
+ Enables filtering on events based on the header "ce-knativehistory". Since this header has been removed in newer versions of
+ Knative, filtering is disabled by default.
+ type: boolean
+ filters:
+ description: |-
+ Sets filter attributes on the event stream (such as event type, source, subject and so on).
+ A list of key-value pairs that represent filter attributes and its values.
+ The syntax is KEY=VALUE, e.g., `source="my.source"`.
+ Filter attributes get set on the Knative trigger that is being created as part of this integration.
+ items:
+ type: string
+ type: array
+ namespaceLabel:
+ description: |-
+ Enables the camel-k-operator to set the "bindings.knative.dev/include=true" label to the namespace
+ As Knative requires this label to perform injection of K_SINK URL into the service.
+ If this is false, the integration pod may start and fail, read the SinkBinding Knative documentation. (default: true)
+ type: boolean
+ sinkBinding:
+ description: |-
+ Allows binding the integration to a sink via a Knative SinkBinding resource.
+ This can be used when the integration targets a single sink.
+ It's enabled by default when the integration targets a single sink
+ (except when the integration is owned by a Knative source).
+ type: boolean
+ type: object
+ knative-service:
+ description: The configuration of Knative Service trait
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ description: |-
+ The annotations added to route.
+ This can be used to set knative service specific annotations
+ CLI usage example: -t "knative-service.annotations.'haproxy.router.openshift.io/balance'=true"
+ type: object
+ auto:
+ description: |-
+ Automatically deploy the integration as Knative service when all conditions hold:
+
+
+ * Integration is using the Knative profile
+ * All routes are either starting from an HTTP based consumer or a passive consumer (e.g. `direct` is a passive consumer)
+ type: boolean
+ autoscalingMetric:
+ description: |-
+ Configures the Knative autoscaling metric property (e.g. to set `concurrency` based or `cpu` based autoscaling).
+
+
+ Refer to the Knative documentation for more information.
+ type: string
+ autoscalingTarget:
+ description: |-
+ Sets the allowed concurrency level or CPU percentage (depending on the autoscaling metric) for each Pod.
+
+
+ Refer to the Knative documentation for more information.
+ type: integer
+ class:
+ description: |-
+ Configures the Knative autoscaling class property (e.g. to set `hpa.autoscaling.knative.dev` or `kpa.autoscaling.knative.dev` autoscaling).
+
+
+ Refer to the Knative documentation for more information.
+ enum:
+ - kpa.autoscaling.knative.dev
+ - hpa.autoscaling.knative.dev
+ type: string
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait.
+ All traits share this common property.
+ type: boolean
+ maxScale:
+ description: |-
+ An upper bound for the number of Pods that can be running in parallel for the integration.
+ Knative has its own cap value that depends on the installation.
+
+
+ Refer to the Knative documentation for more information.
+ type: integer
+ minScale:
+ description: |-
+ The minimum number of Pods that should be running at any time for the integration. It's **zero** by default, meaning that
+ the integration is scaled down to zero when not used for a configured amount of time.
+
+
+ Refer to the Knative documentation for more information.
+ type: integer
+ rolloutDuration:
+ description: |-
+ Enables to gradually shift traffic to the latest Revision and sets the rollout duration.
+ It's disabled by default and must be expressed as a Golang `time.Duration` string representation,
+ rounded to a second precision.
+ type: string
+ timeoutSeconds:
+ description: |-
+ The maximum duration in seconds that the request instance is allowed to respond to a request.
+ This field propagates to the integration pod's terminationGracePeriodSeconds
+
+
+ Refer to the Knative documentation for more information.
+ format: int64
+ type: integer
+ visibility:
+ description: |-
+ Setting `cluster-local`, Knative service becomes a private service.
+ Specifically, this option applies the `networking.knative.dev/visibility` label to Knative service.
+
+
+ Refer to the Knative documentation for more information.
+ enum:
+ - cluster-local
+ type: string
+ type: object
+ logging:
+ description: The configuration of Logging trait
+ properties:
+ color:
+ description: Colorize the log output
+ type: boolean
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait.
+ All traits share this common property.
+ type: boolean
+ format:
+ description: Logs message format
+ type: string
+ json:
+ description: Output the logs in JSON
+ type: boolean
+ jsonPrettyPrint:
+ description: Enable "pretty printing" of the JSON logs
+ type: boolean
+ level:
+ description: Adjust the logging level (defaults to `INFO`)
+ enum:
+ - FATAL
+ - WARN
+ - INFO
+ - DEBUG
+ - TRACE
+ type: string
+ type: object
+ master:
+ description: 'Deprecated: for backward compatibility.'
+ properties:
+ configuration:
+ description: TraitConfiguration parameters configuration
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ required:
+ - configuration
+ type: object
+ mount:
+ description: The configuration of Mount trait
+ properties:
+ configs:
+ description: |-
+ A list of configuration pointing to configmap/secret.
+ The configuration are expected to be UTF-8 resources as they are processed by runtime Camel Context and tried to be parsed as property files.
+ They are also made available on the classpath in order to ease their usage directly from the Route.
+ Syntax: [configmap|secret]:name[/key], where name represents the resource name and key optionally represents the resource key to be filtered
+ items:
+ type: string
+ type: array
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ emptyDirs:
+ description: 'A list of EmptyDir volumes to be mounted.
+ Syntax: [name:/container/path]'
+ items:
+ type: string
+ type: array
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ hotReload:
+ description: |-
+ Enable "hot reload" when a secret/configmap mounted is edited (default `false`). The configmap/secret must be
+ marked with `camel.apache.org/integration` label to be taken in account. The resource will be watched for any kind change, also for
+ changes in metadata.
+ type: boolean
+ resources:
+ description: |-
+ A list of resources (text or binary content) pointing to configmap/secret.
+ The resources are expected to be any resource type (text or binary content).
+ The destination path can be either a default location or any path specified by the user.
+ Syntax: [configmap|secret]:name[/key][@path], where name represents the resource name, key optionally represents the resource key to be filtered and path represents the destination path
+ items:
+ type: string
+ type: array
+ scanKameletsImplicitLabelSecrets:
+ description: |-
+ Deprecated: include your properties in an explicit property file backed by a secret.
+ Let the operator to scan for secret labeled with `camel.apache.org/kamelet` and `camel.apache.org/kamelet.configuration`.
+ These secrets are mounted to the application and treated as plain properties file with their key/value list
+ (ie .spec.data["camel.my-property"] = my-value) (default `true`).
+ type: boolean
+ volumes:
+ description: 'A list of Persistent Volume Claims to be
+ mounted. Syntax: [pvcname:/container/path]'
+ items:
+ type: string
+ type: array
+ type: object
+ openapi:
+ description: The configuration of OpenAPI trait
+ properties:
+ configmaps:
+ description: The configmaps holding the spec of the OpenAPI
+ (compatible with > 3.0 spec only).
+ items:
+ type: string
+ type: array
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ type: object
+ owner:
+ description: The configuration of Owner trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait.
+ All traits share this common property.
+ type: boolean
+ targetAnnotations:
+ description: The set of annotations to be transferred
+ items:
+ type: string
+ type: array
+ targetLabels:
+ description: The set of labels to be transferred
+ items:
+ type: string
+ type: array
+ type: object
+ pdb:
+ description: The configuration of PDB trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait.
+ All traits share this common property.
+ type: boolean
+ maxUnavailable:
+ description: |-
+ The number of pods for the Integration that can be unavailable after an eviction.
+ It can be either an absolute number or a percentage (default `1` if `min-available` is also not set).
+ Only one of `max-unavailable` and `min-available` can be specified.
+ type: string
+ minAvailable:
+ description: |-
+ The number of pods for the Integration that must still be available after an eviction.
+ It can be either an absolute number or a percentage.
+ Only one of `min-available` and `max-unavailable` can be specified.
+ type: string
+ type: object
+ platform:
+ description: The configuration of Platform trait
+ properties:
+ auto:
+ description: |-
+ To automatically detect from the environment if a default platform can be created (it will be created on OpenShift or when a registry address is set).
+ Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility
+ type: boolean
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ createDefault:
+ description: |-
+ To create a default (empty) platform when the platform is missing.
+ Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility
+ type: boolean
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ global:
+ description: |-
+ Indicates if the platform should be created globally in the case of global operator (default true).
+ Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility
+ type: boolean
+ type: object
+ pod:
+ description: The configuration of Pod trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait.
+ All traits share this common property.
+ type: boolean
+ type: object
+ prometheus:
+ description: The configuration of Prometheus trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait.
+ All traits share this common property.
+ type: boolean
+ podMonitor:
+ description: Whether a `PodMonitor` resource is created
+ (default `true`).
+ type: boolean
+ podMonitorLabels:
+ description: The `PodMonitor` resource labels, applicable
+ when `pod-monitor` is `true`.
+ items:
+ type: string
+ type: array
+ type: object
+ pull-secret:
+ description: The configuration of Pull Secret trait
+ properties:
+ auto:
+ description: Automatically configures the platform registry
+ secret on the pod if it is of type `kubernetes.io/dockerconfigjson`.
+ type: boolean
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait.
+ All traits share this common property.
+ type: boolean
+ imagePullerDelegation:
+ description: When using a global operator with a shared
+ platform, this enables delegation of the `system:image-puller`
+ cluster role on the operator namespace to the integration
+ service account.
+ type: boolean
+ secretName:
+ description: The pull secret name to set on the Pod. If
+ left empty this is automatically taken from the `IntegrationPlatform`
+ registry configuration.
+ type: string
+ type: object
+ quarkus:
+ description: The configuration of Quarkus trait
+ properties:
+ buildMode:
+ description: |-
+ The Quarkus mode to run: either `jvm` or `native` (default `jvm`).
+ In case both `jvm` and `native` are specified, two `IntegrationKit` resources are created,
+ with the `native` kit having precedence over the `jvm` one once ready.
+ items:
+ description: QuarkusMode is the type of Quarkus build
+ packaging.
+ enum:
+ - jvm
+ - native
+ type: string
+ type: array
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ nativeBaseImage:
+ description: The base image to use when running a native
+ build (default `quay.io/quarkus/quarkus-micro-image:2.0`)
+ type: string
+ nativeBuilderImage:
+ description: The image containing the tooling required
+ for a native build (by default it will use the one provided
+ in the runtime catalog)
+ type: string
+ packageTypes:
+ description: |-
+ The Quarkus package types, `fast-jar` or `native` (default `fast-jar`).
+ In case both `fast-jar` and `native` are specified, two `IntegrationKit` resources are created,
+ with the native kit having precedence over the `fast-jar` one once ready.
+ The order influences the resolution of the current kit for the integration.
+ The kit corresponding to the first package type will be assigned to the
+ integration in case no existing kit that matches the integration exists.
+ Deprecated: use `build-mode` instead.
+ items:
+ description: |-
+ QuarkusPackageType is the type of Quarkus build packaging.
+ Deprecated: use `QuarkusMode` instead.
+ enum:
+ - fast-jar
+ - native
+ type: string
+ type: array
+ type: object
+ registry:
+ description: |-
+ The configuration of Registry trait (support removed since version 2.5.0).
+ Deprecated: use jvm trait or read documentation.
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait.
+ All traits share this common property.
+ type: boolean
+ type: object
+ route:
+ description: The configuration of Route trait
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ description: |-
+ The annotations added to route.
+ This can be used to set route specific annotations
+ For annotations options see https://docs.openshift.com/container-platform/3.11/architecture/networking/routes.html#route-specific-annotations
+ CLI usage example: -t "route.annotations.'haproxy.router.openshift.io/balance'=true"
+ type: object
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait.
+ All traits share this common property.
+ type: boolean
+ host:
+ description: To configure the host exposed by the route.
+ type: string
+ tlsCACertificate:
+ description: |-
+ The TLS CA certificate contents.
+
+
+ Refer to the OpenShift route documentation for additional information.
+ type: string
+ tlsCACertificateSecret:
+ description: |-
+ The secret name and key reference to the TLS CA certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
+
+
+ Refer to the OpenShift route documentation for additional information.
+ type: string
+ tlsCertificate:
+ description: |-
+ The TLS certificate contents.
+
+
+ Refer to the OpenShift route documentation for additional information.
+ type: string
+ tlsCertificateSecret:
+ description: |-
+ The secret name and key reference to the TLS certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
+
+
+ Refer to the OpenShift route documentation for additional information.
+ type: string
+ tlsDestinationCACertificate:
+ description: |-
+ The destination CA certificate provides the contents of the ca certificate of the final destination. When using reencrypt
+ termination this file should be provided in order to have routers use it for health checks on the secure connection.
+ If this field is not specified, the router may provide its own destination CA and perform hostname validation using
+ the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically
+ verify.
+
+
+ Refer to the OpenShift route documentation for additional information.
+ type: string
+ tlsDestinationCACertificateSecret:
+ description: |-
+ The secret name and key reference to the destination CA certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
+
+
+ Refer to the OpenShift route documentation for additional information.
+ type: string
+ tlsInsecureEdgeTerminationPolicy:
+ description: |-
+ To configure how to deal with insecure traffic, e.g. `Allow`, `Disable` or `Redirect` traffic.
+
+
+ Refer to the OpenShift route documentation for additional information.
+ enum:
+ - None
+ - Allow
+ - Redirect
+ type: string
+ tlsKey:
+ description: |-
+ The TLS certificate key contents.
+
+
+ Refer to the OpenShift route documentation for additional information.
+ type: string
+ tlsKeySecret:
+ description: |-
+ The secret name and key reference to the TLS certificate key. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
+
+
+ Refer to the OpenShift route documentation for additional information.
+ type: string
+ tlsTermination:
+ description: |-
+ The TLS termination type, like `edge`, `passthrough` or `reencrypt`.
+
+
+ Refer to the OpenShift route documentation for additional information.
+ enum:
+ - edge
+ - reencrypt
+ - passthrough
+ type: string
+ type: object
+ security-context:
+ description: The configuration of Security Context trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ runAsNonRoot:
+ description: Security Context RunAsNonRoot configuration
+ (default false).
+ type: boolean
+ runAsUser:
+ description: 'Security Context RunAsUser configuration
+ (default none): this value is automatically retrieved
+ in Openshift clusters when not explicitly set.'
+ format: int64
+ type: integer
+ seccompProfileType:
+ description: Security Context SeccompProfileType configuration
+ (default RuntimeDefault).
+ enum:
+ - Unconfined
+ - RuntimeDefault
+ type: string
+ type: object
+ service:
+ description: The configuration of Service trait
+ properties:
+ auto:
+ description: To automatically detect from the code if
+ a Service needs to be created.
+ type: boolean
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait.
+ All traits share this common property.
+ type: boolean
+ nodePort:
+ description: |-
+ Enable Service to be exposed as NodePort (default `false`).
+ Deprecated: Use service type instead.
+ type: boolean
+ type:
+ description: The type of service to be used, either 'ClusterIP',
+ 'NodePort' or 'LoadBalancer'.
+ enum:
+ - ClusterIP
+ - NodePort
+ - LoadBalancer
+ type: string
+ type: object
+ service-binding:
+ description: The configuration of Service Binding trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait.
+ All traits share this common property.
+ type: boolean
+ services:
+ description: List of Services in the form [[apigroup/]version:]kind:[namespace/]name
+ items:
+ type: string
+ type: array
+ type: object
+ strimzi:
+ description: 'Deprecated: for backward compatibility.'
+ properties:
+ configuration:
+ description: TraitConfiguration parameters configuration
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ required:
+ - configuration
+ type: object
+ toleration:
+ description: The configuration of Toleration trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait.
+ All traits share this common property.
+ type: boolean
+ taints:
+ description: The list of taints to tolerate, in the form
+ `Key[=Value]:Effect[:Seconds]`
+ items:
+ type: string
+ type: array
+ type: object
+ tracing:
+ description: 'Deprecated: for backward compatibility.'
+ properties:
+ configuration:
+ description: TraitConfiguration parameters configuration
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ required:
+ - configuration
+ type: object
+ type: object
+ type: object
+ replicas:
+ description: Replicas is the number of desired replicas for the binding
+ format: int32
+ type: integer
+ serviceAccountName:
+ description: Custom SA to use for the binding
+ type: string
+ sink:
+ description: Sink is the destination of the integration defined by
+ this binding
+ properties:
+ dataTypes:
+ additionalProperties:
+ description: DataTypeReference references to the specification
+ of a data type by its scheme and format name.
+ properties:
+ format:
+ description: the data type format name
+ type: string
+ scheme:
+ description: the data type component scheme
+ type: string
+ type: object
+ description: DataTypes defines the data type of the data produced/consumed
+ by the endpoint and references a given data type specification.
+ type: object
+ properties:
+ description: Properties are a key value representation of endpoint
+ properties
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ ref:
+ description: Ref can be used to declare a Kubernetes resource
+ as source/sink endpoint
+ properties:
+ apiVersion:
+ description: API version of the referent.
+ type: string
+ fieldPath:
+ description: |-
+ If referring to a piece of an object instead of an entire object, this string
+ should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
+ For example, if the object reference is to a container within a pod, this would take on a value like:
+ "spec.containers{name}" (where "name" refers to the name of the container that triggered
+ the event) or if no container name is specified "spec.containers[2]" (container with
+ index 2 in this pod). This syntax is chosen only to have some well-defined way of
+ referencing a part of an object.
+ TODO: this design is not final and this field is subject to change in the future.
+ type: string
+ kind:
+ description: |-
+ Kind of the referent.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ type: string
+ namespace:
+ description: |-
+ Namespace of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
+ type: string
+ resourceVersion:
+ description: |-
+ Specific resourceVersion to which this reference is made, if any.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+ type: string
+ uid:
+ description: |-
+ UID of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ types:
+ additionalProperties:
+ description: |-
+ EventTypeSpec represents a specification for an event type.
+ Deprecated: In favor of using DataTypeSpec.
+ properties:
+ mediaType:
+ description: media type as expected for HTTP media types
+ (ie, application/json)
+ type: string
+ schema:
+ description: the expected schema for the event
+ properties:
+ $schema:
+ description: JSONSchemaURL represents a schema url.
+ type: string
+ description:
+ type: string
+ example:
+ description: |-
+ JSON represents any valid JSON value.
+ These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil.
+ x-kubernetes-preserve-unknown-fields: true
+ externalDocs:
+ description: ExternalDocumentation allows referencing
+ an external resource for extended documentation.
+ properties:
+ description:
+ type: string
+ url:
+ type: string
+ type: object
+ id:
+ type: string
+ properties:
+ additionalProperties:
+ properties:
+ default:
+ description: default is a default value for undefined
+ object fields.
+ x-kubernetes-preserve-unknown-fields: true
+ deprecated:
+ type: boolean
+ description:
+ type: string
+ enum:
+ items:
+ description: |-
+ JSON represents any valid JSON value.
+ These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil.
+ x-kubernetes-preserve-unknown-fields: true
+ type: array
+ example:
+ description: |-
+ JSON represents any valid JSON value.
+ These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil.
+ x-kubernetes-preserve-unknown-fields: true
+ exclusiveMaximum:
+ type: boolean
+ exclusiveMinimum:
+ type: boolean
+ format:
+ description: |-
+ format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated:
+
+
+ - bsonobjectid: a bson object ID, i.e. a 24 characters hex string
+ - uri: an URI as parsed by Golang net/url.ParseRequestURI
+ - email: an email address as parsed by Golang net/mail.ParseAddress
+ - hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034].
+ - ipv4: an IPv4 IP as parsed by Golang net.ParseIP
+ - ipv6: an IPv6 IP as parsed by Golang net.ParseIP
+ - cidr: a CIDR as parsed by Golang net.ParseCIDR
+ - mac: a MAC address as parsed by Golang net.ParseMAC
+ - uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$
+ - uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$
+ - uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$
+ - uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$
+ - isbn: an ISBN10 or ISBN13 number string like "0321751043" or "978-0321751041"
+ - isbn10: an ISBN10 number string like "0321751043"
+ - isbn13: an ISBN13 number string like "978-0321751041"
+ - creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\d{3})\\d{11})$ with any non digit characters mixed in
+ - ssn: a U.S. social security number following the regex ^\\d{3}[- ]?\\d{2}[- ]?\\d{4}$
+ - hexcolor: an hexadecimal color code like "#FFFFFF" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$
+ - rgbcolor: an RGB color code like rgb like "rgb(255,255,255)"
+ - byte: base64 encoded binary data
+ - password: any kind of string
+ - date: a date string like "2006-01-02" as defined by full-date in RFC3339
+ - duration: a duration string like "22 ns" as parsed by Golang time.ParseDuration or compatible with Scala duration format
+ - datetime: a date time string like "2014-12-15T19:30:20.000Z" as defined by date-time in RFC3339.
+ type: string
+ id:
+ type: string
+ maxItems:
+ format: int64
+ type: integer
+ maxLength:
+ format: int64
+ type: integer
+ maxProperties:
+ format: int64
+ type: integer
+ maximum:
+ description: A Number represents a JSON number
+ literal.
+ type: string
+ minItems:
+ format: int64
+ type: integer
+ minLength:
+ format: int64
+ type: integer
+ minProperties:
+ format: int64
+ type: integer
+ minimum:
+ description: A Number represents a JSON number
+ literal.
+ type: string
+ multipleOf:
+ description: A Number represents a JSON number
+ literal.
+ type: string
+ nullable:
+ type: boolean
+ pattern:
+ type: string
+ title:
+ type: string
+ type:
+ type: string
+ uniqueItems:
+ type: boolean
+ x-descriptors:
+ description: XDescriptors is a list of extended
+ properties that trigger a custom behavior in
+ external systems
+ items:
+ type: string
+ type: array
+ type: object
+ type: object
+ required:
+ items:
+ type: string
+ type: array
+ title:
+ type: string
+ type:
+ type: string
+ type: object
+ type: object
+ description: |-
+ Types defines the data type of the data produced/consumed by the endpoint and references a given data type specification.
+ Deprecated: In favor of using DataTypes
+ type: object
+ uri:
+ description: URI can be used to specify the (Camel) endpoint explicitly
+ type: string
+ type: object
+ source:
+ description: Source is the starting point of the integration defined
+ by this binding
+ properties:
+ dataTypes:
+ additionalProperties:
+ description: DataTypeReference references to the specification
+ of a data type by its scheme and format name.
+ properties:
+ format:
+ description: the data type format name
+ type: string
+ scheme:
+ description: the data type component scheme
+ type: string
+ type: object
+ description: DataTypes defines the data type of the data produced/consumed
+ by the endpoint and references a given data type specification.
+ type: object
+ properties:
+ description: Properties are a key value representation of endpoint
+ properties
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ ref:
+ description: Ref can be used to declare a Kubernetes resource
+ as source/sink endpoint
+ properties:
+ apiVersion:
+ description: API version of the referent.
+ type: string
+ fieldPath:
+ description: |-
+ If referring to a piece of an object instead of an entire object, this string
+ should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
+ For example, if the object reference is to a container within a pod, this would take on a value like:
+ "spec.containers{name}" (where "name" refers to the name of the container that triggered
+ the event) or if no container name is specified "spec.containers[2]" (container with
+ index 2 in this pod). This syntax is chosen only to have some well-defined way of
+ referencing a part of an object.
+ TODO: this design is not final and this field is subject to change in the future.
+ type: string
+ kind:
+ description: |-
+ Kind of the referent.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ type: string
+ namespace:
+ description: |-
+ Namespace of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
+ type: string
+ resourceVersion:
+ description: |-
+ Specific resourceVersion to which this reference is made, if any.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+ type: string
+ uid:
+ description: |-
+ UID of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ types:
+ additionalProperties:
+ description: |-
+ EventTypeSpec represents a specification for an event type.
+ Deprecated: In favor of using DataTypeSpec.
+ properties:
+ mediaType:
+ description: media type as expected for HTTP media types
+ (ie, application/json)
+ type: string
+ schema:
+ description: the expected schema for the event
+ properties:
+ $schema:
+ description: JSONSchemaURL represents a schema url.
+ type: string
+ description:
+ type: string
+ example:
+ description: |-
+ JSON represents any valid JSON value.
+ These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil.
+ x-kubernetes-preserve-unknown-fields: true
+ externalDocs:
+ description: ExternalDocumentation allows referencing
+ an external resource for extended documentation.
+ properties:
+ description:
+ type: string
+ url:
+ type: string
+ type: object
+ id:
+ type: string
+ properties:
+ additionalProperties:
+ properties:
+ default:
+ description: default is a default value for undefined
+ object fields.
+ x-kubernetes-preserve-unknown-fields: true
+ deprecated:
+ type: boolean
+ description:
+ type: string
+ enum:
+ items:
+ description: |-
+ JSON represents any valid JSON value.
+ These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil.
+ x-kubernetes-preserve-unknown-fields: true
+ type: array
+ example:
+ description: |-
+ JSON represents any valid JSON value.
+ These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil.
+ x-kubernetes-preserve-unknown-fields: true
+ exclusiveMaximum:
+ type: boolean
+ exclusiveMinimum:
+ type: boolean
+ format:
+ description: |-
+ format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated:
+
+
+ - bsonobjectid: a bson object ID, i.e. a 24 characters hex string
+ - uri: an URI as parsed by Golang net/url.ParseRequestURI
+ - email: an email address as parsed by Golang net/mail.ParseAddress
+ - hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034].
+ - ipv4: an IPv4 IP as parsed by Golang net.ParseIP
+ - ipv6: an IPv6 IP as parsed by Golang net.ParseIP
+ - cidr: a CIDR as parsed by Golang net.ParseCIDR
+ - mac: a MAC address as parsed by Golang net.ParseMAC
+ - uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$
+ - uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$
+ - uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$
+ - uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$
+ - isbn: an ISBN10 or ISBN13 number string like "0321751043" or "978-0321751041"
+ - isbn10: an ISBN10 number string like "0321751043"
+ - isbn13: an ISBN13 number string like "978-0321751041"
+ - creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\d{3})\\d{11})$ with any non digit characters mixed in
+ - ssn: a U.S. social security number following the regex ^\\d{3}[- ]?\\d{2}[- ]?\\d{4}$
+ - hexcolor: an hexadecimal color code like "#FFFFFF" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$
+ - rgbcolor: an RGB color code like rgb like "rgb(255,255,255)"
+ - byte: base64 encoded binary data
+ - password: any kind of string
+ - date: a date string like "2006-01-02" as defined by full-date in RFC3339
+ - duration: a duration string like "22 ns" as parsed by Golang time.ParseDuration or compatible with Scala duration format
+ - datetime: a date time string like "2014-12-15T19:30:20.000Z" as defined by date-time in RFC3339.
+ type: string
+ id:
+ type: string
+ maxItems:
+ format: int64
+ type: integer
+ maxLength:
+ format: int64
+ type: integer
+ maxProperties:
+ format: int64
+ type: integer
+ maximum:
+ description: A Number represents a JSON number
+ literal.
+ type: string
+ minItems:
+ format: int64
+ type: integer
+ minLength:
+ format: int64
+ type: integer
+ minProperties:
+ format: int64
+ type: integer
+ minimum:
+ description: A Number represents a JSON number
+ literal.
+ type: string
+ multipleOf:
+ description: A Number represents a JSON number
+ literal.
+ type: string
+ nullable:
+ type: boolean
+ pattern:
+ type: string
+ title:
+ type: string
+ type:
+ type: string
+ uniqueItems:
+ type: boolean
+ x-descriptors:
+ description: XDescriptors is a list of extended
+ properties that trigger a custom behavior in
+ external systems
+ items:
+ type: string
+ type: array
+ type: object
+ type: object
+ required:
+ items:
+ type: string
+ type: array
+ title:
+ type: string
+ type:
+ type: string
+ type: object
+ type: object
+ description: |-
+ Types defines the data type of the data produced/consumed by the endpoint and references a given data type specification.
+ Deprecated: In favor of using DataTypes
+ type: object
+ uri:
+ description: URI can be used to specify the (Camel) endpoint explicitly
+ type: string
+ type: object
+ steps:
+ description: Steps contains an optional list of intermediate steps
+ that are executed between the Source and the Sink
+ items:
+ description: Endpoint represents a source/sink external entity (could
+ be any Kubernetes resource or Camel URI).
+ properties:
+ dataTypes:
+ additionalProperties:
+ description: DataTypeReference references to the specification
+ of a data type by its scheme and format name.
+ properties:
+ format:
+ description: the data type format name
+ type: string
+ scheme:
+ description: the data type component scheme
+ type: string
+ type: object
+ description: DataTypes defines the data type of the data produced/consumed
+ by the endpoint and references a given data type specification.
+ type: object
+ properties:
+ description: Properties are a key value representation of endpoint
+ properties
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ ref:
+ description: Ref can be used to declare a Kubernetes resource
+ as source/sink endpoint
+ properties:
+ apiVersion:
+ description: API version of the referent.
+ type: string
+ fieldPath:
+ description: |-
+ If referring to a piece of an object instead of an entire object, this string
+ should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
+ For example, if the object reference is to a container within a pod, this would take on a value like:
+ "spec.containers{name}" (where "name" refers to the name of the container that triggered
+ the event) or if no container name is specified "spec.containers[2]" (container with
+ index 2 in this pod). This syntax is chosen only to have some well-defined way of
+ referencing a part of an object.
+ TODO: this design is not final and this field is subject to change in the future.
+ type: string
+ kind:
+ description: |-
+ Kind of the referent.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ type: string
+ namespace:
+ description: |-
+ Namespace of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
+ type: string
+ resourceVersion:
+ description: |-
+ Specific resourceVersion to which this reference is made, if any.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+ type: string
+ uid:
+ description: |-
+ UID of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ types:
+ additionalProperties:
+ description: |-
+ EventTypeSpec represents a specification for an event type.
+ Deprecated: In favor of using DataTypeSpec.
+ properties:
+ mediaType:
+ description: media type as expected for HTTP media types
+ (ie, application/json)
+ type: string
+ schema:
+ description: the expected schema for the event
+ properties:
+ $schema:
+ description: JSONSchemaURL represents a schema url.
+ type: string
+ description:
+ type: string
+ example:
+ description: |-
+ JSON represents any valid JSON value.
+ These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil.
+ x-kubernetes-preserve-unknown-fields: true
+ externalDocs:
+ description: ExternalDocumentation allows referencing
+ an external resource for extended documentation.
+ properties:
+ description:
+ type: string
+ url:
+ type: string
+ type: object
+ id:
+ type: string
+ properties:
+ additionalProperties:
+ properties:
+ default:
+ description: default is a default value for
+ undefined object fields.
+ x-kubernetes-preserve-unknown-fields: true
+ deprecated:
+ type: boolean
+ description:
+ type: string
+ enum:
+ items:
+ description: |-
+ JSON represents any valid JSON value.
+ These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil.
+ x-kubernetes-preserve-unknown-fields: true
+ type: array
+ example:
+ description: |-
+ JSON represents any valid JSON value.
+ These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil.
+ x-kubernetes-preserve-unknown-fields: true
+ exclusiveMaximum:
+ type: boolean
+ exclusiveMinimum:
+ type: boolean
+ format:
+ description: |-
+ format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated:
+
+
+ - bsonobjectid: a bson object ID, i.e. a 24 characters hex string
+ - uri: an URI as parsed by Golang net/url.ParseRequestURI
+ - email: an email address as parsed by Golang net/mail.ParseAddress
+ - hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034].
+ - ipv4: an IPv4 IP as parsed by Golang net.ParseIP
+ - ipv6: an IPv6 IP as parsed by Golang net.ParseIP
+ - cidr: a CIDR as parsed by Golang net.ParseCIDR
+ - mac: a MAC address as parsed by Golang net.ParseMAC
+ - uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$
+ - uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$
+ - uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$
+ - uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$
+ - isbn: an ISBN10 or ISBN13 number string like "0321751043" or "978-0321751041"
+ - isbn10: an ISBN10 number string like "0321751043"
+ - isbn13: an ISBN13 number string like "978-0321751041"
+ - creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\d{3})\\d{11})$ with any non digit characters mixed in
+ - ssn: a U.S. social security number following the regex ^\\d{3}[- ]?\\d{2}[- ]?\\d{4}$
+ - hexcolor: an hexadecimal color code like "#FFFFFF" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$
+ - rgbcolor: an RGB color code like rgb like "rgb(255,255,255)"
+ - byte: base64 encoded binary data
+ - password: any kind of string
+ - date: a date string like "2006-01-02" as defined by full-date in RFC3339
+ - duration: a duration string like "22 ns" as parsed by Golang time.ParseDuration or compatible with Scala duration format
+ - datetime: a date time string like "2014-12-15T19:30:20.000Z" as defined by date-time in RFC3339.
+ type: string
+ id:
+ type: string
+ maxItems:
+ format: int64
+ type: integer
+ maxLength:
+ format: int64
+ type: integer
+ maxProperties:
+ format: int64
+ type: integer
+ maximum:
+ description: A Number represents a JSON number
+ literal.
+ type: string
+ minItems:
+ format: int64
+ type: integer
+ minLength:
+ format: int64
+ type: integer
+ minProperties:
+ format: int64
+ type: integer
+ minimum:
+ description: A Number represents a JSON number
+ literal.
+ type: string
+ multipleOf:
+ description: A Number represents a JSON number
+ literal.
+ type: string
+ nullable:
+ type: boolean
+ pattern:
+ type: string
+ title:
+ type: string
+ type:
+ type: string
+ uniqueItems:
+ type: boolean
+ x-descriptors:
+ description: XDescriptors is a list of extended
+ properties that trigger a custom behavior
+ in external systems
+ items:
+ type: string
+ type: array
+ type: object
+ type: object
+ required:
+ items:
+ type: string
+ type: array
+ title:
+ type: string
+ type:
+ type: string
+ type: object
+ type: object
+ description: |-
+ Types defines the data type of the data produced/consumed by the endpoint and references a given data type specification.
+ Deprecated: In favor of using DataTypes
+ type: object
+ uri:
+ description: URI can be used to specify the (Camel) endpoint
+ explicitly
+ type: string
+ type: object
+ type: array
+ type: object
+ status:
+ description: the status of a KameletBinding
+ properties:
+ conditions:
+ description: Conditions --
+ items:
+ description: KameletBindingCondition describes the state of a resource
+ at a certain point.
+ properties:
+ lastTransitionTime:
+ description: Last time the condition transitioned from one status
+ to another.
+ format: date-time
+ type: string
+ lastUpdateTime:
+ description: The last time this condition was updated.
+ format: date-time
+ type: string
+ message:
+ description: A human readable message indicating details about
+ the transition.
+ type: string
+ pods:
+ description: Pods collect health and conditions information
+ from the owned PODs
+ items:
+ properties:
+ condition:
+ description: PodCondition contains details for the current
+ condition of this pod.
+ properties:
+ lastProbeTime:
+ description: Last time we probed the condition.
+ format: date-time
+ type: string
+ lastTransitionTime:
+ description: Last time the condition transitioned
+ from one status to another.
+ format: date-time
+ type: string
+ message:
+ description: Human-readable message indicating details
+ about last transition.
+ type: string
+ reason:
+ description: Unique, one-word, CamelCase reason for
+ the condition's last transition.
+ type: string
+ status:
+ description: |-
+ Status is the status of the condition.
+ Can be True, False, Unknown.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions
+ type: string
+ type:
+ description: |-
+ Type is the type of the condition.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions
+ type: string
+ required:
+ - status
+ - type
+ type: object
+ health:
+ items:
+ properties:
+ data:
+ description: |-
+ RawMessage is a raw encoded JSON value.
+ It implements Marshaler and Unmarshaler and can
+ be used to delay JSON decoding or precompute a JSON encoding.
+ x-kubernetes-preserve-unknown-fields: true
+ name:
+ type: string
+ status:
+ type: string
+ type: object
+ type: array
+ name:
+ type: string
+ required:
+ - condition
+ type: object
+ type: array
+ reason:
+ description: The reason for the condition's last transition.
+ type: string
+ status:
+ description: Status of the condition, one of True, False, Unknown.
+ type: string
+ type:
+ description: Type of kameletBinding condition.
+ type: string
+ required:
+ - status
+ - type
+ type: object
+ type: array
+ observedGeneration:
+ description: ObservedGeneration is the most recent generation observed
+ for this KameletBinding.
+ format: int64
+ type: integer
+ phase:
+ description: Phase --
+ type: string
+ replicas:
+ description: Replicas is the number of actual replicas of the binding
+ format: int32
+ type: integer
+ selector:
+ description: Selector allows to identify pods belonging to the binding
+ type: string
+ type: object
+ type: object
+ served: true
+ storage: true
+ subresources:
+ scale:
+ labelSelectorPath: .status.selector
+ specReplicasPath: .spec.replicas
+ statusReplicasPath: .status.replicas
+ status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.15.0
+ labels:
+ app: camel-k
+ name: kamelets.camel.apache.org
+spec:
+ group: camel.apache.org
+ names:
+ categories:
+ - kamel
+ - camel
+ kind: Kamelet
+ listKind: KameletList
+ plural: kamelets
+ shortNames:
+ - kl
+ singular: kamelet
+ scope: Namespaced
+ versions:
+ - additionalPrinterColumns:
+ - description: The Kamelet phase
+ jsonPath: .status.phase
+ name: Type
+ type: string
+ name: v1
+ schema:
+ openAPIV3Schema:
+ description: Kamelet is the Schema for the kamelets API.
+ properties:
+ apiVersion:
+ description: |-
+ APIVersion defines the versioned schema of this representation of an object.
+ Servers should convert recognized schemas to the latest internal value, and
+ may reject unrecognized values.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ type: string
+ kind:
+ description: |-
+ Kind is a string value representing the REST resource this object represents.
+ Servers may infer this from the endpoint the client submits requests to.
+ Cannot be updated.
+ In CamelCase.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: the desired specification
+ properties:
+ dataTypes:
+ additionalProperties:
+ description: DataTypesSpec represents the specification for a set
+ of data types.
+ properties:
+ default:
+ description: the default data type for this Kamelet
+ type: string
+ headers:
+ additionalProperties:
+ description: HeaderSpec represents the specification for a
+ header used in the Kamelet.
+ properties:
+ default:
+ type: string
+ description:
+ type: string
+ required:
+ type: boolean
+ title:
+ type: string
+ type:
+ type: string
+ type: object
+ description: one to many header specifications
+ type: object
+ types:
+ additionalProperties:
+ description: DataTypeSpec represents the specification for
+ a data type.
+ properties:
+ dependencies:
+ description: the list of Camel or Maven dependencies required
+ by the data type
+ items:
+ type: string
+ type: array
+ description:
+ description: optional description
+ type: string
+ format:
+ description: the data type format name
+ type: string
+ headers:
+ additionalProperties:
+ description: HeaderSpec represents the specification
+ for a header used in the Kamelet.
+ properties:
+ default:
+ type: string
+ description:
+ type: string
+ required:
+ type: boolean
+ title:
+ type: string
+ type:
+ type: string
+ type: object
+ description: one to many header specifications
+ type: object
+ mediaType:
+ description: media type as expected for HTTP media types
+ (ie, application/json)
+ type: string
+ schema:
+ description: the expected schema for the data type
+ properties:
+ $schema:
+ description: JSONSchemaURL represents a schema url.
+ type: string
+ description:
+ type: string
+ example:
+ description: |-
+ JSON represents any valid JSON value.
+ These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil.
+ x-kubernetes-preserve-unknown-fields: true
+ externalDocs:
+ description: ExternalDocumentation allows referencing
+ an external resource for extended documentation.
+ properties:
+ description:
+ type: string
+ url:
+ type: string
+ type: object
+ id:
+ type: string
+ properties:
+ additionalProperties:
+ properties:
+ default:
+ description: default is a default value for
+ undefined object fields.
+ x-kubernetes-preserve-unknown-fields: true
+ deprecated:
+ type: boolean
+ description:
+ type: string
+ enum:
+ items:
+ description: |-
+ JSON represents any valid JSON value.
+ These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil.
+ x-kubernetes-preserve-unknown-fields: true
+ type: array
+ example:
+ description: |-
+ JSON represents any valid JSON value.
+ These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil.
+ x-kubernetes-preserve-unknown-fields: true
+ exclusiveMaximum:
+ type: boolean
+ exclusiveMinimum:
+ type: boolean
+ format:
+ description: |-
+ format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated:
+
+
+ - bsonobjectid: a bson object ID, i.e. a 24 characters hex string
+ - uri: an URI as parsed by Golang net/url.ParseRequestURI
+ - email: an email address as parsed by Golang net/mail.ParseAddress
+ - hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034].
+ - ipv4: an IPv4 IP as parsed by Golang net.ParseIP
+ - ipv6: an IPv6 IP as parsed by Golang net.ParseIP
+ - cidr: a CIDR as parsed by Golang net.ParseCIDR
+ - mac: a MAC address as parsed by Golang net.ParseMAC
+ - uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$
+ - uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$
+ - uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$
+ - uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$
+ - isbn: an ISBN10 or ISBN13 number string like "0321751043" or "978-0321751041"
+ - isbn10: an ISBN10 number string like "0321751043"
+ - isbn13: an ISBN13 number string like "978-0321751041"
+ - creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\d{3})\\d{11})$ with any non digit characters mixed in
+ - ssn: a U.S. social security number following the regex ^\\d{3}[- ]?\\d{2}[- ]?\\d{4}$
+ - hexcolor: an hexadecimal color code like "#FFFFFF" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$
+ - rgbcolor: an RGB color code like rgb like "rgb(255,255,255)"
+ - byte: base64 encoded binary data
+ - password: any kind of string
+ - date: a date string like "2006-01-02" as defined by full-date in RFC3339
+ - duration: a duration string like "22 ns" as parsed by Golang time.ParseDuration or compatible with Scala duration format
+ - datetime: a date time string like "2014-12-15T19:30:20.000Z" as defined by date-time in RFC3339.
+ type: string
+ id:
+ type: string
+ maxItems:
+ format: int64
+ type: integer
+ maxLength:
+ format: int64
+ type: integer
+ maxProperties:
+ format: int64
+ type: integer
+ maximum:
+ description: A Number represents a JSON number
+ literal.
+ type: string
+ minItems:
+ format: int64
+ type: integer
+ minLength:
+ format: int64
+ type: integer
+ minProperties:
+ format: int64
+ type: integer
+ minimum:
+ description: A Number represents a JSON number
+ literal.
+ type: string
+ multipleOf:
+ description: A Number represents a JSON number
+ literal.
+ type: string
+ nullable:
+ type: boolean
+ pattern:
+ type: string
+ title:
+ type: string
+ type:
+ type: string
+ uniqueItems:
+ type: boolean
+ x-descriptors:
+ description: XDescriptors is a list of extended
+ properties that trigger a custom behavior
+ in external systems
+ items:
+ type: string
+ type: array
+ type: object
+ type: object
+ required:
+ items:
+ type: string
+ type: array
+ title:
+ type: string
+ type:
+ type: string
+ type: object
+ scheme:
+ description: the data type component scheme
+ type: string
+ type: object
+ description: one to many data type specifications
+ type: object
+ type: object
+ description: data specification types for the events consumed/produced
+ by the Kamelet
+ type: object
+ definition:
+ description: defines the formal configuration of the Kamelet
+ properties:
+ $schema:
+ description: JSONSchemaURL represents a schema url.
+ type: string
+ description:
+ type: string
+ example:
+ description: |-
+ JSON represents any valid JSON value.
+ These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil.
+ x-kubernetes-preserve-unknown-fields: true
+ externalDocs:
+ description: ExternalDocumentation allows referencing an external
+ resource for extended documentation.
+ properties:
+ description:
+ type: string
+ url:
+ type: string
+ type: object
+ id:
+ type: string
+ properties:
+ additionalProperties:
+ properties:
+ default:
+ description: default is a default value for undefined object
+ fields.
+ x-kubernetes-preserve-unknown-fields: true
+ deprecated:
+ type: boolean
+ description:
+ type: string
+ enum:
+ items:
+ description: |-
+ JSON represents any valid JSON value.
+ These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil.
+ x-kubernetes-preserve-unknown-fields: true
+ type: array
+ example:
+ description: |-
+ JSON represents any valid JSON value.
+ These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil.
+ x-kubernetes-preserve-unknown-fields: true
+ exclusiveMaximum:
+ type: boolean
+ exclusiveMinimum:
+ type: boolean
+ format:
+ description: |-
+ format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated:
+
+
+ - bsonobjectid: a bson object ID, i.e. a 24 characters hex string
+ - uri: an URI as parsed by Golang net/url.ParseRequestURI
+ - email: an email address as parsed by Golang net/mail.ParseAddress
+ - hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034].
+ - ipv4: an IPv4 IP as parsed by Golang net.ParseIP
+ - ipv6: an IPv6 IP as parsed by Golang net.ParseIP
+ - cidr: a CIDR as parsed by Golang net.ParseCIDR
+ - mac: a MAC address as parsed by Golang net.ParseMAC
+ - uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$
+ - uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$
+ - uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$
+ - uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$
+ - isbn: an ISBN10 or ISBN13 number string like "0321751043" or "978-0321751041"
+ - isbn10: an ISBN10 number string like "0321751043"
+ - isbn13: an ISBN13 number string like "978-0321751041"
+ - creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\d{3})\\d{11})$ with any non digit characters mixed in
+ - ssn: a U.S. social security number following the regex ^\\d{3}[- ]?\\d{2}[- ]?\\d{4}$
+ - hexcolor: an hexadecimal color code like "#FFFFFF" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$
+ - rgbcolor: an RGB color code like rgb like "rgb(255,255,255)"
+ - byte: base64 encoded binary data
+ - password: any kind of string
+ - date: a date string like "2006-01-02" as defined by full-date in RFC3339
+ - duration: a duration string like "22 ns" as parsed by Golang time.ParseDuration or compatible with Scala duration format
+ - datetime: a date time string like "2014-12-15T19:30:20.000Z" as defined by date-time in RFC3339.
+ type: string
+ id:
+ type: string
+ maxItems:
+ format: int64
+ type: integer
+ maxLength:
+ format: int64
+ type: integer
+ maxProperties:
+ format: int64
+ type: integer
+ maximum:
+ description: A Number represents a JSON number literal.
+ type: string
+ minItems:
+ format: int64
+ type: integer
+ minLength:
+ format: int64
+ type: integer
+ minProperties:
+ format: int64
+ type: integer
+ minimum:
+ description: A Number represents a JSON number literal.
+ type: string
+ multipleOf:
+ description: A Number represents a JSON number literal.
+ type: string
+ nullable:
+ type: boolean
+ pattern:
+ type: string
+ title:
+ type: string
+ type:
+ type: string
+ uniqueItems:
+ type: boolean
+ x-descriptors:
+ description: XDescriptors is a list of extended properties
+ that trigger a custom behavior in external systems
+ items:
+ type: string
+ type: array
+ type: object
+ type: object
+ required:
+ items:
+ type: string
+ type: array
+ title:
+ type: string
+ type:
+ type: string
+ type: object
+ dependencies:
+ description: Camel dependencies needed by the Kamelet
+ items:
+ type: string
+ type: array
+ sources:
+ description: sources in any Camel DSL supported
+ items:
+ description: SourceSpec defines the configuration for one or more
+ routes to be executed in a certain Camel DSL language.
+ properties:
+ compression:
+ description: if the content is compressed (base64 encrypted)
+ type: boolean
+ content:
+ description: the source code (plain text)
+ type: string
+ contentKey:
+ description: the confimap key holding the source content
+ type: string
+ contentRef:
+ description: the confimap reference holding the source content
+ type: string
+ contentType:
+ description: the content type (tipically text or binary)
+ type: string
+ from-kamelet:
+ description: True if the spec is generated from a Kamelet
+ type: boolean
+ interceptors:
+ description: |-
+ Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader
+ uses to pre/post process sources
+ items:
+ type: string
+ type: array
+ language:
+ description: specify which is the language (Camel DSL) used
+ to interpret this source code
+ type: string
+ loader:
+ description: |-
+ Loader is an optional id of the org.apache.camel.k.RoutesLoader that will
+ interpret this source at runtime
+ type: string
+ name:
+ description: the name of the specification
+ type: string
+ path:
+ description: the path where the file is stored
+ type: string
+ property-names:
+ description: List of property names defined in the source (e.g.
+ if type is "template")
+ items:
+ type: string
+ type: array
+ rawContent:
+ description: the source code (binary)
+ format: byte
+ type: string
+ type:
+ description: Type defines the kind of source described by this
+ object
+ type: string
+ type: object
+ type: array
+ template:
+ description: the main source in YAML DSL
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ types:
+ additionalProperties:
+ description: |-
+ EventTypeSpec represents a specification for an event type.
+ Deprecated: In favor of using DataTypeSpec.
+ properties:
+ mediaType:
+ description: media type as expected for HTTP media types (ie,
+ application/json)
+ type: string
+ schema:
+ description: the expected schema for the event
+ properties:
+ $schema:
+ description: JSONSchemaURL represents a schema url.
+ type: string
+ description:
+ type: string
+ example:
+ description: |-
+ JSON represents any valid JSON value.
+ These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil.
+ x-kubernetes-preserve-unknown-fields: true
+ externalDocs:
+ description: ExternalDocumentation allows referencing an
+ external resource for extended documentation.
+ properties:
+ description:
+ type: string
+ url:
+ type: string
+ type: object
+ id:
+ type: string
+ properties:
+ additionalProperties:
+ properties:
+ default:
+ description: default is a default value for undefined
+ object fields.
+ x-kubernetes-preserve-unknown-fields: true
+ deprecated:
+ type: boolean
+ description:
+ type: string
+ enum:
+ items:
+ description: |-
+ JSON represents any valid JSON value.
+ These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil.
+ x-kubernetes-preserve-unknown-fields: true
+ type: array
+ example:
+ description: |-
+ JSON represents any valid JSON value.
+ These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil.
+ x-kubernetes-preserve-unknown-fields: true
+ exclusiveMaximum:
+ type: boolean
+ exclusiveMinimum:
+ type: boolean
+ format:
+ description: |-
+ format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated:
+
+
+ - bsonobjectid: a bson object ID, i.e. a 24 characters hex string
+ - uri: an URI as parsed by Golang net/url.ParseRequestURI
+ - email: an email address as parsed by Golang net/mail.ParseAddress
+ - hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034].
+ - ipv4: an IPv4 IP as parsed by Golang net.ParseIP
+ - ipv6: an IPv6 IP as parsed by Golang net.ParseIP
+ - cidr: a CIDR as parsed by Golang net.ParseCIDR
+ - mac: a MAC address as parsed by Golang net.ParseMAC
+ - uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$
+ - uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$
+ - uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$
+ - uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$
+ - isbn: an ISBN10 or ISBN13 number string like "0321751043" or "978-0321751041"
+ - isbn10: an ISBN10 number string like "0321751043"
+ - isbn13: an ISBN13 number string like "978-0321751041"
+ - creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\d{3})\\d{11})$ with any non digit characters mixed in
+ - ssn: a U.S. social security number following the regex ^\\d{3}[- ]?\\d{2}[- ]?\\d{4}$
+ - hexcolor: an hexadecimal color code like "#FFFFFF" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$
+ - rgbcolor: an RGB color code like rgb like "rgb(255,255,255)"
+ - byte: base64 encoded binary data
+ - password: any kind of string
+ - date: a date string like "2006-01-02" as defined by full-date in RFC3339
+ - duration: a duration string like "22 ns" as parsed by Golang time.ParseDuration or compatible with Scala duration format
+ - datetime: a date time string like "2014-12-15T19:30:20.000Z" as defined by date-time in RFC3339.
+ type: string
+ id:
+ type: string
+ maxItems:
+ format: int64
+ type: integer
+ maxLength:
+ format: int64
+ type: integer
+ maxProperties:
+ format: int64
+ type: integer
+ maximum:
+ description: A Number represents a JSON number literal.
+ type: string
+ minItems:
+ format: int64
+ type: integer
+ minLength:
+ format: int64
+ type: integer
+ minProperties:
+ format: int64
+ type: integer
+ minimum:
+ description: A Number represents a JSON number literal.
+ type: string
+ multipleOf:
+ description: A Number represents a JSON number literal.
+ type: string
+ nullable:
+ type: boolean
+ pattern:
+ type: string
+ title:
+ type: string
+ type:
+ type: string
+ uniqueItems:
+ type: boolean
+ x-descriptors:
+ description: XDescriptors is a list of extended properties
+ that trigger a custom behavior in external systems
+ items:
+ type: string
+ type: array
+ type: object
+ type: object
+ required:
+ items:
+ type: string
+ type: array
+ title:
+ type: string
+ type:
+ type: string
+ type: object
+ type: object
+ description: |-
+ data specification types for the events consumed/produced by the Kamelet
+ Deprecated: In favor of using DataTypes
+ type: object
+ type: object
+ status:
+ default:
+ phase: Ready
+ description: |-
+ the actual status of the resource
+ Deprecated no longer in use
+ properties:
+ conditions:
+ description: Conditions --
+ items:
+ description: KameletCondition describes the state of a resource
+ at a certain point.
+ properties:
+ lastTransitionTime:
+ description: Last time the condition transitioned from one status
+ to another.
+ format: date-time
+ type: string
+ lastUpdateTime:
+ description: The last time this condition was updated.
+ format: date-time
+ type: string
+ message:
+ description: A human-readable message indicating details about
+ the transition.
+ type: string
+ reason:
+ description: The reason for the condition's last transition.
+ type: string
+ status:
+ description: Status of the condition, one of True, False, Unknown.
+ type: string
+ type:
+ description: Type of kamelet condition.
+ type: string
+ required:
+ - status
+ - type
+ type: object
+ type: array
+ observedGeneration:
+ description: ObservedGeneration is the most recent generation observed
+ for this Kamelet.
+ format: int64
+ type: integer
+ phase:
+ description: Phase --
+ type: string
+ properties:
+ description: Properties --
+ items:
+ description: KameletProperty specify the behavior of a property
+ in a Kamelet.
+ properties:
+ default:
+ description: the default value of the property (if any)
+ type: string
+ name:
+ description: the name of the property
+ type: string
+ type: object
+ type: array
+ type: object
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+ - additionalPrinterColumns:
+ - description: The Kamelet phase
+ jsonPath: .status.phase
+ name: Phase
+ type: string
+ deprecated: true
+ deprecationWarning: v1apha1.Kamelet is deprecated, please, use v1.Kamelet instead
+ name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: Kamelet is the Schema for the kamelets API.
+ properties:
+ apiVersion:
+ description: |-
+ APIVersion defines the versioned schema of this representation of an object.
+ Servers should convert recognized schemas to the latest internal value, and
+ may reject unrecognized values.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ type: string
+ kind:
+ description: |-
+ Kind is a string value representing the REST resource this object represents.
+ Servers may infer this from the endpoint the client submits requests to.
+ Cannot be updated.
+ In CamelCase.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: the desired specification.
+ properties:
+ dataTypes:
+ additionalProperties:
+ description: DataTypesSpec represents the specification for a set
+ of data types.
+ properties:
+ default:
+ description: the default data type for this Kamelet
+ type: string
+ headers:
+ additionalProperties:
+ description: HeaderSpec represents the specification for a
+ header used in the Kamelet.
+ properties:
+ default:
+ type: string
+ description:
+ type: string
+ required:
+ type: boolean
+ title:
+ type: string
+ type:
+ type: string
+ type: object
+ description: one to many header specifications
+ type: object
+ types:
+ additionalProperties:
+ description: DataTypeSpec represents the specification for
+ a data type.
+ properties:
+ dependencies:
+ description: the list of Camel or Maven dependencies required
+ by the data type
+ items:
+ type: string
+ type: array
+ description:
+ description: optional description
+ type: string
+ format:
+ description: the data type format name
+ type: string
+ headers:
+ additionalProperties:
+ description: HeaderSpec represents the specification
+ for a header used in the Kamelet.
+ properties:
+ default:
+ type: string
+ description:
+ type: string
+ required:
+ type: boolean
+ title:
+ type: string
+ type:
+ type: string
+ type: object
+ description: one to many header specifications
+ type: object
+ mediaType:
+ description: media type as expected for HTTP media types
+ (ie, application/json)
+ type: string
+ schema:
+ description: the expected schema for the data type
+ properties:
+ $schema:
+ description: JSONSchemaURL represents a schema url.
+ type: string
+ description:
+ type: string
+ example:
+ description: |-
+ JSON represents any valid JSON value.
+ These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil.
+ x-kubernetes-preserve-unknown-fields: true
+ externalDocs:
+ description: ExternalDocumentation allows referencing
+ an external resource for extended documentation.
+ properties:
+ description:
+ type: string
+ url:
+ type: string
+ type: object
+ id:
+ type: string
+ properties:
+ additionalProperties:
+ properties:
+ default:
+ description: default is a default value for
+ undefined object fields.
+ x-kubernetes-preserve-unknown-fields: true
+ deprecated:
+ type: boolean
+ description:
+ type: string
+ enum:
+ items:
+ description: |-
+ JSON represents any valid JSON value.
+ These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil.
+ x-kubernetes-preserve-unknown-fields: true
+ type: array
+ example:
+ description: |-
+ JSON represents any valid JSON value.
+ These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil.
+ x-kubernetes-preserve-unknown-fields: true
+ exclusiveMaximum:
+ type: boolean
+ exclusiveMinimum:
+ type: boolean
+ format:
+ description: |-
+ format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated:
+
+
+ - bsonobjectid: a bson object ID, i.e. a 24 characters hex string
+ - uri: an URI as parsed by Golang net/url.ParseRequestURI
+ - email: an email address as parsed by Golang net/mail.ParseAddress
+ - hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034].
+ - ipv4: an IPv4 IP as parsed by Golang net.ParseIP
+ - ipv6: an IPv6 IP as parsed by Golang net.ParseIP
+ - cidr: a CIDR as parsed by Golang net.ParseCIDR
+ - mac: a MAC address as parsed by Golang net.ParseMAC
+ - uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$
+ - uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$
+ - uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$
+ - uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$
+ - isbn: an ISBN10 or ISBN13 number string like "0321751043" or "978-0321751041"
+ - isbn10: an ISBN10 number string like "0321751043"
+ - isbn13: an ISBN13 number string like "978-0321751041"
+ - creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\d{3})\\d{11})$ with any non digit characters mixed in
+ - ssn: a U.S. social security number following the regex ^\\d{3}[- ]?\\d{2}[- ]?\\d{4}$
+ - hexcolor: an hexadecimal color code like "#FFFFFF" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$
+ - rgbcolor: an RGB color code like rgb like "rgb(255,255,255)"
+ - byte: base64 encoded binary data
+ - password: any kind of string
+ - date: a date string like "2006-01-02" as defined by full-date in RFC3339
+ - duration: a duration string like "22 ns" as parsed by Golang time.ParseDuration or compatible with Scala duration format
+ - datetime: a date time string like "2014-12-15T19:30:20.000Z" as defined by date-time in RFC3339.
+ type: string
+ id:
+ type: string
+ maxItems:
+ format: int64
+ type: integer
+ maxLength:
+ format: int64
+ type: integer
+ maxProperties:
+ format: int64
+ type: integer
+ maximum:
+ description: A Number represents a JSON number
+ literal.
+ type: string
+ minItems:
+ format: int64
+ type: integer
+ minLength:
+ format: int64
+ type: integer
+ minProperties:
+ format: int64
+ type: integer
+ minimum:
+ description: A Number represents a JSON number
+ literal.
+ type: string
+ multipleOf:
+ description: A Number represents a JSON number
+ literal.
+ type: string
+ nullable:
+ type: boolean
+ pattern:
+ type: string
+ title:
+ type: string
+ type:
+ type: string
+ uniqueItems:
+ type: boolean
+ x-descriptors:
+ description: XDescriptors is a list of extended
+ properties that trigger a custom behavior
+ in external systems
+ items:
+ type: string
+ type: array
+ type: object
+ type: object
+ required:
+ items:
+ type: string
+ type: array
+ title:
+ type: string
+ type:
+ type: string
+ type: object
+ scheme:
+ description: the data type component scheme
+ type: string
+ type: object
+ description: one to many data type specifications
+ type: object
+ type: object
+ description: data specification types for the events consumed/produced
+ by the Kamelet
+ type: object
+ definition:
+ description: defines the formal configuration of the Kamelet
+ properties:
+ $schema:
+ description: JSONSchemaURL represents a schema url.
+ type: string
+ description:
+ type: string
+ example:
+ description: |-
+ JSON represents any valid JSON value.
+ These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil.
+ x-kubernetes-preserve-unknown-fields: true
+ externalDocs:
+ description: ExternalDocumentation allows referencing an external
+ resource for extended documentation.
+ properties:
+ description:
+ type: string
+ url:
+ type: string
+ type: object
+ id:
+ type: string
+ properties:
+ additionalProperties:
+ properties:
+ default:
+ description: default is a default value for undefined object
+ fields.
+ x-kubernetes-preserve-unknown-fields: true
+ deprecated:
+ type: boolean
+ description:
+ type: string
+ enum:
+ items:
+ description: |-
+ JSON represents any valid JSON value.
+ These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil.
+ x-kubernetes-preserve-unknown-fields: true
+ type: array
+ example:
+ description: |-
+ JSON represents any valid JSON value.
+ These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil.
+ x-kubernetes-preserve-unknown-fields: true
+ exclusiveMaximum:
+ type: boolean
+ exclusiveMinimum:
+ type: boolean
+ format:
+ description: |-
+ format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated:
+
+
+ - bsonobjectid: a bson object ID, i.e. a 24 characters hex string
+ - uri: an URI as parsed by Golang net/url.ParseRequestURI
+ - email: an email address as parsed by Golang net/mail.ParseAddress
+ - hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034].
+ - ipv4: an IPv4 IP as parsed by Golang net.ParseIP
+ - ipv6: an IPv6 IP as parsed by Golang net.ParseIP
+ - cidr: a CIDR as parsed by Golang net.ParseCIDR
+ - mac: a MAC address as parsed by Golang net.ParseMAC
+ - uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$
+ - uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$
+ - uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$
+ - uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$
+ - isbn: an ISBN10 or ISBN13 number string like "0321751043" or "978-0321751041"
+ - isbn10: an ISBN10 number string like "0321751043"
+ - isbn13: an ISBN13 number string like "978-0321751041"
+ - creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\d{3})\\d{11})$ with any non digit characters mixed in
+ - ssn: a U.S. social security number following the regex ^\\d{3}[- ]?\\d{2}[- ]?\\d{4}$
+ - hexcolor: an hexadecimal color code like "#FFFFFF" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$
+ - rgbcolor: an RGB color code like rgb like "rgb(255,255,255)"
+ - byte: base64 encoded binary data
+ - password: any kind of string
+ - date: a date string like "2006-01-02" as defined by full-date in RFC3339
+ - duration: a duration string like "22 ns" as parsed by Golang time.ParseDuration or compatible with Scala duration format
+ - datetime: a date time string like "2014-12-15T19:30:20.000Z" as defined by date-time in RFC3339.
+ type: string
+ id:
+ type: string
+ maxItems:
+ format: int64
+ type: integer
+ maxLength:
+ format: int64
+ type: integer
+ maxProperties:
+ format: int64
+ type: integer
+ maximum:
+ description: A Number represents a JSON number literal.
+ type: string
+ minItems:
+ format: int64
+ type: integer
+ minLength:
+ format: int64
+ type: integer
+ minProperties:
+ format: int64
+ type: integer
+ minimum:
+ description: A Number represents a JSON number literal.
+ type: string
+ multipleOf:
+ description: A Number represents a JSON number literal.
+ type: string
+ nullable:
+ type: boolean
+ pattern:
+ type: string
+ title:
+ type: string
+ type:
+ type: string
+ uniqueItems:
+ type: boolean
+ x-descriptors:
+ description: XDescriptors is a list of extended properties
+ that trigger a custom behavior in external systems
+ items:
+ type: string
+ type: array
+ type: object
+ type: object
+ required:
+ items:
+ type: string
+ type: array
+ title:
+ type: string
+ type:
+ type: string
+ type: object
+ dependencies:
+ description: Camel dependencies needed by the Kamelet
+ items:
+ type: string
+ type: array
+ sources:
+ description: sources in any Camel DSL supported
+ items:
+ description: SourceSpec defines the configuration for one or more
+ routes to be executed in a certain Camel DSL language.
+ properties:
+ compression:
+ description: if the content is compressed (base64 encrypted)
+ type: boolean
+ content:
+ description: the source code (plain text)
+ type: string
+ contentKey:
+ description: the confimap key holding the source content
+ type: string
+ contentRef:
+ description: the confimap reference holding the source content
+ type: string
+ contentType:
+ description: the content type (tipically text or binary)
+ type: string
+ from-kamelet:
+ description: True if the spec is generated from a Kamelet
+ type: boolean
+ interceptors:
+ description: |-
+ Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader
+ uses to pre/post process sources
+ items:
+ type: string
+ type: array
+ language:
+ description: specify which is the language (Camel DSL) used
+ to interpret this source code
+ type: string
+ loader:
+ description: |-
+ Loader is an optional id of the org.apache.camel.k.RoutesLoader that will
+ interpret this source at runtime
+ type: string
+ name:
+ description: the name of the specification
+ type: string
+ path:
+ description: the path where the file is stored
+ type: string
+ property-names:
+ description: List of property names defined in the source (e.g.
+ if type is "template")
+ items:
+ type: string
+ type: array
+ rawContent:
+ description: the source code (binary)
+ format: byte
+ type: string
+ type:
+ description: Type defines the kind of source described by this
+ object
+ type: string
+ type: object
+ type: array
+ template:
+ description: the main source in YAML DSL
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ types:
+ additionalProperties:
+ description: |-
+ EventTypeSpec represents a specification for an event type.
+ Deprecated: In favor of using DataTypeSpec.
+ properties:
+ mediaType:
+ description: media type as expected for HTTP media types (ie,
+ application/json)
+ type: string
+ schema:
+ description: the expected schema for the event
+ properties:
+ $schema:
+ description: JSONSchemaURL represents a schema url.
+ type: string
+ description:
+ type: string
+ example:
+ description: |-
+ JSON represents any valid JSON value.
+ These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil.
+ x-kubernetes-preserve-unknown-fields: true
+ externalDocs:
+ description: ExternalDocumentation allows referencing an
+ external resource for extended documentation.
+ properties:
+ description:
+ type: string
+ url:
+ type: string
+ type: object
+ id:
+ type: string
+ properties:
+ additionalProperties:
+ properties:
+ default:
+ description: default is a default value for undefined
+ object fields.
+ x-kubernetes-preserve-unknown-fields: true
+ deprecated:
+ type: boolean
+ description:
+ type: string
+ enum:
+ items:
+ description: |-
+ JSON represents any valid JSON value.
+ These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil.
+ x-kubernetes-preserve-unknown-fields: true
+ type: array
+ example:
+ description: |-
+ JSON represents any valid JSON value.
+ These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil.
+ x-kubernetes-preserve-unknown-fields: true
+ exclusiveMaximum:
+ type: boolean
+ exclusiveMinimum:
+ type: boolean
+ format:
+ description: |-
+ format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated:
+
+
+ - bsonobjectid: a bson object ID, i.e. a 24 characters hex string
+ - uri: an URI as parsed by Golang net/url.ParseRequestURI
+ - email: an email address as parsed by Golang net/mail.ParseAddress
+ - hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034].
+ - ipv4: an IPv4 IP as parsed by Golang net.ParseIP
+ - ipv6: an IPv6 IP as parsed by Golang net.ParseIP
+ - cidr: a CIDR as parsed by Golang net.ParseCIDR
+ - mac: a MAC address as parsed by Golang net.ParseMAC
+ - uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$
+ - uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$
+ - uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$
+ - uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$
+ - isbn: an ISBN10 or ISBN13 number string like "0321751043" or "978-0321751041"
+ - isbn10: an ISBN10 number string like "0321751043"
+ - isbn13: an ISBN13 number string like "978-0321751041"
+ - creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\d{3})\\d{11})$ with any non digit characters mixed in
+ - ssn: a U.S. social security number following the regex ^\\d{3}[- ]?\\d{2}[- ]?\\d{4}$
+ - hexcolor: an hexadecimal color code like "#FFFFFF" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$
+ - rgbcolor: an RGB color code like rgb like "rgb(255,255,255)"
+ - byte: base64 encoded binary data
+ - password: any kind of string
+ - date: a date string like "2006-01-02" as defined by full-date in RFC3339
+ - duration: a duration string like "22 ns" as parsed by Golang time.ParseDuration or compatible with Scala duration format
+ - datetime: a date time string like "2014-12-15T19:30:20.000Z" as defined by date-time in RFC3339.
+ type: string
+ id:
+ type: string
+ maxItems:
+ format: int64
+ type: integer
+ maxLength:
+ format: int64
+ type: integer
+ maxProperties:
+ format: int64
+ type: integer
+ maximum:
+ description: A Number represents a JSON number literal.
+ type: string
+ minItems:
+ format: int64
+ type: integer
+ minLength:
+ format: int64
+ type: integer
+ minProperties:
+ format: int64
+ type: integer
+ minimum:
+ description: A Number represents a JSON number literal.
+ type: string
+ multipleOf:
+ description: A Number represents a JSON number literal.
+ type: string
+ nullable:
+ type: boolean
+ pattern:
+ type: string
+ title:
+ type: string
+ type:
+ type: string
+ uniqueItems:
+ type: boolean
+ x-descriptors:
+ description: XDescriptors is a list of extended properties
+ that trigger a custom behavior in external systems
+ items:
+ type: string
+ type: array
+ type: object
+ type: object
+ required:
+ items:
+ type: string
+ type: array
+ title:
+ type: string
+ type:
+ type: string
+ type: object
+ type: object
+ description: |-
+ data specification types for the events consumed/produced by the Kamelet
+ Deprecated: In favor of using DataTypes
+ type: object
+ type: object
+ status:
+ description: the actual status of the resource.
+ properties:
+ conditions:
+ description: Conditions --
+ items:
+ description: KameletCondition describes the state of a resource
+ at a certain point.
+ properties:
+ lastTransitionTime:
+ description: Last time the condition transitioned from one status
+ to another.
+ format: date-time
+ type: string
+ lastUpdateTime:
+ description: The last time this condition was updated.
+ format: date-time
+ type: string
+ message:
+ description: A human-readable message indicating details about
+ the transition.
+ type: string
+ reason:
+ description: The reason for the condition's last transition.
+ type: string
+ status:
+ description: Status of the condition, one of True, False, Unknown.
+ type: string
+ type:
+ description: Type of kamelet condition.
+ type: string
+ required:
+ - status
+ - type
+ type: object
+ type: array
+ observedGeneration:
+ description: ObservedGeneration is the most recent generation observed
+ for this Kamelet.
+ format: int64
+ type: integer
+ phase:
+ description: Phase --
+ type: string
+ properties:
+ description: Properties --
+ items:
+ description: KameletProperty specify the behavior of a property
+ in a Kamelet.
+ properties:
+ default:
+ description: the default value of the property (if any)
+ type: string
+ name:
+ description: the name of the property
+ type: string
+ type: object
+ type: array
+ type: object
+ type: object
+ served: true
+ storage: false
+ subresources:
+ status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.15.0
+ labels:
+ app: camel-k
+ name: pipes.camel.apache.org
+spec:
+ group: camel.apache.org
+ names:
+ categories:
+ - kamel
+ - camel
+ kind: Pipe
+ listKind: PipeList
+ plural: pipes
+ shortNames:
+ - pp
+ singular: pipe
+ scope: Namespaced
+ versions:
+ - additionalPrinterColumns:
+ - description: The Pipe phase
+ jsonPath: .status.phase
+ name: Phase
+ type: string
+ - description: The number of pods
+ jsonPath: .status.replicas
+ name: Replicas
+ type: integer
+ name: v1
+ schema:
+ openAPIV3Schema:
+ description: Pipe is the Schema for the Pipe API.
+ properties:
+ apiVersion:
+ description: |-
+ APIVersion defines the versioned schema of this representation of an object.
+ Servers should convert recognized schemas to the latest internal value, and
+ may reject unrecognized values.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ type: string
+ kind:
+ description: |-
+ Kind is a string value representing the REST resource this object represents.
+ Servers may infer this from the endpoint the client submits requests to.
+ Cannot be updated.
+ In CamelCase.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: the specification of a Pipe
+ properties:
+ errorHandler:
+ description: ErrorHandler is an optional handler called upon an error
+ occurring in the integration
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ integration:
+ description: |-
+ Integration is an optional integration used to specify custom parameters
+ Deprecated don't use this. Use trait annotations if you need to change any cluster configuration.
+ properties:
+ configuration:
+ description: |-
+ Deprecated:
+ Use camel trait (camel.properties) to manage properties
+ Use mount trait (mount.configs) to manage configs
+ Use mount trait (mount.resources) to manage resources
+ Use mount trait (mount.volumes) to manage volumes
+ items:
+ description: ConfigurationSpec represents a generic configuration
+ specification.
+ properties:
+ type:
+ description: 'represents the type of configuration, ie:
+ property, configmap, secret, ...'
+ type: string
+ value:
+ description: the value to assign to the configuration (syntax
+ may vary depending on the `Type`)
+ type: string
+ required:
+ - type
+ - value
+ type: object
+ type: array
+ dependencies:
+ description: the list of Camel or Maven dependencies required
+ by the Integration
+ items:
+ type: string
+ type: array
+ flows:
+ description: a source in YAML DSL language which contain the routes
+ to run
+ items:
+ description: Flow is an unstructured object representing a Camel
+ Flow in YAML/JSON DSL.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ type: array
+ integrationKit:
+ description: the reference of the `IntegrationKit` which is used
+ for this Integration
+ properties:
+ apiVersion:
+ description: API version of the referent.
+ type: string
+ fieldPath:
+ description: |-
+ If referring to a piece of an object instead of an entire object, this string
+ should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
+ For example, if the object reference is to a container within a pod, this would take on a value like:
+ "spec.containers{name}" (where "name" refers to the name of the container that triggered
+ the event) or if no container name is specified "spec.containers[2]" (container with
+ index 2 in this pod). This syntax is chosen only to have some well-defined way of
+ referencing a part of an object.
+ TODO: this design is not final and this field is subject to change in the future.
+ type: string
+ kind:
+ description: |-
+ Kind of the referent.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ type: string
+ namespace:
+ description: |-
+ Namespace of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
+ type: string
+ resourceVersion:
+ description: |-
+ Specific resourceVersion to which this reference is made, if any.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+ type: string
+ uid:
+ description: |-
+ UID of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ profile:
+ description: the profile needed to run this Integration
+ type: string
+ replicas:
+ description: the number of `Pods` needed for the running Integration
+ format: int32
+ type: integer
+ repositories:
+ description: additional Maven repositories to be used
+ items:
+ type: string
+ type: array
+ serviceAccountName:
+ description: custom SA to use for the Integration
+ type: string
+ sources:
+ description: the sources which contain the Camel routes to run
+ items:
+ description: SourceSpec defines the configuration for one or
+ more routes to be executed in a certain Camel DSL language.
+ properties:
+ compression:
+ description: if the content is compressed (base64 encrypted)
+ type: boolean
+ content:
+ description: the source code (plain text)
+ type: string
+ contentKey:
+ description: the confimap key holding the source content
+ type: string
+ contentRef:
+ description: the confimap reference holding the source content
+ type: string
+ contentType:
+ description: the content type (tipically text or binary)
+ type: string
+ from-kamelet:
+ description: True if the spec is generated from a Kamelet
+ type: boolean
+ interceptors:
+ description: |-
+ Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader
+ uses to pre/post process sources
+ items:
+ type: string
+ type: array
+ language:
+ description: specify which is the language (Camel DSL) used
+ to interpret this source code
+ type: string
+ loader:
+ description: |-
+ Loader is an optional id of the org.apache.camel.k.RoutesLoader that will
+ interpret this source at runtime
+ type: string
+ name:
+ description: the name of the specification
+ type: string
+ path:
+ description: the path where the file is stored
+ type: string
+ property-names:
+ description: List of property names defined in the source
+ (e.g. if type is "template")
+ items:
+ type: string
+ type: array
+ rawContent:
+ description: the source code (binary)
+ format: byte
+ type: string
+ type:
+ description: Type defines the kind of source described by
+ this object
+ type: string
+ type: object
+ type: array
+ template:
+ description: Pod template customization
+ properties:
+ spec:
+ description: the specification
+ properties:
+ activeDeadlineSeconds:
+ description: ActiveDeadlineSeconds
+ format: int64
+ type: integer
+ automountServiceAccountToken:
+ description: AutomountServiceAccountToken
+ type: boolean
+ containers:
+ description: Containers
+ items:
+ description: A single application container that you
+ want to run within a pod.
+ properties:
+ args:
+ description: |-
+ Arguments to the entrypoint.
+ The container image's CMD is used if this is not provided.
+ Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
+ cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced
+ to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
+ produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless
+ of whether the variable exists or not. Cannot be updated.
+ More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
+ items:
+ type: string
+ type: array
+ command:
+ description: |-
+ Entrypoint array. Not executed within a shell.
+ The container image's ENTRYPOINT is used if this is not provided.
+ Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
+ cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced
+ to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
+ produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless
+ of whether the variable exists or not. Cannot be updated.
+ More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
+ items:
+ type: string
+ type: array
+ env:
+ description: |-
+ List of environment variables to set in the container.
+ Cannot be updated.
+ items:
+ description: EnvVar represents an environment
+ variable present in a Container.
+ properties:
+ name:
+ description: Name of the environment variable.
+ Must be a C_IDENTIFIER.
+ type: string
+ value:
+ description: |-
+ Variable references $(VAR_NAME) are expanded
+ using the previously defined environment variables in the container and
+ any service environment variables. If a variable cannot be resolved,
+ the reference in the input string will be unchanged. Double $$ are reduced
+ to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.
+ "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)".
+ Escaped references will never be expanded, regardless of whether the variable
+ exists or not.
+ Defaults to "".
+ type: string
+ valueFrom:
+ description: Source for the environment variable's
+ value. Cannot be used if value is not empty.
+ properties:
+ configMapKeyRef:
+ description: Selects a key of a ConfigMap.
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the ConfigMap
+ or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ fieldRef:
+ description: |-
+ Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,
+ spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.
+ properties:
+ apiVersion:
+ description: Version of the schema
+ the FieldPath is written in terms
+ of, defaults to "v1".
+ type: string
+ fieldPath:
+ description: Path of the field to
+ select in the specified API version.
+ type: string
+ required:
+ - fieldPath
+ type: object
+ x-kubernetes-map-type: atomic
+ resourceFieldRef:
+ description: |-
+ Selects a resource of the container: only resources limits and requests
+ (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.
+ properties:
+ containerName:
+ description: 'Container name: required
+ for volumes, optional for env vars'
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Specifies the output
+ format of the exposed resources,
+ defaults to "1"
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ description: 'Required: resource to
+ select'
+ type: string
+ required:
+ - resource
+ type: object
+ x-kubernetes-map-type: atomic
+ secretKeyRef:
+ description: Selects a key of a secret
+ in the pod's namespace
+ properties:
+ key:
+ description: The key of the secret
+ to select from. Must be a valid
+ secret key.
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the Secret
+ or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ required:
+ - name
+ type: object
+ type: array
+ envFrom:
+ description: |-
+ List of sources to populate environment variables in the container.
+ The keys defined within a source must be a C_IDENTIFIER. All invalid keys
+ will be reported as an event when the container is starting. When a key exists in multiple
+ sources, the value associated with the last source will take precedence.
+ Values defined by an Env with a duplicate key will take precedence.
+ Cannot be updated.
+ items:
+ description: EnvFromSource represents the source
+ of a set of ConfigMaps
+ properties:
+ configMapRef:
+ description: The ConfigMap to select from
+ properties:
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the ConfigMap
+ must be defined
+ type: boolean
+ type: object
+ x-kubernetes-map-type: atomic
+ prefix:
+ description: An optional identifier to prepend
+ to each key in the ConfigMap. Must be a
+ C_IDENTIFIER.
+ type: string
+ secretRef:
+ description: The Secret to select from
+ properties:
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the Secret
+ must be defined
+ type: boolean
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ type: array
+ image:
+ description: |-
+ Container image name.
+ More info: https://kubernetes.io/docs/concepts/containers/images
+ This field is optional to allow higher level config management to default or override
+ container images in workload controllers like Deployments and StatefulSets.
+ type: string
+ imagePullPolicy:
+ description: |-
+ Image pull policy.
+ One of Always, Never, IfNotPresent.
+ Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
+ Cannot be updated.
+ More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
+ type: string
+ lifecycle:
+ description: |-
+ Actions that the management system should take in response to container lifecycle events.
+ Cannot be updated.
+ properties:
+ postStart:
+ description: |-
+ PostStart is called immediately after a container is created. If the handler fails,
+ the container is terminated and restarted according to its restart policy.
+ Other management of the container blocks until the hook completes.
+ More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
+ properties:
+ exec:
+ description: Exec specifies the action to
+ take.
+ properties:
+ command:
+ description: |-
+ Command is the command line to execute inside the container, the working directory for the
+ command is root ('/') in the container's filesystem. The command is simply exec'd, it is
+ not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
+ a shell, you need to explicitly call out to that shell.
+ Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ description: HTTPGet specifies the http
+ request to perform.
+ properties:
+ host:
+ description: |-
+ Host name to connect to, defaults to the pod IP. You probably want to set
+ "Host" in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in
+ the request. HTTP allows repeated
+ headers.
+ items:
+ description: HTTPHeader describes
+ a custom header to be used in HTTP
+ probes
+ properties:
+ name:
+ description: |-
+ The header field name.
+ This will be canonicalized upon output, so case-variant names will be understood as the same header.
+ type: string
+ value:
+ description: The header field
+ value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP
+ server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Name or number of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: |-
+ Scheme to use for connecting to the host.
+ Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ sleep:
+ description: Sleep represents the duration
+ that the container should sleep before
+ being terminated.
+ properties:
+ seconds:
+ description: Seconds is the number of
+ seconds to sleep.
+ format: int64
+ type: integer
+ required:
+ - seconds
+ type: object
+ tcpSocket:
+ description: |-
+ Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept
+ for the backward compatibility. There are no validation of this field and
+ lifecycle hooks will fail in runtime when tcp handler is specified.
+ properties:
+ host:
+ description: 'Optional: Host name to
+ connect to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Number or name of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ preStop:
+ description: |-
+ PreStop is called immediately before a container is terminated due to an
+ API request or management event such as liveness/startup probe failure,
+ preemption, resource contention, etc. The handler is not called if the
+ container crashes or exits. The Pod's termination grace period countdown begins before the
+ PreStop hook is executed. Regardless of the outcome of the handler, the
+ container will eventually terminate within the Pod's termination grace
+ period (unless delayed by finalizers). Other management of the container blocks until the hook completes
+ or until the termination grace period is reached.
+ More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
+ properties:
+ exec:
+ description: Exec specifies the action to
+ take.
+ properties:
+ command:
+ description: |-
+ Command is the command line to execute inside the container, the working directory for the
+ command is root ('/') in the container's filesystem. The command is simply exec'd, it is
+ not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
+ a shell, you need to explicitly call out to that shell.
+ Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ description: HTTPGet specifies the http
+ request to perform.
+ properties:
+ host:
+ description: |-
+ Host name to connect to, defaults to the pod IP. You probably want to set
+ "Host" in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in
+ the request. HTTP allows repeated
+ headers.
+ items:
+ description: HTTPHeader describes
+ a custom header to be used in HTTP
+ probes
+ properties:
+ name:
+ description: |-
+ The header field name.
+ This will be canonicalized upon output, so case-variant names will be understood as the same header.
+ type: string
+ value:
+ description: The header field
+ value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP
+ server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Name or number of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: |-
+ Scheme to use for connecting to the host.
+ Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ sleep:
+ description: Sleep represents the duration
+ that the container should sleep before
+ being terminated.
+ properties:
+ seconds:
+ description: Seconds is the number of
+ seconds to sleep.
+ format: int64
+ type: integer
+ required:
+ - seconds
+ type: object
+ tcpSocket:
+ description: |-
+ Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept
+ for the backward compatibility. There are no validation of this field and
+ lifecycle hooks will fail in runtime when tcp handler is specified.
+ properties:
+ host:
+ description: 'Optional: Host name to
+ connect to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Number or name of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ type: object
+ livenessProbe:
+ description: |-
+ Periodic probe of container liveness.
+ Container will be restarted if the probe fails.
+ Cannot be updated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ properties:
+ exec:
+ description: Exec specifies the action to take.
+ properties:
+ command:
+ description: |-
+ Command is the command line to execute inside the container, the working directory for the
+ command is root ('/') in the container's filesystem. The command is simply exec'd, it is
+ not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
+ a shell, you need to explicitly call out to that shell.
+ Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ description: |-
+ Minimum consecutive failures for the probe to be considered failed after having succeeded.
+ Defaults to 3. Minimum value is 1.
+ format: int32
+ type: integer
+ grpc:
+ description: GRPC specifies an action involving
+ a GRPC port.
+ properties:
+ port:
+ description: Port number of the gRPC service.
+ Number must be in the range 1 to 65535.
+ format: int32
+ type: integer
+ service:
+ description: |-
+ Service is the name of the service to place in the gRPC HealthCheckRequest
+ (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
+
+
+ If this is not specified, the default behavior is defined by gRPC.
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ description: HTTPGet specifies the http request
+ to perform.
+ properties:
+ host:
+ description: |-
+ Host name to connect to, defaults to the pod IP. You probably want to set
+ "Host" in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the
+ request. HTTP allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom
+ header to be used in HTTP probes
+ properties:
+ name:
+ description: |-
+ The header field name.
+ This will be canonicalized upon output, so case-variant names will be understood as the same header.
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP
+ server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Name or number of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: |-
+ Scheme to use for connecting to the host.
+ Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ description: |-
+ Number of seconds after the container has started before liveness probes are initiated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ format: int32
+ type: integer
+ periodSeconds:
+ description: |-
+ How often (in seconds) to perform the probe.
+ Default to 10 seconds. Minimum value is 1.
+ format: int32
+ type: integer
+ successThreshold:
+ description: |-
+ Minimum consecutive successes for the probe to be considered successful after having failed.
+ Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
+ format: int32
+ type: integer
+ tcpSocket:
+ description: TCPSocket specifies an action involving
+ a TCP port.
+ properties:
+ host:
+ description: 'Optional: Host name to connect
+ to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Number or name of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ description: |-
+ Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
+ The grace period is the duration in seconds after the processes running in the pod are sent
+ a termination signal and the time when the processes are forcibly halted with a kill signal.
+ Set this value longer than the expected cleanup time for your process.
+ If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
+ value overrides the value provided by the pod spec.
+ Value must be non-negative integer. The value zero indicates stop immediately via
+ the kill signal (no opportunity to shut down).
+ This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
+ Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
+ format: int64
+ type: integer
+ timeoutSeconds:
+ description: |-
+ Number of seconds after which the probe times out.
+ Defaults to 1 second. Minimum value is 1.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ format: int32
+ type: integer
+ type: object
+ name:
+ description: |-
+ Name of the container specified as a DNS_LABEL.
+ Each container in a pod must have a unique name (DNS_LABEL).
+ Cannot be updated.
+ type: string
+ ports:
+ description: |-
+ List of ports to expose from the container. Not specifying a port here
+ DOES NOT prevent that port from being exposed. Any port which is
+ listening on the default "0.0.0.0" address inside a container will be
+ accessible from the network.
+ Modifying this array with strategic merge patch may corrupt the data.
+ For more information See https://github.com/kubernetes/kubernetes/issues/108255.
+ Cannot be updated.
+ items:
+ description: ContainerPort represents a network
+ port in a single container.
+ properties:
+ containerPort:
+ description: |-
+ Number of port to expose on the pod's IP address.
+ This must be a valid port number, 0 < x < 65536.
+ format: int32
+ type: integer
+ hostIP:
+ description: What host IP to bind the external
+ port to.
+ type: string
+ hostPort:
+ description: |-
+ Number of port to expose on the host.
+ If specified, this must be a valid port number, 0 < x < 65536.
+ If HostNetwork is specified, this must match ContainerPort.
+ Most containers do not need this.
+ format: int32
+ type: integer
+ name:
+ description: |-
+ If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
+ named port in a pod must have a unique name. Name for the port that can be
+ referred to by services.
+ type: string
+ protocol:
+ default: TCP
+ description: |-
+ Protocol for port. Must be UDP, TCP, or SCTP.
+ Defaults to "TCP".
+ type: string
+ required:
+ - containerPort
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - containerPort
+ - protocol
+ x-kubernetes-list-type: map
+ readinessProbe:
+ description: |-
+ Periodic probe of container service readiness.
+ Container will be removed from service endpoints if the probe fails.
+ Cannot be updated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ properties:
+ exec:
+ description: Exec specifies the action to take.
+ properties:
+ command:
+ description: |-
+ Command is the command line to execute inside the container, the working directory for the
+ command is root ('/') in the container's filesystem. The command is simply exec'd, it is
+ not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
+ a shell, you need to explicitly call out to that shell.
+ Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ description: |-
+ Minimum consecutive failures for the probe to be considered failed after having succeeded.
+ Defaults to 3. Minimum value is 1.
+ format: int32
+ type: integer
+ grpc:
+ description: GRPC specifies an action involving
+ a GRPC port.
+ properties:
+ port:
+ description: Port number of the gRPC service.
+ Number must be in the range 1 to 65535.
+ format: int32
+ type: integer
+ service:
+ description: |-
+ Service is the name of the service to place in the gRPC HealthCheckRequest
+ (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
+
+
+ If this is not specified, the default behavior is defined by gRPC.
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ description: HTTPGet specifies the http request
+ to perform.
+ properties:
+ host:
+ description: |-
+ Host name to connect to, defaults to the pod IP. You probably want to set
+ "Host" in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the
+ request. HTTP allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom
+ header to be used in HTTP probes
+ properties:
+ name:
+ description: |-
+ The header field name.
+ This will be canonicalized upon output, so case-variant names will be understood as the same header.
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP
+ server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Name or number of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: |-
+ Scheme to use for connecting to the host.
+ Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ description: |-
+ Number of seconds after the container has started before liveness probes are initiated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ format: int32
+ type: integer
+ periodSeconds:
+ description: |-
+ How often (in seconds) to perform the probe.
+ Default to 10 seconds. Minimum value is 1.
+ format: int32
+ type: integer
+ successThreshold:
+ description: |-
+ Minimum consecutive successes for the probe to be considered successful after having failed.
+ Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
+ format: int32
+ type: integer
+ tcpSocket:
+ description: TCPSocket specifies an action involving
+ a TCP port.
+ properties:
+ host:
+ description: 'Optional: Host name to connect
+ to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Number or name of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ description: |-
+ Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
+ The grace period is the duration in seconds after the processes running in the pod are sent
+ a termination signal and the time when the processes are forcibly halted with a kill signal.
+ Set this value longer than the expected cleanup time for your process.
+ If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
+ value overrides the value provided by the pod spec.
+ Value must be non-negative integer. The value zero indicates stop immediately via
+ the kill signal (no opportunity to shut down).
+ This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
+ Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
+ format: int64
+ type: integer
+ timeoutSeconds:
+ description: |-
+ Number of seconds after which the probe times out.
+ Defaults to 1 second. Minimum value is 1.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ format: int32
+ type: integer
+ type: object
+ resizePolicy:
+ description: Resources resize policy for the container.
+ items:
+ description: ContainerResizePolicy represents
+ resource resize policy for the container.
+ properties:
+ resourceName:
+ description: |-
+ Name of the resource to which this resource resize policy applies.
+ Supported values: cpu, memory.
+ type: string
+ restartPolicy:
+ description: |-
+ Restart policy to apply when specified resource is resized.
+ If not specified, it defaults to NotRequired.
+ type: string
+ required:
+ - resourceName
+ - restartPolicy
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ resources:
+ description: |-
+ Compute Resources required by this container.
+ Cannot be updated.
+ More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
+ properties:
+ claims:
+ description: |-
+ Claims lists the names of resources, defined in spec.resourceClaims,
+ that are used by this container.
+
+
+ This is an alpha field and requires enabling the
+ DynamicResourceAllocation feature gate.
+
+
+ This field is immutable. It can only be set for containers.
+ items:
+ description: ResourceClaim references one
+ entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: |-
+ Name must match the name of one entry in pod.spec.resourceClaims of
+ the Pod where this field is used. It makes that resource available
+ inside a container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
+ limits:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ description: |-
+ Limits describes the maximum amount of compute resources allowed.
+ More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
+ type: object
+ requests:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ description: |-
+ Requests describes the minimum amount of compute resources required.
+ If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
+ otherwise to an implementation-defined value. Requests cannot exceed Limits.
+ More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
+ type: object
+ type: object
+ restartPolicy:
+ description: |-
+ RestartPolicy defines the restart behavior of individual containers in a pod.
+ This field may only be set for init containers, and the only allowed value is "Always".
+ For non-init containers or when this field is not specified,
+ the restart behavior is defined by the Pod's restart policy and the container type.
+ Setting the RestartPolicy as "Always" for the init container will have the following effect:
+ this init container will be continually restarted on
+ exit until all regular containers have terminated. Once all regular
+ containers have completed, all init containers with restartPolicy "Always"
+ will be shut down. This lifecycle differs from normal init containers and
+ is often referred to as a "sidecar" container. Although this init
+ container still starts in the init container sequence, it does not wait
+ for the container to complete before proceeding to the next init
+ container. Instead, the next init container starts immediately after this
+ init container is started, or after any startupProbe has successfully
+ completed.
+ type: string
+ securityContext:
+ description: |-
+ SecurityContext defines the security options the container should be run with.
+ If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.
+ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
+ properties:
+ allowPrivilegeEscalation:
+ description: |-
+ AllowPrivilegeEscalation controls whether a process can gain more
+ privileges than its parent process. This bool directly controls if
+ the no_new_privs flag will be set on the container process.
+ AllowPrivilegeEscalation is true always when the container is:
+ 1) run as Privileged
+ 2) has CAP_SYS_ADMIN
+ Note that this field cannot be set when spec.os.name is windows.
+ type: boolean
+ capabilities:
+ description: |-
+ The capabilities to add/drop when running containers.
+ Defaults to the default set of capabilities granted by the container runtime.
+ Note that this field cannot be set when spec.os.name is windows.
+ properties:
+ add:
+ description: Added capabilities
+ items:
+ description: Capability represent POSIX
+ capabilities type
+ type: string
+ type: array
+ drop:
+ description: Removed capabilities
+ items:
+ description: Capability represent POSIX
+ capabilities type
+ type: string
+ type: array
+ type: object
+ privileged:
+ description: |-
+ Run container in privileged mode.
+ Processes in privileged containers are essentially equivalent to root on the host.
+ Defaults to false.
+ Note that this field cannot be set when spec.os.name is windows.
+ type: boolean
+ procMount:
+ description: |-
+ procMount denotes the type of proc mount to use for the containers.
+ The default is DefaultProcMount which uses the container runtime defaults for
+ readonly paths and masked paths.
+ This requires the ProcMountType feature flag to be enabled.
+ Note that this field cannot be set when spec.os.name is windows.
+ type: string
+ readOnlyRootFilesystem:
+ description: |-
+ Whether this container has a read-only root filesystem.
+ Default is false.
+ Note that this field cannot be set when spec.os.name is windows.
+ type: boolean
+ runAsGroup:
+ description: |-
+ The GID to run the entrypoint of the container process.
+ Uses runtime default if unset.
+ May also be set in PodSecurityContext. If set in both SecurityContext and
+ PodSecurityContext, the value specified in SecurityContext takes precedence.
+ Note that this field cannot be set when spec.os.name is windows.
+ format: int64
+ type: integer
+ runAsNonRoot:
+ description: |-
+ Indicates that the container must run as a non-root user.
+ If true, the Kubelet will validate the image at runtime to ensure that it
+ does not run as UID 0 (root) and fail to start the container if it does.
+ If unset or false, no such validation will be performed.
+ May also be set in PodSecurityContext. If set in both SecurityContext and
+ PodSecurityContext, the value specified in SecurityContext takes precedence.
+ type: boolean
+ runAsUser:
+ description: |-
+ The UID to run the entrypoint of the container process.
+ Defaults to user specified in image metadata if unspecified.
+ May also be set in PodSecurityContext. If set in both SecurityContext and
+ PodSecurityContext, the value specified in SecurityContext takes precedence.
+ Note that this field cannot be set when spec.os.name is windows.
+ format: int64
+ type: integer
+ seLinuxOptions:
+ description: |-
+ The SELinux context to be applied to the container.
+ If unspecified, the container runtime will allocate a random SELinux context for each
+ container. May also be set in PodSecurityContext. If set in both SecurityContext and
+ PodSecurityContext, the value specified in SecurityContext takes precedence.
+ Note that this field cannot be set when spec.os.name is windows.
+ properties:
+ level:
+ description: Level is SELinux level label
+ that applies to the container.
+ type: string
+ role:
+ description: Role is a SELinux role label
+ that applies to the container.
+ type: string
+ type:
+ description: Type is a SELinux type label
+ that applies to the container.
+ type: string
+ user:
+ description: User is a SELinux user label
+ that applies to the container.
+ type: string
+ type: object
+ seccompProfile:
+ description: |-
+ The seccomp options to use by this container. If seccomp options are
+ provided at both the pod & container level, the container options
+ override the pod options.
+ Note that this field cannot be set when spec.os.name is windows.
+ properties:
+ localhostProfile:
+ description: |-
+ localhostProfile indicates a profile defined in a file on the node should be used.
+ The profile must be preconfigured on the node to work.
+ Must be a descending path, relative to the kubelet's configured seccomp profile location.
+ Must be set if type is "Localhost". Must NOT be set for any other type.
+ type: string
+ type:
+ description: |-
+ type indicates which kind of seccomp profile will be applied.
+ Valid options are:
+
+
+ Localhost - a profile defined in a file on the node should be used.
+ RuntimeDefault - the container runtime default profile should be used.
+ Unconfined - no profile should be applied.
+ type: string
+ required:
+ - type
+ type: object
+ windowsOptions:
+ description: |-
+ The Windows specific settings applied to all containers.
+ If unspecified, the options from the PodSecurityContext will be used.
+ If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+ Note that this field cannot be set when spec.os.name is linux.
+ properties:
+ gmsaCredentialSpec:
+ description: |-
+ GMSACredentialSpec is where the GMSA admission webhook
+ (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the
+ GMSA credential spec named by the GMSACredentialSpecName field.
+ type: string
+ gmsaCredentialSpecName:
+ description: GMSACredentialSpecName is the
+ name of the GMSA credential spec to use.
+ type: string
+ hostProcess:
+ description: |-
+ HostProcess determines if a container should be run as a 'Host Process' container.
+ All of a Pod's containers must have the same effective HostProcess value
+ (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).
+ In addition, if HostProcess is true then HostNetwork must also be set to true.
+ type: boolean
+ runAsUserName:
+ description: |-
+ The UserName in Windows to run the entrypoint of the container process.
+ Defaults to the user specified in image metadata if unspecified.
+ May also be set in PodSecurityContext. If set in both SecurityContext and
+ PodSecurityContext, the value specified in SecurityContext takes precedence.
+ type: string
+ type: object
+ type: object
+ startupProbe:
+ description: |-
+ StartupProbe indicates that the Pod has successfully initialized.
+ If specified, no other probes are executed until this completes successfully.
+ If this probe fails, the Pod will be restarted, just as if the livenessProbe failed.
+ This can be used to provide different probe parameters at the beginning of a Pod's lifecycle,
+ when it might take a long time to load data or warm a cache, than during steady-state operation.
+ This cannot be updated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ properties:
+ exec:
+ description: Exec specifies the action to take.
+ properties:
+ command:
+ description: |-
+ Command is the command line to execute inside the container, the working directory for the
+ command is root ('/') in the container's filesystem. The command is simply exec'd, it is
+ not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
+ a shell, you need to explicitly call out to that shell.
+ Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ description: |-
+ Minimum consecutive failures for the probe to be considered failed after having succeeded.
+ Defaults to 3. Minimum value is 1.
+ format: int32
+ type: integer
+ grpc:
+ description: GRPC specifies an action involving
+ a GRPC port.
+ properties:
+ port:
+ description: Port number of the gRPC service.
+ Number must be in the range 1 to 65535.
+ format: int32
+ type: integer
+ service:
+ description: |-
+ Service is the name of the service to place in the gRPC HealthCheckRequest
+ (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
+
+
+ If this is not specified, the default behavior is defined by gRPC.
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ description: HTTPGet specifies the http request
+ to perform.
+ properties:
+ host:
+ description: |-
+ Host name to connect to, defaults to the pod IP. You probably want to set
+ "Host" in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the
+ request. HTTP allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom
+ header to be used in HTTP probes
+ properties:
+ name:
+ description: |-
+ The header field name.
+ This will be canonicalized upon output, so case-variant names will be understood as the same header.
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP
+ server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Name or number of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: |-
+ Scheme to use for connecting to the host.
+ Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ description: |-
+ Number of seconds after the container has started before liveness probes are initiated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ format: int32
+ type: integer
+ periodSeconds:
+ description: |-
+ How often (in seconds) to perform the probe.
+ Default to 10 seconds. Minimum value is 1.
+ format: int32
+ type: integer
+ successThreshold:
+ description: |-
+ Minimum consecutive successes for the probe to be considered successful after having failed.
+ Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
+ format: int32
+ type: integer
+ tcpSocket:
+ description: TCPSocket specifies an action involving
+ a TCP port.
+ properties:
+ host:
+ description: 'Optional: Host name to connect
+ to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Number or name of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ description: |-
+ Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
+ The grace period is the duration in seconds after the processes running in the pod are sent
+ a termination signal and the time when the processes are forcibly halted with a kill signal.
+ Set this value longer than the expected cleanup time for your process.
+ If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
+ value overrides the value provided by the pod spec.
+ Value must be non-negative integer. The value zero indicates stop immediately via
+ the kill signal (no opportunity to shut down).
+ This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
+ Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
+ format: int64
+ type: integer
+ timeoutSeconds:
+ description: |-
+ Number of seconds after which the probe times out.
+ Defaults to 1 second. Minimum value is 1.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ format: int32
+ type: integer
+ type: object
+ stdin:
+ description: |-
+ Whether this container should allocate a buffer for stdin in the container runtime. If this
+ is not set, reads from stdin in the container will always result in EOF.
+ Default is false.
+ type: boolean
+ stdinOnce:
+ description: |-
+ Whether the container runtime should close the stdin channel after it has been opened by
+ a single attach. When stdin is true the stdin stream will remain open across multiple attach
+ sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the
+ first client attaches to stdin, and then remains open and accepts data until the client disconnects,
+ at which time stdin is closed and remains closed until the container is restarted. If this
+ flag is false, a container processes that reads from stdin will never receive an EOF.
+ Default is false
+ type: boolean
+ terminationMessagePath:
+ description: |-
+ Optional: Path at which the file to which the container's termination message
+ will be written is mounted into the container's filesystem.
+ Message written is intended to be brief final status, such as an assertion failure message.
+ Will be truncated by the node if greater than 4096 bytes. The total message length across
+ all containers will be limited to 12kb.
+ Defaults to /dev/termination-log.
+ Cannot be updated.
+ type: string
+ terminationMessagePolicy:
+ description: |-
+ Indicate how the termination message should be populated. File will use the contents of
+ terminationMessagePath to populate the container status message on both success and failure.
+ FallbackToLogsOnError will use the last chunk of container log output if the termination
+ message file is empty and the container exited with an error.
+ The log output is limited to 2048 bytes or 80 lines, whichever is smaller.
+ Defaults to File.
+ Cannot be updated.
+ type: string
+ tty:
+ description: |-
+ Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.
+ Default is false.
+ type: boolean
+ volumeDevices:
+ description: volumeDevices is the list of block
+ devices to be used by the container.
+ items:
+ description: volumeDevice describes a mapping
+ of a raw block device within a container.
+ properties:
+ devicePath:
+ description: devicePath is the path inside
+ of the container that the device will be
+ mapped to.
+ type: string
+ name:
+ description: name must match the name of a
+ persistentVolumeClaim in the pod
+ type: string
+ required:
+ - devicePath
+ - name
+ type: object
+ type: array
+ volumeMounts:
+ description: |-
+ Pod volumes to mount into the container's filesystem.
+ Cannot be updated.
+ items:
+ description: VolumeMount describes a mounting
+ of a Volume within a container.
+ properties:
+ mountPath:
+ description: |-
+ Path within the container at which the volume should be mounted. Must
+ not contain ':'.
+ type: string
+ mountPropagation:
+ description: |-
+ mountPropagation determines how mounts are propagated from the host
+ to container and the other way around.
+ When not set, MountPropagationNone is used.
+ This field is beta in 1.10.
+ type: string
+ name:
+ description: This must match the Name of a
+ Volume.
+ type: string
+ readOnly:
+ description: |-
+ Mounted read-only if true, read-write otherwise (false or unspecified).
+ Defaults to false.
+ type: boolean
+ subPath:
+ description: |-
+ Path within the volume from which the container's volume should be mounted.
+ Defaults to "" (volume's root).
+ type: string
+ subPathExpr:
+ description: |-
+ Expanded path within the volume from which the container's volume should be mounted.
+ Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.
+ Defaults to "" (volume's root).
+ SubPathExpr and SubPath are mutually exclusive.
+ type: string
+ required:
+ - mountPath
+ - name
+ type: object
+ type: array
+ workingDir:
+ description: |-
+ Container's working directory.
+ If not specified, the container runtime's default will be used, which
+ might be configured in the container image.
+ Cannot be updated.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ dnsPolicy:
+ description: DNSPolicy
+ type: string
+ ephemeralContainers:
+ description: EphemeralContainers
+ items:
+ description: |-
+ An EphemeralContainer is a temporary container that you may add to an existing Pod for
+ user-initiated activities such as debugging. Ephemeral containers have no resource or
+ scheduling guarantees, and they will not be restarted when they exit or when a Pod is
+ removed or restarted. The kubelet may evict a Pod if an ephemeral container causes the
+ Pod to exceed its resource allocation.
+
+
+ To add an ephemeral container, use the ephemeralcontainers subresource of an existing
+ Pod. Ephemeral containers may not be removed or restarted.
+ properties:
+ args:
+ description: |-
+ Arguments to the entrypoint.
+ The image's CMD is used if this is not provided.
+ Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
+ cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced
+ to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
+ produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless
+ of whether the variable exists or not. Cannot be updated.
+ More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
+ items:
+ type: string
+ type: array
+ command:
+ description: |-
+ Entrypoint array. Not executed within a shell.
+ The image's ENTRYPOINT is used if this is not provided.
+ Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
+ cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced
+ to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
+ produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless
+ of whether the variable exists or not. Cannot be updated.
+ More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
+ items:
+ type: string
+ type: array
+ env:
+ description: |-
+ List of environment variables to set in the container.
+ Cannot be updated.
+ items:
+ description: EnvVar represents an environment
+ variable present in a Container.
+ properties:
+ name:
+ description: Name of the environment variable.
+ Must be a C_IDENTIFIER.
+ type: string
+ value:
+ description: |-
+ Variable references $(VAR_NAME) are expanded
+ using the previously defined environment variables in the container and
+ any service environment variables. If a variable cannot be resolved,
+ the reference in the input string will be unchanged. Double $$ are reduced
+ to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.
+ "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)".
+ Escaped references will never be expanded, regardless of whether the variable
+ exists or not.
+ Defaults to "".
+ type: string
+ valueFrom:
+ description: Source for the environment variable's
+ value. Cannot be used if value is not empty.
+ properties:
+ configMapKeyRef:
+ description: Selects a key of a ConfigMap.
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the ConfigMap
+ or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ fieldRef:
+ description: |-
+ Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,
+ spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.
+ properties:
+ apiVersion:
+ description: Version of the schema
+ the FieldPath is written in terms
+ of, defaults to "v1".
+ type: string
+ fieldPath:
+ description: Path of the field to
+ select in the specified API version.
+ type: string
+ required:
+ - fieldPath
+ type: object
+ x-kubernetes-map-type: atomic
+ resourceFieldRef:
+ description: |-
+ Selects a resource of the container: only resources limits and requests
+ (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.
+ properties:
+ containerName:
+ description: 'Container name: required
+ for volumes, optional for env vars'
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Specifies the output
+ format of the exposed resources,
+ defaults to "1"
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ description: 'Required: resource to
+ select'
+ type: string
+ required:
+ - resource
+ type: object
+ x-kubernetes-map-type: atomic
+ secretKeyRef:
+ description: Selects a key of a secret
+ in the pod's namespace
+ properties:
+ key:
+ description: The key of the secret
+ to select from. Must be a valid
+ secret key.
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the Secret
+ or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ required:
+ - name
+ type: object
+ type: array
+ envFrom:
+ description: |-
+ List of sources to populate environment variables in the container.
+ The keys defined within a source must be a C_IDENTIFIER. All invalid keys
+ will be reported as an event when the container is starting. When a key exists in multiple
+ sources, the value associated with the last source will take precedence.
+ Values defined by an Env with a duplicate key will take precedence.
+ Cannot be updated.
+ items:
+ description: EnvFromSource represents the source
+ of a set of ConfigMaps
+ properties:
+ configMapRef:
+ description: The ConfigMap to select from
+ properties:
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the ConfigMap
+ must be defined
+ type: boolean
+ type: object
+ x-kubernetes-map-type: atomic
+ prefix:
+ description: An optional identifier to prepend
+ to each key in the ConfigMap. Must be a
+ C_IDENTIFIER.
+ type: string
+ secretRef:
+ description: The Secret to select from
+ properties:
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the Secret
+ must be defined
+ type: boolean
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ type: array
+ image:
+ description: |-
+ Container image name.
+ More info: https://kubernetes.io/docs/concepts/containers/images
+ type: string
+ imagePullPolicy:
+ description: |-
+ Image pull policy.
+ One of Always, Never, IfNotPresent.
+ Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
+ Cannot be updated.
+ More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
+ type: string
+ lifecycle:
+ description: Lifecycle is not allowed for ephemeral
+ containers.
+ properties:
+ postStart:
+ description: |-
+ PostStart is called immediately after a container is created. If the handler fails,
+ the container is terminated and restarted according to its restart policy.
+ Other management of the container blocks until the hook completes.
+ More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
+ properties:
+ exec:
+ description: Exec specifies the action to
+ take.
+ properties:
+ command:
+ description: |-
+ Command is the command line to execute inside the container, the working directory for the
+ command is root ('/') in the container's filesystem. The command is simply exec'd, it is
+ not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
+ a shell, you need to explicitly call out to that shell.
+ Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ description: HTTPGet specifies the http
+ request to perform.
+ properties:
+ host:
+ description: |-
+ Host name to connect to, defaults to the pod IP. You probably want to set
+ "Host" in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in
+ the request. HTTP allows repeated
+ headers.
+ items:
+ description: HTTPHeader describes
+ a custom header to be used in HTTP
+ probes
+ properties:
+ name:
+ description: |-
+ The header field name.
+ This will be canonicalized upon output, so case-variant names will be understood as the same header.
+ type: string
+ value:
+ description: The header field
+ value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP
+ server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Name or number of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: |-
+ Scheme to use for connecting to the host.
+ Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ sleep:
+ description: Sleep represents the duration
+ that the container should sleep before
+ being terminated.
+ properties:
+ seconds:
+ description: Seconds is the number of
+ seconds to sleep.
+ format: int64
+ type: integer
+ required:
+ - seconds
+ type: object
+ tcpSocket:
+ description: |-
+ Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept
+ for the backward compatibility. There are no validation of this field and
+ lifecycle hooks will fail in runtime when tcp handler is specified.
+ properties:
+ host:
+ description: 'Optional: Host name to
+ connect to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Number or name of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ preStop:
+ description: |-
+ PreStop is called immediately before a container is terminated due to an
+ API request or management event such as liveness/startup probe failure,
+ preemption, resource contention, etc. The handler is not called if the
+ container crashes or exits. The Pod's termination grace period countdown begins before the
+ PreStop hook is executed. Regardless of the outcome of the handler, the
+ container will eventually terminate within the Pod's termination grace
+ period (unless delayed by finalizers). Other management of the container blocks until the hook completes
+ or until the termination grace period is reached.
+ More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
+ properties:
+ exec:
+ description: Exec specifies the action to
+ take.
+ properties:
+ command:
+ description: |-
+ Command is the command line to execute inside the container, the working directory for the
+ command is root ('/') in the container's filesystem. The command is simply exec'd, it is
+ not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
+ a shell, you need to explicitly call out to that shell.
+ Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ description: HTTPGet specifies the http
+ request to perform.
+ properties:
+ host:
+ description: |-
+ Host name to connect to, defaults to the pod IP. You probably want to set
+ "Host" in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in
+ the request. HTTP allows repeated
+ headers.
+ items:
+ description: HTTPHeader describes
+ a custom header to be used in HTTP
+ probes
+ properties:
+ name:
+ description: |-
+ The header field name.
+ This will be canonicalized upon output, so case-variant names will be understood as the same header.
+ type: string
+ value:
+ description: The header field
+ value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP
+ server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Name or number of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: |-
+ Scheme to use for connecting to the host.
+ Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ sleep:
+ description: Sleep represents the duration
+ that the container should sleep before
+ being terminated.
+ properties:
+ seconds:
+ description: Seconds is the number of
+ seconds to sleep.
+ format: int64
+ type: integer
+ required:
+ - seconds
+ type: object
+ tcpSocket:
+ description: |-
+ Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept
+ for the backward compatibility. There are no validation of this field and
+ lifecycle hooks will fail in runtime when tcp handler is specified.
+ properties:
+ host:
+ description: 'Optional: Host name to
+ connect to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Number or name of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ type: object
+ livenessProbe:
+ description: Probes are not allowed for ephemeral
+ containers.
+ properties:
+ exec:
+ description: Exec specifies the action to take.
+ properties:
+ command:
+ description: |-
+ Command is the command line to execute inside the container, the working directory for the
+ command is root ('/') in the container's filesystem. The command is simply exec'd, it is
+ not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
+ a shell, you need to explicitly call out to that shell.
+ Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ description: |-
+ Minimum consecutive failures for the probe to be considered failed after having succeeded.
+ Defaults to 3. Minimum value is 1.
+ format: int32
+ type: integer
+ grpc:
+ description: GRPC specifies an action involving
+ a GRPC port.
+ properties:
+ port:
+ description: Port number of the gRPC service.
+ Number must be in the range 1 to 65535.
+ format: int32
+ type: integer
+ service:
+ description: |-
+ Service is the name of the service to place in the gRPC HealthCheckRequest
+ (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
+
+
+ If this is not specified, the default behavior is defined by gRPC.
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ description: HTTPGet specifies the http request
+ to perform.
+ properties:
+ host:
+ description: |-
+ Host name to connect to, defaults to the pod IP. You probably want to set
+ "Host" in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the
+ request. HTTP allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom
+ header to be used in HTTP probes
+ properties:
+ name:
+ description: |-
+ The header field name.
+ This will be canonicalized upon output, so case-variant names will be understood as the same header.
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP
+ server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Name or number of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: |-
+ Scheme to use for connecting to the host.
+ Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ description: |-
+ Number of seconds after the container has started before liveness probes are initiated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ format: int32
+ type: integer
+ periodSeconds:
+ description: |-
+ How often (in seconds) to perform the probe.
+ Default to 10 seconds. Minimum value is 1.
+ format: int32
+ type: integer
+ successThreshold:
+ description: |-
+ Minimum consecutive successes for the probe to be considered successful after having failed.
+ Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
+ format: int32
+ type: integer
+ tcpSocket:
+ description: TCPSocket specifies an action involving
+ a TCP port.
+ properties:
+ host:
+ description: 'Optional: Host name to connect
+ to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Number or name of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ description: |-
+ Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
+ The grace period is the duration in seconds after the processes running in the pod are sent
+ a termination signal and the time when the processes are forcibly halted with a kill signal.
+ Set this value longer than the expected cleanup time for your process.
+ If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
+ value overrides the value provided by the pod spec.
+ Value must be non-negative integer. The value zero indicates stop immediately via
+ the kill signal (no opportunity to shut down).
+ This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
+ Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
+ format: int64
+ type: integer
+ timeoutSeconds:
+ description: |-
+ Number of seconds after which the probe times out.
+ Defaults to 1 second. Minimum value is 1.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ format: int32
+ type: integer
+ type: object
+ name:
+ description: |-
+ Name of the ephemeral container specified as a DNS_LABEL.
+ This name must be unique among all containers, init containers and ephemeral containers.
+ type: string
+ ports:
+ description: Ports are not allowed for ephemeral
+ containers.
+ items:
+ description: ContainerPort represents a network
+ port in a single container.
+ properties:
+ containerPort:
+ description: |-
+ Number of port to expose on the pod's IP address.
+ This must be a valid port number, 0 < x < 65536.
+ format: int32
+ type: integer
+ hostIP:
+ description: What host IP to bind the external
+ port to.
+ type: string
+ hostPort:
+ description: |-
+ Number of port to expose on the host.
+ If specified, this must be a valid port number, 0 < x < 65536.
+ If HostNetwork is specified, this must match ContainerPort.
+ Most containers do not need this.
+ format: int32
+ type: integer
+ name:
+ description: |-
+ If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
+ named port in a pod must have a unique name. Name for the port that can be
+ referred to by services.
+ type: string
+ protocol:
+ default: TCP
+ description: |-
+ Protocol for port. Must be UDP, TCP, or SCTP.
+ Defaults to "TCP".
+ type: string
+ required:
+ - containerPort
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - containerPort
+ - protocol
+ x-kubernetes-list-type: map
+ readinessProbe:
+ description: Probes are not allowed for ephemeral
+ containers.
+ properties:
+ exec:
+ description: Exec specifies the action to take.
+ properties:
+ command:
+ description: |-
+ Command is the command line to execute inside the container, the working directory for the
+ command is root ('/') in the container's filesystem. The command is simply exec'd, it is
+ not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
+ a shell, you need to explicitly call out to that shell.
+ Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ description: |-
+ Minimum consecutive failures for the probe to be considered failed after having succeeded.
+ Defaults to 3. Minimum value is 1.
+ format: int32
+ type: integer
+ grpc:
+ description: GRPC specifies an action involving
+ a GRPC port.
+ properties:
+ port:
+ description: Port number of the gRPC service.
+ Number must be in the range 1 to 65535.
+ format: int32
+ type: integer
+ service:
+ description: |-
+ Service is the name of the service to place in the gRPC HealthCheckRequest
+ (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
+
+
+ If this is not specified, the default behavior is defined by gRPC.
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ description: HTTPGet specifies the http request
+ to perform.
+ properties:
+ host:
+ description: |-
+ Host name to connect to, defaults to the pod IP. You probably want to set
+ "Host" in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the
+ request. HTTP allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom
+ header to be used in HTTP probes
+ properties:
+ name:
+ description: |-
+ The header field name.
+ This will be canonicalized upon output, so case-variant names will be understood as the same header.
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP
+ server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Name or number of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: |-
+ Scheme to use for connecting to the host.
+ Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ description: |-
+ Number of seconds after the container has started before liveness probes are initiated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ format: int32
+ type: integer
+ periodSeconds:
+ description: |-
+ How often (in seconds) to perform the probe.
+ Default to 10 seconds. Minimum value is 1.
+ format: int32
+ type: integer
+ successThreshold:
+ description: |-
+ Minimum consecutive successes for the probe to be considered successful after having failed.
+ Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
+ format: int32
+ type: integer
+ tcpSocket:
+ description: TCPSocket specifies an action involving
+ a TCP port.
+ properties:
+ host:
+ description: 'Optional: Host name to connect
+ to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Number or name of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ description: |-
+ Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
+ The grace period is the duration in seconds after the processes running in the pod are sent
+ a termination signal and the time when the processes are forcibly halted with a kill signal.
+ Set this value longer than the expected cleanup time for your process.
+ If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
+ value overrides the value provided by the pod spec.
+ Value must be non-negative integer. The value zero indicates stop immediately via
+ the kill signal (no opportunity to shut down).
+ This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
+ Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
+ format: int64
+ type: integer
+ timeoutSeconds:
+ description: |-
+ Number of seconds after which the probe times out.
+ Defaults to 1 second. Minimum value is 1.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ format: int32
+ type: integer
+ type: object
+ resizePolicy:
+ description: Resources resize policy for the container.
+ items:
+ description: ContainerResizePolicy represents
+ resource resize policy for the container.
+ properties:
+ resourceName:
+ description: |-
+ Name of the resource to which this resource resize policy applies.
+ Supported values: cpu, memory.
+ type: string
+ restartPolicy:
+ description: |-
+ Restart policy to apply when specified resource is resized.
+ If not specified, it defaults to NotRequired.
+ type: string
+ required:
+ - resourceName
+ - restartPolicy
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ resources:
+ description: |-
+ Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources
+ already allocated to the pod.
+ properties:
+ claims:
+ description: |-
+ Claims lists the names of resources, defined in spec.resourceClaims,
+ that are used by this container.
+
+
+ This is an alpha field and requires enabling the
+ DynamicResourceAllocation feature gate.
+
+
+ This field is immutable. It can only be set for containers.
+ items:
+ description: ResourceClaim references one
+ entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: |-
+ Name must match the name of one entry in pod.spec.resourceClaims of
+ the Pod where this field is used. It makes that resource available
+ inside a container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
+ limits:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ description: |-
+ Limits describes the maximum amount of compute resources allowed.
+ More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
+ type: object
+ requests:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ description: |-
+ Requests describes the minimum amount of compute resources required.
+ If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
+ otherwise to an implementation-defined value. Requests cannot exceed Limits.
+ More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
+ type: object
+ type: object
+ restartPolicy:
+ description: |-
+ Restart policy for the container to manage the restart behavior of each
+ container within a pod.
+ This may only be set for init containers. You cannot set this field on
+ ephemeral containers.
+ type: string
+ securityContext:
+ description: |-
+ Optional: SecurityContext defines the security options the ephemeral container should be run with.
+ If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.
+ properties:
+ allowPrivilegeEscalation:
+ description: |-
+ AllowPrivilegeEscalation controls whether a process can gain more
+ privileges than its parent process. This bool directly controls if
+ the no_new_privs flag will be set on the container process.
+ AllowPrivilegeEscalation is true always when the container is:
+ 1) run as Privileged
+ 2) has CAP_SYS_ADMIN
+ Note that this field cannot be set when spec.os.name is windows.
+ type: boolean
+ capabilities:
+ description: |-
+ The capabilities to add/drop when running containers.
+ Defaults to the default set of capabilities granted by the container runtime.
+ Note that this field cannot be set when spec.os.name is windows.
+ properties:
+ add:
+ description: Added capabilities
+ items:
+ description: Capability represent POSIX
+ capabilities type
+ type: string
+ type: array
+ drop:
+ description: Removed capabilities
+ items:
+ description: Capability represent POSIX
+ capabilities type
+ type: string
+ type: array
+ type: object
+ privileged:
+ description: |-
+ Run container in privileged mode.
+ Processes in privileged containers are essentially equivalent to root on the host.
+ Defaults to false.
+ Note that this field cannot be set when spec.os.name is windows.
+ type: boolean
+ procMount:
+ description: |-
+ procMount denotes the type of proc mount to use for the containers.
+ The default is DefaultProcMount which uses the container runtime defaults for
+ readonly paths and masked paths.
+ This requires the ProcMountType feature flag to be enabled.
+ Note that this field cannot be set when spec.os.name is windows.
+ type: string
+ readOnlyRootFilesystem:
+ description: |-
+ Whether this container has a read-only root filesystem.
+ Default is false.
+ Note that this field cannot be set when spec.os.name is windows.
+ type: boolean
+ runAsGroup:
+ description: |-
+ The GID to run the entrypoint of the container process.
+ Uses runtime default if unset.
+ May also be set in PodSecurityContext. If set in both SecurityContext and
+ PodSecurityContext, the value specified in SecurityContext takes precedence.
+ Note that this field cannot be set when spec.os.name is windows.
+ format: int64
+ type: integer
+ runAsNonRoot:
+ description: |-
+ Indicates that the container must run as a non-root user.
+ If true, the Kubelet will validate the image at runtime to ensure that it
+ does not run as UID 0 (root) and fail to start the container if it does.
+ If unset or false, no such validation will be performed.
+ May also be set in PodSecurityContext. If set in both SecurityContext and
+ PodSecurityContext, the value specified in SecurityContext takes precedence.
+ type: boolean
+ runAsUser:
+ description: |-
+ The UID to run the entrypoint of the container process.
+ Defaults to user specified in image metadata if unspecified.
+ May also be set in PodSecurityContext. If set in both SecurityContext and
+ PodSecurityContext, the value specified in SecurityContext takes precedence.
+ Note that this field cannot be set when spec.os.name is windows.
+ format: int64
+ type: integer
+ seLinuxOptions:
+ description: |-
+ The SELinux context to be applied to the container.
+ If unspecified, the container runtime will allocate a random SELinux context for each
+ container. May also be set in PodSecurityContext. If set in both SecurityContext and
+ PodSecurityContext, the value specified in SecurityContext takes precedence.
+ Note that this field cannot be set when spec.os.name is windows.
+ properties:
+ level:
+ description: Level is SELinux level label
+ that applies to the container.
+ type: string
+ role:
+ description: Role is a SELinux role label
+ that applies to the container.
+ type: string
+ type:
+ description: Type is a SELinux type label
+ that applies to the container.
+ type: string
+ user:
+ description: User is a SELinux user label
+ that applies to the container.
+ type: string
+ type: object
+ seccompProfile:
+ description: |-
+ The seccomp options to use by this container. If seccomp options are
+ provided at both the pod & container level, the container options
+ override the pod options.
+ Note that this field cannot be set when spec.os.name is windows.
+ properties:
+ localhostProfile:
+ description: |-
+ localhostProfile indicates a profile defined in a file on the node should be used.
+ The profile must be preconfigured on the node to work.
+ Must be a descending path, relative to the kubelet's configured seccomp profile location.
+ Must be set if type is "Localhost". Must NOT be set for any other type.
+ type: string
+ type:
+ description: |-
+ type indicates which kind of seccomp profile will be applied.
+ Valid options are:
+
+
+ Localhost - a profile defined in a file on the node should be used.
+ RuntimeDefault - the container runtime default profile should be used.
+ Unconfined - no profile should be applied.
+ type: string
+ required:
+ - type
+ type: object
+ windowsOptions:
+ description: |-
+ The Windows specific settings applied to all containers.
+ If unspecified, the options from the PodSecurityContext will be used.
+ If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+ Note that this field cannot be set when spec.os.name is linux.
+ properties:
+ gmsaCredentialSpec:
+ description: |-
+ GMSACredentialSpec is where the GMSA admission webhook
+ (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the
+ GMSA credential spec named by the GMSACredentialSpecName field.
+ type: string
+ gmsaCredentialSpecName:
+ description: GMSACredentialSpecName is the
+ name of the GMSA credential spec to use.
+ type: string
+ hostProcess:
+ description: |-
+ HostProcess determines if a container should be run as a 'Host Process' container.
+ All of a Pod's containers must have the same effective HostProcess value
+ (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).
+ In addition, if HostProcess is true then HostNetwork must also be set to true.
+ type: boolean
+ runAsUserName:
+ description: |-
+ The UserName in Windows to run the entrypoint of the container process.
+ Defaults to the user specified in image metadata if unspecified.
+ May also be set in PodSecurityContext. If set in both SecurityContext and
+ PodSecurityContext, the value specified in SecurityContext takes precedence.
+ type: string
+ type: object
+ type: object
+ startupProbe:
+ description: Probes are not allowed for ephemeral
+ containers.
+ properties:
+ exec:
+ description: Exec specifies the action to take.
+ properties:
+ command:
+ description: |-
+ Command is the command line to execute inside the container, the working directory for the
+ command is root ('/') in the container's filesystem. The command is simply exec'd, it is
+ not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
+ a shell, you need to explicitly call out to that shell.
+ Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ description: |-
+ Minimum consecutive failures for the probe to be considered failed after having succeeded.
+ Defaults to 3. Minimum value is 1.
+ format: int32
+ type: integer
+ grpc:
+ description: GRPC specifies an action involving
+ a GRPC port.
+ properties:
+ port:
+ description: Port number of the gRPC service.
+ Number must be in the range 1 to 65535.
+ format: int32
+ type: integer
+ service:
+ description: |-
+ Service is the name of the service to place in the gRPC HealthCheckRequest
+ (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
+
+
+ If this is not specified, the default behavior is defined by gRPC.
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ description: HTTPGet specifies the http request
+ to perform.
+ properties:
+ host:
+ description: |-
+ Host name to connect to, defaults to the pod IP. You probably want to set
+ "Host" in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the
+ request. HTTP allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom
+ header to be used in HTTP probes
+ properties:
+ name:
+ description: |-
+ The header field name.
+ This will be canonicalized upon output, so case-variant names will be understood as the same header.
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP
+ server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Name or number of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: |-
+ Scheme to use for connecting to the host.
+ Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ description: |-
+ Number of seconds after the container has started before liveness probes are initiated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ format: int32
+ type: integer
+ periodSeconds:
+ description: |-
+ How often (in seconds) to perform the probe.
+ Default to 10 seconds. Minimum value is 1.
+ format: int32
+ type: integer
+ successThreshold:
+ description: |-
+ Minimum consecutive successes for the probe to be considered successful after having failed.
+ Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
+ format: int32
+ type: integer
+ tcpSocket:
+ description: TCPSocket specifies an action involving
+ a TCP port.
+ properties:
+ host:
+ description: 'Optional: Host name to connect
+ to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Number or name of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ description: |-
+ Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
+ The grace period is the duration in seconds after the processes running in the pod are sent
+ a termination signal and the time when the processes are forcibly halted with a kill signal.
+ Set this value longer than the expected cleanup time for your process.
+ If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
+ value overrides the value provided by the pod spec.
+ Value must be non-negative integer. The value zero indicates stop immediately via
+ the kill signal (no opportunity to shut down).
+ This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
+ Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
+ format: int64
+ type: integer
+ timeoutSeconds:
+ description: |-
+ Number of seconds after which the probe times out.
+ Defaults to 1 second. Minimum value is 1.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ format: int32
+ type: integer
+ type: object
+ stdin:
+ description: |-
+ Whether this container should allocate a buffer for stdin in the container runtime. If this
+ is not set, reads from stdin in the container will always result in EOF.
+ Default is false.
+ type: boolean
+ stdinOnce:
+ description: |-
+ Whether the container runtime should close the stdin channel after it has been opened by
+ a single attach. When stdin is true the stdin stream will remain open across multiple attach
+ sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the
+ first client attaches to stdin, and then remains open and accepts data until the client disconnects,
+ at which time stdin is closed and remains closed until the container is restarted. If this
+ flag is false, a container processes that reads from stdin will never receive an EOF.
+ Default is false
+ type: boolean
+ targetContainerName:
+ description: |-
+ If set, the name of the container from PodSpec that this ephemeral container targets.
+ The ephemeral container will be run in the namespaces (IPC, PID, etc) of this container.
+ If not set then the ephemeral container uses the namespaces configured in the Pod spec.
+
+
+ The container runtime must implement support for this feature. If the runtime does not
+ support namespace targeting then the result of setting this field is undefined.
+ type: string
+ terminationMessagePath:
+ description: |-
+ Optional: Path at which the file to which the container's termination message
+ will be written is mounted into the container's filesystem.
+ Message written is intended to be brief final status, such as an assertion failure message.
+ Will be truncated by the node if greater than 4096 bytes. The total message length across
+ all containers will be limited to 12kb.
+ Defaults to /dev/termination-log.
+ Cannot be updated.
+ type: string
+ terminationMessagePolicy:
+ description: |-
+ Indicate how the termination message should be populated. File will use the contents of
+ terminationMessagePath to populate the container status message on both success and failure.
+ FallbackToLogsOnError will use the last chunk of container log output if the termination
+ message file is empty and the container exited with an error.
+ The log output is limited to 2048 bytes or 80 lines, whichever is smaller.
+ Defaults to File.
+ Cannot be updated.
+ type: string
+ tty:
+ description: |-
+ Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.
+ Default is false.
+ type: boolean
+ volumeDevices:
+ description: volumeDevices is the list of block
+ devices to be used by the container.
+ items:
+ description: volumeDevice describes a mapping
+ of a raw block device within a container.
+ properties:
+ devicePath:
+ description: devicePath is the path inside
+ of the container that the device will be
+ mapped to.
+ type: string
+ name:
+ description: name must match the name of a
+ persistentVolumeClaim in the pod
+ type: string
+ required:
+ - devicePath
+ - name
+ type: object
+ type: array
+ volumeMounts:
+ description: |-
+ Pod volumes to mount into the container's filesystem. Subpath mounts are not allowed for ephemeral containers.
+ Cannot be updated.
+ items:
+ description: VolumeMount describes a mounting
+ of a Volume within a container.
+ properties:
+ mountPath:
+ description: |-
+ Path within the container at which the volume should be mounted. Must
+ not contain ':'.
+ type: string
+ mountPropagation:
+ description: |-
+ mountPropagation determines how mounts are propagated from the host
+ to container and the other way around.
+ When not set, MountPropagationNone is used.
+ This field is beta in 1.10.
+ type: string
+ name:
+ description: This must match the Name of a
+ Volume.
+ type: string
+ readOnly:
+ description: |-
+ Mounted read-only if true, read-write otherwise (false or unspecified).
+ Defaults to false.
+ type: boolean
+ subPath:
+ description: |-
+ Path within the volume from which the container's volume should be mounted.
+ Defaults to "" (volume's root).
+ type: string
+ subPathExpr:
+ description: |-
+ Expanded path within the volume from which the container's volume should be mounted.
+ Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.
+ Defaults to "" (volume's root).
+ SubPathExpr and SubPath are mutually exclusive.
+ type: string
+ required:
+ - mountPath
+ - name
+ type: object
+ type: array
+ workingDir:
+ description: |-
+ Container's working directory.
+ If not specified, the container runtime's default will be used, which
+ might be configured in the container image.
+ Cannot be updated.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ initContainers:
+ description: InitContainers
+ items:
+ description: A single application container that you
+ want to run within a pod.
+ properties:
+ args:
+ description: |-
+ Arguments to the entrypoint.
+ The container image's CMD is used if this is not provided.
+ Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
+ cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced
+ to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
+ produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless
+ of whether the variable exists or not. Cannot be updated.
+ More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
+ items:
+ type: string
+ type: array
+ command:
+ description: |-
+ Entrypoint array. Not executed within a shell.
+ The container image's ENTRYPOINT is used if this is not provided.
+ Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
+ cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced
+ to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
+ produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless
+ of whether the variable exists or not. Cannot be updated.
+ More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
+ items:
+ type: string
+ type: array
+ env:
+ description: |-
+ List of environment variables to set in the container.
+ Cannot be updated.
+ items:
+ description: EnvVar represents an environment
+ variable present in a Container.
+ properties:
+ name:
+ description: Name of the environment variable.
+ Must be a C_IDENTIFIER.
+ type: string
+ value:
+ description: |-
+ Variable references $(VAR_NAME) are expanded
+ using the previously defined environment variables in the container and
+ any service environment variables. If a variable cannot be resolved,
+ the reference in the input string will be unchanged. Double $$ are reduced
+ to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.
+ "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)".
+ Escaped references will never be expanded, regardless of whether the variable
+ exists or not.
+ Defaults to "".
+ type: string
+ valueFrom:
+ description: Source for the environment variable's
+ value. Cannot be used if value is not empty.
+ properties:
+ configMapKeyRef:
+ description: Selects a key of a ConfigMap.
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the ConfigMap
+ or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ fieldRef:
+ description: |-
+ Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,
+ spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.
+ properties:
+ apiVersion:
+ description: Version of the schema
+ the FieldPath is written in terms
+ of, defaults to "v1".
+ type: string
+ fieldPath:
+ description: Path of the field to
+ select in the specified API version.
+ type: string
+ required:
+ - fieldPath
+ type: object
+ x-kubernetes-map-type: atomic
+ resourceFieldRef:
+ description: |-
+ Selects a resource of the container: only resources limits and requests
+ (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.
+ properties:
+ containerName:
+ description: 'Container name: required
+ for volumes, optional for env vars'
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Specifies the output
+ format of the exposed resources,
+ defaults to "1"
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ description: 'Required: resource to
+ select'
+ type: string
+ required:
+ - resource
+ type: object
+ x-kubernetes-map-type: atomic
+ secretKeyRef:
+ description: Selects a key of a secret
+ in the pod's namespace
+ properties:
+ key:
+ description: The key of the secret
+ to select from. Must be a valid
+ secret key.
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the Secret
+ or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ required:
+ - name
+ type: object
+ type: array
+ envFrom:
+ description: |-
+ List of sources to populate environment variables in the container.
+ The keys defined within a source must be a C_IDENTIFIER. All invalid keys
+ will be reported as an event when the container is starting. When a key exists in multiple
+ sources, the value associated with the last source will take precedence.
+ Values defined by an Env with a duplicate key will take precedence.
+ Cannot be updated.
+ items:
+ description: EnvFromSource represents the source
+ of a set of ConfigMaps
+ properties:
+ configMapRef:
+ description: The ConfigMap to select from
+ properties:
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the ConfigMap
+ must be defined
+ type: boolean
+ type: object
+ x-kubernetes-map-type: atomic
+ prefix:
+ description: An optional identifier to prepend
+ to each key in the ConfigMap. Must be a
+ C_IDENTIFIER.
+ type: string
+ secretRef:
+ description: The Secret to select from
+ properties:
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: Specify whether the Secret
+ must be defined
+ type: boolean
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ type: array
+ image:
+ description: |-
+ Container image name.
+ More info: https://kubernetes.io/docs/concepts/containers/images
+ This field is optional to allow higher level config management to default or override
+ container images in workload controllers like Deployments and StatefulSets.
+ type: string
+ imagePullPolicy:
+ description: |-
+ Image pull policy.
+ One of Always, Never, IfNotPresent.
+ Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
+ Cannot be updated.
+ More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
+ type: string
+ lifecycle:
+ description: |-
+ Actions that the management system should take in response to container lifecycle events.
+ Cannot be updated.
+ properties:
+ postStart:
+ description: |-
+ PostStart is called immediately after a container is created. If the handler fails,
+ the container is terminated and restarted according to its restart policy.
+ Other management of the container blocks until the hook completes.
+ More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
+ properties:
+ exec:
+ description: Exec specifies the action to
+ take.
+ properties:
+ command:
+ description: |-
+ Command is the command line to execute inside the container, the working directory for the
+ command is root ('/') in the container's filesystem. The command is simply exec'd, it is
+ not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
+ a shell, you need to explicitly call out to that shell.
+ Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ description: HTTPGet specifies the http
+ request to perform.
+ properties:
+ host:
+ description: |-
+ Host name to connect to, defaults to the pod IP. You probably want to set
+ "Host" in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in
+ the request. HTTP allows repeated
+ headers.
+ items:
+ description: HTTPHeader describes
+ a custom header to be used in HTTP
+ probes
+ properties:
+ name:
+ description: |-
+ The header field name.
+ This will be canonicalized upon output, so case-variant names will be understood as the same header.
+ type: string
+ value:
+ description: The header field
+ value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP
+ server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Name or number of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: |-
+ Scheme to use for connecting to the host.
+ Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ sleep:
+ description: Sleep represents the duration
+ that the container should sleep before
+ being terminated.
+ properties:
+ seconds:
+ description: Seconds is the number of
+ seconds to sleep.
+ format: int64
+ type: integer
+ required:
+ - seconds
+ type: object
+ tcpSocket:
+ description: |-
+ Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept
+ for the backward compatibility. There are no validation of this field and
+ lifecycle hooks will fail in runtime when tcp handler is specified.
+ properties:
+ host:
+ description: 'Optional: Host name to
+ connect to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Number or name of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ preStop:
+ description: |-
+ PreStop is called immediately before a container is terminated due to an
+ API request or management event such as liveness/startup probe failure,
+ preemption, resource contention, etc. The handler is not called if the
+ container crashes or exits. The Pod's termination grace period countdown begins before the
+ PreStop hook is executed. Regardless of the outcome of the handler, the
+ container will eventually terminate within the Pod's termination grace
+ period (unless delayed by finalizers). Other management of the container blocks until the hook completes
+ or until the termination grace period is reached.
+ More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
+ properties:
+ exec:
+ description: Exec specifies the action to
+ take.
+ properties:
+ command:
+ description: |-
+ Command is the command line to execute inside the container, the working directory for the
+ command is root ('/') in the container's filesystem. The command is simply exec'd, it is
+ not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
+ a shell, you need to explicitly call out to that shell.
+ Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ description: HTTPGet specifies the http
+ request to perform.
+ properties:
+ host:
+ description: |-
+ Host name to connect to, defaults to the pod IP. You probably want to set
+ "Host" in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in
+ the request. HTTP allows repeated
+ headers.
+ items:
+ description: HTTPHeader describes
+ a custom header to be used in HTTP
+ probes
+ properties:
+ name:
+ description: |-
+ The header field name.
+ This will be canonicalized upon output, so case-variant names will be understood as the same header.
+ type: string
+ value:
+ description: The header field
+ value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP
+ server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Name or number of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: |-
+ Scheme to use for connecting to the host.
+ Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ sleep:
+ description: Sleep represents the duration
+ that the container should sleep before
+ being terminated.
+ properties:
+ seconds:
+ description: Seconds is the number of
+ seconds to sleep.
+ format: int64
+ type: integer
+ required:
+ - seconds
+ type: object
+ tcpSocket:
+ description: |-
+ Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept
+ for the backward compatibility. There are no validation of this field and
+ lifecycle hooks will fail in runtime when tcp handler is specified.
+ properties:
+ host:
+ description: 'Optional: Host name to
+ connect to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Number or name of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ type: object
+ livenessProbe:
+ description: |-
+ Periodic probe of container liveness.
+ Container will be restarted if the probe fails.
+ Cannot be updated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ properties:
+ exec:
+ description: Exec specifies the action to take.
+ properties:
+ command:
+ description: |-
+ Command is the command line to execute inside the container, the working directory for the
+ command is root ('/') in the container's filesystem. The command is simply exec'd, it is
+ not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
+ a shell, you need to explicitly call out to that shell.
+ Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ description: |-
+ Minimum consecutive failures for the probe to be considered failed after having succeeded.
+ Defaults to 3. Minimum value is 1.
+ format: int32
+ type: integer
+ grpc:
+ description: GRPC specifies an action involving
+ a GRPC port.
+ properties:
+ port:
+ description: Port number of the gRPC service.
+ Number must be in the range 1 to 65535.
+ format: int32
+ type: integer
+ service:
+ description: |-
+ Service is the name of the service to place in the gRPC HealthCheckRequest
+ (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
+
+
+ If this is not specified, the default behavior is defined by gRPC.
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ description: HTTPGet specifies the http request
+ to perform.
+ properties:
+ host:
+ description: |-
+ Host name to connect to, defaults to the pod IP. You probably want to set
+ "Host" in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the
+ request. HTTP allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom
+ header to be used in HTTP probes
+ properties:
+ name:
+ description: |-
+ The header field name.
+ This will be canonicalized upon output, so case-variant names will be understood as the same header.
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP
+ server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Name or number of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: |-
+ Scheme to use for connecting to the host.
+ Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ description: |-
+ Number of seconds after the container has started before liveness probes are initiated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ format: int32
+ type: integer
+ periodSeconds:
+ description: |-
+ How often (in seconds) to perform the probe.
+ Default to 10 seconds. Minimum value is 1.
+ format: int32
+ type: integer
+ successThreshold:
+ description: |-
+ Minimum consecutive successes for the probe to be considered successful after having failed.
+ Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
+ format: int32
+ type: integer
+ tcpSocket:
+ description: TCPSocket specifies an action involving
+ a TCP port.
+ properties:
+ host:
+ description: 'Optional: Host name to connect
+ to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Number or name of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ description: |-
+ Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
+ The grace period is the duration in seconds after the processes running in the pod are sent
+ a termination signal and the time when the processes are forcibly halted with a kill signal.
+ Set this value longer than the expected cleanup time for your process.
+ If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
+ value overrides the value provided by the pod spec.
+ Value must be non-negative integer. The value zero indicates stop immediately via
+ the kill signal (no opportunity to shut down).
+ This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
+ Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
+ format: int64
+ type: integer
+ timeoutSeconds:
+ description: |-
+ Number of seconds after which the probe times out.
+ Defaults to 1 second. Minimum value is 1.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ format: int32
+ type: integer
+ type: object
+ name:
+ description: |-
+ Name of the container specified as a DNS_LABEL.
+ Each container in a pod must have a unique name (DNS_LABEL).
+ Cannot be updated.
+ type: string
+ ports:
+ description: |-
+ List of ports to expose from the container. Not specifying a port here
+ DOES NOT prevent that port from being exposed. Any port which is
+ listening on the default "0.0.0.0" address inside a container will be
+ accessible from the network.
+ Modifying this array with strategic merge patch may corrupt the data.
+ For more information See https://github.com/kubernetes/kubernetes/issues/108255.
+ Cannot be updated.
+ items:
+ description: ContainerPort represents a network
+ port in a single container.
+ properties:
+ containerPort:
+ description: |-
+ Number of port to expose on the pod's IP address.
+ This must be a valid port number, 0 < x < 65536.
+ format: int32
+ type: integer
+ hostIP:
+ description: What host IP to bind the external
+ port to.
+ type: string
+ hostPort:
+ description: |-
+ Number of port to expose on the host.
+ If specified, this must be a valid port number, 0 < x < 65536.
+ If HostNetwork is specified, this must match ContainerPort.
+ Most containers do not need this.
+ format: int32
+ type: integer
+ name:
+ description: |-
+ If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
+ named port in a pod must have a unique name. Name for the port that can be
+ referred to by services.
+ type: string
+ protocol:
+ default: TCP
+ description: |-
+ Protocol for port. Must be UDP, TCP, or SCTP.
+ Defaults to "TCP".
+ type: string
+ required:
+ - containerPort
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - containerPort
+ - protocol
+ x-kubernetes-list-type: map
+ readinessProbe:
+ description: |-
+ Periodic probe of container service readiness.
+ Container will be removed from service endpoints if the probe fails.
+ Cannot be updated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ properties:
+ exec:
+ description: Exec specifies the action to take.
+ properties:
+ command:
+ description: |-
+ Command is the command line to execute inside the container, the working directory for the
+ command is root ('/') in the container's filesystem. The command is simply exec'd, it is
+ not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
+ a shell, you need to explicitly call out to that shell.
+ Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ description: |-
+ Minimum consecutive failures for the probe to be considered failed after having succeeded.
+ Defaults to 3. Minimum value is 1.
+ format: int32
+ type: integer
+ grpc:
+ description: GRPC specifies an action involving
+ a GRPC port.
+ properties:
+ port:
+ description: Port number of the gRPC service.
+ Number must be in the range 1 to 65535.
+ format: int32
+ type: integer
+ service:
+ description: |-
+ Service is the name of the service to place in the gRPC HealthCheckRequest
+ (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
+
+
+ If this is not specified, the default behavior is defined by gRPC.
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ description: HTTPGet specifies the http request
+ to perform.
+ properties:
+ host:
+ description: |-
+ Host name to connect to, defaults to the pod IP. You probably want to set
+ "Host" in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the
+ request. HTTP allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom
+ header to be used in HTTP probes
+ properties:
+ name:
+ description: |-
+ The header field name.
+ This will be canonicalized upon output, so case-variant names will be understood as the same header.
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP
+ server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Name or number of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: |-
+ Scheme to use for connecting to the host.
+ Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ description: |-
+ Number of seconds after the container has started before liveness probes are initiated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ format: int32
+ type: integer
+ periodSeconds:
+ description: |-
+ How often (in seconds) to perform the probe.
+ Default to 10 seconds. Minimum value is 1.
+ format: int32
+ type: integer
+ successThreshold:
+ description: |-
+ Minimum consecutive successes for the probe to be considered successful after having failed.
+ Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
+ format: int32
+ type: integer
+ tcpSocket:
+ description: TCPSocket specifies an action involving
+ a TCP port.
+ properties:
+ host:
+ description: 'Optional: Host name to connect
+ to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Number or name of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ description: |-
+ Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
+ The grace period is the duration in seconds after the processes running in the pod are sent
+ a termination signal and the time when the processes are forcibly halted with a kill signal.
+ Set this value longer than the expected cleanup time for your process.
+ If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
+ value overrides the value provided by the pod spec.
+ Value must be non-negative integer. The value zero indicates stop immediately via
+ the kill signal (no opportunity to shut down).
+ This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
+ Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
+ format: int64
+ type: integer
+ timeoutSeconds:
+ description: |-
+ Number of seconds after which the probe times out.
+ Defaults to 1 second. Minimum value is 1.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ format: int32
+ type: integer
+ type: object
+ resizePolicy:
+ description: Resources resize policy for the container.
+ items:
+ description: ContainerResizePolicy represents
+ resource resize policy for the container.
+ properties:
+ resourceName:
+ description: |-
+ Name of the resource to which this resource resize policy applies.
+ Supported values: cpu, memory.
+ type: string
+ restartPolicy:
+ description: |-
+ Restart policy to apply when specified resource is resized.
+ If not specified, it defaults to NotRequired.
+ type: string
+ required:
+ - resourceName
+ - restartPolicy
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ resources:
+ description: |-
+ Compute Resources required by this container.
+ Cannot be updated.
+ More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
+ properties:
+ claims:
+ description: |-
+ Claims lists the names of resources, defined in spec.resourceClaims,
+ that are used by this container.
+
+
+ This is an alpha field and requires enabling the
+ DynamicResourceAllocation feature gate.
+
+
+ This field is immutable. It can only be set for containers.
+ items:
+ description: ResourceClaim references one
+ entry in PodSpec.ResourceClaims.
+ properties:
+ name:
+ description: |-
+ Name must match the name of one entry in pod.spec.resourceClaims of
+ the Pod where this field is used. It makes that resource available
+ inside a container.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
+ limits:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ description: |-
+ Limits describes the maximum amount of compute resources allowed.
+ More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
+ type: object
+ requests:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ description: |-
+ Requests describes the minimum amount of compute resources required.
+ If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
+ otherwise to an implementation-defined value. Requests cannot exceed Limits.
+ More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
+ type: object
+ type: object
+ restartPolicy:
+ description: |-
+ RestartPolicy defines the restart behavior of individual containers in a pod.
+ This field may only be set for init containers, and the only allowed value is "Always".
+ For non-init containers or when this field is not specified,
+ the restart behavior is defined by the Pod's restart policy and the container type.
+ Setting the RestartPolicy as "Always" for the init container will have the following effect:
+ this init container will be continually restarted on
+ exit until all regular containers have terminated. Once all regular
+ containers have completed, all init containers with restartPolicy "Always"
+ will be shut down. This lifecycle differs from normal init containers and
+ is often referred to as a "sidecar" container. Although this init
+ container still starts in the init container sequence, it does not wait
+ for the container to complete before proceeding to the next init
+ container. Instead, the next init container starts immediately after this
+ init container is started, or after any startupProbe has successfully
+ completed.
+ type: string
+ securityContext:
+ description: |-
+ SecurityContext defines the security options the container should be run with.
+ If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.
+ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
+ properties:
+ allowPrivilegeEscalation:
+ description: |-
+ AllowPrivilegeEscalation controls whether a process can gain more
+ privileges than its parent process. This bool directly controls if
+ the no_new_privs flag will be set on the container process.
+ AllowPrivilegeEscalation is true always when the container is:
+ 1) run as Privileged
+ 2) has CAP_SYS_ADMIN
+ Note that this field cannot be set when spec.os.name is windows.
+ type: boolean
+ capabilities:
+ description: |-
+ The capabilities to add/drop when running containers.
+ Defaults to the default set of capabilities granted by the container runtime.
+ Note that this field cannot be set when spec.os.name is windows.
+ properties:
+ add:
+ description: Added capabilities
+ items:
+ description: Capability represent POSIX
+ capabilities type
+ type: string
+ type: array
+ drop:
+ description: Removed capabilities
+ items:
+ description: Capability represent POSIX
+ capabilities type
+ type: string
+ type: array
+ type: object
+ privileged:
+ description: |-
+ Run container in privileged mode.
+ Processes in privileged containers are essentially equivalent to root on the host.
+ Defaults to false.
+ Note that this field cannot be set when spec.os.name is windows.
+ type: boolean
+ procMount:
+ description: |-
+ procMount denotes the type of proc mount to use for the containers.
+ The default is DefaultProcMount which uses the container runtime defaults for
+ readonly paths and masked paths.
+ This requires the ProcMountType feature flag to be enabled.
+ Note that this field cannot be set when spec.os.name is windows.
+ type: string
+ readOnlyRootFilesystem:
+ description: |-
+ Whether this container has a read-only root filesystem.
+ Default is false.
+ Note that this field cannot be set when spec.os.name is windows.
+ type: boolean
+ runAsGroup:
+ description: |-
+ The GID to run the entrypoint of the container process.
+ Uses runtime default if unset.
+ May also be set in PodSecurityContext. If set in both SecurityContext and
+ PodSecurityContext, the value specified in SecurityContext takes precedence.
+ Note that this field cannot be set when spec.os.name is windows.
+ format: int64
+ type: integer
+ runAsNonRoot:
+ description: |-
+ Indicates that the container must run as a non-root user.
+ If true, the Kubelet will validate the image at runtime to ensure that it
+ does not run as UID 0 (root) and fail to start the container if it does.
+ If unset or false, no such validation will be performed.
+ May also be set in PodSecurityContext. If set in both SecurityContext and
+ PodSecurityContext, the value specified in SecurityContext takes precedence.
+ type: boolean
+ runAsUser:
+ description: |-
+ The UID to run the entrypoint of the container process.
+ Defaults to user specified in image metadata if unspecified.
+ May also be set in PodSecurityContext. If set in both SecurityContext and
+ PodSecurityContext, the value specified in SecurityContext takes precedence.
+ Note that this field cannot be set when spec.os.name is windows.
+ format: int64
+ type: integer
+ seLinuxOptions:
+ description: |-
+ The SELinux context to be applied to the container.
+ If unspecified, the container runtime will allocate a random SELinux context for each
+ container. May also be set in PodSecurityContext. If set in both SecurityContext and
+ PodSecurityContext, the value specified in SecurityContext takes precedence.
+ Note that this field cannot be set when spec.os.name is windows.
+ properties:
+ level:
+ description: Level is SELinux level label
+ that applies to the container.
+ type: string
+ role:
+ description: Role is a SELinux role label
+ that applies to the container.
+ type: string
+ type:
+ description: Type is a SELinux type label
+ that applies to the container.
+ type: string
+ user:
+ description: User is a SELinux user label
+ that applies to the container.
+ type: string
+ type: object
+ seccompProfile:
+ description: |-
+ The seccomp options to use by this container. If seccomp options are
+ provided at both the pod & container level, the container options
+ override the pod options.
+ Note that this field cannot be set when spec.os.name is windows.
+ properties:
+ localhostProfile:
+ description: |-
+ localhostProfile indicates a profile defined in a file on the node should be used.
+ The profile must be preconfigured on the node to work.
+ Must be a descending path, relative to the kubelet's configured seccomp profile location.
+ Must be set if type is "Localhost". Must NOT be set for any other type.
+ type: string
+ type:
+ description: |-
+ type indicates which kind of seccomp profile will be applied.
+ Valid options are:
+
+
+ Localhost - a profile defined in a file on the node should be used.
+ RuntimeDefault - the container runtime default profile should be used.
+ Unconfined - no profile should be applied.
+ type: string
+ required:
+ - type
+ type: object
+ windowsOptions:
+ description: |-
+ The Windows specific settings applied to all containers.
+ If unspecified, the options from the PodSecurityContext will be used.
+ If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+ Note that this field cannot be set when spec.os.name is linux.
+ properties:
+ gmsaCredentialSpec:
+ description: |-
+ GMSACredentialSpec is where the GMSA admission webhook
+ (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the
+ GMSA credential spec named by the GMSACredentialSpecName field.
+ type: string
+ gmsaCredentialSpecName:
+ description: GMSACredentialSpecName is the
+ name of the GMSA credential spec to use.
+ type: string
+ hostProcess:
+ description: |-
+ HostProcess determines if a container should be run as a 'Host Process' container.
+ All of a Pod's containers must have the same effective HostProcess value
+ (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).
+ In addition, if HostProcess is true then HostNetwork must also be set to true.
+ type: boolean
+ runAsUserName:
+ description: |-
+ The UserName in Windows to run the entrypoint of the container process.
+ Defaults to the user specified in image metadata if unspecified.
+ May also be set in PodSecurityContext. If set in both SecurityContext and
+ PodSecurityContext, the value specified in SecurityContext takes precedence.
+ type: string
+ type: object
+ type: object
+ startupProbe:
+ description: |-
+ StartupProbe indicates that the Pod has successfully initialized.
+ If specified, no other probes are executed until this completes successfully.
+ If this probe fails, the Pod will be restarted, just as if the livenessProbe failed.
+ This can be used to provide different probe parameters at the beginning of a Pod's lifecycle,
+ when it might take a long time to load data or warm a cache, than during steady-state operation.
+ This cannot be updated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ properties:
+ exec:
+ description: Exec specifies the action to take.
+ properties:
+ command:
+ description: |-
+ Command is the command line to execute inside the container, the working directory for the
+ command is root ('/') in the container's filesystem. The command is simply exec'd, it is
+ not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
+ a shell, you need to explicitly call out to that shell.
+ Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ description: |-
+ Minimum consecutive failures for the probe to be considered failed after having succeeded.
+ Defaults to 3. Minimum value is 1.
+ format: int32
+ type: integer
+ grpc:
+ description: GRPC specifies an action involving
+ a GRPC port.
+ properties:
+ port:
+ description: Port number of the gRPC service.
+ Number must be in the range 1 to 65535.
+ format: int32
+ type: integer
+ service:
+ description: |-
+ Service is the name of the service to place in the gRPC HealthCheckRequest
+ (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
+
+
+ If this is not specified, the default behavior is defined by gRPC.
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ description: HTTPGet specifies the http request
+ to perform.
+ properties:
+ host:
+ description: |-
+ Host name to connect to, defaults to the pod IP. You probably want to set
+ "Host" in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the
+ request. HTTP allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom
+ header to be used in HTTP probes
+ properties:
+ name:
+ description: |-
+ The header field name.
+ This will be canonicalized upon output, so case-variant names will be understood as the same header.
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP
+ server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Name or number of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: |-
+ Scheme to use for connecting to the host.
+ Defaults to HTTP.
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ description: |-
+ Number of seconds after the container has started before liveness probes are initiated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ format: int32
+ type: integer
+ periodSeconds:
+ description: |-
+ How often (in seconds) to perform the probe.
+ Default to 10 seconds. Minimum value is 1.
+ format: int32
+ type: integer
+ successThreshold:
+ description: |-
+ Minimum consecutive successes for the probe to be considered successful after having failed.
+ Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
+ format: int32
+ type: integer
+ tcpSocket:
+ description: TCPSocket specifies an action involving
+ a TCP port.
+ properties:
+ host:
+ description: 'Optional: Host name to connect
+ to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Number or name of the port to access on the container.
+ Number must be in the range 1 to 65535.
+ Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ description: |-
+ Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
+ The grace period is the duration in seconds after the processes running in the pod are sent
+ a termination signal and the time when the processes are forcibly halted with a kill signal.
+ Set this value longer than the expected cleanup time for your process.
+ If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
+ value overrides the value provided by the pod spec.
+ Value must be non-negative integer. The value zero indicates stop immediately via
+ the kill signal (no opportunity to shut down).
+ This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
+ Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
+ format: int64
+ type: integer
+ timeoutSeconds:
+ description: |-
+ Number of seconds after which the probe times out.
+ Defaults to 1 second. Minimum value is 1.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ format: int32
+ type: integer
+ type: object
+ stdin:
+ description: |-
+ Whether this container should allocate a buffer for stdin in the container runtime. If this
+ is not set, reads from stdin in the container will always result in EOF.
+ Default is false.
+ type: boolean
+ stdinOnce:
+ description: |-
+ Whether the container runtime should close the stdin channel after it has been opened by
+ a single attach. When stdin is true the stdin stream will remain open across multiple attach
+ sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the
+ first client attaches to stdin, and then remains open and accepts data until the client disconnects,
+ at which time stdin is closed and remains closed until the container is restarted. If this
+ flag is false, a container processes that reads from stdin will never receive an EOF.
+ Default is false
+ type: boolean
+ terminationMessagePath:
+ description: |-
+ Optional: Path at which the file to which the container's termination message
+ will be written is mounted into the container's filesystem.
+ Message written is intended to be brief final status, such as an assertion failure message.
+ Will be truncated by the node if greater than 4096 bytes. The total message length across
+ all containers will be limited to 12kb.
+ Defaults to /dev/termination-log.
+ Cannot be updated.
+ type: string
+ terminationMessagePolicy:
+ description: |-
+ Indicate how the termination message should be populated. File will use the contents of
+ terminationMessagePath to populate the container status message on both success and failure.
+ FallbackToLogsOnError will use the last chunk of container log output if the termination
+ message file is empty and the container exited with an error.
+ The log output is limited to 2048 bytes or 80 lines, whichever is smaller.
+ Defaults to File.
+ Cannot be updated.
+ type: string
+ tty:
+ description: |-
+ Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.
+ Default is false.
+ type: boolean
+ volumeDevices:
+ description: volumeDevices is the list of block
+ devices to be used by the container.
+ items:
+ description: volumeDevice describes a mapping
+ of a raw block device within a container.
+ properties:
+ devicePath:
+ description: devicePath is the path inside
+ of the container that the device will be
+ mapped to.
+ type: string
+ name:
+ description: name must match the name of a
+ persistentVolumeClaim in the pod
+ type: string
+ required:
+ - devicePath
+ - name
+ type: object
+ type: array
+ volumeMounts:
+ description: |-
+ Pod volumes to mount into the container's filesystem.
+ Cannot be updated.
+ items:
+ description: VolumeMount describes a mounting
+ of a Volume within a container.
+ properties:
+ mountPath:
+ description: |-
+ Path within the container at which the volume should be mounted. Must
+ not contain ':'.
+ type: string
+ mountPropagation:
+ description: |-
+ mountPropagation determines how mounts are propagated from the host
+ to container and the other way around.
+ When not set, MountPropagationNone is used.
+ This field is beta in 1.10.
+ type: string
+ name:
+ description: This must match the Name of a
+ Volume.
+ type: string
+ readOnly:
+ description: |-
+ Mounted read-only if true, read-write otherwise (false or unspecified).
+ Defaults to false.
+ type: boolean
+ subPath:
+ description: |-
+ Path within the volume from which the container's volume should be mounted.
+ Defaults to "" (volume's root).
+ type: string
+ subPathExpr:
+ description: |-
+ Expanded path within the volume from which the container's volume should be mounted.
+ Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.
+ Defaults to "" (volume's root).
+ SubPathExpr and SubPath are mutually exclusive.
+ type: string
+ required:
+ - mountPath
+ - name
+ type: object
+ type: array
+ workingDir:
+ description: |-
+ Container's working directory.
+ If not specified, the container runtime's default will be used, which
+ might be configured in the container image.
+ Cannot be updated.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ nodeSelector:
+ additionalProperties:
+ type: string
+ description: NodeSelector
+ type: object
+ restartPolicy:
+ description: RestartPolicy
+ type: string
+ securityContext:
+ description: PodSecurityContext
+ properties:
+ fsGroup:
+ description: |-
+ A special supplemental group that applies to all containers in a pod.
+ Some volume types allow the Kubelet to change the ownership of that volume
+ to be owned by the pod:
+
+
+ 1. The owning GID will be the FSGroup
+ 2. The setgid bit is set (new files created in the volume will be owned by FSGroup)
+ 3. The permission bits are OR'd with rw-rw----
+
+
+ If unset, the Kubelet will not modify the ownership and permissions of any volume.
+ Note that this field cannot be set when spec.os.name is windows.
+ format: int64
+ type: integer
+ fsGroupChangePolicy:
+ description: |-
+ fsGroupChangePolicy defines behavior of changing ownership and permission of the volume
+ before being exposed inside Pod. This field will only apply to
+ volume types which support fsGroup based ownership(and permissions).
+ It will have no effect on ephemeral volume types such as: secret, configmaps
+ and emptydir.
+ Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used.
+ Note that this field cannot be set when spec.os.name is windows.
+ type: string
+ runAsGroup:
+ description: |-
+ The GID to run the entrypoint of the container process.
+ Uses runtime default if unset.
+ May also be set in SecurityContext. If set in both SecurityContext and
+ PodSecurityContext, the value specified in SecurityContext takes precedence
+ for that container.
+ Note that this field cannot be set when spec.os.name is windows.
+ format: int64
+ type: integer
+ runAsNonRoot:
+ description: |-
+ Indicates that the container must run as a non-root user.
+ If true, the Kubelet will validate the image at runtime to ensure that it
+ does not run as UID 0 (root) and fail to start the container if it does.
+ If unset or false, no such validation will be performed.
+ May also be set in SecurityContext. If set in both SecurityContext and
+ PodSecurityContext, the value specified in SecurityContext takes precedence.
+ type: boolean
+ runAsUser:
+ description: |-
+ The UID to run the entrypoint of the container process.
+ Defaults to user specified in image metadata if unspecified.
+ May also be set in SecurityContext. If set in both SecurityContext and
+ PodSecurityContext, the value specified in SecurityContext takes precedence
+ for that container.
+ Note that this field cannot be set when spec.os.name is windows.
+ format: int64
+ type: integer
+ seLinuxOptions:
+ description: |-
+ The SELinux context to be applied to all containers.
+ If unspecified, the container runtime will allocate a random SELinux context for each
+ container. May also be set in SecurityContext. If set in
+ both SecurityContext and PodSecurityContext, the value specified in SecurityContext
+ takes precedence for that container.
+ Note that this field cannot be set when spec.os.name is windows.
+ properties:
+ level:
+ description: Level is SELinux level label that
+ applies to the container.
+ type: string
+ role:
+ description: Role is a SELinux role label that
+ applies to the container.
+ type: string
+ type:
+ description: Type is a SELinux type label that
+ applies to the container.
+ type: string
+ user:
+ description: User is a SELinux user label that
+ applies to the container.
+ type: string
+ type: object
+ seccompProfile:
+ description: |-
+ The seccomp options to use by the containers in this pod.
+ Note that this field cannot be set when spec.os.name is windows.
+ properties:
+ localhostProfile:
+ description: |-
+ localhostProfile indicates a profile defined in a file on the node should be used.
+ The profile must be preconfigured on the node to work.
+ Must be a descending path, relative to the kubelet's configured seccomp profile location.
+ Must be set if type is "Localhost". Must NOT be set for any other type.
+ type: string
+ type:
+ description: |-
+ type indicates which kind of seccomp profile will be applied.
+ Valid options are:
+
+
+ Localhost - a profile defined in a file on the node should be used.
+ RuntimeDefault - the container runtime default profile should be used.
+ Unconfined - no profile should be applied.
+ type: string
+ required:
+ - type
+ type: object
+ supplementalGroups:
+ description: |-
+ A list of groups applied to the first process run in each container, in addition
+ to the container's primary GID, the fsGroup (if specified), and group memberships
+ defined in the container image for the uid of the container process. If unspecified,
+ no additional groups are added to any container. Note that group memberships
+ defined in the container image for the uid of the container process are still effective,
+ even if they are not included in this list.
+ Note that this field cannot be set when spec.os.name is windows.
+ items:
+ format: int64
+ type: integer
+ type: array
+ sysctls:
+ description: |-
+ Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported
+ sysctls (by the container runtime) might fail to launch.
+ Note that this field cannot be set when spec.os.name is windows.
+ items:
+ description: Sysctl defines a kernel parameter to
+ be set
+ properties:
+ name:
+ description: Name of a property to set
+ type: string
+ value:
+ description: Value of a property to set
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ windowsOptions:
+ description: |-
+ The Windows specific settings applied to all containers.
+ If unspecified, the options within a container's SecurityContext will be used.
+ If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+ Note that this field cannot be set when spec.os.name is linux.
+ properties:
+ gmsaCredentialSpec:
+ description: |-
+ GMSACredentialSpec is where the GMSA admission webhook
+ (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the
+ GMSA credential spec named by the GMSACredentialSpecName field.
+ type: string
+ gmsaCredentialSpecName:
+ description: GMSACredentialSpecName is the name
+ of the GMSA credential spec to use.
+ type: string
+ hostProcess:
+ description: |-
+ HostProcess determines if a container should be run as a 'Host Process' container.
+ All of a Pod's containers must have the same effective HostProcess value
+ (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).
+ In addition, if HostProcess is true then HostNetwork must also be set to true.
+ type: boolean
+ runAsUserName:
+ description: |-
+ The UserName in Windows to run the entrypoint of the container process.
+ Defaults to the user specified in image metadata if unspecified.
+ May also be set in PodSecurityContext. If set in both SecurityContext and
+ PodSecurityContext, the value specified in SecurityContext takes precedence.
+ type: string
+ type: object
+ type: object
+ terminationGracePeriodSeconds:
+ description: TerminationGracePeriodSeconds
+ format: int64
+ type: integer
+ topologySpreadConstraints:
+ description: TopologySpreadConstraints
+ items:
+ description: TopologySpreadConstraint specifies how
+ to spread matching pods among the given topology.
+ properties:
+ labelSelector:
+ description: |-
+ LabelSelector is used to find matching pods.
+ Pods that match this label selector are counted to determine the number of pods
+ in their corresponding topology domain.
+ properties:
+ matchExpressions:
+ description: matchExpressions is a list of label
+ selector requirements. The requirements are
+ ANDed.
+ items:
+ description: |-
+ A label selector requirement is a selector that contains values, a key, and an operator that
+ relates the key and values.
+ properties:
+ key:
+ description: key is the label key that
+ the selector applies to.
+ type: string
+ operator:
+ description: |-
+ operator represents a key's relationship to a set of values.
+ Valid operators are In, NotIn, Exists and DoesNotExist.
+ type: string
+ values:
+ description: |-
+ values is an array of string values. If the operator is In or NotIn,
+ the values array must be non-empty. If the operator is Exists or DoesNotExist,
+ the values array must be empty. This array is replaced during a strategic
+ merge patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: |-
+ matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
+ map is equivalent to an element of matchExpressions, whose key field is "key", the
+ operator is "In", and the values array contains only "value". The requirements are ANDed.
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ matchLabelKeys:
+ description: |-
+ MatchLabelKeys is a set of pod label keys to select the pods over which
+ spreading will be calculated. The keys are used to lookup values from the
+ incoming pod labels, those key-value labels are ANDed with labelSelector
+ to select the group of existing pods over which spreading will be calculated
+ for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.
+ MatchLabelKeys cannot be set when LabelSelector isn't set.
+ Keys that don't exist in the incoming pod labels will
+ be ignored. A null or empty list means only match against labelSelector.
+
+
+ This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default).
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ maxSkew:
+ description: |-
+ MaxSkew describes the degree to which pods may be unevenly distributed.
+ When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference
+ between the number of matching pods in the target topology and the global minimum.
+ The global minimum is the minimum number of matching pods in an eligible domain
+ or zero if the number of eligible domains is less than MinDomains.
+ For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same
+ labelSelector spread as 2/2/1:
+ In this case, the global minimum is 1.
+ | zone1 | zone2 | zone3 |
+ | P P | P P | P |
+ - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2;
+ scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2)
+ violate MaxSkew(1).
+ - if MaxSkew is 2, incoming pod can be scheduled onto any zone.
+ When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence
+ to topologies that satisfy it.
+ It's a required field. Default value is 1 and 0 is not allowed.
+ format: int32
+ type: integer
+ minDomains:
+ description: |-
+ MinDomains indicates a minimum number of eligible domains.
+ When the number of eligible domains with matching topology keys is less than minDomains,
+ Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed.
+ And when the number of eligible domains with matching topology keys equals or greater than minDomains,
+ this value has no effect on scheduling.
+ As a result, when the number of eligible domains is less than minDomains,
+ scheduler won't schedule more than maxSkew Pods to those domains.
+ If value is nil, the constraint behaves as if MinDomains is equal to 1.
+ Valid values are integers greater than 0.
+ When value is not nil, WhenUnsatisfiable must be DoNotSchedule.
+
+
+ For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same
+ labelSelector spread as 2/2/2:
+ | zone1 | zone2 | zone3 |
+ | P P | P P | P P |
+ The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0.
+ In this situation, new pod with the same labelSelector cannot be scheduled,
+ because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,
+ it will violate MaxSkew.
+
+
+ This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default).
+ format: int32
+ type: integer
+ nodeAffinityPolicy:
+ description: |-
+ NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector
+ when calculating pod topology spread skew. Options are:
+ - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.
+ - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.
+
+
+ If this value is nil, the behavior is equivalent to the Honor policy.
+ This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.
+ type: string
+ nodeTaintsPolicy:
+ description: |-
+ NodeTaintsPolicy indicates how we will treat node taints when calculating
+ pod topology spread skew. Options are:
+ - Honor: nodes without taints, along with tainted nodes for which the incoming pod
+ has a toleration, are included.
+ - Ignore: node taints are ignored. All nodes are included.
+
+
+ If this value is nil, the behavior is equivalent to the Ignore policy.
+ This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.
+ type: string
+ topologyKey:
+ description: |-
+ TopologyKey is the key of node labels. Nodes that have a label with this key
+ and identical values are considered to be in the same topology.
+ We consider each as a "bucket", and try to put balanced number
+ of pods into each bucket.
+ We define a domain as a particular instance of a topology.
+ Also, we define an eligible domain as a domain whose nodes meet the requirements of
+ nodeAffinityPolicy and nodeTaintsPolicy.
+ e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology.
+ And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology.
+ It's a required field.
+ type: string
+ whenUnsatisfiable:
+ description: |-
+ WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy
+ the spread constraint.
+ - DoNotSchedule (default) tells the scheduler not to schedule it.
+ - ScheduleAnyway tells the scheduler to schedule the pod in any location,
+ but giving higher precedence to topologies that would help reduce the
+ skew.
+ A constraint is considered "Unsatisfiable" for an incoming pod
+ if and only if every possible node assignment for that pod would violate
+ "MaxSkew" on some topology.
+ For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same
+ labelSelector spread as 3/1/1:
+ | zone1 | zone2 | zone3 |
+ | P P P | P | P |
+ If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled
+ to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies
+ MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler
+ won't make it *more* imbalanced.
+ It's a required field.
+ type: string
+ required:
+ - maxSkew
+ - topologyKey
+ - whenUnsatisfiable
+ type: object
+ type: array
+ volumes:
+ description: Volumes
+ items:
+ description: Volume represents a named volume in a pod
+ that may be accessed by any container in the pod.
+ properties:
+ awsElasticBlockStore:
+ description: |-
+ awsElasticBlockStore represents an AWS Disk resource that is attached to a
+ kubelet's host machine and then exposed to the pod.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
+ properties:
+ fsType:
+ description: |-
+ fsType is the filesystem type of the volume that you want to mount.
+ Tip: Ensure that the filesystem type is supported by the host operating system.
+ Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
+ TODO: how do we prevent errors in the filesystem from compromising the machine
+ type: string
+ partition:
+ description: |-
+ partition is the partition in the volume that you want to mount.
+ If omitted, the default is to mount by volume name.
+ Examples: For volume /dev/sda1, you specify the partition as "1".
+ Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty).
+ format: int32
+ type: integer
+ readOnly:
+ description: |-
+ readOnly value true will force the readOnly setting in VolumeMounts.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
+ type: boolean
+ volumeID:
+ description: |-
+ volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume).
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
+ type: string
+ required:
+ - volumeID
+ type: object
+ azureDisk:
+ description: azureDisk represents an Azure Data
+ Disk mount on the host and bind mount to the pod.
+ properties:
+ cachingMode:
+ description: 'cachingMode is the Host Caching
+ mode: None, Read Only, Read Write.'
+ type: string
+ diskName:
+ description: diskName is the Name of the data
+ disk in the blob storage
+ type: string
+ diskURI:
+ description: diskURI is the URI of data disk
+ in the blob storage
+ type: string
+ fsType:
+ description: |-
+ fsType is Filesystem type to mount.
+ Must be a filesystem type supported by the host operating system.
+ Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+ type: string
+ kind:
+ description: 'kind expected values are Shared:
+ multiple blob disks per storage account Dedicated:
+ single blob disk per storage account Managed:
+ azure managed data disk (only in managed availability
+ set). defaults to shared'
+ type: string
+ readOnly:
+ description: |-
+ readOnly Defaults to false (read/write). ReadOnly here will force
+ the ReadOnly setting in VolumeMounts.
+ type: boolean
+ required:
+ - diskName
+ - diskURI
+ type: object
+ azureFile:
+ description: azureFile represents an Azure File
+ Service mount on the host and bind mount to the
+ pod.
+ properties:
+ readOnly:
+ description: |-
+ readOnly defaults to false (read/write). ReadOnly here will force
+ the ReadOnly setting in VolumeMounts.
+ type: boolean
+ secretName:
+ description: secretName is the name of secret
+ that contains Azure Storage Account Name and
+ Key
+ type: string
+ shareName:
+ description: shareName is the azure share Name
+ type: string
+ required:
+ - secretName
+ - shareName
+ type: object
+ cephfs:
+ description: cephFS represents a Ceph FS mount on
+ the host that shares a pod's lifetime
+ properties:
+ monitors:
+ description: |-
+ monitors is Required: Monitors is a collection of Ceph monitors
+ More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
+ items:
+ type: string
+ type: array
+ path:
+ description: 'path is Optional: Used as the
+ mounted root, rather than the full Ceph tree,
+ default is /'
+ type: string
+ readOnly:
+ description: |-
+ readOnly is Optional: Defaults to false (read/write). ReadOnly here will force
+ the ReadOnly setting in VolumeMounts.
+ More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
+ type: boolean
+ secretFile:
+ description: |-
+ secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret
+ More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
+ type: string
+ secretRef:
+ description: |-
+ secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.
+ More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
+ properties:
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ user:
+ description: |-
+ user is optional: User is the rados user name, default is admin
+ More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
+ type: string
+ required:
+ - monitors
+ type: object
+ cinder:
+ description: |-
+ cinder represents a cinder volume attached and mounted on kubelets host machine.
+ More info: https://examples.k8s.io/mysql-cinder-pd/README.md
+ properties:
+ fsType:
+ description: |-
+ fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host operating system.
+ Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+ More info: https://examples.k8s.io/mysql-cinder-pd/README.md
+ type: string
+ readOnly:
+ description: |-
+ readOnly defaults to false (read/write). ReadOnly here will force
+ the ReadOnly setting in VolumeMounts.
+ More info: https://examples.k8s.io/mysql-cinder-pd/README.md
+ type: boolean
+ secretRef:
+ description: |-
+ secretRef is optional: points to a secret object containing parameters used to connect
+ to OpenStack.
+ properties:
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ volumeID:
+ description: |-
+ volumeID used to identify the volume in cinder.
+ More info: https://examples.k8s.io/mysql-cinder-pd/README.md
+ type: string
+ required:
+ - volumeID
+ type: object
+ configMap:
+ description: configMap represents a configMap that
+ should populate this volume
+ properties:
+ defaultMode:
+ description: |-
+ defaultMode is optional: mode bits used to set permissions on created files by default.
+ Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
+ YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
+ Defaults to 0644.
+ Directories within the path are not affected by this setting.
+ This might be in conflict with other options that affect the file
+ mode, like fsGroup, and the result can be other mode bits set.
+ format: int32
+ type: integer
+ items:
+ description: |-
+ items if unspecified, each key-value pair in the Data field of the referenced
+ ConfigMap will be projected into the volume as a file whose name is the
+ key and content is the value. If specified, the listed keys will be
+ projected into the specified paths, and unlisted keys will not be
+ present. If a key is specified which is not present in the ConfigMap,
+ the volume setup will error unless it is marked optional. Paths must be
+ relative and may not contain the '..' path or start with '..'.
+ items:
+ description: Maps a string key to a path within
+ a volume.
+ properties:
+ key:
+ description: key is the key to project.
+ type: string
+ mode:
+ description: |-
+ mode is Optional: mode bits used to set permissions on this file.
+ Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
+ YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
+ If not specified, the volume defaultMode will be used.
+ This might be in conflict with other options that affect the file
+ mode, like fsGroup, and the result can be other mode bits set.
+ format: int32
+ type: integer
+ path:
+ description: |-
+ path is the relative path of the file to map the key to.
+ May not be an absolute path.
+ May not contain the path element '..'.
+ May not start with the string '..'.
+ type: string
+ required:
+ - key
+ - path
+ type: object
+ type: array
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: optional specify whether the ConfigMap
+ or its keys must be defined
+ type: boolean
+ type: object
+ x-kubernetes-map-type: atomic
+ csi:
+ description: csi (Container Storage Interface) represents
+ ephemeral storage that is handled by certain external
+ CSI drivers (Beta feature).
+ properties:
+ driver:
+ description: |-
+ driver is the name of the CSI driver that handles this volume.
+ Consult with your admin for the correct name as registered in the cluster.
+ type: string
+ fsType:
+ description: |-
+ fsType to mount. Ex. "ext4", "xfs", "ntfs".
+ If not provided, the empty value is passed to the associated CSI driver
+ which will determine the default filesystem to apply.
+ type: string
+ nodePublishSecretRef:
+ description: |-
+ nodePublishSecretRef is a reference to the secret object containing
+ sensitive information to pass to the CSI driver to complete the CSI
+ NodePublishVolume and NodeUnpublishVolume calls.
+ This field is optional, and may be empty if no secret is required. If the
+ secret object contains more than one secret, all secret references are passed.
+ properties:
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ readOnly:
+ description: |-
+ readOnly specifies a read-only configuration for the volume.
+ Defaults to false (read/write).
+ type: boolean
+ volumeAttributes:
+ additionalProperties:
+ type: string
+ description: |-
+ volumeAttributes stores driver-specific properties that are passed to the CSI
+ driver. Consult your driver's documentation for supported values.
+ type: object
+ required:
+ - driver
+ type: object
+ downwardAPI:
+ description: downwardAPI represents downward API
+ about the pod that should populate this volume
+ properties:
+ defaultMode:
+ description: |-
+ Optional: mode bits to use on created files by default. Must be a
+ Optional: mode bits used to set permissions on created files by default.
+ Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
+ YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
+ Defaults to 0644.
+ Directories within the path are not affected by this setting.
+ This might be in conflict with other options that affect the file
+ mode, like fsGroup, and the result can be other mode bits set.
+ format: int32
+ type: integer
+ items:
+ description: Items is a list of downward API
+ volume file
+ items:
+ description: DownwardAPIVolumeFile represents
+ information to create the file containing
+ the pod field
+ properties:
+ fieldRef:
+ description: 'Required: Selects a field
+ of the pod: only annotations, labels,
+ name and namespace are supported.'
+ properties:
+ apiVersion:
+ description: Version of the schema
+ the FieldPath is written in terms
+ of, defaults to "v1".
+ type: string
+ fieldPath:
+ description: Path of the field to
+ select in the specified API version.
+ type: string
+ required:
+ - fieldPath
+ type: object
+ x-kubernetes-map-type: atomic
+ mode:
+ description: |-
+ Optional: mode bits used to set permissions on this file, must be an octal value
+ between 0000 and 0777 or a decimal value between 0 and 511.
+ YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
+ If not specified, the volume defaultMode will be used.
+ This might be in conflict with other options that affect the file
+ mode, like fsGroup, and the result can be other mode bits set.
+ format: int32
+ type: integer
+ path:
+ description: 'Required: Path is the relative
+ path name of the file to be created.
+ Must not be absolute or contain the
+ ''..'' path. Must be utf-8 encoded.
+ The first item of the relative path
+ must not start with ''..'''
+ type: string
+ resourceFieldRef:
+ description: |-
+ Selects a resource of the container: only resources limits and requests
+ (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.
+ properties:
+ containerName:
+ description: 'Container name: required
+ for volumes, optional for env vars'
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Specifies the output
+ format of the exposed resources,
+ defaults to "1"
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ description: 'Required: resource to
+ select'
+ type: string
+ required:
+ - resource
+ type: object
+ x-kubernetes-map-type: atomic
+ required:
+ - path
+ type: object
+ type: array
+ type: object
+ emptyDir:
+ description: |-
+ emptyDir represents a temporary directory that shares a pod's lifetime.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir
+ properties:
+ medium:
+ description: |-
+ medium represents what type of storage medium should back this directory.
+ The default is "" which means to use the node's default medium.
+ Must be an empty string (default) or Memory.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir
+ type: string
+ sizeLimit:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ sizeLimit is the total amount of local storage required for this EmptyDir volume.
+ The size limit is also applicable for memory medium.
+ The maximum usage on memory medium EmptyDir would be the minimum value between
+ the SizeLimit specified here and the sum of memory limits of all containers in a pod.
+ The default is nil which means that the limit is undefined.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ ephemeral:
+ description: |-
+ ephemeral represents a volume that is handled by a cluster storage driver.
+ The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts,
+ and deleted when the pod is removed.
+
+
+ Use this if:
+ a) the volume is only needed while the pod runs,
+ b) features of normal volumes like restoring from snapshot or capacity
+ tracking are needed,
+ c) the storage driver is specified through a storage class, and
+ d) the storage driver supports dynamic volume provisioning through
+ a PersistentVolumeClaim (see EphemeralVolumeSource for more
+ information on the connection between this volume type
+ and PersistentVolumeClaim).
+
+
+ Use PersistentVolumeClaim or one of the vendor-specific
+ APIs for volumes that persist for longer than the lifecycle
+ of an individual pod.
+
+
+ Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to
+ be used that way - see the documentation of the driver for
+ more information.
+
+
+ A pod can use both types of ephemeral volumes and
+ persistent volumes at the same time.
+ properties:
+ volumeClaimTemplate:
+ description: |-
+ Will be used to create a stand-alone PVC to provision the volume.
+ The pod in which this EphemeralVolumeSource is embedded will be the
+ owner of the PVC, i.e. the PVC will be deleted together with the
+ pod. The name of the PVC will be `-` where
+ `` is the name from the `PodSpec.Volumes` array
+ entry. Pod validation will reject the pod if the concatenated name
+ is not valid for a PVC (for example, too long).
+
+
+ An existing PVC with that name that is not owned by the pod
+ will *not* be used for the pod to avoid using an unrelated
+ volume by mistake. Starting the pod is then blocked until
+ the unrelated PVC is removed. If such a pre-created PVC is
+ meant to be used by the pod, the PVC has to updated with an
+ owner reference to the pod once the pod exists. Normally
+ this should not be necessary, but it may be useful when
+ manually reconstructing a broken cluster.
+
+
+ This field is read-only and no changes will be made by Kubernetes
+ to the PVC after it has been created.
+
+
+ Required, must not be nil.
+ properties:
+ metadata:
+ description: |-
+ May contain labels and annotations that will be copied into the PVC
+ when creating it. No other fields are allowed and will be rejected during
+ validation.
+ type: object
+ spec:
+ description: |-
+ The specification for the PersistentVolumeClaim. The entire content is
+ copied unchanged into the PVC that gets created from this
+ template. The same fields as in a PersistentVolumeClaim
+ are also valid here.
+ properties:
+ accessModes:
+ description: |-
+ accessModes contains the desired access modes the volume should have.
+ More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1
+ items:
+ type: string
+ type: array
+ dataSource:
+ description: |-
+ dataSource field can be used to specify either:
+ * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)
+ * An existing PVC (PersistentVolumeClaim)
+ If the provisioner or an external controller can support the specified data source,
+ it will create a new volume based on the contents of the specified data source.
+ When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,
+ and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.
+ If the namespace is specified, then dataSourceRef will not be copied to dataSource.
+ properties:
+ apiGroup:
+ description: |-
+ APIGroup is the group for the resource being referenced.
+ If APIGroup is not specified, the specified Kind must be in the core API group.
+ For any other third-party types, APIGroup is required.
+ type: string
+ kind:
+ description: Kind is the type of
+ resource being referenced
+ type: string
+ name:
+ description: Name is the name of
+ resource being referenced
+ type: string
+ required:
+ - kind
+ - name
+ type: object
+ x-kubernetes-map-type: atomic
+ dataSourceRef:
+ description: |-
+ dataSourceRef specifies the object from which to populate the volume with data, if a non-empty
+ volume is desired. This may be any object from a non-empty API group (non
+ core object) or a PersistentVolumeClaim object.
+ When this field is specified, volume binding will only succeed if the type of
+ the specified object matches some installed volume populator or dynamic
+ provisioner.
+ This field will replace the functionality of the dataSource field and as such
+ if both fields are non-empty, they must have the same value. For backwards
+ compatibility, when namespace isn't specified in dataSourceRef,
+ both fields (dataSource and dataSourceRef) will be set to the same
+ value automatically if one of them is empty and the other is non-empty.
+ When namespace is specified in dataSourceRef,
+ dataSource isn't set to the same value and must be empty.
+ There are three important differences between dataSource and dataSourceRef:
+ * While dataSource only allows two specific types of objects, dataSourceRef
+ allows any non-core object, as well as PersistentVolumeClaim objects.
+ * While dataSource ignores disallowed values (dropping them), dataSourceRef
+ preserves all values, and generates an error if a disallowed value is
+ specified.
+ * While dataSource only allows local objects, dataSourceRef allows objects
+ in any namespaces.
+ (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.
+ (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.
+ properties:
+ apiGroup:
+ description: |-
+ APIGroup is the group for the resource being referenced.
+ If APIGroup is not specified, the specified Kind must be in the core API group.
+ For any other third-party types, APIGroup is required.
+ type: string
+ kind:
+ description: Kind is the type of
+ resource being referenced
+ type: string
+ name:
+ description: Name is the name of
+ resource being referenced
+ type: string
+ namespace:
+ description: |-
+ Namespace is the namespace of resource being referenced
+ Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.
+ (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.
+ type: string
+ required:
+ - kind
+ - name
+ type: object
+ resources:
+ description: |-
+ resources represents the minimum resources the volume should have.
+ If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements
+ that are lower than previous value but must still be higher than capacity recorded in the
+ status field of the claim.
+ More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
+ properties:
+ limits:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ description: |-
+ Limits describes the maximum amount of compute resources allowed.
+ More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
+ type: object
+ requests:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ description: |-
+ Requests describes the minimum amount of compute resources required.
+ If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
+ otherwise to an implementation-defined value. Requests cannot exceed Limits.
+ More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
+ type: object
+ type: object
+ selector:
+ description: selector is a label query
+ over volumes to consider for binding.
+ properties:
+ matchExpressions:
+ description: matchExpressions is
+ a list of label selector requirements.
+ The requirements are ANDed.
+ items:
+ description: |-
+ A label selector requirement is a selector that contains values, a key, and an operator that
+ relates the key and values.
+ properties:
+ key:
+ description: key is the label
+ key that the selector applies
+ to.
+ type: string
+ operator:
+ description: |-
+ operator represents a key's relationship to a set of values.
+ Valid operators are In, NotIn, Exists and DoesNotExist.
+ type: string
+ values:
+ description: |-
+ values is an array of string values. If the operator is In or NotIn,
+ the values array must be non-empty. If the operator is Exists or DoesNotExist,
+ the values array must be empty. This array is replaced during a strategic
+ merge patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: |-
+ matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
+ map is equivalent to an element of matchExpressions, whose key field is "key", the
+ operator is "In", and the values array contains only "value". The requirements are ANDed.
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ storageClassName:
+ description: |-
+ storageClassName is the name of the StorageClass required by the claim.
+ More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1
+ type: string
+ volumeAttributesClassName:
+ description: |-
+ volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.
+ If specified, the CSI driver will create or update the volume with the attributes defined
+ in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,
+ it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass
+ will be applied to the claim but it's not allowed to reset this field to empty string once it is set.
+ If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass
+ will be set by the persistentvolume controller if it exists.
+ If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be
+ set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource
+ exists.
+ More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass
+ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.
+ type: string
+ volumeMode:
+ description: |-
+ volumeMode defines what type of volume is required by the claim.
+ Value of Filesystem is implied when not included in claim spec.
+ type: string
+ volumeName:
+ description: volumeName is the binding
+ reference to the PersistentVolume
+ backing this claim.
+ type: string
+ type: object
+ required:
+ - spec
+ type: object
+ type: object
+ fc:
+ description: fc represents a Fibre Channel resource
+ that is attached to a kubelet's host machine and
+ then exposed to the pod.
+ properties:
+ fsType:
+ description: |-
+ fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host operating system.
+ Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+ TODO: how do we prevent errors in the filesystem from compromising the machine
+ type: string
+ lun:
+ description: 'lun is Optional: FC target lun
+ number'
+ format: int32
+ type: integer
+ readOnly:
+ description: |-
+ readOnly is Optional: Defaults to false (read/write). ReadOnly here will force
+ the ReadOnly setting in VolumeMounts.
+ type: boolean
+ targetWWNs:
+ description: 'targetWWNs is Optional: FC target
+ worldwide names (WWNs)'
+ items:
+ type: string
+ type: array
+ wwids:
+ description: |-
+ wwids Optional: FC volume world wide identifiers (wwids)
+ Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously.
+ items:
+ type: string
+ type: array
+ type: object
+ flexVolume:
+ description: |-
+ flexVolume represents a generic volume resource that is
+ provisioned/attached using an exec based plugin.
+ properties:
+ driver:
+ description: driver is the name of the driver
+ to use for this volume.
+ type: string
+ fsType:
+ description: |-
+ fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host operating system.
+ Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script.
+ type: string
+ options:
+ additionalProperties:
+ type: string
+ description: 'options is Optional: this field
+ holds extra command options if any.'
+ type: object
+ readOnly:
+ description: |-
+ readOnly is Optional: defaults to false (read/write). ReadOnly here will force
+ the ReadOnly setting in VolumeMounts.
+ type: boolean
+ secretRef:
+ description: |-
+ secretRef is Optional: secretRef is reference to the secret object containing
+ sensitive information to pass to the plugin scripts. This may be
+ empty if no secret object is specified. If the secret object
+ contains more than one secret, all secrets are passed to the plugin
+ scripts.
+ properties:
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ required:
+ - driver
+ type: object
+ flocker:
+ description: flocker represents a Flocker volume
+ attached to a kubelet's host machine. This depends
+ on the Flocker control service being running
+ properties:
+ datasetName:
+ description: |-
+ datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker
+ should be considered as deprecated
+ type: string
+ datasetUUID:
+ description: datasetUUID is the UUID of the
+ dataset. This is unique identifier of a Flocker
+ dataset
+ type: string
+ type: object
+ gcePersistentDisk:
+ description: |-
+ gcePersistentDisk represents a GCE Disk resource that is attached to a
+ kubelet's host machine and then exposed to the pod.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
+ properties:
+ fsType:
+ description: |-
+ fsType is filesystem type of the volume that you want to mount.
+ Tip: Ensure that the filesystem type is supported by the host operating system.
+ Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
+ TODO: how do we prevent errors in the filesystem from compromising the machine
+ type: string
+ partition:
+ description: |-
+ partition is the partition in the volume that you want to mount.
+ If omitted, the default is to mount by volume name.
+ Examples: For volume /dev/sda1, you specify the partition as "1".
+ Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty).
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
+ format: int32
+ type: integer
+ pdName:
+ description: |-
+ pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
+ type: string
+ readOnly:
+ description: |-
+ readOnly here will force the ReadOnly setting in VolumeMounts.
+ Defaults to false.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
+ type: boolean
+ required:
+ - pdName
+ type: object
+ gitRepo:
+ description: |-
+ gitRepo represents a git repository at a particular revision.
+ DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an
+ EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir
+ into the Pod's container.
+ properties:
+ directory:
+ description: |-
+ directory is the target directory name.
+ Must not contain or start with '..'. If '.' is supplied, the volume directory will be the
+ git repository. Otherwise, if specified, the volume will contain the git repository in
+ the subdirectory with the given name.
+ type: string
+ repository:
+ description: repository is the URL
+ type: string
+ revision:
+ description: revision is the commit hash for
+ the specified revision.
+ type: string
+ required:
+ - repository
+ type: object
+ glusterfs:
+ description: |-
+ glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.
+ More info: https://examples.k8s.io/volumes/glusterfs/README.md
+ properties:
+ endpoints:
+ description: |-
+ endpoints is the endpoint name that details Glusterfs topology.
+ More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod
+ type: string
+ path:
+ description: |-
+ path is the Glusterfs volume path.
+ More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod
+ type: string
+ readOnly:
+ description: |-
+ readOnly here will force the Glusterfs volume to be mounted with read-only permissions.
+ Defaults to false.
+ More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod
+ type: boolean
+ required:
+ - endpoints
+ - path
+ type: object
+ hostPath:
+ description: |-
+ hostPath represents a pre-existing file or directory on the host
+ machine that is directly exposed to the container. This is generally
+ used for system agents or other privileged things that are allowed
+ to see the host machine. Most containers will NOT need this.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
+ ---
+ TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not
+ mount host directories as read/write.
+ properties:
+ path:
+ description: |-
+ path of the directory on the host.
+ If the path is a symlink, it will follow the link to the real path.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
+ type: string
+ type:
+ description: |-
+ type for HostPath Volume
+ Defaults to ""
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
+ type: string
+ required:
+ - path
+ type: object
+ iscsi:
+ description: |-
+ iscsi represents an ISCSI Disk resource that is attached to a
+ kubelet's host machine and then exposed to the pod.
+ More info: https://examples.k8s.io/volumes/iscsi/README.md
+ properties:
+ chapAuthDiscovery:
+ description: chapAuthDiscovery defines whether
+ support iSCSI Discovery CHAP authentication
+ type: boolean
+ chapAuthSession:
+ description: chapAuthSession defines whether
+ support iSCSI Session CHAP authentication
+ type: boolean
+ fsType:
+ description: |-
+ fsType is the filesystem type of the volume that you want to mount.
+ Tip: Ensure that the filesystem type is supported by the host operating system.
+ Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi
+ TODO: how do we prevent errors in the filesystem from compromising the machine
+ type: string
+ initiatorName:
+ description: |-
+ initiatorName is the custom iSCSI Initiator Name.
+ If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface
+ : will be created for the connection.
+ type: string
+ iqn:
+ description: iqn is the target iSCSI Qualified
+ Name.
+ type: string
+ iscsiInterface:
+ description: |-
+ iscsiInterface is the interface Name that uses an iSCSI transport.
+ Defaults to 'default' (tcp).
+ type: string
+ lun:
+ description: lun represents iSCSI Target Lun
+ number.
+ format: int32
+ type: integer
+ portals:
+ description: |-
+ portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port
+ is other than default (typically TCP ports 860 and 3260).
+ items:
+ type: string
+ type: array
+ readOnly:
+ description: |-
+ readOnly here will force the ReadOnly setting in VolumeMounts.
+ Defaults to false.
+ type: boolean
+ secretRef:
+ description: secretRef is the CHAP Secret for
+ iSCSI target and initiator authentication
+ properties:
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ targetPortal:
+ description: |-
+ targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port
+ is other than default (typically TCP ports 860 and 3260).
+ type: string
+ required:
+ - iqn
+ - lun
+ - targetPortal
+ type: object
+ name:
+ description: |-
+ name of the volume.
+ Must be a DNS_LABEL and unique within the pod.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ type: string
+ nfs:
+ description: |-
+ nfs represents an NFS mount on the host that shares a pod's lifetime
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs
+ properties:
+ path:
+ description: |-
+ path that is exported by the NFS server.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs
+ type: string
+ readOnly:
+ description: |-
+ readOnly here will force the NFS export to be mounted with read-only permissions.
+ Defaults to false.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs
+ type: boolean
+ server:
+ description: |-
+ server is the hostname or IP address of the NFS server.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs
+ type: string
+ required:
+ - path
+ - server
+ type: object
+ persistentVolumeClaim:
+ description: |-
+ persistentVolumeClaimVolumeSource represents a reference to a
+ PersistentVolumeClaim in the same namespace.
+ More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims
+ properties:
+ claimName:
+ description: |-
+ claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume.
+ More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims
+ type: string
+ readOnly:
+ description: |-
+ readOnly Will force the ReadOnly setting in VolumeMounts.
+ Default false.
+ type: boolean
+ required:
+ - claimName
+ type: object
+ photonPersistentDisk:
+ description: photonPersistentDisk represents a PhotonController
+ persistent disk attached and mounted on kubelets
+ host machine
+ properties:
+ fsType:
+ description: |-
+ fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host operating system.
+ Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+ type: string
+ pdID:
+ description: pdID is the ID that identifies
+ Photon Controller persistent disk
+ type: string
+ required:
+ - pdID
+ type: object
+ portworxVolume:
+ description: portworxVolume represents a portworx
+ volume attached and mounted on kubelets host machine
+ properties:
+ fsType:
+ description: |-
+ fSType represents the filesystem type to mount
+ Must be a filesystem type supported by the host operating system.
+ Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified.
+ type: string
+ readOnly:
+ description: |-
+ readOnly defaults to false (read/write). ReadOnly here will force
+ the ReadOnly setting in VolumeMounts.
+ type: boolean
+ volumeID:
+ description: volumeID uniquely identifies a
+ Portworx volume
+ type: string
+ required:
+ - volumeID
+ type: object
+ projected:
+ description: projected items for all in one resources
+ secrets, configmaps, and downward API
+ properties:
+ defaultMode:
+ description: |-
+ defaultMode are the mode bits used to set permissions on created files by default.
+ Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
+ YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
+ Directories within the path are not affected by this setting.
+ This might be in conflict with other options that affect the file
+ mode, like fsGroup, and the result can be other mode bits set.
+ format: int32
+ type: integer
+ sources:
+ description: sources is the list of volume projections
+ items:
+ description: Projection that may be projected
+ along with other supported volume types
+ properties:
+ clusterTrustBundle:
+ description: |-
+ ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field
+ of ClusterTrustBundle objects in an auto-updating file.
+
+
+ Alpha, gated by the ClusterTrustBundleProjection feature gate.
+
+
+ ClusterTrustBundle objects can either be selected by name, or by the
+ combination of signer name and a label selector.
+
+
+ Kubelet performs aggressive normalization of the PEM contents written
+ into the pod filesystem. Esoteric PEM features such as inter-block
+ comments and block headers are stripped. Certificates are deduplicated.
+ The ordering of certificates within the file is arbitrary, and Kubelet
+ may change the order over time.
+ properties:
+ labelSelector:
+ description: |-
+ Select all ClusterTrustBundles that match this label selector. Only has
+ effect if signerName is set. Mutually-exclusive with name. If unset,
+ interpreted as "match nothing". If set but empty, interpreted as "match
+ everything".
+ properties:
+ matchExpressions:
+ description: matchExpressions
+ is a list of label selector
+ requirements. The requirements
+ are ANDed.
+ items:
+ description: |-
+ A label selector requirement is a selector that contains values, a key, and an operator that
+ relates the key and values.
+ properties:
+ key:
+ description: key is the
+ label key that the selector
+ applies to.
+ type: string
+ operator:
+ description: |-
+ operator represents a key's relationship to a set of values.
+ Valid operators are In, NotIn, Exists and DoesNotExist.
+ type: string
+ values:
+ description: |-
+ values is an array of string values. If the operator is In or NotIn,
+ the values array must be non-empty. If the operator is Exists or DoesNotExist,
+ the values array must be empty. This array is replaced during a strategic
+ merge patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: |-
+ matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
+ map is equivalent to an element of matchExpressions, whose key field is "key", the
+ operator is "In", and the values array contains only "value". The requirements are ANDed.
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ name:
+ description: |-
+ Select a single ClusterTrustBundle by object name. Mutually-exclusive
+ with signerName and labelSelector.
+ type: string
+ optional:
+ description: |-
+ If true, don't block pod startup if the referenced ClusterTrustBundle(s)
+ aren't available. If using name, then the named ClusterTrustBundle is
+ allowed not to exist. If using signerName, then the combination of
+ signerName and labelSelector is allowed to match zero
+ ClusterTrustBundles.
+ type: boolean
+ path:
+ description: Relative path from the
+ volume root to write the bundle.
+ type: string
+ signerName:
+ description: |-
+ Select all ClusterTrustBundles that match this signer name.
+ Mutually-exclusive with name. The contents of all selected
+ ClusterTrustBundles will be unified and deduplicated.
+ type: string
+ required:
+ - path
+ type: object
+ configMap:
+ description: configMap information about
+ the configMap data to project
+ properties:
+ items:
+ description: |-
+ items if unspecified, each key-value pair in the Data field of the referenced
+ ConfigMap will be projected into the volume as a file whose name is the
+ key and content is the value. If specified, the listed keys will be
+ projected into the specified paths, and unlisted keys will not be
+ present. If a key is specified which is not present in the ConfigMap,
+ the volume setup will error unless it is marked optional. Paths must be
+ relative and may not contain the '..' path or start with '..'.
+ items:
+ description: Maps a string key to
+ a path within a volume.
+ properties:
+ key:
+ description: key is the key
+ to project.
+ type: string
+ mode:
+ description: |-
+ mode is Optional: mode bits used to set permissions on this file.
+ Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
+ YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
+ If not specified, the volume defaultMode will be used.
+ This might be in conflict with other options that affect the file
+ mode, like fsGroup, and the result can be other mode bits set.
+ format: int32
+ type: integer
+ path:
+ description: |-
+ path is the relative path of the file to map the key to.
+ May not be an absolute path.
+ May not contain the path element '..'.
+ May not start with the string '..'.
+ type: string
+ required:
+ - key
+ - path
+ type: object
+ type: array
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: optional specify whether
+ the ConfigMap or its keys must be
+ defined
+ type: boolean
+ type: object
+ x-kubernetes-map-type: atomic
+ downwardAPI:
+ description: downwardAPI information about
+ the downwardAPI data to project
+ properties:
+ items:
+ description: Items is a list of DownwardAPIVolume
+ file
+ items:
+ description: DownwardAPIVolumeFile
+ represents information to create
+ the file containing the pod field
+ properties:
+ fieldRef:
+ description: 'Required: Selects
+ a field of the pod: only annotations,
+ labels, name and namespace
+ are supported.'
+ properties:
+ apiVersion:
+ description: Version of
+ the schema the FieldPath
+ is written in terms of,
+ defaults to "v1".
+ type: string
+ fieldPath:
+ description: Path of the
+ field to select in the
+ specified API version.
+ type: string
+ required:
+ - fieldPath
+ type: object
+ x-kubernetes-map-type: atomic
+ mode:
+ description: |-
+ Optional: mode bits used to set permissions on this file, must be an octal value
+ between 0000 and 0777 or a decimal value between 0 and 511.
+ YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
+ If not specified, the volume defaultMode will be used.
+ This might be in conflict with other options that affect the file
+ mode, like fsGroup, and the result can be other mode bits set.
+ format: int32
+ type: integer
+ path:
+ description: 'Required: Path
+ is the relative path name
+ of the file to be created.
+ Must not be absolute or contain
+ the ''..'' path. Must be utf-8
+ encoded. The first item of
+ the relative path must not
+ start with ''..'''
+ type: string
+ resourceFieldRef:
+ description: |-
+ Selects a resource of the container: only resources limits and requests
+ (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.
+ properties:
+ containerName:
+ description: 'Container
+ name: required for volumes,
+ optional for env vars'
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Specifies the
+ output format of the exposed
+ resources, defaults to
+ "1"
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ description: 'Required:
+ resource to select'
+ type: string
+ required:
+ - resource
+ type: object
+ x-kubernetes-map-type: atomic
+ required:
+ - path
+ type: object
+ type: array
+ type: object
+ secret:
+ description: secret information about
+ the secret data to project
+ properties:
+ items:
+ description: |-
+ items if unspecified, each key-value pair in the Data field of the referenced
+ Secret will be projected into the volume as a file whose name is the
+ key and content is the value. If specified, the listed keys will be
+ projected into the specified paths, and unlisted keys will not be
+ present. If a key is specified which is not present in the Secret,
+ the volume setup will error unless it is marked optional. Paths must be
+ relative and may not contain the '..' path or start with '..'.
+ items:
+ description: Maps a string key to
+ a path within a volume.
+ properties:
+ key:
+ description: key is the key
+ to project.
+ type: string
+ mode:
+ description: |-
+ mode is Optional: mode bits used to set permissions on this file.
+ Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
+ YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
+ If not specified, the volume defaultMode will be used.
+ This might be in conflict with other options that affect the file
+ mode, like fsGroup, and the result can be other mode bits set.
+ format: int32
+ type: integer
+ path:
+ description: |-
+ path is the relative path of the file to map the key to.
+ May not be an absolute path.
+ May not contain the path element '..'.
+ May not start with the string '..'.
+ type: string
+ required:
+ - key
+ - path
+ type: object
+ type: array
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ optional:
+ description: optional field specify
+ whether the Secret or its key must
+ be defined
+ type: boolean
+ type: object
+ x-kubernetes-map-type: atomic
+ serviceAccountToken:
+ description: serviceAccountToken is information
+ about the serviceAccountToken data to
+ project
+ properties:
+ audience:
+ description: |-
+ audience is the intended audience of the token. A recipient of a token
+ must identify itself with an identifier specified in the audience of the
+ token, and otherwise should reject the token. The audience defaults to the
+ identifier of the apiserver.
+ type: string
+ expirationSeconds:
+ description: |-
+ expirationSeconds is the requested duration of validity of the service
+ account token. As the token approaches expiration, the kubelet volume
+ plugin will proactively rotate the service account token. The kubelet will
+ start trying to rotate the token if the token is older than 80 percent of
+ its time to live or if the token is older than 24 hours.Defaults to 1 hour
+ and must be at least 10 minutes.
+ format: int64
+ type: integer
+ path:
+ description: |-
+ path is the path relative to the mount point of the file to project the
+ token into.
+ type: string
+ required:
+ - path
+ type: object
+ type: object
+ type: array
+ type: object
+ quobyte:
+ description: quobyte represents a Quobyte mount
+ on the host that shares a pod's lifetime
+ properties:
+ group:
+ description: |-
+ group to map volume access to
+ Default is no group
+ type: string
+ readOnly:
+ description: |-
+ readOnly here will force the Quobyte volume to be mounted with read-only permissions.
+ Defaults to false.
+ type: boolean
+ registry:
+ description: |-
+ registry represents a single or multiple Quobyte Registry services
+ specified as a string as host:port pair (multiple entries are separated with commas)
+ which acts as the central registry for volumes
+ type: string
+ tenant:
+ description: |-
+ tenant owning the given Quobyte volume in the Backend
+ Used with dynamically provisioned Quobyte volumes, value is set by the plugin
+ type: string
+ user:
+ description: |-
+ user to map volume access to
+ Defaults to serivceaccount user
+ type: string
+ volume:
+ description: volume is a string that references
+ an already created Quobyte volume by name.
+ type: string
+ required:
+ - registry
+ - volume
+ type: object
+ rbd:
+ description: |-
+ rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.
+ More info: https://examples.k8s.io/volumes/rbd/README.md
+ properties:
+ fsType:
+ description: |-
+ fsType is the filesystem type of the volume that you want to mount.
+ Tip: Ensure that the filesystem type is supported by the host operating system.
+ Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd
+ TODO: how do we prevent errors in the filesystem from compromising the machine
+ type: string
+ image:
+ description: |-
+ image is the rados image name.
+ More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
+ type: string
+ keyring:
+ description: |-
+ keyring is the path to key ring for RBDUser.
+ Default is /etc/ceph/keyring.
+ More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
+ type: string
+ monitors:
+ description: |-
+ monitors is a collection of Ceph monitors.
+ More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
+ items:
+ type: string
+ type: array
+ pool:
+ description: |-
+ pool is the rados pool name.
+ Default is rbd.
+ More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
+ type: string
+ readOnly:
+ description: |-
+ readOnly here will force the ReadOnly setting in VolumeMounts.
+ Defaults to false.
+ More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
+ type: boolean
+ secretRef:
+ description: |-
+ secretRef is name of the authentication secret for RBDUser. If provided
+ overrides keyring.
+ Default is nil.
+ More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
+ properties:
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ user:
+ description: |-
+ user is the rados user name.
+ Default is admin.
+ More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
+ type: string
+ required:
+ - image
+ - monitors
+ type: object
+ scaleIO:
+ description: scaleIO represents a ScaleIO persistent
+ volume attached and mounted on Kubernetes nodes.
+ properties:
+ fsType:
+ description: |-
+ fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host operating system.
+ Ex. "ext4", "xfs", "ntfs".
+ Default is "xfs".
+ type: string
+ gateway:
+ description: gateway is the host address of
+ the ScaleIO API Gateway.
+ type: string
+ protectionDomain:
+ description: protectionDomain is the name of
+ the ScaleIO Protection Domain for the configured
+ storage.
+ type: string
+ readOnly:
+ description: |-
+ readOnly Defaults to false (read/write). ReadOnly here will force
+ the ReadOnly setting in VolumeMounts.
+ type: boolean
+ secretRef:
+ description: |-
+ secretRef references to the secret for ScaleIO user and other
+ sensitive information. If this is not provided, Login operation will fail.
+ properties:
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ sslEnabled:
+ description: sslEnabled Flag enable/disable
+ SSL communication with Gateway, default false
+ type: boolean
+ storageMode:
+ description: |-
+ storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned.
+ Default is ThinProvisioned.
+ type: string
+ storagePool:
+ description: storagePool is the ScaleIO Storage
+ Pool associated with the protection domain.
+ type: string
+ system:
+ description: system is the name of the storage
+ system as configured in ScaleIO.
+ type: string
+ volumeName:
+ description: |-
+ volumeName is the name of a volume already created in the ScaleIO system
+ that is associated with this volume source.
+ type: string
+ required:
+ - gateway
+ - secretRef
+ - system
+ type: object
+ secret:
+ description: |-
+ secret represents a secret that should populate this volume.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#secret
+ properties:
+ defaultMode:
+ description: |-
+ defaultMode is Optional: mode bits used to set permissions on created files by default.
+ Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
+ YAML accepts both octal and decimal values, JSON requires decimal values
+ for mode bits. Defaults to 0644.
+ Directories within the path are not affected by this setting.
+ This might be in conflict with other options that affect the file
+ mode, like fsGroup, and the result can be other mode bits set.
+ format: int32
+ type: integer
+ items:
+ description: |-
+ items If unspecified, each key-value pair in the Data field of the referenced
+ Secret will be projected into the volume as a file whose name is the
+ key and content is the value. If specified, the listed keys will be
+ projected into the specified paths, and unlisted keys will not be
+ present. If a key is specified which is not present in the Secret,
+ the volume setup will error unless it is marked optional. Paths must be
+ relative and may not contain the '..' path or start with '..'.
+ items:
+ description: Maps a string key to a path within
+ a volume.
+ properties:
+ key:
+ description: key is the key to project.
+ type: string
+ mode:
+ description: |-
+ mode is Optional: mode bits used to set permissions on this file.
+ Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
+ YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
+ If not specified, the volume defaultMode will be used.
+ This might be in conflict with other options that affect the file
+ mode, like fsGroup, and the result can be other mode bits set.
+ format: int32
+ type: integer
+ path:
+ description: |-
+ path is the relative path of the file to map the key to.
+ May not be an absolute path.
+ May not contain the path element '..'.
+ May not start with the string '..'.
+ type: string
+ required:
+ - key
+ - path
+ type: object
+ type: array
+ optional:
+ description: optional field specify whether
+ the Secret or its keys must be defined
+ type: boolean
+ secretName:
+ description: |-
+ secretName is the name of the secret in the pod's namespace to use.
+ More info: https://kubernetes.io/docs/concepts/storage/volumes#secret
+ type: string
+ type: object
+ storageos:
+ description: storageOS represents a StorageOS volume
+ attached and mounted on Kubernetes nodes.
+ properties:
+ fsType:
+ description: |-
+ fsType is the filesystem type to mount.
+ Must be a filesystem type supported by the host operating system.
+ Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+ type: string
+ readOnly:
+ description: |-
+ readOnly defaults to false (read/write). ReadOnly here will force
+ the ReadOnly setting in VolumeMounts.
+ type: boolean
+ secretRef:
+ description: |-
+ secretRef specifies the secret to use for obtaining the StorageOS API
+ credentials. If not specified, default values will be attempted.
+ properties:
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ volumeName:
+ description: |-
+ volumeName is the human-readable name of the StorageOS volume. Volume
+ names are only unique within a namespace.
+ type: string
+ volumeNamespace:
+ description: |-
+ volumeNamespace specifies the scope of the volume within StorageOS. If no
+ namespace is specified then the Pod's namespace will be used. This allows the
+ Kubernetes name scoping to be mirrored within StorageOS for tighter integration.
+ Set VolumeName to any name to override the default behaviour.
+ Set to "default" if you are not using namespaces within StorageOS.
+ Namespaces that do not pre-exist within StorageOS will be created.
+ type: string
+ type: object
+ vsphereVolume:
+ description: vsphereVolume represents a vSphere
+ volume attached and mounted on kubelets host machine
+ properties:
+ fsType:
+ description: |-
+ fsType is filesystem type to mount.
+ Must be a filesystem type supported by the host operating system.
+ Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+ type: string
+ storagePolicyID:
+ description: storagePolicyID is the storage
+ Policy Based Management (SPBM) profile ID
+ associated with the StoragePolicyName.
+ type: string
+ storagePolicyName:
+ description: storagePolicyName is the storage
+ Policy Based Management (SPBM) profile name.
+ type: string
+ volumePath:
+ description: volumePath is the path that identifies
+ vSphere volume vmdk
+ type: string
+ required:
+ - volumePath
+ type: object
+ required:
+ - name
+ type: object
+ type: array
+ required:
+ - containers
+ type: object
+ type: object
+ traits:
+ description: the traits needed to run this Integration
+ properties:
+ 3scale:
+ description: 'Deprecated: for backward compatibility.'
+ properties:
+ configuration:
+ description: TraitConfiguration parameters configuration
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ required:
+ - configuration
+ type: object
+ addons:
+ additionalProperties:
+ description: AddonTrait represents the configuration of
+ an addon trait.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ description: The extension point with addon traits
+ type: object
+ affinity:
+ description: The configuration of Affinity trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait.
+ All traits share this common property.
+ type: boolean
+ nodeAffinityLabels:
+ description: Defines a set of nodes the integration pod(s)
+ are eligible to be scheduled on, based on labels on
+ the node.
+ items:
+ type: string
+ type: array
+ podAffinity:
+ description: Always co-locates multiple replicas of the
+ integration in the same node (default `false`).
+ type: boolean
+ podAffinityLabels:
+ description: |-
+ Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the
+ integration pod(s) should be co-located with.
+ items:
+ type: string
+ type: array
+ podAntiAffinity:
+ description: Never co-locates multiple replicas of the
+ integration in the same node (default `false`).
+ type: boolean
+ podAntiAffinityLabels:
+ description: |-
+ Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the
+ integration pod(s) should not be co-located with.
+ items:
+ type: string
+ type: array
+ type: object
+ builder:
+ description: The configuration of Builder trait
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ description: When using `pod` strategy, annotation to
+ use for the builder pod.
+ type: object
+ baseImage:
+ description: |-
+ Specify a base image. In order to have the application working properly it must be a container image which has a Java JDK
+ installed and ready to use on path (ie `/usr/bin/java`).
+ type: string
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ incrementalImageBuild:
+ description: Use the incremental image build option, to
+ reuse existing containers (default `true`)
+ type: boolean
+ limitCPU:
+ description: |-
+ When using `pod` strategy, the maximum amount of CPU required by the pod builder.
+ Deprecated: use TasksRequestCPU instead with task name `builder`.
+ type: string
+ limitMemory:
+ description: |-
+ When using `pod` strategy, the maximum amount of memory required by the pod builder.
+ Deprecated: use TasksRequestCPU instead with task name `builder`.
+ type: string
+ mavenProfiles:
+ description: |-
+ A list of references pointing to configmaps/secrets that contains a maven profile.
+ This configmap/secret is a resource of the IntegrationKit created, therefore it needs to be present in the namespace where the operator is going to create the IntegrationKit.
+ The content of the maven profile is expected to be a text containing a valid maven profile starting with `` and ending with `` that will be integrated as an inline profile in the POM.
+ Syntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = profile.xml).
+ items:
+ type: string
+ type: array
+ nodeSelector:
+ additionalProperties:
+ type: string
+ description: Defines a set of nodes the builder pod is
+ eligible to be scheduled on, based on labels on the
+ node.
+ type: object
+ orderStrategy:
+ description: The build order strategy to use, either `dependencies`,
+ `fifo` or `sequential` (default is the platform default)
+ enum:
+ - dependencies
+ - fifo
+ - sequential
+ type: string
+ platforms:
+ description: The list of manifest platforms to use to
+ build a container image (default `linux/amd64`).
+ items:
+ type: string
+ type: array
+ properties:
+ description: A list of properties to be provided to the
+ build task
+ items:
+ type: string
+ type: array
+ requestCPU:
+ description: |-
+ When using `pod` strategy, the minimum amount of CPU required by the pod builder.
+ Deprecated: use TasksRequestCPU instead with task name `builder`.
+ type: string
+ requestMemory:
+ description: |-
+ When using `pod` strategy, the minimum amount of memory required by the pod builder.
+ Deprecated: use TasksRequestCPU instead with task name `builder`.
+ type: string
+ strategy:
+ description: The strategy to use, either `pod` or `routine`
+ (default `routine`)
+ enum:
+ - pod
+ - routine
+ type: string
+ tasks:
+ description: A list of tasks to be executed (available
+ only when using `pod` strategy) with format `;;`.
+ items:
+ type: string
+ type: array
+ tasksFilter:
+ description: |-
+ A list of tasks sorted by the order of execution in a csv format, ie, `,,...`.
+ Mind that you must include also the operator tasks (`builder`, `quarkus-native`, `package`, `jib`, `s2i`)
+ if you need to execute them. Useful only with `pod` strategy.
+ type: string
+ tasksLimitCPU:
+ description: A list of limit cpu configuration for the
+ specific task with format `:`.
+ items:
+ type: string
+ type: array
+ tasksLimitMemory:
+ description: A list of limit memory configuration for
+ the specific task with format `:`.
+ items:
+ type: string
+ type: array
+ tasksRequestCPU:
+ description: A list of request cpu configuration for the
+ specific task with format `:`.
+ items:
+ type: string
+ type: array
+ tasksRequestMemory:
+ description: A list of request memory configuration for
+ the specific task with format `:`.
+ items:
+ type: string
+ type: array
+ verbose:
+ description: |-
+ Enable verbose logging on build components that support it (e.g. Kaniko build pod).
+ Deprecated no longer in use
+ type: boolean
+ type: object
+ camel:
+ description: The configuration of Camel trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ properties:
+ description: A list of properties to be provided to the
+ Integration runtime
+ items:
+ type: string
+ type: array
+ runtimeVersion:
+ description: |-
+ The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform.
+ You can use a fixed version (for example "3.2.3") or a semantic version (for example "3.x") which will try to resolve
+ to the best matching Catalog existing on the cluster.
+ type: string
+ type: object
+ container:
+ description: The configuration of Container trait
+ properties:
+ allowPrivilegeEscalation:
+ description: Security Context AllowPrivilegeEscalation
+ configuration (default false).
+ type: boolean
+ auto:
+ description: To automatically enable the trait
+ type: boolean
+ capabilitiesAdd:
+ description: Security Context Capabilities Add configuration
+ (default none).
+ items:
+ description: Capability represent POSIX capabilities
+ type
+ type: string
+ type: array
+ capabilitiesDrop:
+ description: Security Context Capabilities Drop configuration
+ (default ALL).
+ items:
+ description: Capability represent POSIX capabilities
+ type
+ type: string
+ type: array
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ expose:
+ description: Can be used to enable/disable exposure via
+ kubernetes Service.
+ type: boolean
+ image:
+ description: |-
+ The main container image to use for the Integration. When using this parameter the operator will create a synthetic IntegrationKit which
+ won't be able to execute traits requiring CamelCatalog. If the container image you're using is coming from an IntegrationKit, use instead
+ Integration `.spec.integrationKit` parameter. If you're moving the Integration across environments, you will also need to create an "external" IntegrationKit.
+ type: string
+ imagePullPolicy:
+ description: 'The pull policy: Always|Never|IfNotPresent'
+ enum:
+ - Always
+ - Never
+ - IfNotPresent
+ type: string
+ limitCPU:
+ description: The maximum amount of CPU to be provided
+ (default 500 millicores).
+ type: string
+ limitMemory:
+ description: The maximum amount of memory to be provided
+ (default 512 Mi).
+ type: string
+ name:
+ description: The main container name. It's named `integration`
+ by default.
+ type: string
+ port:
+ description: To configure a different port exposed by
+ the container (default `8080`).
+ type: integer
+ portName:
+ description: To configure a different port name for the
+ port exposed by the container. It defaults to `http`
+ only when the `expose` parameter is true.
+ type: string
+ requestCPU:
+ description: The minimum amount of CPU required (default
+ 125 millicores).
+ type: string
+ requestMemory:
+ description: The minimum amount of memory required (default
+ 128 Mi).
+ type: string
+ runAsNonRoot:
+ description: Security Context RunAsNonRoot configuration
+ (default false).
+ type: boolean
+ runAsUser:
+ description: 'Security Context RunAsUser configuration
+ (default none): this value is automatically retrieved
+ in Openshift clusters when not explicitly set.'
+ format: int64
+ type: integer
+ seccompProfileType:
+ description: Security Context SeccompProfileType configuration
+ (default RuntimeDefault).
+ enum:
+ - Unconfined
+ - RuntimeDefault
+ type: string
+ servicePort:
+ description: To configure under which service port the
+ container port is to be exposed (default `80`).
+ type: integer
+ servicePortName:
+ description: To configure under which service port name
+ the container port is to be exposed (default `http`).
+ type: string
+ type: object
+ cron:
+ description: The configuration of Cron trait
+ properties:
+ activeDeadlineSeconds:
+ description: |-
+ Specifies the duration in seconds, relative to the start time, that the job
+ may be continuously active before it is considered to be failed.
+ It defaults to 60s.
+ format: int64
+ type: integer
+ auto:
+ description: |-
+ Automatically deploy the integration as CronJob when all routes are
+ either starting from a periodic consumer (only `cron`, `timer` and `quartz` are supported) or a passive consumer (e.g. `direct` is a passive consumer).
+
+
+ It's required that all periodic consumers have the same period, and it can be expressed as cron schedule (e.g. `1m` can be expressed as `0/1 * * * *`,
+ while `35m` or `50s` cannot).
+ type: boolean
+ backoffLimit:
+ description: |-
+ Specifies the number of retries before marking the job failed.
+ It defaults to 2.
+ format: int32
+ type: integer
+ components:
+ description: |-
+ A comma separated list of the Camel components that need to be customized in order for them to work when the schedule is triggered externally by Kubernetes.
+ A specific customizer is activated for each specified component. E.g. for the `timer` component, the `cron-timer` customizer is
+ activated (it's present in the `org.apache.camel.k:camel-k-cron` library).
+
+
+ Supported components are currently: `cron`, `timer` and `quartz`.
+ type: string
+ concurrencyPolicy:
+ description: |-
+ Specifies how to treat concurrent executions of a Job.
+ Valid values are:
+ - "Allow": allows CronJobs to run concurrently;
+ - "Forbid" (default): forbids concurrent runs, skipping next run if previous run hasn't finished yet;
+ - "Replace": cancels currently running job and replaces it with a new one
+ enum:
+ - Allow
+ - Forbid
+ - Replace
+ type: string
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait.
+ All traits share this common property.
+ type: boolean
+ fallback:
+ description: |-
+ Use the default Camel implementation of the `cron` endpoint (`quartz`) instead of trying to materialize the integration
+ as Kubernetes CronJob.
+ type: boolean
+ schedule:
+ description: |-
+ The CronJob schedule for the whole integration. If multiple routes are declared, they must have the same schedule for this
+ mechanism to work correctly.
+ type: string
+ startingDeadlineSeconds:
+ description: |-
+ Optional deadline in seconds for starting the job if it misses scheduled
+ time for any reason. Missed jobs executions will be counted as failed ones.
+ format: int64
+ type: integer
+ timeZone:
+ description: The timezone that the CronJob will run on
+ type: string
+ type: object
+ dependencies:
+ description: The configuration of Dependencies trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ type: object
+ deployer:
+ description: The configuration of Deployer trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ kind:
+ description: Allows to explicitly select the desired deployment
+ kind between `deployment`, `cron-job` or `knative-service`
+ when creating the resources for running the integration.
+ enum:
+ - deployment
+ - cron-job
+ - knative-service
+ type: string
+ useSSA:
+ description: |-
+ Use server-side apply to update the owned resources (default `true`).
+ Note that it automatically falls back to client-side patching, if SSA is not available, e.g., on old Kubernetes clusters.
+ type: boolean
+ type: object
+ deployment:
+ description: The configuration of Deployment trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ progressDeadlineSeconds:
+ description: |-
+ The maximum time in seconds for the deployment to make progress before it
+ is considered to be failed. It defaults to `60s`.
+ format: int32
+ type: integer
+ rollingUpdateMaxSurge:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ The maximum number of pods that can be scheduled above the desired number of
+ pods.
+ Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
+ This can not be 0 if MaxUnavailable is 0.
+ Absolute number is calculated from percentage by rounding up.
+ Defaults to `25%`.
+ x-kubernetes-int-or-string: true
+ rollingUpdateMaxUnavailable:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ The maximum number of pods that can be unavailable during the update.
+ Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
+ Absolute number is calculated from percentage by rounding down.
+ This can not be 0 if MaxSurge is 0.
+ Defaults to `25%`.
+ x-kubernetes-int-or-string: true
+ strategy:
+ description: The deployment strategy to use to replace
+ existing pods with new ones.
+ enum:
+ - Recreate
+ - RollingUpdate
+ type: string
+ type: object
+ environment:
+ description: The configuration of Environment trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ containerMeta:
+ description: Enables injection of `NAMESPACE` and `POD_NAME`
+ environment variables (default `true`)
+ type: boolean
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ httpProxy:
+ description: Propagates the `HTTP_PROXY`, `HTTPS_PROXY`
+ and `NO_PROXY` environment variables (default `true`)
+ type: boolean
+ vars:
+ description: |-
+ A list of environment variables to be added to the integration container.
+ The syntax is KEY=VALUE, e.g., `MY_VAR="my value"`.
+ These take precedence over the previously defined environment variables.
+ items:
+ type: string
+ type: array
+ type: object
+ error-handler:
+ description: The configuration of Error Handler trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ ref:
+ description: The error handler ref name provided or found
+ in application properties
+ type: string
+ type: object
+ gc:
+ description: The configuration of GC trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ discoveryCache:
+ description: |-
+ Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`).
+ Deprecated: to be removed from trait configuration.
+ enum:
+ - disabled
+ - disk
+ - memory
+ type: string
+ enabled:
+ description: Can be used to enable or disable a trait.
+ All traits share this common property.
+ type: boolean
+ type: object
+ health:
+ description: The configuration of Health trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait.
+ All traits share this common property.
+ type: boolean
+ livenessFailureThreshold:
+ description: Minimum consecutive failures for the liveness
+ probe to be considered failed after having succeeded.
+ format: int32
+ type: integer
+ livenessInitialDelay:
+ description: Number of seconds after the container has
+ started before the liveness probe is initiated.
+ format: int32
+ type: integer
+ livenessPeriod:
+ description: How often to perform the liveness probe.
+ format: int32
+ type: integer
+ livenessProbe:
+ description: The liveness probe path to use (default provided
+ by the Catalog runtime used).
+ type: string
+ livenessProbeEnabled:
+ description: Configures the liveness probe for the integration
+ container (default `false`).
+ type: boolean
+ livenessScheme:
+ description: Scheme to use when connecting to the liveness
+ probe (default `HTTP`).
+ type: string
+ livenessSuccessThreshold:
+ description: Minimum consecutive successes for the liveness
+ probe to be considered successful after having failed.
+ format: int32
+ type: integer
+ livenessTimeout:
+ description: Number of seconds after which the liveness
+ probe times out.
+ format: int32
+ type: integer
+ readinessFailureThreshold:
+ description: Minimum consecutive failures for the readiness
+ probe to be considered failed after having succeeded.
+ format: int32
+ type: integer
+ readinessInitialDelay:
+ description: Number of seconds after the container has
+ started before the readiness probe is initiated.
+ format: int32
+ type: integer
+ readinessPeriod:
+ description: How often to perform the readiness probe.
+ format: int32
+ type: integer
+ readinessProbe:
+ description: The readiness probe path to use (default
+ provided by the Catalog runtime used).
+ type: string
+ readinessProbeEnabled:
+ description: Configures the readiness probe for the integration
+ container (default `true`).
+ type: boolean
+ readinessScheme:
+ description: Scheme to use when connecting to the readiness
+ probe (default `HTTP`).
+ type: string
+ readinessSuccessThreshold:
+ description: Minimum consecutive successes for the readiness
+ probe to be considered successful after having failed.
+ format: int32
+ type: integer
+ readinessTimeout:
+ description: Number of seconds after which the readiness
+ probe times out.
+ format: int32
+ type: integer
+ startupFailureThreshold:
+ description: Minimum consecutive failures for the startup
+ probe to be considered failed after having succeeded.
+ format: int32
+ type: integer
+ startupInitialDelay:
+ description: Number of seconds after the container has
+ started before the startup probe is initiated.
+ format: int32
+ type: integer
+ startupPeriod:
+ description: How often to perform the startup probe.
+ format: int32
+ type: integer
+ startupProbe:
+ description: The startup probe path to use (default provided
+ by the Catalog runtime used).
+ type: string
+ startupProbeEnabled:
+ description: Configures the startup probe for the integration
+ container (default `false`).
+ type: boolean
+ startupScheme:
+ description: Scheme to use when connecting to the startup
+ probe (default `HTTP`).
+ type: string
+ startupSuccessThreshold:
+ description: Minimum consecutive successes for the startup
+ probe to be considered successful after having failed.
+ format: int32
+ type: integer
+ startupTimeout:
+ description: Number of seconds after which the startup
+ probe times out.
+ format: int32
+ type: integer
+ type: object
+ ingress:
+ description: The configuration of Ingress trait
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ description: |-
+ The annotations added to the ingress.
+ This can be used to set controller specific annotations, e.g., when using the NGINX Ingress controller:
+ See https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md
+ type: object
+ auto:
+ description: To automatically add an ingress whenever
+ the integration uses an HTTP endpoint consumer.
+ type: boolean
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait.
+ All traits share this common property.
+ type: boolean
+ host:
+ description: To configure the host exposed by the ingress.
+ type: string
+ path:
+ description: To configure the path exposed by the ingress
+ (default `/`).
+ type: string
+ pathType:
+ description: |-
+ To configure the path type exposed by the ingress.
+ One of `Exact`, `Prefix`, `ImplementationSpecific` (default to `Prefix`).
+ enum:
+ - Exact
+ - Prefix
+ - ImplementationSpecific
+ type: string
+ tlsHosts:
+ description: To configure tls hosts
+ items:
+ type: string
+ type: array
+ tlsSecretName:
+ description: To configure tls secret name
+ type: string
+ type: object
+ istio:
+ description: The configuration of Istio trait
+ properties:
+ allow:
+ description: Configures a (comma-separated) list of CIDR
+ subnets that should not be intercepted by the Istio
+ proxy (`10.0.0.0/8,172.16.0.0/12,192.168.0.0/16` by
+ default).
+ type: string
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait.
+ All traits share this common property.
+ type: boolean
+ inject:
+ description: Forces the value for labels `sidecar.istio.io/inject`.
+ By default the label is set to `true` on deployment
+ and not set on Knative Service.
+ type: boolean
+ type: object
+ jolokia:
+ description: The configuration of Jolokia trait
+ properties:
+ CACert:
+ description: |-
+ The PEM encoded CA certification file path, used to verify client certificates,
+ applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`
+ (default `/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt` for OpenShift).
+ type: string
+ clientPrincipal:
+ description: |-
+ The principal(s) which must be given in a client certificate to allow access to the Jolokia endpoint,
+ applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`
+ (default `clientPrincipal=cn=system:master-proxy`, `cn=hawtio-online.hawtio.svc` and `cn=fuse-console.fuse.svc` for OpenShift).
+ items:
+ type: string
+ type: array
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ discoveryEnabled:
+ description: Listen for multicast requests (default `false`)
+ type: boolean
+ enabled:
+ description: Can be used to enable or disable a trait.
+ All traits share this common property.
+ type: boolean
+ extendedClientCheck:
+ description: |-
+ Mandate the client certificate contains a client flag in the extended key usage section,
+ applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`
+ (default `true` for OpenShift).
+ type: boolean
+ host:
+ description: |-
+ The Host address to which the Jolokia agent should bind to. If `"\*"` or `"0.0.0.0"` is given,
+ the servers binds to every network interface (default `"*"`).
+ type: string
+ options:
+ description: |-
+ A list of additional Jolokia options as defined
+ in https://jolokia.org/reference/html/agents.html#agent-jvm-config[JVM agent configuration options]
+ items:
+ type: string
+ type: array
+ password:
+ description: The password used for authentication, applicable
+ when the `user` option is set.
+ type: string
+ port:
+ description: The Jolokia endpoint port (default `8778`).
+ type: integer
+ protocol:
+ description: The protocol to use, either `http` or `https`
+ (default `https` for OpenShift)
+ type: string
+ useSSLClientAuthentication:
+ description: Whether client certificates should be used
+ for authentication (default `true` for OpenShift).
+ type: boolean
+ user:
+ description: The user to be used for authentication
+ type: string
+ type: object
+ jvm:
+ description: The configuration of JVM trait
+ properties:
+ classpath:
+ description: Additional JVM classpath (use `Linux` classpath
+ separator)
+ type: string
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ debug:
+ description: Activates remote debugging, so that a debugger
+ can be attached to the JVM, e.g., using port-forwarding
+ type: boolean
+ debugAddress:
+ description: Transport address at which to listen for
+ the newly launched JVM (default `*:5005`)
+ type: string
+ debugSuspend:
+ description: Suspends the target JVM immediately before
+ the main class is loaded
+ type: boolean
+ enabled:
+ description: Can be used to enable or disable a trait.
+ All traits share this common property.
+ type: boolean
+ jar:
+ description: The Jar dependency which will run the application.
+ Leave it empty for managed Integrations.
+ type: string
+ options:
+ description: A list of JVM options
+ items:
+ type: string
+ type: array
+ printCommand:
+ description: |-
+ Prints the command used the start the JVM in the container logs (default `true`)
+ Deprecated: no longer in use.
+ type: boolean
+ type: object
+ kamelets:
+ description: The configuration of Kamelets trait
+ properties:
+ auto:
+ description: Automatically inject all referenced Kamelets
+ and their default configuration (enabled by default)
+ type: boolean
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait.
+ All traits share this common property.
+ type: boolean
+ list:
+ description: Comma separated list of Kamelet names to
+ load into the current integration
+ type: string
+ mountPoint:
+ description: The directory where the application mounts
+ and reads Kamelet spec (default `/etc/camel/kamelets`)
+ type: string
+ type: object
+ keda:
+ description: 'Deprecated: for backward compatibility.'
+ properties:
+ configuration:
+ description: TraitConfiguration parameters configuration
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ required:
+ - configuration
+ type: object
+ knative:
+ description: The configuration of Knative trait
+ properties:
+ auto:
+ description: Enable automatic discovery of all trait properties.
+ type: boolean
+ channelSinks:
+ description: |-
+ List of channels used as destination of integration routes.
+ Can contain simple channel names or full Camel URIs.
+ items:
+ type: string
+ type: array
+ channelSources:
+ description: |-
+ List of channels used as source of integration routes.
+ Can contain simple channel names or full Camel URIs.
+ items:
+ type: string
+ type: array
+ config:
+ description: Can be used to inject a Knative complete
+ configuration in JSON format.
+ type: string
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait.
+ All traits share this common property.
+ type: boolean
+ endpointSinks:
+ description: |-
+ List of endpoints used as destination of integration routes.
+ Can contain simple endpoint names or full Camel URIs.
+ items:
+ type: string
+ type: array
+ endpointSources:
+ description: List of channels used as source of integration
+ routes.
+ items:
+ type: string
+ type: array
+ eventSinks:
+ description: |-
+ List of event types that the integration will produce.
+ Can contain simple event types or full Camel URIs (to use a specific broker).
+ items:
+ type: string
+ type: array
+ eventSources:
+ description: |-
+ List of event types that the integration will be subscribed to.
+ Can contain simple event types or full Camel URIs (to use a specific broker different from "default").
+ items:
+ type: string
+ type: array
+ filterEventType:
+ description: |-
+ Enables the default filtering for the Knative trigger using the event type
+ If this is true, the created Knative trigger uses the event type as a filter on the event stream when no other filter criteria is given. (default: true)
+ type: boolean
+ filterSourceChannels:
+ description: |-
+ Enables filtering on events based on the header "ce-knativehistory". Since this header has been removed in newer versions of
+ Knative, filtering is disabled by default.
+ type: boolean
+ filters:
+ description: |-
+ Sets filter attributes on the event stream (such as event type, source, subject and so on).
+ A list of key-value pairs that represent filter attributes and its values.
+ The syntax is KEY=VALUE, e.g., `source="my.source"`.
+ Filter attributes get set on the Knative trigger that is being created as part of this integration.
+ items:
+ type: string
+ type: array
+ namespaceLabel:
+ description: |-
+ Enables the camel-k-operator to set the "bindings.knative.dev/include=true" label to the namespace
+ As Knative requires this label to perform injection of K_SINK URL into the service.
+ If this is false, the integration pod may start and fail, read the SinkBinding Knative documentation. (default: true)
+ type: boolean
+ sinkBinding:
+ description: |-
+ Allows binding the integration to a sink via a Knative SinkBinding resource.
+ This can be used when the integration targets a single sink.
+ It's enabled by default when the integration targets a single sink
+ (except when the integration is owned by a Knative source).
+ type: boolean
+ type: object
+ knative-service:
+ description: The configuration of Knative Service trait
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ description: |-
+ The annotations added to route.
+ This can be used to set knative service specific annotations
+ CLI usage example: -t "knative-service.annotations.'haproxy.router.openshift.io/balance'=true"
+ type: object
+ auto:
+ description: |-
+ Automatically deploy the integration as Knative service when all conditions hold:
+
+
+ * Integration is using the Knative profile
+ * All routes are either starting from an HTTP based consumer or a passive consumer (e.g. `direct` is a passive consumer)
+ type: boolean
+ autoscalingMetric:
+ description: |-
+ Configures the Knative autoscaling metric property (e.g. to set `concurrency` based or `cpu` based autoscaling).
+
+
+ Refer to the Knative documentation for more information.
+ type: string
+ autoscalingTarget:
+ description: |-
+ Sets the allowed concurrency level or CPU percentage (depending on the autoscaling metric) for each Pod.
+
+
+ Refer to the Knative documentation for more information.
+ type: integer
+ class:
+ description: |-
+ Configures the Knative autoscaling class property (e.g. to set `hpa.autoscaling.knative.dev` or `kpa.autoscaling.knative.dev` autoscaling).
+
+
+ Refer to the Knative documentation for more information.
+ enum:
+ - kpa.autoscaling.knative.dev
+ - hpa.autoscaling.knative.dev
+ type: string
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait.
+ All traits share this common property.
+ type: boolean
+ maxScale:
+ description: |-
+ An upper bound for the number of Pods that can be running in parallel for the integration.
+ Knative has its own cap value that depends on the installation.
+
+
+ Refer to the Knative documentation for more information.
+ type: integer
+ minScale:
+ description: |-
+ The minimum number of Pods that should be running at any time for the integration. It's **zero** by default, meaning that
+ the integration is scaled down to zero when not used for a configured amount of time.
+
+
+ Refer to the Knative documentation for more information.
+ type: integer
+ rolloutDuration:
+ description: |-
+ Enables to gradually shift traffic to the latest Revision and sets the rollout duration.
+ It's disabled by default and must be expressed as a Golang `time.Duration` string representation,
+ rounded to a second precision.
+ type: string
+ timeoutSeconds:
+ description: |-
+ The maximum duration in seconds that the request instance is allowed to respond to a request.
+ This field propagates to the integration pod's terminationGracePeriodSeconds
+
+
+ Refer to the Knative documentation for more information.
+ format: int64
+ type: integer
+ visibility:
+ description: |-
+ Setting `cluster-local`, Knative service becomes a private service.
+ Specifically, this option applies the `networking.knative.dev/visibility` label to Knative service.
+
+
+ Refer to the Knative documentation for more information.
+ enum:
+ - cluster-local
+ type: string
+ type: object
+ logging:
+ description: The configuration of Logging trait
+ properties:
+ color:
+ description: Colorize the log output
+ type: boolean
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait.
+ All traits share this common property.
+ type: boolean
+ format:
+ description: Logs message format
+ type: string
+ json:
+ description: Output the logs in JSON
+ type: boolean
+ jsonPrettyPrint:
+ description: Enable "pretty printing" of the JSON logs
+ type: boolean
+ level:
+ description: Adjust the logging level (defaults to `INFO`)
+ enum:
+ - FATAL
+ - WARN
+ - INFO
+ - DEBUG
+ - TRACE
+ type: string
+ type: object
+ master:
+ description: 'Deprecated: for backward compatibility.'
+ properties:
+ configuration:
+ description: TraitConfiguration parameters configuration
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ required:
+ - configuration
+ type: object
+ mount:
+ description: The configuration of Mount trait
+ properties:
+ configs:
+ description: |-
+ A list of configuration pointing to configmap/secret.
+ The configuration are expected to be UTF-8 resources as they are processed by runtime Camel Context and tried to be parsed as property files.
+ They are also made available on the classpath in order to ease their usage directly from the Route.
+ Syntax: [configmap|secret]:name[/key], where name represents the resource name and key optionally represents the resource key to be filtered
+ items:
+ type: string
+ type: array
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ emptyDirs:
+ description: 'A list of EmptyDir volumes to be mounted.
+ Syntax: [name:/container/path]'
+ items:
+ type: string
+ type: array
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ hotReload:
+ description: |-
+ Enable "hot reload" when a secret/configmap mounted is edited (default `false`). The configmap/secret must be
+ marked with `camel.apache.org/integration` label to be taken in account. The resource will be watched for any kind change, also for
+ changes in metadata.
+ type: boolean
+ resources:
+ description: |-
+ A list of resources (text or binary content) pointing to configmap/secret.
+ The resources are expected to be any resource type (text or binary content).
+ The destination path can be either a default location or any path specified by the user.
+ Syntax: [configmap|secret]:name[/key][@path], where name represents the resource name, key optionally represents the resource key to be filtered and path represents the destination path
+ items:
+ type: string
+ type: array
+ scanKameletsImplicitLabelSecrets:
+ description: |-
+ Deprecated: include your properties in an explicit property file backed by a secret.
+ Let the operator to scan for secret labeled with `camel.apache.org/kamelet` and `camel.apache.org/kamelet.configuration`.
+ These secrets are mounted to the application and treated as plain properties file with their key/value list
+ (ie .spec.data["camel.my-property"] = my-value) (default `true`).
+ type: boolean
+ volumes:
+ description: 'A list of Persistent Volume Claims to be
+ mounted. Syntax: [pvcname:/container/path]'
+ items:
+ type: string
+ type: array
+ type: object
+ openapi:
+ description: The configuration of OpenAPI trait
+ properties:
+ configmaps:
+ description: The configmaps holding the spec of the OpenAPI
+ (compatible with > 3.0 spec only).
+ items:
+ type: string
+ type: array
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ type: object
+ owner:
+ description: The configuration of Owner trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait.
+ All traits share this common property.
+ type: boolean
+ targetAnnotations:
+ description: The set of annotations to be transferred
+ items:
+ type: string
+ type: array
+ targetLabels:
+ description: The set of labels to be transferred
+ items:
+ type: string
+ type: array
+ type: object
+ pdb:
+ description: The configuration of PDB trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait.
+ All traits share this common property.
+ type: boolean
+ maxUnavailable:
+ description: |-
+ The number of pods for the Integration that can be unavailable after an eviction.
+ It can be either an absolute number or a percentage (default `1` if `min-available` is also not set).
+ Only one of `max-unavailable` and `min-available` can be specified.
+ type: string
+ minAvailable:
+ description: |-
+ The number of pods for the Integration that must still be available after an eviction.
+ It can be either an absolute number or a percentage.
+ Only one of `min-available` and `max-unavailable` can be specified.
+ type: string
+ type: object
+ platform:
+ description: The configuration of Platform trait
+ properties:
+ auto:
+ description: |-
+ To automatically detect from the environment if a default platform can be created (it will be created on OpenShift or when a registry address is set).
+ Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility
+ type: boolean
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ createDefault:
+ description: |-
+ To create a default (empty) platform when the platform is missing.
+ Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility
+ type: boolean
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ global:
+ description: |-
+ Indicates if the platform should be created globally in the case of global operator (default true).
+ Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility
+ type: boolean
+ type: object
+ pod:
+ description: The configuration of Pod trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait.
+ All traits share this common property.
+ type: boolean
+ type: object
+ prometheus:
+ description: The configuration of Prometheus trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait.
+ All traits share this common property.
+ type: boolean
+ podMonitor:
+ description: Whether a `PodMonitor` resource is created
+ (default `true`).
+ type: boolean
+ podMonitorLabels:
+ description: The `PodMonitor` resource labels, applicable
+ when `pod-monitor` is `true`.
+ items:
+ type: string
+ type: array
+ type: object
+ pull-secret:
+ description: The configuration of Pull Secret trait
+ properties:
+ auto:
+ description: Automatically configures the platform registry
+ secret on the pod if it is of type `kubernetes.io/dockerconfigjson`.
+ type: boolean
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait.
+ All traits share this common property.
+ type: boolean
+ imagePullerDelegation:
+ description: When using a global operator with a shared
+ platform, this enables delegation of the `system:image-puller`
+ cluster role on the operator namespace to the integration
+ service account.
+ type: boolean
+ secretName:
+ description: The pull secret name to set on the Pod. If
+ left empty this is automatically taken from the `IntegrationPlatform`
+ registry configuration.
+ type: string
+ type: object
+ quarkus:
+ description: The configuration of Quarkus trait
+ properties:
+ buildMode:
+ description: |-
+ The Quarkus mode to run: either `jvm` or `native` (default `jvm`).
+ In case both `jvm` and `native` are specified, two `IntegrationKit` resources are created,
+ with the `native` kit having precedence over the `jvm` one once ready.
+ items:
+ description: QuarkusMode is the type of Quarkus build
+ packaging.
+ enum:
+ - jvm
+ - native
+ type: string
+ type: array
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ nativeBaseImage:
+ description: The base image to use when running a native
+ build (default `quay.io/quarkus/quarkus-micro-image:2.0`)
+ type: string
+ nativeBuilderImage:
+ description: The image containing the tooling required
+ for a native build (by default it will use the one provided
+ in the runtime catalog)
+ type: string
+ packageTypes:
+ description: |-
+ The Quarkus package types, `fast-jar` or `native` (default `fast-jar`).
+ In case both `fast-jar` and `native` are specified, two `IntegrationKit` resources are created,
+ with the native kit having precedence over the `fast-jar` one once ready.
+ The order influences the resolution of the current kit for the integration.
+ The kit corresponding to the first package type will be assigned to the
+ integration in case no existing kit that matches the integration exists.
+ Deprecated: use `build-mode` instead.
+ items:
+ description: |-
+ QuarkusPackageType is the type of Quarkus build packaging.
+ Deprecated: use `QuarkusMode` instead.
+ enum:
+ - fast-jar
+ - native
+ type: string
+ type: array
+ type: object
+ registry:
+ description: |-
+ The configuration of Registry trait (support removed since version 2.5.0).
+ Deprecated: use jvm trait or read documentation.
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait.
+ All traits share this common property.
+ type: boolean
+ type: object
+ route:
+ description: The configuration of Route trait
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ description: |-
+ The annotations added to route.
+ This can be used to set route specific annotations
+ For annotations options see https://docs.openshift.com/container-platform/3.11/architecture/networking/routes.html#route-specific-annotations
+ CLI usage example: -t "route.annotations.'haproxy.router.openshift.io/balance'=true"
+ type: object
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait.
+ All traits share this common property.
+ type: boolean
+ host:
+ description: To configure the host exposed by the route.
+ type: string
+ tlsCACertificate:
+ description: |-
+ The TLS CA certificate contents.
+
+
+ Refer to the OpenShift route documentation for additional information.
+ type: string
+ tlsCACertificateSecret:
+ description: |-
+ The secret name and key reference to the TLS CA certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
+
+
+ Refer to the OpenShift route documentation for additional information.
+ type: string
+ tlsCertificate:
+ description: |-
+ The TLS certificate contents.
+
+
+ Refer to the OpenShift route documentation for additional information.
+ type: string
+ tlsCertificateSecret:
+ description: |-
+ The secret name and key reference to the TLS certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
+
+
+ Refer to the OpenShift route documentation for additional information.
+ type: string
+ tlsDestinationCACertificate:
+ description: |-
+ The destination CA certificate provides the contents of the ca certificate of the final destination. When using reencrypt
+ termination this file should be provided in order to have routers use it for health checks on the secure connection.
+ If this field is not specified, the router may provide its own destination CA and perform hostname validation using
+ the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically
+ verify.
+
+
+ Refer to the OpenShift route documentation for additional information.
+ type: string
+ tlsDestinationCACertificateSecret:
+ description: |-
+ The secret name and key reference to the destination CA certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
+
+
+ Refer to the OpenShift route documentation for additional information.
+ type: string
+ tlsInsecureEdgeTerminationPolicy:
+ description: |-
+ To configure how to deal with insecure traffic, e.g. `Allow`, `Disable` or `Redirect` traffic.
+
+
+ Refer to the OpenShift route documentation for additional information.
+ enum:
+ - None
+ - Allow
+ - Redirect
+ type: string
+ tlsKey:
+ description: |-
+ The TLS certificate key contents.
+
+
+ Refer to the OpenShift route documentation for additional information.
+ type: string
+ tlsKeySecret:
+ description: |-
+ The secret name and key reference to the TLS certificate key. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
+
+
+ Refer to the OpenShift route documentation for additional information.
+ type: string
+ tlsTermination:
+ description: |-
+ The TLS termination type, like `edge`, `passthrough` or `reencrypt`.
+
+
+ Refer to the OpenShift route documentation for additional information.
+ enum:
+ - edge
+ - reencrypt
+ - passthrough
+ type: string
+ type: object
+ security-context:
+ description: The configuration of Security Context trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: 'Deprecated: no longer in use.'
+ type: boolean
+ runAsNonRoot:
+ description: Security Context RunAsNonRoot configuration
+ (default false).
+ type: boolean
+ runAsUser:
+ description: 'Security Context RunAsUser configuration
+ (default none): this value is automatically retrieved
+ in Openshift clusters when not explicitly set.'
+ format: int64
+ type: integer
+ seccompProfileType:
+ description: Security Context SeccompProfileType configuration
+ (default RuntimeDefault).
+ enum:
+ - Unconfined
+ - RuntimeDefault
+ type: string
+ type: object
+ service:
+ description: The configuration of Service trait
+ properties:
+ auto:
+ description: To automatically detect from the code if
+ a Service needs to be created.
+ type: boolean
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait.
+ All traits share this common property.
+ type: boolean
+ nodePort:
+ description: |-
+ Enable Service to be exposed as NodePort (default `false`).
+ Deprecated: Use service type instead.
+ type: boolean
+ type:
+ description: The type of service to be used, either 'ClusterIP',
+ 'NodePort' or 'LoadBalancer'.
+ enum:
+ - ClusterIP
+ - NodePort
+ - LoadBalancer
+ type: string
+ type: object
+ service-binding:
+ description: The configuration of Service Binding trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait.
+ All traits share this common property.
+ type: boolean
+ services:
+ description: List of Services in the form [[apigroup/]version:]kind:[namespace/]name
+ items:
+ type: string
+ type: array
+ type: object
+ strimzi:
+ description: 'Deprecated: for backward compatibility.'
+ properties:
+ configuration:
+ description: TraitConfiguration parameters configuration
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ required:
+ - configuration
+ type: object
+ toleration:
+ description: The configuration of Toleration trait
+ properties:
+ configuration:
+ description: |-
+ Legacy trait configuration parameters.
+ Deprecated: for backward compatibility.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enabled:
+ description: Can be used to enable or disable a trait.
+ All traits share this common property.
+ type: boolean
+ taints:
+ description: The list of taints to tolerate, in the form
+ `Key[=Value]:Effect[:Seconds]`
+ items:
+ type: string
+ type: array
+ type: object
+ tracing:
+ description: 'Deprecated: for backward compatibility.'
+ properties:
+ configuration:
+ description: TraitConfiguration parameters configuration
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ required:
+ - configuration
+ type: object
+ type: object
+ type: object
+ replicas:
+ description: Replicas is the number of desired replicas for the Pipe
+ format: int32
+ type: integer
+ serviceAccountName:
+ description: Custom SA to use for the Pipe
+ type: string
+ sink:
+ description: Sink is the destination of the integration defined by
+ this Pipe
+ properties:
+ dataTypes:
+ additionalProperties:
+ description: DataTypeReference references to the specification
+ of a data type by its scheme and format name.
+ properties:
+ format:
+ description: the data type format name
+ type: string
+ scheme:
+ description: the data type component scheme
+ type: string
+ type: object
+ description: DataTypes defines the data type of the data produced/consumed
+ by the endpoint and references a given data type specification.
+ type: object
+ properties:
+ description: Properties are a key value representation of endpoint
+ properties
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ ref:
+ description: Ref can be used to declare a Kubernetes resource
+ as source/sink endpoint
+ properties:
+ apiVersion:
+ description: API version of the referent.
+ type: string
+ fieldPath:
+ description: |-
+ If referring to a piece of an object instead of an entire object, this string
+ should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
+ For example, if the object reference is to a container within a pod, this would take on a value like:
+ "spec.containers{name}" (where "name" refers to the name of the container that triggered
+ the event) or if no container name is specified "spec.containers[2]" (container with
+ index 2 in this pod). This syntax is chosen only to have some well-defined way of
+ referencing a part of an object.
+ TODO: this design is not final and this field is subject to change in the future.
+ type: string
+ kind:
+ description: |-
+ Kind of the referent.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ type: string
+ namespace:
+ description: |-
+ Namespace of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
+ type: string
+ resourceVersion:
+ description: |-
+ Specific resourceVersion to which this reference is made, if any.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+ type: string
+ uid:
+ description: |-
+ UID of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ uri:
+ description: URI can be used to specify the (Camel) endpoint explicitly
+ type: string
+ type: object
+ source:
+ description: Source is the starting point of the integration defined
+ by this Pipe
+ properties:
+ dataTypes:
+ additionalProperties:
+ description: DataTypeReference references to the specification
+ of a data type by its scheme and format name.
+ properties:
+ format:
+ description: the data type format name
+ type: string
+ scheme:
+ description: the data type component scheme
+ type: string
+ type: object
+ description: DataTypes defines the data type of the data produced/consumed
+ by the endpoint and references a given data type specification.
+ type: object
+ properties:
+ description: Properties are a key value representation of endpoint
+ properties
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ ref:
+ description: Ref can be used to declare a Kubernetes resource
+ as source/sink endpoint
+ properties:
+ apiVersion:
+ description: API version of the referent.
+ type: string
+ fieldPath:
+ description: |-
+ If referring to a piece of an object instead of an entire object, this string
+ should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
+ For example, if the object reference is to a container within a pod, this would take on a value like:
+ "spec.containers{name}" (where "name" refers to the name of the container that triggered
+ the event) or if no container name is specified "spec.containers[2]" (container with
+ index 2 in this pod). This syntax is chosen only to have some well-defined way of
+ referencing a part of an object.
+ TODO: this design is not final and this field is subject to change in the future.
+ type: string
+ kind:
+ description: |-
+ Kind of the referent.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ type: string
+ namespace:
+ description: |-
+ Namespace of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
+ type: string
+ resourceVersion:
+ description: |-
+ Specific resourceVersion to which this reference is made, if any.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+ type: string
+ uid:
+ description: |-
+ UID of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ uri:
+ description: URI can be used to specify the (Camel) endpoint explicitly
+ type: string
+ type: object
+ steps:
+ description: Steps contains an optional list of intermediate steps
+ that are executed between the Source and the Sink
+ items:
+ description: Endpoint represents a source/sink external entity (could
+ be any Kubernetes resource or Camel URI).
+ properties:
+ dataTypes:
+ additionalProperties:
+ description: DataTypeReference references to the specification
+ of a data type by its scheme and format name.
+ properties:
+ format:
+ description: the data type format name
+ type: string
+ scheme:
+ description: the data type component scheme
+ type: string
+ type: object
+ description: DataTypes defines the data type of the data produced/consumed
+ by the endpoint and references a given data type specification.
+ type: object
+ properties:
+ description: Properties are a key value representation of endpoint
+ properties
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ ref:
+ description: Ref can be used to declare a Kubernetes resource
+ as source/sink endpoint
+ properties:
+ apiVersion:
+ description: API version of the referent.
+ type: string
+ fieldPath:
+ description: |-
+ If referring to a piece of an object instead of an entire object, this string
+ should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
+ For example, if the object reference is to a container within a pod, this would take on a value like:
+ "spec.containers{name}" (where "name" refers to the name of the container that triggered
+ the event) or if no container name is specified "spec.containers[2]" (container with
+ index 2 in this pod). This syntax is chosen only to have some well-defined way of
+ referencing a part of an object.
+ TODO: this design is not final and this field is subject to change in the future.
+ type: string
+ kind:
+ description: |-
+ Kind of the referent.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ name:
+ description: |-
+ Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ type: string
+ namespace:
+ description: |-
+ Namespace of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
+ type: string
+ resourceVersion:
+ description: |-
+ Specific resourceVersion to which this reference is made, if any.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+ type: string
+ uid:
+ description: |-
+ UID of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ uri:
+ description: URI can be used to specify the (Camel) endpoint
+ explicitly
+ type: string
+ type: object
+ type: array
+ type: object
+ status:
+ description: the status of a Pipe
+ properties:
+ conditions:
+ description: Conditions --
+ items:
+ description: PipeCondition describes the state of a resource at
+ a certain point.
+ properties:
+ lastTransitionTime:
+ description: Last time the condition transitioned from one status
+ to another.
+ format: date-time
+ type: string
+ lastUpdateTime:
+ description: The last time this condition was updated.
+ format: date-time
+ type: string
+ message:
+ description: A human readable message indicating details about
+ the transition.
+ type: string
+ pods:
+ description: Pods collect health and conditions information
+ from the owned PODs
+ items:
+ properties:
+ condition:
+ description: PodCondition contains details for the current
+ condition of this pod.
+ properties:
+ lastProbeTime:
+ description: Last time we probed the condition.
+ format: date-time
+ type: string
+ lastTransitionTime:
+ description: Last time the condition transitioned
+ from one status to another.
+ format: date-time
+ type: string
+ message:
+ description: Human-readable message indicating details
+ about last transition.
+ type: string
+ reason:
+ description: Unique, one-word, CamelCase reason for
+ the condition's last transition.
+ type: string
+ status:
+ description: |-
+ Status is the status of the condition.
+ Can be True, False, Unknown.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions
+ type: string
+ type:
+ description: |-
+ Type is the type of the condition.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions
+ type: string
+ required:
+ - status
+ - type
+ type: object
+ health:
+ items:
+ properties:
+ data:
+ description: |-
+ RawMessage is a raw encoded JSON value.
+ It implements Marshaler and Unmarshaler and can
+ be used to delay JSON decoding or precompute a JSON encoding.
+ x-kubernetes-preserve-unknown-fields: true
+ name:
+ type: string
+ status:
+ type: string
+ type: object
+ type: array
+ name:
+ type: string
+ required:
+ - condition
+ type: object
+ type: array
+ reason:
+ description: The reason for the condition's last transition.
+ type: string
+ status:
+ description: Status of the condition, one of True, False, Unknown.
+ type: string
+ type:
+ description: Type of pipe condition.
+ type: string
+ required:
+ - status
+ - type
+ type: object
+ type: array
+ observedGeneration:
+ description: ObservedGeneration is the most recent generation observed
+ for this Pipe.
+ format: int64
+ type: integer
+ phase:
+ description: Phase --
+ type: string
+ replicas:
+ description: Replicas is the number of actual replicas of the pipe
+ format: int32
+ type: integer
+ selector:
+ description: Selector allows to identify pods belonging to the pipe
+ type: string
+ type: object
+ type: object
+ served: true
+ storage: true
+ subresources:
+ scale:
+ labelSelectorPath: .status.selector
+ specReplicasPath: .spec.replicas
+ statusReplicasPath: .status.replicas
+ status: {}
diff --git a/helm/camel-k/crds/crd-build.yaml b/helm/camel-k/crds/crd-build.yaml
deleted file mode 100644
index 3c0cc4bba8..0000000000
--- a/helm/camel-k/crds/crd-build.yaml
+++ /dev/null
@@ -1,2075 +0,0 @@
-# ---------------------------------------------------------------------------
-# Licensed to the Apache Software Foundation (ASF) under one or more
-# contributor license agreements. See the NOTICE file distributed with
-# this work for additional information regarding copyright ownership.
-# The ASF licenses this file to You under the Apache License, Version 2.0
-# (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-# ---------------------------------------------------------------------------
-
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.15.0
- name: builds.camel.apache.org
-spec:
- group: camel.apache.org
- names:
- categories:
- - kamel
- - camel
- kind: Build
- listKind: BuildList
- plural: builds
- shortNames:
- - ikb
- singular: build
- scope: Namespaced
- versions:
- - additionalPrinterColumns:
- - description: The build phase
- jsonPath: .status.phase
- name: Phase
- type: string
- - description: The time at which the build was created
- jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- - description: The time at which the build was last (re-)started
- jsonPath: .status.startedAt
- name: Started
- type: date
- - description: The build last execution duration
- jsonPath: .status.duration
- name: Duration
- type: string
- - description: The number of execution attempts
- jsonPath: .status.failure.recovery.attempt
- name: Attempts
- type: integer
- name: v1
- schema:
- openAPIV3Schema:
- description: Build is the Schema for the builds API.
- properties:
- apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
- type: string
- kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
- type: string
- metadata:
- type: object
- spec:
- description: |-
- BuildSpec defines the list of tasks to be execute for a Build. From Camel K version 2, it would be more appropriate
- to think it as pipeline.
- properties:
- configuration:
- description: |-
- The configuration that should be used to perform the Build.
- Deprecated: no longer in use in Camel K 2 - maintained for backward compatibility
- properties:
- annotations:
- additionalProperties:
- type: string
- description: Annotation to use for the builder pod. Only used
- for `pod` strategy
- type: object
- limitCPU:
- description: The maximum amount of CPU required. Only used for
- `pod` strategy
- type: string
- limitMemory:
- description: The maximum amount of memory required. Only used
- for `pod` strategy
- type: string
- nodeSelector:
- additionalProperties:
- type: string
- description: The node selector for the builder pod. Only used
- for `pod` strategy
- type: object
- operatorNamespace:
- description: The namespace where to run the builder Pod (must
- be the same of the operator in charge of this Build reconciliation).
- type: string
- orderStrategy:
- description: the build order strategy to adopt
- enum:
- - dependencies
- - fifo
- - sequential
- type: string
- platforms:
- description: The list of platforms used in order to build a container
- image.
- items:
- type: string
- type: array
- requestCPU:
- description: The minimum amount of CPU required. Only used for
- `pod` strategy
- type: string
- requestMemory:
- description: The minimum amount of memory required. Only used
- for `pod` strategy
- type: string
- strategy:
- description: the strategy to adopt
- enum:
- - routine
- - pod
- type: string
- toolImage:
- description: The container image to be used to run the build.
- type: string
- type: object
- maxRunningBuilds:
- description: |-
- the maximum amount of parallel running builds started by this operator instance
- Deprecated: no longer in use in Camel K 2 - maintained for backward compatibility
- format: int32
- type: integer
- operatorNamespace:
- description: |-
- The namespace where to run the builder Pod (must be the same of the operator in charge of this Build reconciliation).
- Deprecated: no longer in use in Camel K 2 - maintained for backward compatibility
- type: string
- tasks:
- description: The sequence of tasks (pipeline) to be performed.
- items:
- description: Task represents the abstract task. Only one of the
- task should be configured to represent the specific task chosen.
- properties:
- buildah:
- description: |-
- a BuildahTask, for Buildah strategy
- Deprecated: use jib, s2i or a custom publishing strategy instead
- properties:
- baseImage:
- description: base image layer
- type: string
- configuration:
- description: The configuration that should be used to perform
- the Build.
- properties:
- annotations:
- additionalProperties:
- type: string
- description: Annotation to use for the builder pod.
- Only used for `pod` strategy
- type: object
- limitCPU:
- description: The maximum amount of CPU required. Only
- used for `pod` strategy
- type: string
- limitMemory:
- description: The maximum amount of memory required.
- Only used for `pod` strategy
- type: string
- nodeSelector:
- additionalProperties:
- type: string
- description: The node selector for the builder pod.
- Only used for `pod` strategy
- type: object
- operatorNamespace:
- description: The namespace where to run the builder
- Pod (must be the same of the operator in charge of
- this Build reconciliation).
- type: string
- orderStrategy:
- description: the build order strategy to adopt
- enum:
- - dependencies
- - fifo
- - sequential
- type: string
- platforms:
- description: The list of platforms used in order to
- build a container image.
- items:
- type: string
- type: array
- requestCPU:
- description: The minimum amount of CPU required. Only
- used for `pod` strategy
- type: string
- requestMemory:
- description: The minimum amount of memory required.
- Only used for `pod` strategy
- type: string
- strategy:
- description: the strategy to adopt
- enum:
- - routine
- - pod
- type: string
- toolImage:
- description: The container image to be used to run the
- build.
- type: string
- type: object
- contextDir:
- description: can be useful to share info with other tasks
- type: string
- executorImage:
- description: docker image to use
- type: string
- image:
- description: final image name
- type: string
- name:
- description: name of the task
- type: string
- platform:
- description: The platform of build image
- type: string
- registry:
- description: where to publish the final image
- properties:
- address:
- description: the URI to access
- type: string
- ca:
- description: the configmap which stores the Certificate
- Authority
- type: string
- insecure:
- description: if the container registry is insecure (ie,
- http only)
- type: boolean
- organization:
- description: the registry organization
- type: string
- secret:
- description: the secret where credentials are stored
- type: string
- type: object
- verbose:
- description: log more information
- type: boolean
- type: object
- builder:
- description: a BuilderTask, used to generate and build the project
- properties:
- baseImage:
- description: the base image layer
- type: string
- buildDir:
- description: workspace directory to use
- type: string
- configuration:
- description: The configuration that should be used to perform
- the Build.
- properties:
- annotations:
- additionalProperties:
- type: string
- description: Annotation to use for the builder pod.
- Only used for `pod` strategy
- type: object
- limitCPU:
- description: The maximum amount of CPU required. Only
- used for `pod` strategy
- type: string
- limitMemory:
- description: The maximum amount of memory required.
- Only used for `pod` strategy
- type: string
- nodeSelector:
- additionalProperties:
- type: string
- description: The node selector for the builder pod.
- Only used for `pod` strategy
- type: object
- operatorNamespace:
- description: The namespace where to run the builder
- Pod (must be the same of the operator in charge of
- this Build reconciliation).
- type: string
- orderStrategy:
- description: the build order strategy to adopt
- enum:
- - dependencies
- - fifo
- - sequential
- type: string
- platforms:
- description: The list of platforms used in order to
- build a container image.
- items:
- type: string
- type: array
- requestCPU:
- description: The minimum amount of CPU required. Only
- used for `pod` strategy
- type: string
- requestMemory:
- description: The minimum amount of memory required.
- Only used for `pod` strategy
- type: string
- strategy:
- description: the strategy to adopt
- enum:
- - routine
- - pod
- type: string
- toolImage:
- description: The container image to be used to run the
- build.
- type: string
- type: object
- dependencies:
- description: the list of dependencies to use for this build
- items:
- type: string
- type: array
- maven:
- description: the configuration required by Maven for the
- application build phase
- properties:
- caSecrets:
- description: |-
- The Secrets name and key, containing the CA certificate(s) used to connect
- to remote Maven repositories.
- It can contain X.509 certificates, and PKCS#7 formatted certificate chains.
- A JKS formatted keystore is automatically created to store the CA certificate(s),
- and configured to be used as a trusted certificate(s) by the Maven commands.
- Note that the root CA certificates are also imported into the created keystore.
- items:
- description: SecretKeySelector selects a key of a
- Secret.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the Secret or its
- key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: array
- cliOptions:
- description: |-
- The CLI options that are appended to the list of arguments for Maven commands,
- e.g., `-V,--no-transfer-progress,-Dstyle.color=never`.
- See https://maven.apache.org/ref/3.8.4/maven-embedder/cli.html.
- items:
- type: string
- type: array
- extension:
- description: |-
- The Maven build extensions.
- See https://maven.apache.org/guides/mini/guide-using-extensions.html.
- items:
- description: MavenArtifact defines a GAV (Group:Artifact:Type:Version:Classifier)
- Maven artifact.
- properties:
- artifactId:
- description: Maven Artifact
- type: string
- classifier:
- description: Maven Classifier
- type: string
- groupId:
- description: Maven Group
- type: string
- type:
- description: Maven Type
- type: string
- version:
- description: Maven Version
- type: string
- required:
- - artifactId
- - groupId
- type: object
- type: array
- localRepository:
- description: The path of the local Maven repository.
- type: string
- profiles:
- description: |-
- A reference to the ConfigMap or Secret key that contains
- the Maven profile.
- items:
- description: ValueSource --.
- properties:
- configMapKeyRef:
- description: Selects a key of a ConfigMap.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the ConfigMap
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secretKeyRef:
- description: Selects a key of a secret.
- properties:
- key:
- description: The key of the secret to select
- from. Must be a valid secret key.
- type: string
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the Secret or
- its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- type: array
- properties:
- additionalProperties:
- type: string
- description: The Maven properties.
- type: object
- repositories:
- description: additional repositories
- items:
- description: Repository defines a Maven repository.
- properties:
- id:
- description: identifies the repository
- type: string
- name:
- description: name of the repository
- type: string
- releases:
- description: can use stable releases
- properties:
- checksumPolicy:
- description: |-
- When Maven deploys files to the repository, it also deploys corresponding checksum files.
- Your options are to `ignore`, `fail`, or `warn` on missing or incorrect checksums.
- type: string
- enabled:
- description: is the policy activated or not
- type: boolean
- updatePolicy:
- description: |-
- This element specifies how often updates should attempt to occur.
- Maven will compare the local POM's timestamp (stored in a repository's maven-metadata file) to the remote.
- The choices are: `always`, `daily` (default), `interval:X` (where X is an integer in minutes) or `never`
- type: string
- required:
- - enabled
- type: object
- snapshots:
- description: can use snapshot
- properties:
- checksumPolicy:
- description: |-
- When Maven deploys files to the repository, it also deploys corresponding checksum files.
- Your options are to `ignore`, `fail`, or `warn` on missing or incorrect checksums.
- type: string
- enabled:
- description: is the policy activated or not
- type: boolean
- updatePolicy:
- description: |-
- This element specifies how often updates should attempt to occur.
- Maven will compare the local POM's timestamp (stored in a repository's maven-metadata file) to the remote.
- The choices are: `always`, `daily` (default), `interval:X` (where X is an integer in minutes) or `never`
- type: string
- required:
- - enabled
- type: object
- url:
- description: location of the repository
- type: string
- required:
- - id
- - url
- type: object
- type: array
- servers:
- description: Servers (auth)
- items:
- description: Server see link:https://maven.apache.org/settings.html[Maven
- settings].
- properties:
- configuration:
- additionalProperties:
- type: string
- description: Properties -- .
- type: object
- id:
- type: string
- password:
- type: string
- username:
- type: string
- type: object
- type: array
- settings:
- description: |-
- A reference to the ConfigMap or Secret key that contains
- the Maven settings.
- properties:
- configMapKeyRef:
- description: Selects a key of a ConfigMap.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the ConfigMap or
- its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secretKeyRef:
- description: Selects a key of a secret.
- properties:
- key:
- description: The key of the secret to select
- from. Must be a valid secret key.
- type: string
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the Secret or its
- key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- settingsSecurity:
- description: |-
- A reference to the ConfigMap or Secret key that contains
- the security of the Maven settings.
- properties:
- configMapKeyRef:
- description: Selects a key of a ConfigMap.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the ConfigMap or
- its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secretKeyRef:
- description: Selects a key of a secret.
- properties:
- key:
- description: The key of the secret to select
- from. Must be a valid secret key.
- type: string
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the Secret or its
- key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- type: object
- name:
- description: name of the task
- type: string
- runtime:
- description: the configuration required for the runtime
- application
- properties:
- applicationClass:
- description: application entry point (main) to be executed
- type: string
- capabilities:
- additionalProperties:
- description: |-
- Capability is a particular feature which requires a well known set of dependencies and other properties
- which are specified in the runtime catalog.
- properties:
- buildTimeProperties:
- description: Set of required Camel build time
- properties
- items:
- description: CamelProperty represents a Camel
- property that may end up in an application.properties
- file.
- properties:
- key:
- type: string
- value:
- type: string
- required:
- - key
- type: object
- type: array
- dependencies:
- description: List of required Maven dependencies
- items:
- description: MavenArtifact defines a GAV (Group:Artifact:Type:Version:Classifier)
- Maven artifact.
- properties:
- artifactId:
- description: Maven Artifact
- type: string
- classifier:
- description: Maven Classifier
- type: string
- groupId:
- description: Maven Group
- type: string
- type:
- description: Maven Type
- type: string
- version:
- description: Maven Version
- type: string
- required:
- - artifactId
- - groupId
- type: object
- type: array
- metadata:
- additionalProperties:
- type: string
- description: Set of generic metadata
- type: object
- runtimeProperties:
- description: Set of required Camel runtime properties
- items:
- description: CamelProperty represents a Camel
- property that may end up in an application.properties
- file.
- properties:
- key:
- type: string
- value:
- type: string
- required:
- - key
- type: object
- type: array
- type: object
- description: features offered by this runtime
- type: object
- dependencies:
- description: list of dependencies needed to run the
- application
- items:
- description: MavenArtifact defines a GAV (Group:Artifact:Type:Version:Classifier)
- Maven artifact.
- properties:
- artifactId:
- description: Maven Artifact
- type: string
- classifier:
- description: Maven Classifier
- type: string
- groupId:
- description: Maven Group
- type: string
- type:
- description: Maven Type
- type: string
- version:
- description: Maven Version
- type: string
- required:
- - artifactId
- - groupId
- type: object
- type: array
- metadata:
- additionalProperties:
- type: string
- description: set of metadata
- type: object
- provider:
- description: Camel main application provider, ie, Camel
- Quarkus
- type: string
- version:
- description: Camel K Runtime version
- type: string
- required:
- - applicationClass
- - dependencies
- - provider
- - version
- type: object
- sources:
- description: the sources to add at build time
- items:
- description: SourceSpec defines the configuration for
- one or more routes to be executed in a certain Camel
- DSL language.
- properties:
- compression:
- description: if the content is compressed (base64
- encrypted)
- type: boolean
- content:
- description: the source code (plain text)
- type: string
- contentKey:
- description: the confimap key holding the source content
- type: string
- contentRef:
- description: the confimap reference holding the source
- content
- type: string
- contentType:
- description: the content type (tipically text or binary)
- type: string
- from-kamelet:
- description: True if the spec is generated from a
- Kamelet
- type: boolean
- interceptors:
- description: |-
- Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader
- uses to pre/post process sources
- items:
- type: string
- type: array
- language:
- description: specify which is the language (Camel
- DSL) used to interpret this source code
- type: string
- loader:
- description: |-
- Loader is an optional id of the org.apache.camel.k.RoutesLoader that will
- interpret this source at runtime
- type: string
- name:
- description: the name of the specification
- type: string
- path:
- description: the path where the file is stored
- type: string
- property-names:
- description: List of property names defined in the
- source (e.g. if type is "template")
- items:
- type: string
- type: array
- rawContent:
- description: the source code (binary)
- format: byte
- type: string
- type:
- description: Type defines the kind of source described
- by this object
- type: string
- type: object
- type: array
- steps:
- description: the list of steps to execute (see pkg/builder/)
- items:
- type: string
- type: array
- type: object
- custom:
- description: User customizable task execution. These are executed
- after the build and before the package task.
- properties:
- command:
- description: |-
- the command to execute
- Deprecated: use ContainerCommands
- type: string
- commands:
- description: the command to execute
- items:
- type: string
- type: array
- configuration:
- description: The configuration that should be used to perform
- the Build.
- properties:
- annotations:
- additionalProperties:
- type: string
- description: Annotation to use for the builder pod.
- Only used for `pod` strategy
- type: object
- limitCPU:
- description: The maximum amount of CPU required. Only
- used for `pod` strategy
- type: string
- limitMemory:
- description: The maximum amount of memory required.
- Only used for `pod` strategy
- type: string
- nodeSelector:
- additionalProperties:
- type: string
- description: The node selector for the builder pod.
- Only used for `pod` strategy
- type: object
- operatorNamespace:
- description: The namespace where to run the builder
- Pod (must be the same of the operator in charge of
- this Build reconciliation).
- type: string
- orderStrategy:
- description: the build order strategy to adopt
- enum:
- - dependencies
- - fifo
- - sequential
- type: string
- platforms:
- description: The list of platforms used in order to
- build a container image.
- items:
- type: string
- type: array
- requestCPU:
- description: The minimum amount of CPU required. Only
- used for `pod` strategy
- type: string
- requestMemory:
- description: The minimum amount of memory required.
- Only used for `pod` strategy
- type: string
- strategy:
- description: the strategy to adopt
- enum:
- - routine
- - pod
- type: string
- toolImage:
- description: The container image to be used to run the
- build.
- type: string
- type: object
- image:
- description: the container image to use
- type: string
- name:
- description: name of the task
- type: string
- publishingImage:
- description: the desired image build name
- type: string
- userId:
- description: the user id used to run the container
- format: int64
- type: integer
- type: object
- jib:
- description: a JibTask, for Jib strategy
- properties:
- baseImage:
- description: base image layer
- type: string
- configuration:
- description: The configuration that should be used to perform
- the Build.
- properties:
- annotations:
- additionalProperties:
- type: string
- description: Annotation to use for the builder pod.
- Only used for `pod` strategy
- type: object
- limitCPU:
- description: The maximum amount of CPU required. Only
- used for `pod` strategy
- type: string
- limitMemory:
- description: The maximum amount of memory required.
- Only used for `pod` strategy
- type: string
- nodeSelector:
- additionalProperties:
- type: string
- description: The node selector for the builder pod.
- Only used for `pod` strategy
- type: object
- operatorNamespace:
- description: The namespace where to run the builder
- Pod (must be the same of the operator in charge of
- this Build reconciliation).
- type: string
- orderStrategy:
- description: the build order strategy to adopt
- enum:
- - dependencies
- - fifo
- - sequential
- type: string
- platforms:
- description: The list of platforms used in order to
- build a container image.
- items:
- type: string
- type: array
- requestCPU:
- description: The minimum amount of CPU required. Only
- used for `pod` strategy
- type: string
- requestMemory:
- description: The minimum amount of memory required.
- Only used for `pod` strategy
- type: string
- strategy:
- description: the strategy to adopt
- enum:
- - routine
- - pod
- type: string
- toolImage:
- description: The container image to be used to run the
- build.
- type: string
- type: object
- contextDir:
- description: can be useful to share info with other tasks
- type: string
- image:
- description: final image name
- type: string
- name:
- description: name of the task
- type: string
- registry:
- description: where to publish the final image
- properties:
- address:
- description: the URI to access
- type: string
- ca:
- description: the configmap which stores the Certificate
- Authority
- type: string
- insecure:
- description: if the container registry is insecure (ie,
- http only)
- type: boolean
- organization:
- description: the registry organization
- type: string
- secret:
- description: the secret where credentials are stored
- type: string
- type: object
- type: object
- kaniko:
- description: |-
- a KanikoTask, for Kaniko strategy
- Deprecated: use jib, s2i or a custom publishing strategy instead
- properties:
- baseImage:
- description: base image layer
- type: string
- cache:
- description: use a cache
- properties:
- enabled:
- description: true if a cache is enabled
- type: boolean
- persistentVolumeClaim:
- description: the PVC used to store the cache
- type: string
- type: object
- configuration:
- description: The configuration that should be used to perform
- the Build.
- properties:
- annotations:
- additionalProperties:
- type: string
- description: Annotation to use for the builder pod.
- Only used for `pod` strategy
- type: object
- limitCPU:
- description: The maximum amount of CPU required. Only
- used for `pod` strategy
- type: string
- limitMemory:
- description: The maximum amount of memory required.
- Only used for `pod` strategy
- type: string
- nodeSelector:
- additionalProperties:
- type: string
- description: The node selector for the builder pod.
- Only used for `pod` strategy
- type: object
- operatorNamespace:
- description: The namespace where to run the builder
- Pod (must be the same of the operator in charge of
- this Build reconciliation).
- type: string
- orderStrategy:
- description: the build order strategy to adopt
- enum:
- - dependencies
- - fifo
- - sequential
- type: string
- platforms:
- description: The list of platforms used in order to
- build a container image.
- items:
- type: string
- type: array
- requestCPU:
- description: The minimum amount of CPU required. Only
- used for `pod` strategy
- type: string
- requestMemory:
- description: The minimum amount of memory required.
- Only used for `pod` strategy
- type: string
- strategy:
- description: the strategy to adopt
- enum:
- - routine
- - pod
- type: string
- toolImage:
- description: The container image to be used to run the
- build.
- type: string
- type: object
- contextDir:
- description: can be useful to share info with other tasks
- type: string
- executorImage:
- description: docker image to use
- type: string
- image:
- description: final image name
- type: string
- name:
- description: name of the task
- type: string
- registry:
- description: where to publish the final image
- properties:
- address:
- description: the URI to access
- type: string
- ca:
- description: the configmap which stores the Certificate
- Authority
- type: string
- insecure:
- description: if the container registry is insecure (ie,
- http only)
- type: boolean
- organization:
- description: the registry organization
- type: string
- secret:
- description: the secret where credentials are stored
- type: string
- type: object
- verbose:
- description: log more information
- type: boolean
- type: object
- package:
- description: |-
- Application pre publishing
- a PackageTask, used to package the project
- properties:
- baseImage:
- description: the base image layer
- type: string
- buildDir:
- description: workspace directory to use
- type: string
- configuration:
- description: The configuration that should be used to perform
- the Build.
- properties:
- annotations:
- additionalProperties:
- type: string
- description: Annotation to use for the builder pod.
- Only used for `pod` strategy
- type: object
- limitCPU:
- description: The maximum amount of CPU required. Only
- used for `pod` strategy
- type: string
- limitMemory:
- description: The maximum amount of memory required.
- Only used for `pod` strategy
- type: string
- nodeSelector:
- additionalProperties:
- type: string
- description: The node selector for the builder pod.
- Only used for `pod` strategy
- type: object
- operatorNamespace:
- description: The namespace where to run the builder
- Pod (must be the same of the operator in charge of
- this Build reconciliation).
- type: string
- orderStrategy:
- description: the build order strategy to adopt
- enum:
- - dependencies
- - fifo
- - sequential
- type: string
- platforms:
- description: The list of platforms used in order to
- build a container image.
- items:
- type: string
- type: array
- requestCPU:
- description: The minimum amount of CPU required. Only
- used for `pod` strategy
- type: string
- requestMemory:
- description: The minimum amount of memory required.
- Only used for `pod` strategy
- type: string
- strategy:
- description: the strategy to adopt
- enum:
- - routine
- - pod
- type: string
- toolImage:
- description: The container image to be used to run the
- build.
- type: string
- type: object
- dependencies:
- description: the list of dependencies to use for this build
- items:
- type: string
- type: array
- maven:
- description: the configuration required by Maven for the
- application build phase
- properties:
- caSecrets:
- description: |-
- The Secrets name and key, containing the CA certificate(s) used to connect
- to remote Maven repositories.
- It can contain X.509 certificates, and PKCS#7 formatted certificate chains.
- A JKS formatted keystore is automatically created to store the CA certificate(s),
- and configured to be used as a trusted certificate(s) by the Maven commands.
- Note that the root CA certificates are also imported into the created keystore.
- items:
- description: SecretKeySelector selects a key of a
- Secret.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the Secret or its
- key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: array
- cliOptions:
- description: |-
- The CLI options that are appended to the list of arguments for Maven commands,
- e.g., `-V,--no-transfer-progress,-Dstyle.color=never`.
- See https://maven.apache.org/ref/3.8.4/maven-embedder/cli.html.
- items:
- type: string
- type: array
- extension:
- description: |-
- The Maven build extensions.
- See https://maven.apache.org/guides/mini/guide-using-extensions.html.
- items:
- description: MavenArtifact defines a GAV (Group:Artifact:Type:Version:Classifier)
- Maven artifact.
- properties:
- artifactId:
- description: Maven Artifact
- type: string
- classifier:
- description: Maven Classifier
- type: string
- groupId:
- description: Maven Group
- type: string
- type:
- description: Maven Type
- type: string
- version:
- description: Maven Version
- type: string
- required:
- - artifactId
- - groupId
- type: object
- type: array
- localRepository:
- description: The path of the local Maven repository.
- type: string
- profiles:
- description: |-
- A reference to the ConfigMap or Secret key that contains
- the Maven profile.
- items:
- description: ValueSource --.
- properties:
- configMapKeyRef:
- description: Selects a key of a ConfigMap.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the ConfigMap
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secretKeyRef:
- description: Selects a key of a secret.
- properties:
- key:
- description: The key of the secret to select
- from. Must be a valid secret key.
- type: string
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the Secret or
- its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- type: array
- properties:
- additionalProperties:
- type: string
- description: The Maven properties.
- type: object
- repositories:
- description: additional repositories
- items:
- description: Repository defines a Maven repository.
- properties:
- id:
- description: identifies the repository
- type: string
- name:
- description: name of the repository
- type: string
- releases:
- description: can use stable releases
- properties:
- checksumPolicy:
- description: |-
- When Maven deploys files to the repository, it also deploys corresponding checksum files.
- Your options are to `ignore`, `fail`, or `warn` on missing or incorrect checksums.
- type: string
- enabled:
- description: is the policy activated or not
- type: boolean
- updatePolicy:
- description: |-
- This element specifies how often updates should attempt to occur.
- Maven will compare the local POM's timestamp (stored in a repository's maven-metadata file) to the remote.
- The choices are: `always`, `daily` (default), `interval:X` (where X is an integer in minutes) or `never`
- type: string
- required:
- - enabled
- type: object
- snapshots:
- description: can use snapshot
- properties:
- checksumPolicy:
- description: |-
- When Maven deploys files to the repository, it also deploys corresponding checksum files.
- Your options are to `ignore`, `fail`, or `warn` on missing or incorrect checksums.
- type: string
- enabled:
- description: is the policy activated or not
- type: boolean
- updatePolicy:
- description: |-
- This element specifies how often updates should attempt to occur.
- Maven will compare the local POM's timestamp (stored in a repository's maven-metadata file) to the remote.
- The choices are: `always`, `daily` (default), `interval:X` (where X is an integer in minutes) or `never`
- type: string
- required:
- - enabled
- type: object
- url:
- description: location of the repository
- type: string
- required:
- - id
- - url
- type: object
- type: array
- servers:
- description: Servers (auth)
- items:
- description: Server see link:https://maven.apache.org/settings.html[Maven
- settings].
- properties:
- configuration:
- additionalProperties:
- type: string
- description: Properties -- .
- type: object
- id:
- type: string
- password:
- type: string
- username:
- type: string
- type: object
- type: array
- settings:
- description: |-
- A reference to the ConfigMap or Secret key that contains
- the Maven settings.
- properties:
- configMapKeyRef:
- description: Selects a key of a ConfigMap.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the ConfigMap or
- its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secretKeyRef:
- description: Selects a key of a secret.
- properties:
- key:
- description: The key of the secret to select
- from. Must be a valid secret key.
- type: string
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the Secret or its
- key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- settingsSecurity:
- description: |-
- A reference to the ConfigMap or Secret key that contains
- the security of the Maven settings.
- properties:
- configMapKeyRef:
- description: Selects a key of a ConfigMap.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the ConfigMap or
- its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secretKeyRef:
- description: Selects a key of a secret.
- properties:
- key:
- description: The key of the secret to select
- from. Must be a valid secret key.
- type: string
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the Secret or its
- key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- type: object
- name:
- description: name of the task
- type: string
- runtime:
- description: the configuration required for the runtime
- application
- properties:
- applicationClass:
- description: application entry point (main) to be executed
- type: string
- capabilities:
- additionalProperties:
- description: |-
- Capability is a particular feature which requires a well known set of dependencies and other properties
- which are specified in the runtime catalog.
- properties:
- buildTimeProperties:
- description: Set of required Camel build time
- properties
- items:
- description: CamelProperty represents a Camel
- property that may end up in an application.properties
- file.
- properties:
- key:
- type: string
- value:
- type: string
- required:
- - key
- type: object
- type: array
- dependencies:
- description: List of required Maven dependencies
- items:
- description: MavenArtifact defines a GAV (Group:Artifact:Type:Version:Classifier)
- Maven artifact.
- properties:
- artifactId:
- description: Maven Artifact
- type: string
- classifier:
- description: Maven Classifier
- type: string
- groupId:
- description: Maven Group
- type: string
- type:
- description: Maven Type
- type: string
- version:
- description: Maven Version
- type: string
- required:
- - artifactId
- - groupId
- type: object
- type: array
- metadata:
- additionalProperties:
- type: string
- description: Set of generic metadata
- type: object
- runtimeProperties:
- description: Set of required Camel runtime properties
- items:
- description: CamelProperty represents a Camel
- property that may end up in an application.properties
- file.
- properties:
- key:
- type: string
- value:
- type: string
- required:
- - key
- type: object
- type: array
- type: object
- description: features offered by this runtime
- type: object
- dependencies:
- description: list of dependencies needed to run the
- application
- items:
- description: MavenArtifact defines a GAV (Group:Artifact:Type:Version:Classifier)
- Maven artifact.
- properties:
- artifactId:
- description: Maven Artifact
- type: string
- classifier:
- description: Maven Classifier
- type: string
- groupId:
- description: Maven Group
- type: string
- type:
- description: Maven Type
- type: string
- version:
- description: Maven Version
- type: string
- required:
- - artifactId
- - groupId
- type: object
- type: array
- metadata:
- additionalProperties:
- type: string
- description: set of metadata
- type: object
- provider:
- description: Camel main application provider, ie, Camel
- Quarkus
- type: string
- version:
- description: Camel K Runtime version
- type: string
- required:
- - applicationClass
- - dependencies
- - provider
- - version
- type: object
- sources:
- description: the sources to add at build time
- items:
- description: SourceSpec defines the configuration for
- one or more routes to be executed in a certain Camel
- DSL language.
- properties:
- compression:
- description: if the content is compressed (base64
- encrypted)
- type: boolean
- content:
- description: the source code (plain text)
- type: string
- contentKey:
- description: the confimap key holding the source content
- type: string
- contentRef:
- description: the confimap reference holding the source
- content
- type: string
- contentType:
- description: the content type (tipically text or binary)
- type: string
- from-kamelet:
- description: True if the spec is generated from a
- Kamelet
- type: boolean
- interceptors:
- description: |-
- Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader
- uses to pre/post process sources
- items:
- type: string
- type: array
- language:
- description: specify which is the language (Camel
- DSL) used to interpret this source code
- type: string
- loader:
- description: |-
- Loader is an optional id of the org.apache.camel.k.RoutesLoader that will
- interpret this source at runtime
- type: string
- name:
- description: the name of the specification
- type: string
- path:
- description: the path where the file is stored
- type: string
- property-names:
- description: List of property names defined in the
- source (e.g. if type is "template")
- items:
- type: string
- type: array
- rawContent:
- description: the source code (binary)
- format: byte
- type: string
- type:
- description: Type defines the kind of source described
- by this object
- type: string
- type: object
- type: array
- steps:
- description: the list of steps to execute (see pkg/builder/)
- items:
- type: string
- type: array
- type: object
- s2i:
- description: a S2iTask, for S2I strategy
- properties:
- baseImage:
- description: base image layer
- type: string
- configuration:
- description: The configuration that should be used to perform
- the Build.
- properties:
- annotations:
- additionalProperties:
- type: string
- description: Annotation to use for the builder pod.
- Only used for `pod` strategy
- type: object
- limitCPU:
- description: The maximum amount of CPU required. Only
- used for `pod` strategy
- type: string
- limitMemory:
- description: The maximum amount of memory required.
- Only used for `pod` strategy
- type: string
- nodeSelector:
- additionalProperties:
- type: string
- description: The node selector for the builder pod.
- Only used for `pod` strategy
- type: object
- operatorNamespace:
- description: The namespace where to run the builder
- Pod (must be the same of the operator in charge of
- this Build reconciliation).
- type: string
- orderStrategy:
- description: the build order strategy to adopt
- enum:
- - dependencies
- - fifo
- - sequential
- type: string
- platforms:
- description: The list of platforms used in order to
- build a container image.
- items:
- type: string
- type: array
- requestCPU:
- description: The minimum amount of CPU required. Only
- used for `pod` strategy
- type: string
- requestMemory:
- description: The minimum amount of memory required.
- Only used for `pod` strategy
- type: string
- strategy:
- description: the strategy to adopt
- enum:
- - routine
- - pod
- type: string
- toolImage:
- description: The container image to be used to run the
- build.
- type: string
- type: object
- contextDir:
- description: can be useful to share info with other tasks
- type: string
- image:
- description: final image name
- type: string
- name:
- description: name of the task
- type: string
- registry:
- description: where to publish the final image
- properties:
- address:
- description: the URI to access
- type: string
- ca:
- description: the configmap which stores the Certificate
- Authority
- type: string
- insecure:
- description: if the container registry is insecure (ie,
- http only)
- type: boolean
- organization:
- description: the registry organization
- type: string
- secret:
- description: the secret where credentials are stored
- type: string
- type: object
- tag:
- description: used by the ImageStream
- type: string
- type: object
- spectrum:
- description: |-
- a SpectrumTask, for Spectrum strategy
- Deprecated: use jib, s2i or a custom publishing strategy instead
- properties:
- baseImage:
- description: base image layer
- type: string
- configuration:
- description: The configuration that should be used to perform
- the Build.
- properties:
- annotations:
- additionalProperties:
- type: string
- description: Annotation to use for the builder pod.
- Only used for `pod` strategy
- type: object
- limitCPU:
- description: The maximum amount of CPU required. Only
- used for `pod` strategy
- type: string
- limitMemory:
- description: The maximum amount of memory required.
- Only used for `pod` strategy
- type: string
- nodeSelector:
- additionalProperties:
- type: string
- description: The node selector for the builder pod.
- Only used for `pod` strategy
- type: object
- operatorNamespace:
- description: The namespace where to run the builder
- Pod (must be the same of the operator in charge of
- this Build reconciliation).
- type: string
- orderStrategy:
- description: the build order strategy to adopt
- enum:
- - dependencies
- - fifo
- - sequential
- type: string
- platforms:
- description: The list of platforms used in order to
- build a container image.
- items:
- type: string
- type: array
- requestCPU:
- description: The minimum amount of CPU required. Only
- used for `pod` strategy
- type: string
- requestMemory:
- description: The minimum amount of memory required.
- Only used for `pod` strategy
- type: string
- strategy:
- description: the strategy to adopt
- enum:
- - routine
- - pod
- type: string
- toolImage:
- description: The container image to be used to run the
- build.
- type: string
- type: object
- contextDir:
- description: can be useful to share info with other tasks
- type: string
- image:
- description: final image name
- type: string
- name:
- description: name of the task
- type: string
- registry:
- description: where to publish the final image
- properties:
- address:
- description: the URI to access
- type: string
- ca:
- description: the configmap which stores the Certificate
- Authority
- type: string
- insecure:
- description: if the container registry is insecure (ie,
- http only)
- type: boolean
- organization:
- description: the registry organization
- type: string
- secret:
- description: the secret where credentials are stored
- type: string
- type: object
- type: object
- type: object
- type: array
- timeout:
- description: |-
- Timeout defines the Build maximum execution duration.
- The Build deadline is set to the Build start time plus the Timeout duration.
- If the Build deadline is exceeded, the Build context is canceled,
- and its phase set to BuildPhaseFailed.
- format: duration
- type: string
- toolImage:
- description: |-
- The container image to be used to run the build.
- Deprecated: no longer in use in Camel K 2 - maintained for backward compatibility
- type: string
- type: object
- status:
- description: BuildStatus defines the observed state of Build.
- properties:
- artifacts:
- description: a list of artifacts contained in the build
- items:
- description: Artifact represents a materialized artifact (a jar
- dependency or in general a file used by the build).
- properties:
- checksum:
- description: a checksum (SHA1) of the content
- type: string
- id:
- description: the identification (GAV for maven dependencies
- or file name for other file types)
- type: string
- location:
- description: where it is located in the builder `Pod`
- type: string
- target:
- description: the expected location in the runtime
- type: string
- required:
- - id
- type: object
- type: array
- baseImage:
- description: the base image used for this build
- type: string
- conditions:
- description: a list of conditions occurred during the build
- items:
- description: BuildCondition describes the state of a resource at
- a certain point.
- properties:
- lastTransitionTime:
- description: Last time the condition transitioned from one status
- to another.
- format: date-time
- type: string
- lastUpdateTime:
- description: The last time this condition was updated.
- format: date-time
- type: string
- message:
- description: A human-readable message indicating details about
- the transition.
- type: string
- reason:
- description: The reason for the condition's last transition.
- type: string
- status:
- description: Status of the condition, one of True, False, Unknown.
- type: string
- type:
- description: Type of integration condition.
- type: string
- required:
- - status
- - type
- type: object
- type: array
- digest:
- description: the digest from image
- type: string
- duration:
- description: |-
- how long it took for the build
- Change to Duration / ISO 8601 when CRD uses OpenAPI spec v3
- https://github.com/OAI/OpenAPI-Specification/issues/845
- type: string
- error:
- description: the error description (if any)
- type: string
- failure:
- description: the reason of the failure (if any)
- properties:
- reason:
- description: a short text specifying the reason
- type: string
- recovery:
- description: the recovery attempted for this failure
- properties:
- attempt:
- description: attempt number
- type: integer
- attemptMax:
- description: maximum number of attempts
- type: integer
- attemptTime:
- description: time of the attempt execution
- format: date-time
- type: string
- required:
- - attempt
- - attemptMax
- type: object
- time:
- description: the time when the failure has happened
- format: date-time
- type: string
- required:
- - reason
- - recovery
- - time
- type: object
- image:
- description: the image name built
- type: string
- observedGeneration:
- description: ObservedGeneration is the most recent generation observed
- for this Build.
- format: int64
- type: integer
- phase:
- description: describes the phase
- type: string
- rootImage:
- description: root image (the first image from which the incremental
- image has started)
- type: string
- startedAt:
- description: the time when it started
- format: date-time
- type: string
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
diff --git a/helm/camel-k/crds/crd-camel-catalog.yaml b/helm/camel-k/crds/crd-camel-catalog.yaml
deleted file mode 100644
index 3ab9ef6fd7..0000000000
--- a/helm/camel-k/crds/crd-camel-catalog.yaml
+++ /dev/null
@@ -1,544 +0,0 @@
-# ---------------------------------------------------------------------------
-# Licensed to the Apache Software Foundation (ASF) under one or more
-# contributor license agreements. See the NOTICE file distributed with
-# this work for additional information regarding copyright ownership.
-# The ASF licenses this file to You under the Apache License, Version 2.0
-# (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-# ---------------------------------------------------------------------------
-
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.15.0
- name: camelcatalogs.camel.apache.org
-spec:
- group: camel.apache.org
- names:
- categories:
- - kamel
- - camel
- kind: CamelCatalog
- listKind: CamelCatalogList
- plural: camelcatalogs
- shortNames:
- - cc
- singular: camelcatalog
- scope: Namespaced
- versions:
- - additionalPrinterColumns:
- - description: The Runtime provider
- jsonPath: .spec.runtime.provider
- name: Runtime Provider
- type: string
- - description: The Runtime version
- jsonPath: .spec.runtime.version
- name: Runtime Version
- type: string
- - description: The Camel version
- jsonPath: .spec.runtime.metadata.camel\.version
- name: Runtime Camel Version
- type: string
- - description: The catalog phase
- jsonPath: .status.phase
- name: Phase
- type: string
- name: v1
- schema:
- openAPIV3Schema:
- description: CamelCatalog represents the languages, components, data formats
- and capabilities enabled on a given runtime provider. The catalog may be
- statically generated.
- properties:
- apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
- type: string
- kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
- type: string
- metadata:
- type: object
- spec:
- description: the desired state of the catalog
- properties:
- artifacts:
- additionalProperties:
- description: CamelArtifact represent the configuration for a feature
- offered by Camel.
- properties:
- artifactId:
- description: Maven Artifact
- type: string
- classifier:
- description: Maven Classifier
- type: string
- dataformats:
- description: accepted data formats
- items:
- type: string
- type: array
- dependencies:
- description: required dependencies
- items:
- description: CamelArtifactDependency represent a maven's dependency.
- properties:
- artifactId:
- description: Maven Artifact
- type: string
- classifier:
- description: Maven Classifier
- type: string
- exclusions:
- description: provide a list of artifacts to exclude for
- this dependency
- items:
- description: CamelArtifactExclusion represents an exclusion
- clause.
- properties:
- artifactId:
- description: Maven Artifact
- type: string
- groupId:
- description: Maven Group
- type: string
- required:
- - artifactId
- - groupId
- type: object
- type: array
- groupId:
- description: Maven Group
- type: string
- type:
- description: Maven Type
- type: string
- version:
- description: Maven Version
- type: string
- required:
- - artifactId
- - groupId
- type: object
- type: array
- exclusions:
- description: provide a list of artifacts to exclude for this
- dependency
- items:
- description: CamelArtifactExclusion represents an exclusion
- clause.
- properties:
- artifactId:
- description: Maven Artifact
- type: string
- groupId:
- description: Maven Group
- type: string
- required:
- - artifactId
- - groupId
- type: object
- type: array
- groupId:
- description: Maven Group
- type: string
- javaTypes:
- description: the Java types used by the artifact feature (ie,
- component, data format, ...)
- items:
- type: string
- type: array
- languages:
- description: accepted languages
- items:
- type: string
- type: array
- schemes:
- description: accepted URI schemes
- items:
- description: CamelScheme represents the scheme used to identify
- a component in a URI (ie, timer in a timer:xyz endpoint
- URI).
- properties:
- consumer:
- description: required scope for consumer
- properties:
- dependencies:
- description: list of dependencies needed for this
- scope
- items:
- description: CamelArtifactDependency represent a
- maven's dependency.
- properties:
- artifactId:
- description: Maven Artifact
- type: string
- classifier:
- description: Maven Classifier
- type: string
- exclusions:
- description: provide a list of artifacts to
- exclude for this dependency
- items:
- description: CamelArtifactExclusion represents
- an exclusion clause.
- properties:
- artifactId:
- description: Maven Artifact
- type: string
- groupId:
- description: Maven Group
- type: string
- required:
- - artifactId
- - groupId
- type: object
- type: array
- groupId:
- description: Maven Group
- type: string
- type:
- description: Maven Type
- type: string
- version:
- description: Maven Version
- type: string
- required:
- - artifactId
- - groupId
- type: object
- type: array
- type: object
- http:
- description: is a HTTP based scheme
- type: boolean
- id:
- description: the ID (ie, timer in a timer:xyz URI)
- type: string
- passive:
- description: is a passive scheme
- type: boolean
- producer:
- description: required scope for producers
- properties:
- dependencies:
- description: list of dependencies needed for this
- scope
- items:
- description: CamelArtifactDependency represent a
- maven's dependency.
- properties:
- artifactId:
- description: Maven Artifact
- type: string
- classifier:
- description: Maven Classifier
- type: string
- exclusions:
- description: provide a list of artifacts to
- exclude for this dependency
- items:
- description: CamelArtifactExclusion represents
- an exclusion clause.
- properties:
- artifactId:
- description: Maven Artifact
- type: string
- groupId:
- description: Maven Group
- type: string
- required:
- - artifactId
- - groupId
- type: object
- type: array
- groupId:
- description: Maven Group
- type: string
- type:
- description: Maven Type
- type: string
- version:
- description: Maven Version
- type: string
- required:
- - artifactId
- - groupId
- type: object
- type: array
- type: object
- required:
- - http
- - id
- - passive
- type: object
- type: array
- type:
- description: Maven Type
- type: string
- version:
- description: Maven Version
- type: string
- required:
- - artifactId
- - groupId
- type: object
- description: artifacts required by this catalog
- type: object
- loaders:
- additionalProperties:
- description: CamelLoader represents the configuration required to
- load a DSL.
- properties:
- artifactId:
- description: Maven Artifact
- type: string
- classifier:
- description: Maven Classifier
- type: string
- dependencies:
- description: a list of additional dependencies required beside
- the base one
- items:
- description: MavenArtifact defines a GAV (Group:Artifact:Type:Version:Classifier)
- Maven artifact.
- properties:
- artifactId:
- description: Maven Artifact
- type: string
- classifier:
- description: Maven Classifier
- type: string
- groupId:
- description: Maven Group
- type: string
- type:
- description: Maven Type
- type: string
- version:
- description: Maven Version
- type: string
- required:
- - artifactId
- - groupId
- type: object
- type: array
- groupId:
- description: Maven Group
- type: string
- languages:
- description: a list of DSLs supported
- items:
- type: string
- type: array
- metadata:
- additionalProperties:
- type: string
- description: the metadata of the loader
- type: object
- type:
- description: Maven Type
- type: string
- version:
- description: Maven Version
- type: string
- required:
- - artifactId
- - groupId
- type: object
- description: loaders required by this catalog
- type: object
- runtime:
- description: the runtime targeted for the catalog
- properties:
- applicationClass:
- description: application entry point (main) to be executed
- type: string
- capabilities:
- additionalProperties:
- description: |-
- Capability is a particular feature which requires a well known set of dependencies and other properties
- which are specified in the runtime catalog.
- properties:
- buildTimeProperties:
- description: Set of required Camel build time properties
- items:
- description: CamelProperty represents a Camel property
- that may end up in an application.properties file.
- properties:
- key:
- type: string
- value:
- type: string
- required:
- - key
- type: object
- type: array
- dependencies:
- description: List of required Maven dependencies
- items:
- description: MavenArtifact defines a GAV (Group:Artifact:Type:Version:Classifier)
- Maven artifact.
- properties:
- artifactId:
- description: Maven Artifact
- type: string
- classifier:
- description: Maven Classifier
- type: string
- groupId:
- description: Maven Group
- type: string
- type:
- description: Maven Type
- type: string
- version:
- description: Maven Version
- type: string
- required:
- - artifactId
- - groupId
- type: object
- type: array
- metadata:
- additionalProperties:
- type: string
- description: Set of generic metadata
- type: object
- runtimeProperties:
- description: Set of required Camel runtime properties
- items:
- description: CamelProperty represents a Camel property
- that may end up in an application.properties file.
- properties:
- key:
- type: string
- value:
- type: string
- required:
- - key
- type: object
- type: array
- type: object
- description: features offered by this runtime
- type: object
- dependencies:
- description: list of dependencies needed to run the application
- items:
- description: MavenArtifact defines a GAV (Group:Artifact:Type:Version:Classifier)
- Maven artifact.
- properties:
- artifactId:
- description: Maven Artifact
- type: string
- classifier:
- description: Maven Classifier
- type: string
- groupId:
- description: Maven Group
- type: string
- type:
- description: Maven Type
- type: string
- version:
- description: Maven Version
- type: string
- required:
- - artifactId
- - groupId
- type: object
- type: array
- metadata:
- additionalProperties:
- type: string
- description: set of metadata
- type: object
- provider:
- description: Camel main application provider, ie, Camel Quarkus
- type: string
- version:
- description: Camel K Runtime version
- type: string
- required:
- - applicationClass
- - dependencies
- - provider
- - version
- type: object
- required:
- - artifacts
- - loaders
- - runtime
- type: object
- status:
- description: the actual state of the catalog
- properties:
- conditions:
- description: a list of events happened for the CamelCatalog
- items:
- description: CamelCatalogCondition describes the state of a resource
- at a certain point.
- properties:
- lastTransitionTime:
- description: Last time the condition transitioned from one status
- to another.
- format: date-time
- type: string
- lastUpdateTime:
- description: The last time this condition was updated.
- format: date-time
- type: string
- message:
- description: A human-readable message indicating details about
- the transition.
- type: string
- reason:
- description: The reason for the condition's last transition.
- type: string
- status:
- description: Status of the condition, one of True, False, Unknown.
- type: string
- type:
- description: Type of CamelCatalog condition.
- type: string
- required:
- - status
- - type
- type: object
- type: array
- image:
- description: the container image available for building an application
- with this catalog
- type: string
- observedGeneration:
- description: ObservedGeneration is the most recent generation observed
- for this Catalog.
- format: int64
- type: integer
- phase:
- description: the actual phase
- type: string
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
diff --git a/helm/camel-k/crds/crd-integration-kit.yaml b/helm/camel-k/crds/crd-integration-kit.yaml
deleted file mode 100644
index 0c9c03bec8..0000000000
--- a/helm/camel-k/crds/crd-integration-kit.yaml
+++ /dev/null
@@ -1,572 +0,0 @@
-# ---------------------------------------------------------------------------
-# Licensed to the Apache Software Foundation (ASF) under one or more
-# contributor license agreements. See the NOTICE file distributed with
-# this work for additional information regarding copyright ownership.
-# The ASF licenses this file to You under the Apache License, Version 2.0
-# (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-# ---------------------------------------------------------------------------
-
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.15.0
- name: integrationkits.camel.apache.org
-spec:
- group: camel.apache.org
- names:
- categories:
- - kamel
- - camel
- kind: IntegrationKit
- listKind: IntegrationKitList
- plural: integrationkits
- shortNames:
- - ik
- singular: integrationkit
- scope: Namespaced
- versions:
- - additionalPrinterColumns:
- - description: The integration kit alias
- jsonPath: .metadata.labels.camel\.apache\.org\/kit\.alias
- name: Alias
- type: string
- - description: The integration kit phase
- jsonPath: .status.phase
- name: Phase
- type: string
- - description: The integration kit type
- jsonPath: .metadata.labels.camel\.apache\.org\/kit\.type
- name: Type
- type: string
- - description: The integration kit layout
- jsonPath: .metadata.labels.camel\.apache\.org\/kit\.layout
- name: Layout
- type: string
- - description: The integration kit image
- jsonPath: .status.image
- name: Image
- type: string
- - description: The integration kit root image
- jsonPath: .status.rootImage
- name: Root
- type: string
- name: v1
- schema:
- openAPIV3Schema:
- description: |-
- IntegrationKit defines a container image and additional configuration needed to run an `Integration`.
- An `IntegrationKit` is a generic image generally built from the requirements of an `Integration`, but agnostic to it,
- in order to be reused by any other `Integration` which has the same required set of capabilities. An `IntegrationKit`
- may be used for other kits as a base container layer, when the `incremental` build option is enabled.
- properties:
- apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
- type: string
- kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
- type: string
- metadata:
- type: object
- spec:
- description: the desired configuration
- properties:
- capabilities:
- description: features offered by the IntegrationKit
- items:
- type: string
- type: array
- configuration:
- description: |-
- Deprecated:
- Use camel trait (camel.properties) to manage properties
- Use mount trait (mount.configs) to manage configs
- Use mount trait (mount.resources) to manage resources
- Use mount trait (mount.volumes) to manage volumes
- configuration used by the kit
- items:
- description: ConfigurationSpec represents a generic configuration
- specification.
- properties:
- type:
- description: 'represents the type of configuration, ie: property,
- configmap, secret, ...'
- type: string
- value:
- description: the value to assign to the configuration (syntax
- may vary depending on the `Type`)
- type: string
- required:
- - type
- - value
- type: object
- type: array
- dependencies:
- description: a list of Camel dependecies used by this kit
- items:
- type: string
- type: array
- image:
- description: the container image as identified in the container registry
- type: string
- profile:
- description: the profile which is expected by this kit
- type: string
- repositories:
- description: Maven repositories that can be used by the kit
- items:
- type: string
- type: array
- sources:
- description: the sources to add at build time
- items:
- description: SourceSpec defines the configuration for one or more
- routes to be executed in a certain Camel DSL language.
- properties:
- compression:
- description: if the content is compressed (base64 encrypted)
- type: boolean
- content:
- description: the source code (plain text)
- type: string
- contentKey:
- description: the confimap key holding the source content
- type: string
- contentRef:
- description: the confimap reference holding the source content
- type: string
- contentType:
- description: the content type (tipically text or binary)
- type: string
- from-kamelet:
- description: True if the spec is generated from a Kamelet
- type: boolean
- interceptors:
- description: |-
- Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader
- uses to pre/post process sources
- items:
- type: string
- type: array
- language:
- description: specify which is the language (Camel DSL) used
- to interpret this source code
- type: string
- loader:
- description: |-
- Loader is an optional id of the org.apache.camel.k.RoutesLoader that will
- interpret this source at runtime
- type: string
- name:
- description: the name of the specification
- type: string
- path:
- description: the path where the file is stored
- type: string
- property-names:
- description: List of property names defined in the source (e.g.
- if type is "template")
- items:
- type: string
- type: array
- rawContent:
- description: the source code (binary)
- format: byte
- type: string
- type:
- description: Type defines the kind of source described by this
- object
- type: string
- type: object
- type: array
- traits:
- description: traits that the kit will execute
- properties:
- addons:
- additionalProperties:
- description: AddonTrait represents the configuration of an addon
- trait.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- description: The collection of addon trait configurations
- type: object
- builder:
- description: The builder trait is internally used to determine
- the best strategy to build and configure IntegrationKits.
- properties:
- annotations:
- additionalProperties:
- type: string
- description: When using `pod` strategy, annotation to use
- for the builder pod.
- type: object
- baseImage:
- description: |-
- Specify a base image. In order to have the application working properly it must be a container image which has a Java JDK
- installed and ready to use on path (ie `/usr/bin/java`).
- type: string
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- incrementalImageBuild:
- description: Use the incremental image build option, to reuse
- existing containers (default `true`)
- type: boolean
- limitCPU:
- description: |-
- When using `pod` strategy, the maximum amount of CPU required by the pod builder.
- Deprecated: use TasksRequestCPU instead with task name `builder`.
- type: string
- limitMemory:
- description: |-
- When using `pod` strategy, the maximum amount of memory required by the pod builder.
- Deprecated: use TasksRequestCPU instead with task name `builder`.
- type: string
- mavenProfiles:
- description: |-
- A list of references pointing to configmaps/secrets that contains a maven profile.
- This configmap/secret is a resource of the IntegrationKit created, therefore it needs to be present in the namespace where the operator is going to create the IntegrationKit.
- The content of the maven profile is expected to be a text containing a valid maven profile starting with `` and ending with `` that will be integrated as an inline profile in the POM.
- Syntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = profile.xml).
- items:
- type: string
- type: array
- nodeSelector:
- additionalProperties:
- type: string
- description: Defines a set of nodes the builder pod is eligible
- to be scheduled on, based on labels on the node.
- type: object
- orderStrategy:
- description: The build order strategy to use, either `dependencies`,
- `fifo` or `sequential` (default is the platform default)
- enum:
- - dependencies
- - fifo
- - sequential
- type: string
- platforms:
- description: The list of manifest platforms to use to build
- a container image (default `linux/amd64`).
- items:
- type: string
- type: array
- properties:
- description: A list of properties to be provided to the build
- task
- items:
- type: string
- type: array
- requestCPU:
- description: |-
- When using `pod` strategy, the minimum amount of CPU required by the pod builder.
- Deprecated: use TasksRequestCPU instead with task name `builder`.
- type: string
- requestMemory:
- description: |-
- When using `pod` strategy, the minimum amount of memory required by the pod builder.
- Deprecated: use TasksRequestCPU instead with task name `builder`.
- type: string
- strategy:
- description: The strategy to use, either `pod` or `routine`
- (default `routine`)
- enum:
- - pod
- - routine
- type: string
- tasks:
- description: A list of tasks to be executed (available only
- when using `pod` strategy) with format `;;`.
- items:
- type: string
- type: array
- tasksFilter:
- description: |-
- A list of tasks sorted by the order of execution in a csv format, ie, `,,...`.
- Mind that you must include also the operator tasks (`builder`, `quarkus-native`, `package`, `jib`, `s2i`)
- if you need to execute them. Useful only with `pod` strategy.
- type: string
- tasksLimitCPU:
- description: A list of limit cpu configuration for the specific
- task with format `:`.
- items:
- type: string
- type: array
- tasksLimitMemory:
- description: A list of limit memory configuration for the
- specific task with format `:`.
- items:
- type: string
- type: array
- tasksRequestCPU:
- description: A list of request cpu configuration for the specific
- task with format `:`.
- items:
- type: string
- type: array
- tasksRequestMemory:
- description: A list of request memory configuration for the
- specific task with format `:`.
- items:
- type: string
- type: array
- verbose:
- description: |-
- Enable verbose logging on build components that support it (e.g. Kaniko build pod).
- Deprecated no longer in use
- type: boolean
- type: object
- camel:
- description: The Camel trait sets up Camel configuration.
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- properties:
- description: A list of properties to be provided to the Integration
- runtime
- items:
- type: string
- type: array
- runtimeVersion:
- description: |-
- The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform.
- You can use a fixed version (for example "3.2.3") or a semantic version (for example "3.x") which will try to resolve
- to the best matching Catalog existing on the cluster.
- type: string
- type: object
- quarkus:
- description: |-
- The Quarkus trait configures the Quarkus runtime.
- It's enabled by default.
- NOTE: Compiling to a native executable, requires at least 4GiB of memory, so the Pod running the native build must have enough memory available.
- properties:
- buildMode:
- description: |-
- The Quarkus mode to run: either `jvm` or `native` (default `jvm`).
- In case both `jvm` and `native` are specified, two `IntegrationKit` resources are created,
- with the `native` kit having precedence over the `jvm` one once ready.
- items:
- description: QuarkusMode is the type of Quarkus build packaging.
- enum:
- - jvm
- - native
- type: string
- type: array
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- nativeBaseImage:
- description: The base image to use when running a native build
- (default `quay.io/quarkus/quarkus-micro-image:2.0`)
- type: string
- nativeBuilderImage:
- description: The image containing the tooling required for
- a native build (by default it will use the one provided
- in the runtime catalog)
- type: string
- packageTypes:
- description: |-
- The Quarkus package types, `fast-jar` or `native` (default `fast-jar`).
- In case both `fast-jar` and `native` are specified, two `IntegrationKit` resources are created,
- with the native kit having precedence over the `fast-jar` one once ready.
- The order influences the resolution of the current kit for the integration.
- The kit corresponding to the first package type will be assigned to the
- integration in case no existing kit that matches the integration exists.
- Deprecated: use `build-mode` instead.
- items:
- description: |-
- QuarkusPackageType is the type of Quarkus build packaging.
- Deprecated: use `QuarkusMode` instead.
- enum:
- - fast-jar
- - native
- type: string
- type: array
- type: object
- registry:
- description: |-
- The Registry trait sets up Maven to use the Image registry as a Maven repository (support removed since version 2.5.0).
- Deprecated: use jvm trait or read documentation.
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- type: object
- type: object
- type: object
- status:
- description: the actual status
- properties:
- artifacts:
- description: list of artifacts used by the kit
- items:
- description: Artifact represents a materialized artifact (a jar
- dependency or in general a file used by the build).
- properties:
- checksum:
- description: a checksum (SHA1) of the content
- type: string
- id:
- description: the identification (GAV for maven dependencies
- or file name for other file types)
- type: string
- location:
- description: where it is located in the builder `Pod`
- type: string
- target:
- description: the expected location in the runtime
- type: string
- required:
- - id
- type: object
- type: array
- baseImage:
- description: base image used by the kit (could be another IntegrationKit)
- type: string
- conditions:
- description: a list of conditions which happened for the events related
- the kit
- items:
- description: IntegrationKitCondition describes the state of a resource
- at a certain point.
- properties:
- lastTransitionTime:
- description: Last time the condition transitioned from one status
- to another.
- format: date-time
- type: string
- lastUpdateTime:
- description: The last time this condition was updated.
- format: date-time
- type: string
- message:
- description: A human-readable message indicating details about
- the transition.
- type: string
- reason:
- description: The reason for the condition's last transition.
- type: string
- status:
- description: Status of the condition, one of True, False, Unknown.
- type: string
- type:
- description: Type of integration condition.
- type: string
- required:
- - status
- - type
- type: object
- type: array
- digest:
- description: actual image digest of the kit
- type: string
- failure:
- description: failure reason (if any)
- properties:
- reason:
- description: a short text specifying the reason
- type: string
- recovery:
- description: the recovery attempted for this failure
- properties:
- attempt:
- description: attempt number
- type: integer
- attemptMax:
- description: maximum number of attempts
- type: integer
- attemptTime:
- description: time of the attempt execution
- format: date-time
- type: string
- required:
- - attempt
- - attemptMax
- type: object
- time:
- description: the time when the failure has happened
- format: date-time
- type: string
- required:
- - reason
- - recovery
- - time
- type: object
- image:
- description: actual image name of the kit
- type: string
- observedGeneration:
- description: ObservedGeneration is the most recent generation observed
- for this IntegrationKit.
- format: int64
- type: integer
- phase:
- description: phase of the kit
- type: string
- platform:
- description: the platform for which this kit was configured
- type: string
- rootImage:
- description: root image used by the kit (the first image from which
- the incremental image has started, typically a JDK/JRE base image)
- type: string
- runtimeProvider:
- description: the runtime provider for which this kit was configured
- type: string
- runtimeVersion:
- description: the runtime version for which this kit was configured
- type: string
- version:
- description: the Camel K operator version for which this kit was configured
- type: string
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
diff --git a/helm/camel-k/crds/crd-integration-platform.yaml b/helm/camel-k/crds/crd-integration-platform.yaml
deleted file mode 100644
index c21fdca750..0000000000
--- a/helm/camel-k/crds/crd-integration-platform.yaml
+++ /dev/null
@@ -1,4241 +0,0 @@
-# ---------------------------------------------------------------------------
-# Licensed to the Apache Software Foundation (ASF) under one or more
-# contributor license agreements. See the NOTICE file distributed with
-# this work for additional information regarding copyright ownership.
-# The ASF licenses this file to You under the Apache License, Version 2.0
-# (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-# ---------------------------------------------------------------------------
-
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.15.0
- name: integrationplatforms.camel.apache.org
-spec:
- group: camel.apache.org
- names:
- categories:
- - kamel
- - camel
- kind: IntegrationPlatform
- listKind: IntegrationPlatformList
- plural: integrationplatforms
- shortNames:
- - itp
- singular: integrationplatform
- scope: Namespaced
- versions:
- - additionalPrinterColumns:
- - description: The integration platform phase
- jsonPath: .status.phase
- name: Phase
- type: string
- - description: The default build strategy
- jsonPath: .status.build.buildConfiguration.strategy
- name: Build strategy
- type: string
- - description: The default publish strategy
- jsonPath: .status.build.publishStrategy
- name: Publish strategy
- type: string
- - description: The container registry address
- jsonPath: .status.build.registry.address
- name: Registry address
- type: string
- - description: The default runtime version
- jsonPath: .status.build.runtimeVersion
- name: Default runtime
- type: string
- name: v1
- schema:
- openAPIV3Schema:
- description: |-
- IntegrationPlatform is the resource used to drive the Camel K operator behavior.
- It defines the behavior of all Custom Resources (`IntegrationKit`, `Integration`, `Kamelet`) in the given namespace.
- When the Camel K operator is installed in `global` mode,
- you will need to specify an `IntegrationPlatform` in each namespace where you want the Camel K operator to be executed.
- properties:
- apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
- type: string
- kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
- type: string
- metadata:
- type: object
- spec:
- description: IntegrationPlatformSpec defines the desired state of IntegrationPlatform.
- properties:
- build:
- description: specify how to build the Integration/IntegrationKits
- properties:
- PublishStrategyOptions:
- additionalProperties:
- type: string
- description: Generic options that can used by any publish strategy
- type: object
- baseImage:
- description: |-
- a base image that can be used as base layer for all images.
- It can be useful if you want to provide some custom base image with further utility software
- type: string
- buildCatalogToolTimeout:
- description: |-
- the timeout (in seconds) to use when creating the build tools container image
- Deprecated: no longer in use
- type: string
- buildConfiguration:
- description: the configuration required to build an Integration
- container image
- properties:
- annotations:
- additionalProperties:
- type: string
- description: Annotation to use for the builder pod. Only used
- for `pod` strategy
- type: object
- limitCPU:
- description: The maximum amount of CPU required. Only used
- for `pod` strategy
- type: string
- limitMemory:
- description: The maximum amount of memory required. Only used
- for `pod` strategy
- type: string
- nodeSelector:
- additionalProperties:
- type: string
- description: The node selector for the builder pod. Only used
- for `pod` strategy
- type: object
- operatorNamespace:
- description: The namespace where to run the builder Pod (must
- be the same of the operator in charge of this Build reconciliation).
- type: string
- orderStrategy:
- description: the build order strategy to adopt
- enum:
- - dependencies
- - fifo
- - sequential
- type: string
- platforms:
- description: The list of platforms used in order to build
- a container image.
- items:
- type: string
- type: array
- requestCPU:
- description: The minimum amount of CPU required. Only used
- for `pod` strategy
- type: string
- requestMemory:
- description: The minimum amount of memory required. Only used
- for `pod` strategy
- type: string
- strategy:
- description: the strategy to adopt
- enum:
- - routine
- - pod
- type: string
- toolImage:
- description: The container image to be used to run the build.
- type: string
- type: object
- maven:
- description: Maven configuration used to build the Camel/Camel-Quarkus
- applications
- properties:
- caSecrets:
- description: |-
- The Secrets name and key, containing the CA certificate(s) used to connect
- to remote Maven repositories.
- It can contain X.509 certificates, and PKCS#7 formatted certificate chains.
- A JKS formatted keystore is automatically created to store the CA certificate(s),
- and configured to be used as a trusted certificate(s) by the Maven commands.
- Note that the root CA certificates are also imported into the created keystore.
- items:
- description: SecretKeySelector selects a key of a Secret.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the Secret or its key must
- be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: array
- cliOptions:
- description: |-
- The CLI options that are appended to the list of arguments for Maven commands,
- e.g., `-V,--no-transfer-progress,-Dstyle.color=never`.
- See https://maven.apache.org/ref/3.8.4/maven-embedder/cli.html.
- items:
- type: string
- type: array
- extension:
- description: |-
- The Maven build extensions.
- See https://maven.apache.org/guides/mini/guide-using-extensions.html.
- items:
- description: MavenArtifact defines a GAV (Group:Artifact:Type:Version:Classifier)
- Maven artifact.
- properties:
- artifactId:
- description: Maven Artifact
- type: string
- classifier:
- description: Maven Classifier
- type: string
- groupId:
- description: Maven Group
- type: string
- type:
- description: Maven Type
- type: string
- version:
- description: Maven Version
- type: string
- required:
- - artifactId
- - groupId
- type: object
- type: array
- localRepository:
- description: The path of the local Maven repository.
- type: string
- profiles:
- description: |-
- A reference to the ConfigMap or Secret key that contains
- the Maven profile.
- items:
- description: ValueSource --.
- properties:
- configMapKeyRef:
- description: Selects a key of a ConfigMap.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the ConfigMap or its
- key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secretKeyRef:
- description: Selects a key of a secret.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the Secret or its key
- must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- type: array
- properties:
- additionalProperties:
- type: string
- description: The Maven properties.
- type: object
- settings:
- description: |-
- A reference to the ConfigMap or Secret key that contains
- the Maven settings.
- properties:
- configMapKeyRef:
- description: Selects a key of a ConfigMap.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the ConfigMap or its
- key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secretKeyRef:
- description: Selects a key of a secret.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the Secret or its key
- must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- settingsSecurity:
- description: |-
- A reference to the ConfigMap or Secret key that contains
- the security of the Maven settings.
- properties:
- configMapKeyRef:
- description: Selects a key of a ConfigMap.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the ConfigMap or its
- key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secretKeyRef:
- description: Selects a key of a secret.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the Secret or its key
- must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- type: object
- maxRunningBuilds:
- description: the maximum amount of parallel running pipelines
- started by this operator instance
- format: int32
- type: integer
- publishStrategy:
- description: the strategy to adopt for publishing an Integration
- container image
- type: string
- registry:
- description: the image registry used to push/pull Integration
- images
- properties:
- address:
- description: the URI to access
- type: string
- ca:
- description: the configmap which stores the Certificate Authority
- type: string
- insecure:
- description: if the container registry is insecure (ie, http
- only)
- type: boolean
- organization:
- description: the registry organization
- type: string
- secret:
- description: the secret where credentials are stored
- type: string
- type: object
- runtimeProvider:
- description: the runtime used. Likely Camel Quarkus (we used to
- have main runtime which has been discontinued since version
- 1.5)
- type: string
- runtimeVersion:
- description: the Camel K Runtime dependency version
- type: string
- timeout:
- description: how much time to wait before time out the pipeline
- process
- type: string
- type: object
- cluster:
- description: what kind of cluster you're running (ie, plain Kubernetes
- or OpenShift)
- type: string
- configuration:
- description: |-
- Deprecated:
- Use camel trait (camel.properties) to manage properties
- Use mount trait (mount.configs) to manage configs
- Use mount trait (mount.resources) to manage resources
- Use mount trait (mount.volumes) to manage volumes
- list of configuration properties to be attached to all the Integration/IntegrationKits built from this IntegrationPlatform
- items:
- description: ConfigurationSpec represents a generic configuration
- specification.
- properties:
- type:
- description: 'represents the type of configuration, ie: property,
- configmap, secret, ...'
- type: string
- value:
- description: the value to assign to the configuration (syntax
- may vary depending on the `Type`)
- type: string
- required:
- - type
- - value
- type: object
- type: array
- kamelet:
- description: configuration to be executed to all Kamelets controlled
- by this IntegrationPlatform
- properties:
- repositories:
- description: remote repository used to retrieve Kamelet catalog
- items:
- description: KameletRepositorySpec defines the location of the
- Kamelet catalog to use.
- properties:
- uri:
- description: the remote repository in the format github:ORG/REPO/PATH_TO_KAMELETS_FOLDER
- type: string
- type: object
- type: array
- type: object
- profile:
- description: |-
- the profile you wish to use. It will apply certain traits which are required by the specific profile chosen.
- It usually relates the Cluster with the optional definition of special profiles (ie, Knative)
- type: string
- traits:
- description: list of traits to be executed for all the Integration/IntegrationKits
- built from this IntegrationPlatform
- properties:
- 3scale:
- description: 'Deprecated: for backward compatibility.'
- properties:
- configuration:
- description: TraitConfiguration parameters configuration
- type: object
- x-kubernetes-preserve-unknown-fields: true
- required:
- - configuration
- type: object
- addons:
- additionalProperties:
- description: AddonTrait represents the configuration of an addon
- trait.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- description: The extension point with addon traits
- type: object
- affinity:
- description: The configuration of Affinity trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- nodeAffinityLabels:
- description: Defines a set of nodes the integration pod(s)
- are eligible to be scheduled on, based on labels on the
- node.
- items:
- type: string
- type: array
- podAffinity:
- description: Always co-locates multiple replicas of the integration
- in the same node (default `false`).
- type: boolean
- podAffinityLabels:
- description: |-
- Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the
- integration pod(s) should be co-located with.
- items:
- type: string
- type: array
- podAntiAffinity:
- description: Never co-locates multiple replicas of the integration
- in the same node (default `false`).
- type: boolean
- podAntiAffinityLabels:
- description: |-
- Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the
- integration pod(s) should not be co-located with.
- items:
- type: string
- type: array
- type: object
- builder:
- description: The configuration of Builder trait
- properties:
- annotations:
- additionalProperties:
- type: string
- description: When using `pod` strategy, annotation to use
- for the builder pod.
- type: object
- baseImage:
- description: |-
- Specify a base image. In order to have the application working properly it must be a container image which has a Java JDK
- installed and ready to use on path (ie `/usr/bin/java`).
- type: string
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- incrementalImageBuild:
- description: Use the incremental image build option, to reuse
- existing containers (default `true`)
- type: boolean
- limitCPU:
- description: |-
- When using `pod` strategy, the maximum amount of CPU required by the pod builder.
- Deprecated: use TasksRequestCPU instead with task name `builder`.
- type: string
- limitMemory:
- description: |-
- When using `pod` strategy, the maximum amount of memory required by the pod builder.
- Deprecated: use TasksRequestCPU instead with task name `builder`.
- type: string
- mavenProfiles:
- description: |-
- A list of references pointing to configmaps/secrets that contains a maven profile.
- This configmap/secret is a resource of the IntegrationKit created, therefore it needs to be present in the namespace where the operator is going to create the IntegrationKit.
- The content of the maven profile is expected to be a text containing a valid maven profile starting with `` and ending with `` that will be integrated as an inline profile in the POM.
- Syntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = profile.xml).
- items:
- type: string
- type: array
- nodeSelector:
- additionalProperties:
- type: string
- description: Defines a set of nodes the builder pod is eligible
- to be scheduled on, based on labels on the node.
- type: object
- orderStrategy:
- description: The build order strategy to use, either `dependencies`,
- `fifo` or `sequential` (default is the platform default)
- enum:
- - dependencies
- - fifo
- - sequential
- type: string
- platforms:
- description: The list of manifest platforms to use to build
- a container image (default `linux/amd64`).
- items:
- type: string
- type: array
- properties:
- description: A list of properties to be provided to the build
- task
- items:
- type: string
- type: array
- requestCPU:
- description: |-
- When using `pod` strategy, the minimum amount of CPU required by the pod builder.
- Deprecated: use TasksRequestCPU instead with task name `builder`.
- type: string
- requestMemory:
- description: |-
- When using `pod` strategy, the minimum amount of memory required by the pod builder.
- Deprecated: use TasksRequestCPU instead with task name `builder`.
- type: string
- strategy:
- description: The strategy to use, either `pod` or `routine`
- (default `routine`)
- enum:
- - pod
- - routine
- type: string
- tasks:
- description: A list of tasks to be executed (available only
- when using `pod` strategy) with format `;;`.
- items:
- type: string
- type: array
- tasksFilter:
- description: |-
- A list of tasks sorted by the order of execution in a csv format, ie, `,,...`.
- Mind that you must include also the operator tasks (`builder`, `quarkus-native`, `package`, `jib`, `s2i`)
- if you need to execute them. Useful only with `pod` strategy.
- type: string
- tasksLimitCPU:
- description: A list of limit cpu configuration for the specific
- task with format `:`.
- items:
- type: string
- type: array
- tasksLimitMemory:
- description: A list of limit memory configuration for the
- specific task with format `:`.
- items:
- type: string
- type: array
- tasksRequestCPU:
- description: A list of request cpu configuration for the specific
- task with format `:`.
- items:
- type: string
- type: array
- tasksRequestMemory:
- description: A list of request memory configuration for the
- specific task with format `:`.
- items:
- type: string
- type: array
- verbose:
- description: |-
- Enable verbose logging on build components that support it (e.g. Kaniko build pod).
- Deprecated no longer in use
- type: boolean
- type: object
- camel:
- description: The configuration of Camel trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- properties:
- description: A list of properties to be provided to the Integration
- runtime
- items:
- type: string
- type: array
- runtimeVersion:
- description: |-
- The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform.
- You can use a fixed version (for example "3.2.3") or a semantic version (for example "3.x") which will try to resolve
- to the best matching Catalog existing on the cluster.
- type: string
- type: object
- container:
- description: The configuration of Container trait
- properties:
- allowPrivilegeEscalation:
- description: Security Context AllowPrivilegeEscalation configuration
- (default false).
- type: boolean
- auto:
- description: To automatically enable the trait
- type: boolean
- capabilitiesAdd:
- description: Security Context Capabilities Add configuration
- (default none).
- items:
- description: Capability represent POSIX capabilities type
- type: string
- type: array
- capabilitiesDrop:
- description: Security Context Capabilities Drop configuration
- (default ALL).
- items:
- description: Capability represent POSIX capabilities type
- type: string
- type: array
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- expose:
- description: Can be used to enable/disable exposure via kubernetes
- Service.
- type: boolean
- image:
- description: |-
- The main container image to use for the Integration. When using this parameter the operator will create a synthetic IntegrationKit which
- won't be able to execute traits requiring CamelCatalog. If the container image you're using is coming from an IntegrationKit, use instead
- Integration `.spec.integrationKit` parameter. If you're moving the Integration across environments, you will also need to create an "external" IntegrationKit.
- type: string
- imagePullPolicy:
- description: 'The pull policy: Always|Never|IfNotPresent'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- limitCPU:
- description: The maximum amount of CPU to be provided (default
- 500 millicores).
- type: string
- limitMemory:
- description: The maximum amount of memory to be provided (default
- 512 Mi).
- type: string
- name:
- description: The main container name. It's named `integration`
- by default.
- type: string
- port:
- description: To configure a different port exposed by the
- container (default `8080`).
- type: integer
- portName:
- description: To configure a different port name for the port
- exposed by the container. It defaults to `http` only when
- the `expose` parameter is true.
- type: string
- requestCPU:
- description: The minimum amount of CPU required (default 125
- millicores).
- type: string
- requestMemory:
- description: The minimum amount of memory required (default
- 128 Mi).
- type: string
- runAsNonRoot:
- description: Security Context RunAsNonRoot configuration (default
- false).
- type: boolean
- runAsUser:
- description: 'Security Context RunAsUser configuration (default
- none): this value is automatically retrieved in Openshift
- clusters when not explicitly set.'
- format: int64
- type: integer
- seccompProfileType:
- description: Security Context SeccompProfileType configuration
- (default RuntimeDefault).
- enum:
- - Unconfined
- - RuntimeDefault
- type: string
- servicePort:
- description: To configure under which service port the container
- port is to be exposed (default `80`).
- type: integer
- servicePortName:
- description: To configure under which service port name the
- container port is to be exposed (default `http`).
- type: string
- type: object
- cron:
- description: The configuration of Cron trait
- properties:
- activeDeadlineSeconds:
- description: |-
- Specifies the duration in seconds, relative to the start time, that the job
- may be continuously active before it is considered to be failed.
- It defaults to 60s.
- format: int64
- type: integer
- auto:
- description: |-
- Automatically deploy the integration as CronJob when all routes are
- either starting from a periodic consumer (only `cron`, `timer` and `quartz` are supported) or a passive consumer (e.g. `direct` is a passive consumer).
-
-
- It's required that all periodic consumers have the same period, and it can be expressed as cron schedule (e.g. `1m` can be expressed as `0/1 * * * *`,
- while `35m` or `50s` cannot).
- type: boolean
- backoffLimit:
- description: |-
- Specifies the number of retries before marking the job failed.
- It defaults to 2.
- format: int32
- type: integer
- components:
- description: |-
- A comma separated list of the Camel components that need to be customized in order for them to work when the schedule is triggered externally by Kubernetes.
- A specific customizer is activated for each specified component. E.g. for the `timer` component, the `cron-timer` customizer is
- activated (it's present in the `org.apache.camel.k:camel-k-cron` library).
-
-
- Supported components are currently: `cron`, `timer` and `quartz`.
- type: string
- concurrencyPolicy:
- description: |-
- Specifies how to treat concurrent executions of a Job.
- Valid values are:
- - "Allow": allows CronJobs to run concurrently;
- - "Forbid" (default): forbids concurrent runs, skipping next run if previous run hasn't finished yet;
- - "Replace": cancels currently running job and replaces it with a new one
- enum:
- - Allow
- - Forbid
- - Replace
- type: string
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- fallback:
- description: |-
- Use the default Camel implementation of the `cron` endpoint (`quartz`) instead of trying to materialize the integration
- as Kubernetes CronJob.
- type: boolean
- schedule:
- description: |-
- The CronJob schedule for the whole integration. If multiple routes are declared, they must have the same schedule for this
- mechanism to work correctly.
- type: string
- startingDeadlineSeconds:
- description: |-
- Optional deadline in seconds for starting the job if it misses scheduled
- time for any reason. Missed jobs executions will be counted as failed ones.
- format: int64
- type: integer
- timeZone:
- description: The timezone that the CronJob will run on
- type: string
- type: object
- dependencies:
- description: The configuration of Dependencies trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- type: object
- deployer:
- description: The configuration of Deployer trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- kind:
- description: Allows to explicitly select the desired deployment
- kind between `deployment`, `cron-job` or `knative-service`
- when creating the resources for running the integration.
- enum:
- - deployment
- - cron-job
- - knative-service
- type: string
- useSSA:
- description: |-
- Use server-side apply to update the owned resources (default `true`).
- Note that it automatically falls back to client-side patching, if SSA is not available, e.g., on old Kubernetes clusters.
- type: boolean
- type: object
- deployment:
- description: The configuration of Deployment trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- progressDeadlineSeconds:
- description: |-
- The maximum time in seconds for the deployment to make progress before it
- is considered to be failed. It defaults to `60s`.
- format: int32
- type: integer
- rollingUpdateMaxSurge:
- anyOf:
- - type: integer
- - type: string
- description: |-
- The maximum number of pods that can be scheduled above the desired number of
- pods.
- Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
- This can not be 0 if MaxUnavailable is 0.
- Absolute number is calculated from percentage by rounding up.
- Defaults to `25%`.
- x-kubernetes-int-or-string: true
- rollingUpdateMaxUnavailable:
- anyOf:
- - type: integer
- - type: string
- description: |-
- The maximum number of pods that can be unavailable during the update.
- Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
- Absolute number is calculated from percentage by rounding down.
- This can not be 0 if MaxSurge is 0.
- Defaults to `25%`.
- x-kubernetes-int-or-string: true
- strategy:
- description: The deployment strategy to use to replace existing
- pods with new ones.
- enum:
- - Recreate
- - RollingUpdate
- type: string
- type: object
- environment:
- description: The configuration of Environment trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- containerMeta:
- description: Enables injection of `NAMESPACE` and `POD_NAME`
- environment variables (default `true`)
- type: boolean
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- httpProxy:
- description: Propagates the `HTTP_PROXY`, `HTTPS_PROXY` and
- `NO_PROXY` environment variables (default `true`)
- type: boolean
- vars:
- description: |-
- A list of environment variables to be added to the integration container.
- The syntax is KEY=VALUE, e.g., `MY_VAR="my value"`.
- These take precedence over the previously defined environment variables.
- items:
- type: string
- type: array
- type: object
- error-handler:
- description: The configuration of Error Handler trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- ref:
- description: The error handler ref name provided or found
- in application properties
- type: string
- type: object
- gc:
- description: The configuration of GC trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- discoveryCache:
- description: |-
- Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`).
- Deprecated: to be removed from trait configuration.
- enum:
- - disabled
- - disk
- - memory
- type: string
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- type: object
- health:
- description: The configuration of Health trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- livenessFailureThreshold:
- description: Minimum consecutive failures for the liveness
- probe to be considered failed after having succeeded.
- format: int32
- type: integer
- livenessInitialDelay:
- description: Number of seconds after the container has started
- before the liveness probe is initiated.
- format: int32
- type: integer
- livenessPeriod:
- description: How often to perform the liveness probe.
- format: int32
- type: integer
- livenessProbe:
- description: The liveness probe path to use (default provided
- by the Catalog runtime used).
- type: string
- livenessProbeEnabled:
- description: Configures the liveness probe for the integration
- container (default `false`).
- type: boolean
- livenessScheme:
- description: Scheme to use when connecting to the liveness
- probe (default `HTTP`).
- type: string
- livenessSuccessThreshold:
- description: Minimum consecutive successes for the liveness
- probe to be considered successful after having failed.
- format: int32
- type: integer
- livenessTimeout:
- description: Number of seconds after which the liveness probe
- times out.
- format: int32
- type: integer
- readinessFailureThreshold:
- description: Minimum consecutive failures for the readiness
- probe to be considered failed after having succeeded.
- format: int32
- type: integer
- readinessInitialDelay:
- description: Number of seconds after the container has started
- before the readiness probe is initiated.
- format: int32
- type: integer
- readinessPeriod:
- description: How often to perform the readiness probe.
- format: int32
- type: integer
- readinessProbe:
- description: The readiness probe path to use (default provided
- by the Catalog runtime used).
- type: string
- readinessProbeEnabled:
- description: Configures the readiness probe for the integration
- container (default `true`).
- type: boolean
- readinessScheme:
- description: Scheme to use when connecting to the readiness
- probe (default `HTTP`).
- type: string
- readinessSuccessThreshold:
- description: Minimum consecutive successes for the readiness
- probe to be considered successful after having failed.
- format: int32
- type: integer
- readinessTimeout:
- description: Number of seconds after which the readiness probe
- times out.
- format: int32
- type: integer
- startupFailureThreshold:
- description: Minimum consecutive failures for the startup
- probe to be considered failed after having succeeded.
- format: int32
- type: integer
- startupInitialDelay:
- description: Number of seconds after the container has started
- before the startup probe is initiated.
- format: int32
- type: integer
- startupPeriod:
- description: How often to perform the startup probe.
- format: int32
- type: integer
- startupProbe:
- description: The startup probe path to use (default provided
- by the Catalog runtime used).
- type: string
- startupProbeEnabled:
- description: Configures the startup probe for the integration
- container (default `false`).
- type: boolean
- startupScheme:
- description: Scheme to use when connecting to the startup
- probe (default `HTTP`).
- type: string
- startupSuccessThreshold:
- description: Minimum consecutive successes for the startup
- probe to be considered successful after having failed.
- format: int32
- type: integer
- startupTimeout:
- description: Number of seconds after which the startup probe
- times out.
- format: int32
- type: integer
- type: object
- ingress:
- description: The configuration of Ingress trait
- properties:
- annotations:
- additionalProperties:
- type: string
- description: |-
- The annotations added to the ingress.
- This can be used to set controller specific annotations, e.g., when using the NGINX Ingress controller:
- See https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md
- type: object
- auto:
- description: To automatically add an ingress whenever the
- integration uses an HTTP endpoint consumer.
- type: boolean
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- host:
- description: To configure the host exposed by the ingress.
- type: string
- path:
- description: To configure the path exposed by the ingress
- (default `/`).
- type: string
- pathType:
- description: |-
- To configure the path type exposed by the ingress.
- One of `Exact`, `Prefix`, `ImplementationSpecific` (default to `Prefix`).
- enum:
- - Exact
- - Prefix
- - ImplementationSpecific
- type: string
- tlsHosts:
- description: To configure tls hosts
- items:
- type: string
- type: array
- tlsSecretName:
- description: To configure tls secret name
- type: string
- type: object
- istio:
- description: The configuration of Istio trait
- properties:
- allow:
- description: Configures a (comma-separated) list of CIDR subnets
- that should not be intercepted by the Istio proxy (`10.0.0.0/8,172.16.0.0/12,192.168.0.0/16`
- by default).
- type: string
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- inject:
- description: Forces the value for labels `sidecar.istio.io/inject`.
- By default the label is set to `true` on deployment and
- not set on Knative Service.
- type: boolean
- type: object
- jolokia:
- description: The configuration of Jolokia trait
- properties:
- CACert:
- description: |-
- The PEM encoded CA certification file path, used to verify client certificates,
- applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`
- (default `/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt` for OpenShift).
- type: string
- clientPrincipal:
- description: |-
- The principal(s) which must be given in a client certificate to allow access to the Jolokia endpoint,
- applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`
- (default `clientPrincipal=cn=system:master-proxy`, `cn=hawtio-online.hawtio.svc` and `cn=fuse-console.fuse.svc` for OpenShift).
- items:
- type: string
- type: array
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- discoveryEnabled:
- description: Listen for multicast requests (default `false`)
- type: boolean
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- extendedClientCheck:
- description: |-
- Mandate the client certificate contains a client flag in the extended key usage section,
- applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`
- (default `true` for OpenShift).
- type: boolean
- host:
- description: |-
- The Host address to which the Jolokia agent should bind to. If `"\*"` or `"0.0.0.0"` is given,
- the servers binds to every network interface (default `"*"`).
- type: string
- options:
- description: |-
- A list of additional Jolokia options as defined
- in https://jolokia.org/reference/html/agents.html#agent-jvm-config[JVM agent configuration options]
- items:
- type: string
- type: array
- password:
- description: The password used for authentication, applicable
- when the `user` option is set.
- type: string
- port:
- description: The Jolokia endpoint port (default `8778`).
- type: integer
- protocol:
- description: The protocol to use, either `http` or `https`
- (default `https` for OpenShift)
- type: string
- useSSLClientAuthentication:
- description: Whether client certificates should be used for
- authentication (default `true` for OpenShift).
- type: boolean
- user:
- description: The user to be used for authentication
- type: string
- type: object
- jvm:
- description: The configuration of JVM trait
- properties:
- classpath:
- description: Additional JVM classpath (use `Linux` classpath
- separator)
- type: string
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- debug:
- description: Activates remote debugging, so that a debugger
- can be attached to the JVM, e.g., using port-forwarding
- type: boolean
- debugAddress:
- description: Transport address at which to listen for the
- newly launched JVM (default `*:5005`)
- type: string
- debugSuspend:
- description: Suspends the target JVM immediately before the
- main class is loaded
- type: boolean
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- jar:
- description: The Jar dependency which will run the application.
- Leave it empty for managed Integrations.
- type: string
- options:
- description: A list of JVM options
- items:
- type: string
- type: array
- printCommand:
- description: |-
- Prints the command used the start the JVM in the container logs (default `true`)
- Deprecated: no longer in use.
- type: boolean
- type: object
- kamelets:
- description: The configuration of Kamelets trait
- properties:
- auto:
- description: Automatically inject all referenced Kamelets
- and their default configuration (enabled by default)
- type: boolean
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- list:
- description: Comma separated list of Kamelet names to load
- into the current integration
- type: string
- mountPoint:
- description: The directory where the application mounts and
- reads Kamelet spec (default `/etc/camel/kamelets`)
- type: string
- type: object
- keda:
- description: 'Deprecated: for backward compatibility.'
- properties:
- configuration:
- description: TraitConfiguration parameters configuration
- type: object
- x-kubernetes-preserve-unknown-fields: true
- required:
- - configuration
- type: object
- knative:
- description: The configuration of Knative trait
- properties:
- auto:
- description: Enable automatic discovery of all trait properties.
- type: boolean
- channelSinks:
- description: |-
- List of channels used as destination of integration routes.
- Can contain simple channel names or full Camel URIs.
- items:
- type: string
- type: array
- channelSources:
- description: |-
- List of channels used as source of integration routes.
- Can contain simple channel names or full Camel URIs.
- items:
- type: string
- type: array
- config:
- description: Can be used to inject a Knative complete configuration
- in JSON format.
- type: string
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- endpointSinks:
- description: |-
- List of endpoints used as destination of integration routes.
- Can contain simple endpoint names or full Camel URIs.
- items:
- type: string
- type: array
- endpointSources:
- description: List of channels used as source of integration
- routes.
- items:
- type: string
- type: array
- eventSinks:
- description: |-
- List of event types that the integration will produce.
- Can contain simple event types or full Camel URIs (to use a specific broker).
- items:
- type: string
- type: array
- eventSources:
- description: |-
- List of event types that the integration will be subscribed to.
- Can contain simple event types or full Camel URIs (to use a specific broker different from "default").
- items:
- type: string
- type: array
- filterEventType:
- description: |-
- Enables the default filtering for the Knative trigger using the event type
- If this is true, the created Knative trigger uses the event type as a filter on the event stream when no other filter criteria is given. (default: true)
- type: boolean
- filterSourceChannels:
- description: |-
- Enables filtering on events based on the header "ce-knativehistory". Since this header has been removed in newer versions of
- Knative, filtering is disabled by default.
- type: boolean
- filters:
- description: |-
- Sets filter attributes on the event stream (such as event type, source, subject and so on).
- A list of key-value pairs that represent filter attributes and its values.
- The syntax is KEY=VALUE, e.g., `source="my.source"`.
- Filter attributes get set on the Knative trigger that is being created as part of this integration.
- items:
- type: string
- type: array
- namespaceLabel:
- description: |-
- Enables the camel-k-operator to set the "bindings.knative.dev/include=true" label to the namespace
- As Knative requires this label to perform injection of K_SINK URL into the service.
- If this is false, the integration pod may start and fail, read the SinkBinding Knative documentation. (default: true)
- type: boolean
- sinkBinding:
- description: |-
- Allows binding the integration to a sink via a Knative SinkBinding resource.
- This can be used when the integration targets a single sink.
- It's enabled by default when the integration targets a single sink
- (except when the integration is owned by a Knative source).
- type: boolean
- type: object
- knative-service:
- description: The configuration of Knative Service trait
- properties:
- annotations:
- additionalProperties:
- type: string
- description: |-
- The annotations added to route.
- This can be used to set knative service specific annotations
- CLI usage example: -t "knative-service.annotations.'haproxy.router.openshift.io/balance'=true"
- type: object
- auto:
- description: |-
- Automatically deploy the integration as Knative service when all conditions hold:
-
-
- * Integration is using the Knative profile
- * All routes are either starting from an HTTP based consumer or a passive consumer (e.g. `direct` is a passive consumer)
- type: boolean
- autoscalingMetric:
- description: |-
- Configures the Knative autoscaling metric property (e.g. to set `concurrency` based or `cpu` based autoscaling).
-
-
- Refer to the Knative documentation for more information.
- type: string
- autoscalingTarget:
- description: |-
- Sets the allowed concurrency level or CPU percentage (depending on the autoscaling metric) for each Pod.
-
-
- Refer to the Knative documentation for more information.
- type: integer
- class:
- description: |-
- Configures the Knative autoscaling class property (e.g. to set `hpa.autoscaling.knative.dev` or `kpa.autoscaling.knative.dev` autoscaling).
-
-
- Refer to the Knative documentation for more information.
- enum:
- - kpa.autoscaling.knative.dev
- - hpa.autoscaling.knative.dev
- type: string
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- maxScale:
- description: |-
- An upper bound for the number of Pods that can be running in parallel for the integration.
- Knative has its own cap value that depends on the installation.
-
-
- Refer to the Knative documentation for more information.
- type: integer
- minScale:
- description: |-
- The minimum number of Pods that should be running at any time for the integration. It's **zero** by default, meaning that
- the integration is scaled down to zero when not used for a configured amount of time.
-
-
- Refer to the Knative documentation for more information.
- type: integer
- rolloutDuration:
- description: |-
- Enables to gradually shift traffic to the latest Revision and sets the rollout duration.
- It's disabled by default and must be expressed as a Golang `time.Duration` string representation,
- rounded to a second precision.
- type: string
- timeoutSeconds:
- description: |-
- The maximum duration in seconds that the request instance is allowed to respond to a request.
- This field propagates to the integration pod's terminationGracePeriodSeconds
-
-
- Refer to the Knative documentation for more information.
- format: int64
- type: integer
- visibility:
- description: |-
- Setting `cluster-local`, Knative service becomes a private service.
- Specifically, this option applies the `networking.knative.dev/visibility` label to Knative service.
-
-
- Refer to the Knative documentation for more information.
- enum:
- - cluster-local
- type: string
- type: object
- logging:
- description: The configuration of Logging trait
- properties:
- color:
- description: Colorize the log output
- type: boolean
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- format:
- description: Logs message format
- type: string
- json:
- description: Output the logs in JSON
- type: boolean
- jsonPrettyPrint:
- description: Enable "pretty printing" of the JSON logs
- type: boolean
- level:
- description: Adjust the logging level (defaults to `INFO`)
- enum:
- - FATAL
- - WARN
- - INFO
- - DEBUG
- - TRACE
- type: string
- type: object
- master:
- description: 'Deprecated: for backward compatibility.'
- properties:
- configuration:
- description: TraitConfiguration parameters configuration
- type: object
- x-kubernetes-preserve-unknown-fields: true
- required:
- - configuration
- type: object
- mount:
- description: The configuration of Mount trait
- properties:
- configs:
- description: |-
- A list of configuration pointing to configmap/secret.
- The configuration are expected to be UTF-8 resources as they are processed by runtime Camel Context and tried to be parsed as property files.
- They are also made available on the classpath in order to ease their usage directly from the Route.
- Syntax: [configmap|secret]:name[/key], where name represents the resource name and key optionally represents the resource key to be filtered
- items:
- type: string
- type: array
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- emptyDirs:
- description: 'A list of EmptyDir volumes to be mounted. Syntax:
- [name:/container/path]'
- items:
- type: string
- type: array
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- hotReload:
- description: |-
- Enable "hot reload" when a secret/configmap mounted is edited (default `false`). The configmap/secret must be
- marked with `camel.apache.org/integration` label to be taken in account. The resource will be watched for any kind change, also for
- changes in metadata.
- type: boolean
- resources:
- description: |-
- A list of resources (text or binary content) pointing to configmap/secret.
- The resources are expected to be any resource type (text or binary content).
- The destination path can be either a default location or any path specified by the user.
- Syntax: [configmap|secret]:name[/key][@path], where name represents the resource name, key optionally represents the resource key to be filtered and path represents the destination path
- items:
- type: string
- type: array
- scanKameletsImplicitLabelSecrets:
- description: |-
- Deprecated: include your properties in an explicit property file backed by a secret.
- Let the operator to scan for secret labeled with `camel.apache.org/kamelet` and `camel.apache.org/kamelet.configuration`.
- These secrets are mounted to the application and treated as plain properties file with their key/value list
- (ie .spec.data["camel.my-property"] = my-value) (default `true`).
- type: boolean
- volumes:
- description: 'A list of Persistent Volume Claims to be mounted.
- Syntax: [pvcname:/container/path]'
- items:
- type: string
- type: array
- type: object
- openapi:
- description: The configuration of OpenAPI trait
- properties:
- configmaps:
- description: The configmaps holding the spec of the OpenAPI
- (compatible with > 3.0 spec only).
- items:
- type: string
- type: array
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- type: object
- owner:
- description: The configuration of Owner trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- targetAnnotations:
- description: The set of annotations to be transferred
- items:
- type: string
- type: array
- targetLabels:
- description: The set of labels to be transferred
- items:
- type: string
- type: array
- type: object
- pdb:
- description: The configuration of PDB trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- maxUnavailable:
- description: |-
- The number of pods for the Integration that can be unavailable after an eviction.
- It can be either an absolute number or a percentage (default `1` if `min-available` is also not set).
- Only one of `max-unavailable` and `min-available` can be specified.
- type: string
- minAvailable:
- description: |-
- The number of pods for the Integration that must still be available after an eviction.
- It can be either an absolute number or a percentage.
- Only one of `min-available` and `max-unavailable` can be specified.
- type: string
- type: object
- platform:
- description: The configuration of Platform trait
- properties:
- auto:
- description: |-
- To automatically detect from the environment if a default platform can be created (it will be created on OpenShift or when a registry address is set).
- Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility
- type: boolean
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- createDefault:
- description: |-
- To create a default (empty) platform when the platform is missing.
- Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility
- type: boolean
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- global:
- description: |-
- Indicates if the platform should be created globally in the case of global operator (default true).
- Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility
- type: boolean
- type: object
- pod:
- description: The configuration of Pod trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- type: object
- prometheus:
- description: The configuration of Prometheus trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- podMonitor:
- description: Whether a `PodMonitor` resource is created (default
- `true`).
- type: boolean
- podMonitorLabels:
- description: The `PodMonitor` resource labels, applicable
- when `pod-monitor` is `true`.
- items:
- type: string
- type: array
- type: object
- pull-secret:
- description: The configuration of Pull Secret trait
- properties:
- auto:
- description: Automatically configures the platform registry
- secret on the pod if it is of type `kubernetes.io/dockerconfigjson`.
- type: boolean
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- imagePullerDelegation:
- description: When using a global operator with a shared platform,
- this enables delegation of the `system:image-puller` cluster
- role on the operator namespace to the integration service
- account.
- type: boolean
- secretName:
- description: The pull secret name to set on the Pod. If left
- empty this is automatically taken from the `IntegrationPlatform`
- registry configuration.
- type: string
- type: object
- quarkus:
- description: The configuration of Quarkus trait
- properties:
- buildMode:
- description: |-
- The Quarkus mode to run: either `jvm` or `native` (default `jvm`).
- In case both `jvm` and `native` are specified, two `IntegrationKit` resources are created,
- with the `native` kit having precedence over the `jvm` one once ready.
- items:
- description: QuarkusMode is the type of Quarkus build packaging.
- enum:
- - jvm
- - native
- type: string
- type: array
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- nativeBaseImage:
- description: The base image to use when running a native build
- (default `quay.io/quarkus/quarkus-micro-image:2.0`)
- type: string
- nativeBuilderImage:
- description: The image containing the tooling required for
- a native build (by default it will use the one provided
- in the runtime catalog)
- type: string
- packageTypes:
- description: |-
- The Quarkus package types, `fast-jar` or `native` (default `fast-jar`).
- In case both `fast-jar` and `native` are specified, two `IntegrationKit` resources are created,
- with the native kit having precedence over the `fast-jar` one once ready.
- The order influences the resolution of the current kit for the integration.
- The kit corresponding to the first package type will be assigned to the
- integration in case no existing kit that matches the integration exists.
- Deprecated: use `build-mode` instead.
- items:
- description: |-
- QuarkusPackageType is the type of Quarkus build packaging.
- Deprecated: use `QuarkusMode` instead.
- enum:
- - fast-jar
- - native
- type: string
- type: array
- type: object
- registry:
- description: |-
- The configuration of Registry trait (support removed since version 2.5.0).
- Deprecated: use jvm trait or read documentation.
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- type: object
- route:
- description: The configuration of Route trait
- properties:
- annotations:
- additionalProperties:
- type: string
- description: |-
- The annotations added to route.
- This can be used to set route specific annotations
- For annotations options see https://docs.openshift.com/container-platform/3.11/architecture/networking/routes.html#route-specific-annotations
- CLI usage example: -t "route.annotations.'haproxy.router.openshift.io/balance'=true"
- type: object
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- host:
- description: To configure the host exposed by the route.
- type: string
- tlsCACertificate:
- description: |-
- The TLS CA certificate contents.
-
-
- Refer to the OpenShift route documentation for additional information.
- type: string
- tlsCACertificateSecret:
- description: |-
- The secret name and key reference to the TLS CA certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
-
-
- Refer to the OpenShift route documentation for additional information.
- type: string
- tlsCertificate:
- description: |-
- The TLS certificate contents.
-
-
- Refer to the OpenShift route documentation for additional information.
- type: string
- tlsCertificateSecret:
- description: |-
- The secret name and key reference to the TLS certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
-
-
- Refer to the OpenShift route documentation for additional information.
- type: string
- tlsDestinationCACertificate:
- description: |-
- The destination CA certificate provides the contents of the ca certificate of the final destination. When using reencrypt
- termination this file should be provided in order to have routers use it for health checks on the secure connection.
- If this field is not specified, the router may provide its own destination CA and perform hostname validation using
- the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically
- verify.
-
-
- Refer to the OpenShift route documentation for additional information.
- type: string
- tlsDestinationCACertificateSecret:
- description: |-
- The secret name and key reference to the destination CA certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
-
-
- Refer to the OpenShift route documentation for additional information.
- type: string
- tlsInsecureEdgeTerminationPolicy:
- description: |-
- To configure how to deal with insecure traffic, e.g. `Allow`, `Disable` or `Redirect` traffic.
-
-
- Refer to the OpenShift route documentation for additional information.
- enum:
- - None
- - Allow
- - Redirect
- type: string
- tlsKey:
- description: |-
- The TLS certificate key contents.
-
-
- Refer to the OpenShift route documentation for additional information.
- type: string
- tlsKeySecret:
- description: |-
- The secret name and key reference to the TLS certificate key. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
-
-
- Refer to the OpenShift route documentation for additional information.
- type: string
- tlsTermination:
- description: |-
- The TLS termination type, like `edge`, `passthrough` or `reencrypt`.
-
-
- Refer to the OpenShift route documentation for additional information.
- enum:
- - edge
- - reencrypt
- - passthrough
- type: string
- type: object
- security-context:
- description: The configuration of Security Context trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- runAsNonRoot:
- description: Security Context RunAsNonRoot configuration (default
- false).
- type: boolean
- runAsUser:
- description: 'Security Context RunAsUser configuration (default
- none): this value is automatically retrieved in Openshift
- clusters when not explicitly set.'
- format: int64
- type: integer
- seccompProfileType:
- description: Security Context SeccompProfileType configuration
- (default RuntimeDefault).
- enum:
- - Unconfined
- - RuntimeDefault
- type: string
- type: object
- service:
- description: The configuration of Service trait
- properties:
- auto:
- description: To automatically detect from the code if a Service
- needs to be created.
- type: boolean
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- nodePort:
- description: |-
- Enable Service to be exposed as NodePort (default `false`).
- Deprecated: Use service type instead.
- type: boolean
- type:
- description: The type of service to be used, either 'ClusterIP',
- 'NodePort' or 'LoadBalancer'.
- enum:
- - ClusterIP
- - NodePort
- - LoadBalancer
- type: string
- type: object
- service-binding:
- description: The configuration of Service Binding trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- services:
- description: List of Services in the form [[apigroup/]version:]kind:[namespace/]name
- items:
- type: string
- type: array
- type: object
- strimzi:
- description: 'Deprecated: for backward compatibility.'
- properties:
- configuration:
- description: TraitConfiguration parameters configuration
- type: object
- x-kubernetes-preserve-unknown-fields: true
- required:
- - configuration
- type: object
- toleration:
- description: The configuration of Toleration trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- taints:
- description: The list of taints to tolerate, in the form `Key[=Value]:Effect[:Seconds]`
- items:
- type: string
- type: array
- type: object
- tracing:
- description: 'Deprecated: for backward compatibility.'
- properties:
- configuration:
- description: TraitConfiguration parameters configuration
- type: object
- x-kubernetes-preserve-unknown-fields: true
- required:
- - configuration
- type: object
- type: object
- type: object
- status:
- description: IntegrationPlatformStatus defines the observed state of IntegrationPlatform.
- properties:
- build:
- description: specify how to build the Integration/IntegrationKits
- properties:
- PublishStrategyOptions:
- additionalProperties:
- type: string
- description: Generic options that can used by any publish strategy
- type: object
- baseImage:
- description: |-
- a base image that can be used as base layer for all images.
- It can be useful if you want to provide some custom base image with further utility software
- type: string
- buildCatalogToolTimeout:
- description: |-
- the timeout (in seconds) to use when creating the build tools container image
- Deprecated: no longer in use
- type: string
- buildConfiguration:
- description: the configuration required to build an Integration
- container image
- properties:
- annotations:
- additionalProperties:
- type: string
- description: Annotation to use for the builder pod. Only used
- for `pod` strategy
- type: object
- limitCPU:
- description: The maximum amount of CPU required. Only used
- for `pod` strategy
- type: string
- limitMemory:
- description: The maximum amount of memory required. Only used
- for `pod` strategy
- type: string
- nodeSelector:
- additionalProperties:
- type: string
- description: The node selector for the builder pod. Only used
- for `pod` strategy
- type: object
- operatorNamespace:
- description: The namespace where to run the builder Pod (must
- be the same of the operator in charge of this Build reconciliation).
- type: string
- orderStrategy:
- description: the build order strategy to adopt
- enum:
- - dependencies
- - fifo
- - sequential
- type: string
- platforms:
- description: The list of platforms used in order to build
- a container image.
- items:
- type: string
- type: array
- requestCPU:
- description: The minimum amount of CPU required. Only used
- for `pod` strategy
- type: string
- requestMemory:
- description: The minimum amount of memory required. Only used
- for `pod` strategy
- type: string
- strategy:
- description: the strategy to adopt
- enum:
- - routine
- - pod
- type: string
- toolImage:
- description: The container image to be used to run the build.
- type: string
- type: object
- maven:
- description: Maven configuration used to build the Camel/Camel-Quarkus
- applications
- properties:
- caSecrets:
- description: |-
- The Secrets name and key, containing the CA certificate(s) used to connect
- to remote Maven repositories.
- It can contain X.509 certificates, and PKCS#7 formatted certificate chains.
- A JKS formatted keystore is automatically created to store the CA certificate(s),
- and configured to be used as a trusted certificate(s) by the Maven commands.
- Note that the root CA certificates are also imported into the created keystore.
- items:
- description: SecretKeySelector selects a key of a Secret.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the Secret or its key must
- be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: array
- cliOptions:
- description: |-
- The CLI options that are appended to the list of arguments for Maven commands,
- e.g., `-V,--no-transfer-progress,-Dstyle.color=never`.
- See https://maven.apache.org/ref/3.8.4/maven-embedder/cli.html.
- items:
- type: string
- type: array
- extension:
- description: |-
- The Maven build extensions.
- See https://maven.apache.org/guides/mini/guide-using-extensions.html.
- items:
- description: MavenArtifact defines a GAV (Group:Artifact:Type:Version:Classifier)
- Maven artifact.
- properties:
- artifactId:
- description: Maven Artifact
- type: string
- classifier:
- description: Maven Classifier
- type: string
- groupId:
- description: Maven Group
- type: string
- type:
- description: Maven Type
- type: string
- version:
- description: Maven Version
- type: string
- required:
- - artifactId
- - groupId
- type: object
- type: array
- localRepository:
- description: The path of the local Maven repository.
- type: string
- profiles:
- description: |-
- A reference to the ConfigMap or Secret key that contains
- the Maven profile.
- items:
- description: ValueSource --.
- properties:
- configMapKeyRef:
- description: Selects a key of a ConfigMap.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the ConfigMap or its
- key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secretKeyRef:
- description: Selects a key of a secret.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the Secret or its key
- must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- type: array
- properties:
- additionalProperties:
- type: string
- description: The Maven properties.
- type: object
- settings:
- description: |-
- A reference to the ConfigMap or Secret key that contains
- the Maven settings.
- properties:
- configMapKeyRef:
- description: Selects a key of a ConfigMap.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the ConfigMap or its
- key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secretKeyRef:
- description: Selects a key of a secret.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the Secret or its key
- must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- settingsSecurity:
- description: |-
- A reference to the ConfigMap or Secret key that contains
- the security of the Maven settings.
- properties:
- configMapKeyRef:
- description: Selects a key of a ConfigMap.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the ConfigMap or its
- key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secretKeyRef:
- description: Selects a key of a secret.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the Secret or its key
- must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- type: object
- maxRunningBuilds:
- description: the maximum amount of parallel running pipelines
- started by this operator instance
- format: int32
- type: integer
- publishStrategy:
- description: the strategy to adopt for publishing an Integration
- container image
- type: string
- registry:
- description: the image registry used to push/pull Integration
- images
- properties:
- address:
- description: the URI to access
- type: string
- ca:
- description: the configmap which stores the Certificate Authority
- type: string
- insecure:
- description: if the container registry is insecure (ie, http
- only)
- type: boolean
- organization:
- description: the registry organization
- type: string
- secret:
- description: the secret where credentials are stored
- type: string
- type: object
- runtimeProvider:
- description: the runtime used. Likely Camel Quarkus (we used to
- have main runtime which has been discontinued since version
- 1.5)
- type: string
- runtimeVersion:
- description: the Camel K Runtime dependency version
- type: string
- timeout:
- description: how much time to wait before time out the pipeline
- process
- type: string
- type: object
- cluster:
- description: what kind of cluster you're running (ie, plain Kubernetes
- or OpenShift)
- type: string
- conditions:
- description: which are the conditions met (particularly useful when
- in ERROR phase)
- items:
- description: IntegrationPlatformCondition describes the state of
- a resource at a certain point.
- properties:
- lastTransitionTime:
- description: Last time the condition transitioned from one status
- to another.
- format: date-time
- type: string
- lastUpdateTime:
- description: The last time this condition was updated.
- format: date-time
- type: string
- message:
- description: A human-readable message indicating details about
- the transition.
- type: string
- reason:
- description: The reason for the condition's last transition.
- type: string
- status:
- description: Status of the condition, one of True, False, Unknown.
- type: string
- type:
- description: Type of integration condition.
- type: string
- required:
- - status
- - type
- type: object
- type: array
- configuration:
- description: |-
- Deprecated:
- Use camel trait (camel.properties) to manage properties
- Use mount trait (mount.configs) to manage configs
- Use mount trait (mount.resources) to manage resources
- Use mount trait (mount.volumes) to manage volumes
- list of configuration properties to be attached to all the Integration/IntegrationKits built from this IntegrationPlatform
- items:
- description: ConfigurationSpec represents a generic configuration
- specification.
- properties:
- type:
- description: 'represents the type of configuration, ie: property,
- configmap, secret, ...'
- type: string
- value:
- description: the value to assign to the configuration (syntax
- may vary depending on the `Type`)
- type: string
- required:
- - type
- - value
- type: object
- type: array
- info:
- additionalProperties:
- type: string
- description: generic information related to the build of Camel K operator
- software
- type: object
- kamelet:
- description: configuration to be executed to all Kamelets controlled
- by this IntegrationPlatform
- properties:
- repositories:
- description: remote repository used to retrieve Kamelet catalog
- items:
- description: KameletRepositorySpec defines the location of the
- Kamelet catalog to use.
- properties:
- uri:
- description: the remote repository in the format github:ORG/REPO/PATH_TO_KAMELETS_FOLDER
- type: string
- type: object
- type: array
- type: object
- observedGeneration:
- description: ObservedGeneration is the most recent generation observed
- for this IntegrationPlatform.
- format: int64
- type: integer
- phase:
- description: defines in what phase the IntegrationPlatform is found
- type: string
- profile:
- description: |-
- the profile you wish to use. It will apply certain traits which are required by the specific profile chosen.
- It usually relates the Cluster with the optional definition of special profiles (ie, Knative)
- type: string
- traits:
- description: list of traits to be executed for all the Integration/IntegrationKits
- built from this IntegrationPlatform
- properties:
- 3scale:
- description: 'Deprecated: for backward compatibility.'
- properties:
- configuration:
- description: TraitConfiguration parameters configuration
- type: object
- x-kubernetes-preserve-unknown-fields: true
- required:
- - configuration
- type: object
- addons:
- additionalProperties:
- description: AddonTrait represents the configuration of an addon
- trait.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- description: The extension point with addon traits
- type: object
- affinity:
- description: The configuration of Affinity trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- nodeAffinityLabels:
- description: Defines a set of nodes the integration pod(s)
- are eligible to be scheduled on, based on labels on the
- node.
- items:
- type: string
- type: array
- podAffinity:
- description: Always co-locates multiple replicas of the integration
- in the same node (default `false`).
- type: boolean
- podAffinityLabels:
- description: |-
- Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the
- integration pod(s) should be co-located with.
- items:
- type: string
- type: array
- podAntiAffinity:
- description: Never co-locates multiple replicas of the integration
- in the same node (default `false`).
- type: boolean
- podAntiAffinityLabels:
- description: |-
- Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the
- integration pod(s) should not be co-located with.
- items:
- type: string
- type: array
- type: object
- builder:
- description: The configuration of Builder trait
- properties:
- annotations:
- additionalProperties:
- type: string
- description: When using `pod` strategy, annotation to use
- for the builder pod.
- type: object
- baseImage:
- description: |-
- Specify a base image. In order to have the application working properly it must be a container image which has a Java JDK
- installed and ready to use on path (ie `/usr/bin/java`).
- type: string
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- incrementalImageBuild:
- description: Use the incremental image build option, to reuse
- existing containers (default `true`)
- type: boolean
- limitCPU:
- description: |-
- When using `pod` strategy, the maximum amount of CPU required by the pod builder.
- Deprecated: use TasksRequestCPU instead with task name `builder`.
- type: string
- limitMemory:
- description: |-
- When using `pod` strategy, the maximum amount of memory required by the pod builder.
- Deprecated: use TasksRequestCPU instead with task name `builder`.
- type: string
- mavenProfiles:
- description: |-
- A list of references pointing to configmaps/secrets that contains a maven profile.
- This configmap/secret is a resource of the IntegrationKit created, therefore it needs to be present in the namespace where the operator is going to create the IntegrationKit.
- The content of the maven profile is expected to be a text containing a valid maven profile starting with `` and ending with `` that will be integrated as an inline profile in the POM.
- Syntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = profile.xml).
- items:
- type: string
- type: array
- nodeSelector:
- additionalProperties:
- type: string
- description: Defines a set of nodes the builder pod is eligible
- to be scheduled on, based on labels on the node.
- type: object
- orderStrategy:
- description: The build order strategy to use, either `dependencies`,
- `fifo` or `sequential` (default is the platform default)
- enum:
- - dependencies
- - fifo
- - sequential
- type: string
- platforms:
- description: The list of manifest platforms to use to build
- a container image (default `linux/amd64`).
- items:
- type: string
- type: array
- properties:
- description: A list of properties to be provided to the build
- task
- items:
- type: string
- type: array
- requestCPU:
- description: |-
- When using `pod` strategy, the minimum amount of CPU required by the pod builder.
- Deprecated: use TasksRequestCPU instead with task name `builder`.
- type: string
- requestMemory:
- description: |-
- When using `pod` strategy, the minimum amount of memory required by the pod builder.
- Deprecated: use TasksRequestCPU instead with task name `builder`.
- type: string
- strategy:
- description: The strategy to use, either `pod` or `routine`
- (default `routine`)
- enum:
- - pod
- - routine
- type: string
- tasks:
- description: A list of tasks to be executed (available only
- when using `pod` strategy) with format `;;`.
- items:
- type: string
- type: array
- tasksFilter:
- description: |-
- A list of tasks sorted by the order of execution in a csv format, ie, `,,...`.
- Mind that you must include also the operator tasks (`builder`, `quarkus-native`, `package`, `jib`, `s2i`)
- if you need to execute them. Useful only with `pod` strategy.
- type: string
- tasksLimitCPU:
- description: A list of limit cpu configuration for the specific
- task with format `:`.
- items:
- type: string
- type: array
- tasksLimitMemory:
- description: A list of limit memory configuration for the
- specific task with format `:`.
- items:
- type: string
- type: array
- tasksRequestCPU:
- description: A list of request cpu configuration for the specific
- task with format `:`.
- items:
- type: string
- type: array
- tasksRequestMemory:
- description: A list of request memory configuration for the
- specific task with format `:`.
- items:
- type: string
- type: array
- verbose:
- description: |-
- Enable verbose logging on build components that support it (e.g. Kaniko build pod).
- Deprecated no longer in use
- type: boolean
- type: object
- camel:
- description: The configuration of Camel trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- properties:
- description: A list of properties to be provided to the Integration
- runtime
- items:
- type: string
- type: array
- runtimeVersion:
- description: |-
- The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform.
- You can use a fixed version (for example "3.2.3") or a semantic version (for example "3.x") which will try to resolve
- to the best matching Catalog existing on the cluster.
- type: string
- type: object
- container:
- description: The configuration of Container trait
- properties:
- allowPrivilegeEscalation:
- description: Security Context AllowPrivilegeEscalation configuration
- (default false).
- type: boolean
- auto:
- description: To automatically enable the trait
- type: boolean
- capabilitiesAdd:
- description: Security Context Capabilities Add configuration
- (default none).
- items:
- description: Capability represent POSIX capabilities type
- type: string
- type: array
- capabilitiesDrop:
- description: Security Context Capabilities Drop configuration
- (default ALL).
- items:
- description: Capability represent POSIX capabilities type
- type: string
- type: array
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- expose:
- description: Can be used to enable/disable exposure via kubernetes
- Service.
- type: boolean
- image:
- description: |-
- The main container image to use for the Integration. When using this parameter the operator will create a synthetic IntegrationKit which
- won't be able to execute traits requiring CamelCatalog. If the container image you're using is coming from an IntegrationKit, use instead
- Integration `.spec.integrationKit` parameter. If you're moving the Integration across environments, you will also need to create an "external" IntegrationKit.
- type: string
- imagePullPolicy:
- description: 'The pull policy: Always|Never|IfNotPresent'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- limitCPU:
- description: The maximum amount of CPU to be provided (default
- 500 millicores).
- type: string
- limitMemory:
- description: The maximum amount of memory to be provided (default
- 512 Mi).
- type: string
- name:
- description: The main container name. It's named `integration`
- by default.
- type: string
- port:
- description: To configure a different port exposed by the
- container (default `8080`).
- type: integer
- portName:
- description: To configure a different port name for the port
- exposed by the container. It defaults to `http` only when
- the `expose` parameter is true.
- type: string
- requestCPU:
- description: The minimum amount of CPU required (default 125
- millicores).
- type: string
- requestMemory:
- description: The minimum amount of memory required (default
- 128 Mi).
- type: string
- runAsNonRoot:
- description: Security Context RunAsNonRoot configuration (default
- false).
- type: boolean
- runAsUser:
- description: 'Security Context RunAsUser configuration (default
- none): this value is automatically retrieved in Openshift
- clusters when not explicitly set.'
- format: int64
- type: integer
- seccompProfileType:
- description: Security Context SeccompProfileType configuration
- (default RuntimeDefault).
- enum:
- - Unconfined
- - RuntimeDefault
- type: string
- servicePort:
- description: To configure under which service port the container
- port is to be exposed (default `80`).
- type: integer
- servicePortName:
- description: To configure under which service port name the
- container port is to be exposed (default `http`).
- type: string
- type: object
- cron:
- description: The configuration of Cron trait
- properties:
- activeDeadlineSeconds:
- description: |-
- Specifies the duration in seconds, relative to the start time, that the job
- may be continuously active before it is considered to be failed.
- It defaults to 60s.
- format: int64
- type: integer
- auto:
- description: |-
- Automatically deploy the integration as CronJob when all routes are
- either starting from a periodic consumer (only `cron`, `timer` and `quartz` are supported) or a passive consumer (e.g. `direct` is a passive consumer).
-
-
- It's required that all periodic consumers have the same period, and it can be expressed as cron schedule (e.g. `1m` can be expressed as `0/1 * * * *`,
- while `35m` or `50s` cannot).
- type: boolean
- backoffLimit:
- description: |-
- Specifies the number of retries before marking the job failed.
- It defaults to 2.
- format: int32
- type: integer
- components:
- description: |-
- A comma separated list of the Camel components that need to be customized in order for them to work when the schedule is triggered externally by Kubernetes.
- A specific customizer is activated for each specified component. E.g. for the `timer` component, the `cron-timer` customizer is
- activated (it's present in the `org.apache.camel.k:camel-k-cron` library).
-
-
- Supported components are currently: `cron`, `timer` and `quartz`.
- type: string
- concurrencyPolicy:
- description: |-
- Specifies how to treat concurrent executions of a Job.
- Valid values are:
- - "Allow": allows CronJobs to run concurrently;
- - "Forbid" (default): forbids concurrent runs, skipping next run if previous run hasn't finished yet;
- - "Replace": cancels currently running job and replaces it with a new one
- enum:
- - Allow
- - Forbid
- - Replace
- type: string
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- fallback:
- description: |-
- Use the default Camel implementation of the `cron` endpoint (`quartz`) instead of trying to materialize the integration
- as Kubernetes CronJob.
- type: boolean
- schedule:
- description: |-
- The CronJob schedule for the whole integration. If multiple routes are declared, they must have the same schedule for this
- mechanism to work correctly.
- type: string
- startingDeadlineSeconds:
- description: |-
- Optional deadline in seconds for starting the job if it misses scheduled
- time for any reason. Missed jobs executions will be counted as failed ones.
- format: int64
- type: integer
- timeZone:
- description: The timezone that the CronJob will run on
- type: string
- type: object
- dependencies:
- description: The configuration of Dependencies trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- type: object
- deployer:
- description: The configuration of Deployer trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- kind:
- description: Allows to explicitly select the desired deployment
- kind between `deployment`, `cron-job` or `knative-service`
- when creating the resources for running the integration.
- enum:
- - deployment
- - cron-job
- - knative-service
- type: string
- useSSA:
- description: |-
- Use server-side apply to update the owned resources (default `true`).
- Note that it automatically falls back to client-side patching, if SSA is not available, e.g., on old Kubernetes clusters.
- type: boolean
- type: object
- deployment:
- description: The configuration of Deployment trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- progressDeadlineSeconds:
- description: |-
- The maximum time in seconds for the deployment to make progress before it
- is considered to be failed. It defaults to `60s`.
- format: int32
- type: integer
- rollingUpdateMaxSurge:
- anyOf:
- - type: integer
- - type: string
- description: |-
- The maximum number of pods that can be scheduled above the desired number of
- pods.
- Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
- This can not be 0 if MaxUnavailable is 0.
- Absolute number is calculated from percentage by rounding up.
- Defaults to `25%`.
- x-kubernetes-int-or-string: true
- rollingUpdateMaxUnavailable:
- anyOf:
- - type: integer
- - type: string
- description: |-
- The maximum number of pods that can be unavailable during the update.
- Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
- Absolute number is calculated from percentage by rounding down.
- This can not be 0 if MaxSurge is 0.
- Defaults to `25%`.
- x-kubernetes-int-or-string: true
- strategy:
- description: The deployment strategy to use to replace existing
- pods with new ones.
- enum:
- - Recreate
- - RollingUpdate
- type: string
- type: object
- environment:
- description: The configuration of Environment trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- containerMeta:
- description: Enables injection of `NAMESPACE` and `POD_NAME`
- environment variables (default `true`)
- type: boolean
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- httpProxy:
- description: Propagates the `HTTP_PROXY`, `HTTPS_PROXY` and
- `NO_PROXY` environment variables (default `true`)
- type: boolean
- vars:
- description: |-
- A list of environment variables to be added to the integration container.
- The syntax is KEY=VALUE, e.g., `MY_VAR="my value"`.
- These take precedence over the previously defined environment variables.
- items:
- type: string
- type: array
- type: object
- error-handler:
- description: The configuration of Error Handler trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- ref:
- description: The error handler ref name provided or found
- in application properties
- type: string
- type: object
- gc:
- description: The configuration of GC trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- discoveryCache:
- description: |-
- Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`).
- Deprecated: to be removed from trait configuration.
- enum:
- - disabled
- - disk
- - memory
- type: string
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- type: object
- health:
- description: The configuration of Health trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- livenessFailureThreshold:
- description: Minimum consecutive failures for the liveness
- probe to be considered failed after having succeeded.
- format: int32
- type: integer
- livenessInitialDelay:
- description: Number of seconds after the container has started
- before the liveness probe is initiated.
- format: int32
- type: integer
- livenessPeriod:
- description: How often to perform the liveness probe.
- format: int32
- type: integer
- livenessProbe:
- description: The liveness probe path to use (default provided
- by the Catalog runtime used).
- type: string
- livenessProbeEnabled:
- description: Configures the liveness probe for the integration
- container (default `false`).
- type: boolean
- livenessScheme:
- description: Scheme to use when connecting to the liveness
- probe (default `HTTP`).
- type: string
- livenessSuccessThreshold:
- description: Minimum consecutive successes for the liveness
- probe to be considered successful after having failed.
- format: int32
- type: integer
- livenessTimeout:
- description: Number of seconds after which the liveness probe
- times out.
- format: int32
- type: integer
- readinessFailureThreshold:
- description: Minimum consecutive failures for the readiness
- probe to be considered failed after having succeeded.
- format: int32
- type: integer
- readinessInitialDelay:
- description: Number of seconds after the container has started
- before the readiness probe is initiated.
- format: int32
- type: integer
- readinessPeriod:
- description: How often to perform the readiness probe.
- format: int32
- type: integer
- readinessProbe:
- description: The readiness probe path to use (default provided
- by the Catalog runtime used).
- type: string
- readinessProbeEnabled:
- description: Configures the readiness probe for the integration
- container (default `true`).
- type: boolean
- readinessScheme:
- description: Scheme to use when connecting to the readiness
- probe (default `HTTP`).
- type: string
- readinessSuccessThreshold:
- description: Minimum consecutive successes for the readiness
- probe to be considered successful after having failed.
- format: int32
- type: integer
- readinessTimeout:
- description: Number of seconds after which the readiness probe
- times out.
- format: int32
- type: integer
- startupFailureThreshold:
- description: Minimum consecutive failures for the startup
- probe to be considered failed after having succeeded.
- format: int32
- type: integer
- startupInitialDelay:
- description: Number of seconds after the container has started
- before the startup probe is initiated.
- format: int32
- type: integer
- startupPeriod:
- description: How often to perform the startup probe.
- format: int32
- type: integer
- startupProbe:
- description: The startup probe path to use (default provided
- by the Catalog runtime used).
- type: string
- startupProbeEnabled:
- description: Configures the startup probe for the integration
- container (default `false`).
- type: boolean
- startupScheme:
- description: Scheme to use when connecting to the startup
- probe (default `HTTP`).
- type: string
- startupSuccessThreshold:
- description: Minimum consecutive successes for the startup
- probe to be considered successful after having failed.
- format: int32
- type: integer
- startupTimeout:
- description: Number of seconds after which the startup probe
- times out.
- format: int32
- type: integer
- type: object
- ingress:
- description: The configuration of Ingress trait
- properties:
- annotations:
- additionalProperties:
- type: string
- description: |-
- The annotations added to the ingress.
- This can be used to set controller specific annotations, e.g., when using the NGINX Ingress controller:
- See https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md
- type: object
- auto:
- description: To automatically add an ingress whenever the
- integration uses an HTTP endpoint consumer.
- type: boolean
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- host:
- description: To configure the host exposed by the ingress.
- type: string
- path:
- description: To configure the path exposed by the ingress
- (default `/`).
- type: string
- pathType:
- description: |-
- To configure the path type exposed by the ingress.
- One of `Exact`, `Prefix`, `ImplementationSpecific` (default to `Prefix`).
- enum:
- - Exact
- - Prefix
- - ImplementationSpecific
- type: string
- tlsHosts:
- description: To configure tls hosts
- items:
- type: string
- type: array
- tlsSecretName:
- description: To configure tls secret name
- type: string
- type: object
- istio:
- description: The configuration of Istio trait
- properties:
- allow:
- description: Configures a (comma-separated) list of CIDR subnets
- that should not be intercepted by the Istio proxy (`10.0.0.0/8,172.16.0.0/12,192.168.0.0/16`
- by default).
- type: string
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- inject:
- description: Forces the value for labels `sidecar.istio.io/inject`.
- By default the label is set to `true` on deployment and
- not set on Knative Service.
- type: boolean
- type: object
- jolokia:
- description: The configuration of Jolokia trait
- properties:
- CACert:
- description: |-
- The PEM encoded CA certification file path, used to verify client certificates,
- applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`
- (default `/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt` for OpenShift).
- type: string
- clientPrincipal:
- description: |-
- The principal(s) which must be given in a client certificate to allow access to the Jolokia endpoint,
- applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`
- (default `clientPrincipal=cn=system:master-proxy`, `cn=hawtio-online.hawtio.svc` and `cn=fuse-console.fuse.svc` for OpenShift).
- items:
- type: string
- type: array
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- discoveryEnabled:
- description: Listen for multicast requests (default `false`)
- type: boolean
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- extendedClientCheck:
- description: |-
- Mandate the client certificate contains a client flag in the extended key usage section,
- applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`
- (default `true` for OpenShift).
- type: boolean
- host:
- description: |-
- The Host address to which the Jolokia agent should bind to. If `"\*"` or `"0.0.0.0"` is given,
- the servers binds to every network interface (default `"*"`).
- type: string
- options:
- description: |-
- A list of additional Jolokia options as defined
- in https://jolokia.org/reference/html/agents.html#agent-jvm-config[JVM agent configuration options]
- items:
- type: string
- type: array
- password:
- description: The password used for authentication, applicable
- when the `user` option is set.
- type: string
- port:
- description: The Jolokia endpoint port (default `8778`).
- type: integer
- protocol:
- description: The protocol to use, either `http` or `https`
- (default `https` for OpenShift)
- type: string
- useSSLClientAuthentication:
- description: Whether client certificates should be used for
- authentication (default `true` for OpenShift).
- type: boolean
- user:
- description: The user to be used for authentication
- type: string
- type: object
- jvm:
- description: The configuration of JVM trait
- properties:
- classpath:
- description: Additional JVM classpath (use `Linux` classpath
- separator)
- type: string
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- debug:
- description: Activates remote debugging, so that a debugger
- can be attached to the JVM, e.g., using port-forwarding
- type: boolean
- debugAddress:
- description: Transport address at which to listen for the
- newly launched JVM (default `*:5005`)
- type: string
- debugSuspend:
- description: Suspends the target JVM immediately before the
- main class is loaded
- type: boolean
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- jar:
- description: The Jar dependency which will run the application.
- Leave it empty for managed Integrations.
- type: string
- options:
- description: A list of JVM options
- items:
- type: string
- type: array
- printCommand:
- description: |-
- Prints the command used the start the JVM in the container logs (default `true`)
- Deprecated: no longer in use.
- type: boolean
- type: object
- kamelets:
- description: The configuration of Kamelets trait
- properties:
- auto:
- description: Automatically inject all referenced Kamelets
- and their default configuration (enabled by default)
- type: boolean
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- list:
- description: Comma separated list of Kamelet names to load
- into the current integration
- type: string
- mountPoint:
- description: The directory where the application mounts and
- reads Kamelet spec (default `/etc/camel/kamelets`)
- type: string
- type: object
- keda:
- description: 'Deprecated: for backward compatibility.'
- properties:
- configuration:
- description: TraitConfiguration parameters configuration
- type: object
- x-kubernetes-preserve-unknown-fields: true
- required:
- - configuration
- type: object
- knative:
- description: The configuration of Knative trait
- properties:
- auto:
- description: Enable automatic discovery of all trait properties.
- type: boolean
- channelSinks:
- description: |-
- List of channels used as destination of integration routes.
- Can contain simple channel names or full Camel URIs.
- items:
- type: string
- type: array
- channelSources:
- description: |-
- List of channels used as source of integration routes.
- Can contain simple channel names or full Camel URIs.
- items:
- type: string
- type: array
- config:
- description: Can be used to inject a Knative complete configuration
- in JSON format.
- type: string
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- endpointSinks:
- description: |-
- List of endpoints used as destination of integration routes.
- Can contain simple endpoint names or full Camel URIs.
- items:
- type: string
- type: array
- endpointSources:
- description: List of channels used as source of integration
- routes.
- items:
- type: string
- type: array
- eventSinks:
- description: |-
- List of event types that the integration will produce.
- Can contain simple event types or full Camel URIs (to use a specific broker).
- items:
- type: string
- type: array
- eventSources:
- description: |-
- List of event types that the integration will be subscribed to.
- Can contain simple event types or full Camel URIs (to use a specific broker different from "default").
- items:
- type: string
- type: array
- filterEventType:
- description: |-
- Enables the default filtering for the Knative trigger using the event type
- If this is true, the created Knative trigger uses the event type as a filter on the event stream when no other filter criteria is given. (default: true)
- type: boolean
- filterSourceChannels:
- description: |-
- Enables filtering on events based on the header "ce-knativehistory". Since this header has been removed in newer versions of
- Knative, filtering is disabled by default.
- type: boolean
- filters:
- description: |-
- Sets filter attributes on the event stream (such as event type, source, subject and so on).
- A list of key-value pairs that represent filter attributes and its values.
- The syntax is KEY=VALUE, e.g., `source="my.source"`.
- Filter attributes get set on the Knative trigger that is being created as part of this integration.
- items:
- type: string
- type: array
- namespaceLabel:
- description: |-
- Enables the camel-k-operator to set the "bindings.knative.dev/include=true" label to the namespace
- As Knative requires this label to perform injection of K_SINK URL into the service.
- If this is false, the integration pod may start and fail, read the SinkBinding Knative documentation. (default: true)
- type: boolean
- sinkBinding:
- description: |-
- Allows binding the integration to a sink via a Knative SinkBinding resource.
- This can be used when the integration targets a single sink.
- It's enabled by default when the integration targets a single sink
- (except when the integration is owned by a Knative source).
- type: boolean
- type: object
- knative-service:
- description: The configuration of Knative Service trait
- properties:
- annotations:
- additionalProperties:
- type: string
- description: |-
- The annotations added to route.
- This can be used to set knative service specific annotations
- CLI usage example: -t "knative-service.annotations.'haproxy.router.openshift.io/balance'=true"
- type: object
- auto:
- description: |-
- Automatically deploy the integration as Knative service when all conditions hold:
-
-
- * Integration is using the Knative profile
- * All routes are either starting from an HTTP based consumer or a passive consumer (e.g. `direct` is a passive consumer)
- type: boolean
- autoscalingMetric:
- description: |-
- Configures the Knative autoscaling metric property (e.g. to set `concurrency` based or `cpu` based autoscaling).
-
-
- Refer to the Knative documentation for more information.
- type: string
- autoscalingTarget:
- description: |-
- Sets the allowed concurrency level or CPU percentage (depending on the autoscaling metric) for each Pod.
-
-
- Refer to the Knative documentation for more information.
- type: integer
- class:
- description: |-
- Configures the Knative autoscaling class property (e.g. to set `hpa.autoscaling.knative.dev` or `kpa.autoscaling.knative.dev` autoscaling).
-
-
- Refer to the Knative documentation for more information.
- enum:
- - kpa.autoscaling.knative.dev
- - hpa.autoscaling.knative.dev
- type: string
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- maxScale:
- description: |-
- An upper bound for the number of Pods that can be running in parallel for the integration.
- Knative has its own cap value that depends on the installation.
-
-
- Refer to the Knative documentation for more information.
- type: integer
- minScale:
- description: |-
- The minimum number of Pods that should be running at any time for the integration. It's **zero** by default, meaning that
- the integration is scaled down to zero when not used for a configured amount of time.
-
-
- Refer to the Knative documentation for more information.
- type: integer
- rolloutDuration:
- description: |-
- Enables to gradually shift traffic to the latest Revision and sets the rollout duration.
- It's disabled by default and must be expressed as a Golang `time.Duration` string representation,
- rounded to a second precision.
- type: string
- timeoutSeconds:
- description: |-
- The maximum duration in seconds that the request instance is allowed to respond to a request.
- This field propagates to the integration pod's terminationGracePeriodSeconds
-
-
- Refer to the Knative documentation for more information.
- format: int64
- type: integer
- visibility:
- description: |-
- Setting `cluster-local`, Knative service becomes a private service.
- Specifically, this option applies the `networking.knative.dev/visibility` label to Knative service.
-
-
- Refer to the Knative documentation for more information.
- enum:
- - cluster-local
- type: string
- type: object
- logging:
- description: The configuration of Logging trait
- properties:
- color:
- description: Colorize the log output
- type: boolean
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- format:
- description: Logs message format
- type: string
- json:
- description: Output the logs in JSON
- type: boolean
- jsonPrettyPrint:
- description: Enable "pretty printing" of the JSON logs
- type: boolean
- level:
- description: Adjust the logging level (defaults to `INFO`)
- enum:
- - FATAL
- - WARN
- - INFO
- - DEBUG
- - TRACE
- type: string
- type: object
- master:
- description: 'Deprecated: for backward compatibility.'
- properties:
- configuration:
- description: TraitConfiguration parameters configuration
- type: object
- x-kubernetes-preserve-unknown-fields: true
- required:
- - configuration
- type: object
- mount:
- description: The configuration of Mount trait
- properties:
- configs:
- description: |-
- A list of configuration pointing to configmap/secret.
- The configuration are expected to be UTF-8 resources as they are processed by runtime Camel Context and tried to be parsed as property files.
- They are also made available on the classpath in order to ease their usage directly from the Route.
- Syntax: [configmap|secret]:name[/key], where name represents the resource name and key optionally represents the resource key to be filtered
- items:
- type: string
- type: array
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- emptyDirs:
- description: 'A list of EmptyDir volumes to be mounted. Syntax:
- [name:/container/path]'
- items:
- type: string
- type: array
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- hotReload:
- description: |-
- Enable "hot reload" when a secret/configmap mounted is edited (default `false`). The configmap/secret must be
- marked with `camel.apache.org/integration` label to be taken in account. The resource will be watched for any kind change, also for
- changes in metadata.
- type: boolean
- resources:
- description: |-
- A list of resources (text or binary content) pointing to configmap/secret.
- The resources are expected to be any resource type (text or binary content).
- The destination path can be either a default location or any path specified by the user.
- Syntax: [configmap|secret]:name[/key][@path], where name represents the resource name, key optionally represents the resource key to be filtered and path represents the destination path
- items:
- type: string
- type: array
- scanKameletsImplicitLabelSecrets:
- description: |-
- Deprecated: include your properties in an explicit property file backed by a secret.
- Let the operator to scan for secret labeled with `camel.apache.org/kamelet` and `camel.apache.org/kamelet.configuration`.
- These secrets are mounted to the application and treated as plain properties file with their key/value list
- (ie .spec.data["camel.my-property"] = my-value) (default `true`).
- type: boolean
- volumes:
- description: 'A list of Persistent Volume Claims to be mounted.
- Syntax: [pvcname:/container/path]'
- items:
- type: string
- type: array
- type: object
- openapi:
- description: The configuration of OpenAPI trait
- properties:
- configmaps:
- description: The configmaps holding the spec of the OpenAPI
- (compatible with > 3.0 spec only).
- items:
- type: string
- type: array
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- type: object
- owner:
- description: The configuration of Owner trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- targetAnnotations:
- description: The set of annotations to be transferred
- items:
- type: string
- type: array
- targetLabels:
- description: The set of labels to be transferred
- items:
- type: string
- type: array
- type: object
- pdb:
- description: The configuration of PDB trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- maxUnavailable:
- description: |-
- The number of pods for the Integration that can be unavailable after an eviction.
- It can be either an absolute number or a percentage (default `1` if `min-available` is also not set).
- Only one of `max-unavailable` and `min-available` can be specified.
- type: string
- minAvailable:
- description: |-
- The number of pods for the Integration that must still be available after an eviction.
- It can be either an absolute number or a percentage.
- Only one of `min-available` and `max-unavailable` can be specified.
- type: string
- type: object
- platform:
- description: The configuration of Platform trait
- properties:
- auto:
- description: |-
- To automatically detect from the environment if a default platform can be created (it will be created on OpenShift or when a registry address is set).
- Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility
- type: boolean
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- createDefault:
- description: |-
- To create a default (empty) platform when the platform is missing.
- Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility
- type: boolean
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- global:
- description: |-
- Indicates if the platform should be created globally in the case of global operator (default true).
- Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility
- type: boolean
- type: object
- pod:
- description: The configuration of Pod trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- type: object
- prometheus:
- description: The configuration of Prometheus trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- podMonitor:
- description: Whether a `PodMonitor` resource is created (default
- `true`).
- type: boolean
- podMonitorLabels:
- description: The `PodMonitor` resource labels, applicable
- when `pod-monitor` is `true`.
- items:
- type: string
- type: array
- type: object
- pull-secret:
- description: The configuration of Pull Secret trait
- properties:
- auto:
- description: Automatically configures the platform registry
- secret on the pod if it is of type `kubernetes.io/dockerconfigjson`.
- type: boolean
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- imagePullerDelegation:
- description: When using a global operator with a shared platform,
- this enables delegation of the `system:image-puller` cluster
- role on the operator namespace to the integration service
- account.
- type: boolean
- secretName:
- description: The pull secret name to set on the Pod. If left
- empty this is automatically taken from the `IntegrationPlatform`
- registry configuration.
- type: string
- type: object
- quarkus:
- description: The configuration of Quarkus trait
- properties:
- buildMode:
- description: |-
- The Quarkus mode to run: either `jvm` or `native` (default `jvm`).
- In case both `jvm` and `native` are specified, two `IntegrationKit` resources are created,
- with the `native` kit having precedence over the `jvm` one once ready.
- items:
- description: QuarkusMode is the type of Quarkus build packaging.
- enum:
- - jvm
- - native
- type: string
- type: array
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- nativeBaseImage:
- description: The base image to use when running a native build
- (default `quay.io/quarkus/quarkus-micro-image:2.0`)
- type: string
- nativeBuilderImage:
- description: The image containing the tooling required for
- a native build (by default it will use the one provided
- in the runtime catalog)
- type: string
- packageTypes:
- description: |-
- The Quarkus package types, `fast-jar` or `native` (default `fast-jar`).
- In case both `fast-jar` and `native` are specified, two `IntegrationKit` resources are created,
- with the native kit having precedence over the `fast-jar` one once ready.
- The order influences the resolution of the current kit for the integration.
- The kit corresponding to the first package type will be assigned to the
- integration in case no existing kit that matches the integration exists.
- Deprecated: use `build-mode` instead.
- items:
- description: |-
- QuarkusPackageType is the type of Quarkus build packaging.
- Deprecated: use `QuarkusMode` instead.
- enum:
- - fast-jar
- - native
- type: string
- type: array
- type: object
- registry:
- description: |-
- The configuration of Registry trait (support removed since version 2.5.0).
- Deprecated: use jvm trait or read documentation.
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- type: object
- route:
- description: The configuration of Route trait
- properties:
- annotations:
- additionalProperties:
- type: string
- description: |-
- The annotations added to route.
- This can be used to set route specific annotations
- For annotations options see https://docs.openshift.com/container-platform/3.11/architecture/networking/routes.html#route-specific-annotations
- CLI usage example: -t "route.annotations.'haproxy.router.openshift.io/balance'=true"
- type: object
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- host:
- description: To configure the host exposed by the route.
- type: string
- tlsCACertificate:
- description: |-
- The TLS CA certificate contents.
-
-
- Refer to the OpenShift route documentation for additional information.
- type: string
- tlsCACertificateSecret:
- description: |-
- The secret name and key reference to the TLS CA certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
-
-
- Refer to the OpenShift route documentation for additional information.
- type: string
- tlsCertificate:
- description: |-
- The TLS certificate contents.
-
-
- Refer to the OpenShift route documentation for additional information.
- type: string
- tlsCertificateSecret:
- description: |-
- The secret name and key reference to the TLS certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
-
-
- Refer to the OpenShift route documentation for additional information.
- type: string
- tlsDestinationCACertificate:
- description: |-
- The destination CA certificate provides the contents of the ca certificate of the final destination. When using reencrypt
- termination this file should be provided in order to have routers use it for health checks on the secure connection.
- If this field is not specified, the router may provide its own destination CA and perform hostname validation using
- the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically
- verify.
-
-
- Refer to the OpenShift route documentation for additional information.
- type: string
- tlsDestinationCACertificateSecret:
- description: |-
- The secret name and key reference to the destination CA certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
-
-
- Refer to the OpenShift route documentation for additional information.
- type: string
- tlsInsecureEdgeTerminationPolicy:
- description: |-
- To configure how to deal with insecure traffic, e.g. `Allow`, `Disable` or `Redirect` traffic.
-
-
- Refer to the OpenShift route documentation for additional information.
- enum:
- - None
- - Allow
- - Redirect
- type: string
- tlsKey:
- description: |-
- The TLS certificate key contents.
-
-
- Refer to the OpenShift route documentation for additional information.
- type: string
- tlsKeySecret:
- description: |-
- The secret name and key reference to the TLS certificate key. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
-
-
- Refer to the OpenShift route documentation for additional information.
- type: string
- tlsTermination:
- description: |-
- The TLS termination type, like `edge`, `passthrough` or `reencrypt`.
-
-
- Refer to the OpenShift route documentation for additional information.
- enum:
- - edge
- - reencrypt
- - passthrough
- type: string
- type: object
- security-context:
- description: The configuration of Security Context trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- runAsNonRoot:
- description: Security Context RunAsNonRoot configuration (default
- false).
- type: boolean
- runAsUser:
- description: 'Security Context RunAsUser configuration (default
- none): this value is automatically retrieved in Openshift
- clusters when not explicitly set.'
- format: int64
- type: integer
- seccompProfileType:
- description: Security Context SeccompProfileType configuration
- (default RuntimeDefault).
- enum:
- - Unconfined
- - RuntimeDefault
- type: string
- type: object
- service:
- description: The configuration of Service trait
- properties:
- auto:
- description: To automatically detect from the code if a Service
- needs to be created.
- type: boolean
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- nodePort:
- description: |-
- Enable Service to be exposed as NodePort (default `false`).
- Deprecated: Use service type instead.
- type: boolean
- type:
- description: The type of service to be used, either 'ClusterIP',
- 'NodePort' or 'LoadBalancer'.
- enum:
- - ClusterIP
- - NodePort
- - LoadBalancer
- type: string
- type: object
- service-binding:
- description: The configuration of Service Binding trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- services:
- description: List of Services in the form [[apigroup/]version:]kind:[namespace/]name
- items:
- type: string
- type: array
- type: object
- strimzi:
- description: 'Deprecated: for backward compatibility.'
- properties:
- configuration:
- description: TraitConfiguration parameters configuration
- type: object
- x-kubernetes-preserve-unknown-fields: true
- required:
- - configuration
- type: object
- toleration:
- description: The configuration of Toleration trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- taints:
- description: The list of taints to tolerate, in the form `Key[=Value]:Effect[:Seconds]`
- items:
- type: string
- type: array
- type: object
- tracing:
- description: 'Deprecated: for backward compatibility.'
- properties:
- configuration:
- description: TraitConfiguration parameters configuration
- type: object
- x-kubernetes-preserve-unknown-fields: true
- required:
- - configuration
- type: object
- type: object
- version:
- description: the Camel K operator version controlling this IntegrationPlatform
- type: string
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
diff --git a/helm/camel-k/crds/crd-integration-profile.yaml b/helm/camel-k/crds/crd-integration-profile.yaml
deleted file mode 100644
index d96df69f0e..0000000000
--- a/helm/camel-k/crds/crd-integration-profile.yaml
+++ /dev/null
@@ -1,3995 +0,0 @@
-# ---------------------------------------------------------------------------
-# Licensed to the Apache Software Foundation (ASF) under one or more
-# contributor license agreements. See the NOTICE file distributed with
-# this work for additional information regarding copyright ownership.
-# The ASF licenses this file to You under the Apache License, Version 2.0
-# (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-# ---------------------------------------------------------------------------
-
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.15.0
- name: integrationprofiles.camel.apache.org
-spec:
- group: camel.apache.org
- names:
- categories:
- - kamel
- - camel
- kind: IntegrationProfile
- listKind: IntegrationProfileList
- plural: integrationprofiles
- shortNames:
- - ipr
- singular: integrationprofile
- scope: Namespaced
- versions:
- - additionalPrinterColumns:
- - description: The integration profile phase
- jsonPath: .status.phase
- name: Phase
- type: string
- - description: The default runtime version
- jsonPath: .status.build.runtimeVersion
- name: Default runtime
- type: string
- name: v1
- schema:
- openAPIV3Schema:
- description: |-
- IntegrationProfile is the resource used to apply user defined settings to the Camel K operator behavior.
- It defines the behavior of all Custom Resources (`IntegrationKit`, `Integration`, `Kamelet`) in the given namespace.
- properties:
- apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
- type: string
- kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
- type: string
- metadata:
- type: object
- spec:
- description: IntegrationProfileSpec applies user defined settings to the
- IntegrationProfile.
- properties:
- build:
- description: specify how to build the Integration/IntegrationKits
- properties:
- baseImage:
- description: |-
- a base image that can be used as base layer for all images.
- It can be useful if you want to provide some custom base image with further utility software
- type: string
- maven:
- description: Maven configuration used to build the Camel/Camel-Quarkus
- applications
- properties:
- caSecrets:
- description: |-
- The Secrets name and key, containing the CA certificate(s) used to connect
- to remote Maven repositories.
- It can contain X.509 certificates, and PKCS#7 formatted certificate chains.
- A JKS formatted keystore is automatically created to store the CA certificate(s),
- and configured to be used as a trusted certificate(s) by the Maven commands.
- Note that the root CA certificates are also imported into the created keystore.
- items:
- description: SecretKeySelector selects a key of a Secret.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the Secret or its key must
- be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: array
- cliOptions:
- description: |-
- The CLI options that are appended to the list of arguments for Maven commands,
- e.g., `-V,--no-transfer-progress,-Dstyle.color=never`.
- See https://maven.apache.org/ref/3.8.4/maven-embedder/cli.html.
- items:
- type: string
- type: array
- extension:
- description: |-
- The Maven build extensions.
- See https://maven.apache.org/guides/mini/guide-using-extensions.html.
- items:
- description: MavenArtifact defines a GAV (Group:Artifact:Type:Version:Classifier)
- Maven artifact.
- properties:
- artifactId:
- description: Maven Artifact
- type: string
- classifier:
- description: Maven Classifier
- type: string
- groupId:
- description: Maven Group
- type: string
- type:
- description: Maven Type
- type: string
- version:
- description: Maven Version
- type: string
- required:
- - artifactId
- - groupId
- type: object
- type: array
- localRepository:
- description: The path of the local Maven repository.
- type: string
- profiles:
- description: |-
- A reference to the ConfigMap or Secret key that contains
- the Maven profile.
- items:
- description: ValueSource --.
- properties:
- configMapKeyRef:
- description: Selects a key of a ConfigMap.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the ConfigMap or its
- key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secretKeyRef:
- description: Selects a key of a secret.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the Secret or its key
- must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- type: array
- properties:
- additionalProperties:
- type: string
- description: The Maven properties.
- type: object
- settings:
- description: |-
- A reference to the ConfigMap or Secret key that contains
- the Maven settings.
- properties:
- configMapKeyRef:
- description: Selects a key of a ConfigMap.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the ConfigMap or its
- key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secretKeyRef:
- description: Selects a key of a secret.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the Secret or its key
- must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- settingsSecurity:
- description: |-
- A reference to the ConfigMap or Secret key that contains
- the security of the Maven settings.
- properties:
- configMapKeyRef:
- description: Selects a key of a ConfigMap.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the ConfigMap or its
- key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secretKeyRef:
- description: Selects a key of a secret.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the Secret or its key
- must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- type: object
- registry:
- description: the image registry used to push/pull Integration
- images
- properties:
- address:
- description: the URI to access
- type: string
- ca:
- description: the configmap which stores the Certificate Authority
- type: string
- insecure:
- description: if the container registry is insecure (ie, http
- only)
- type: boolean
- organization:
- description: the registry organization
- type: string
- secret:
- description: the secret where credentials are stored
- type: string
- type: object
- runtimeProvider:
- description: the runtime used. Likely Camel Quarkus (we used to
- have main runtime which has been discontinued since version
- 1.5)
- type: string
- runtimeVersion:
- description: the Camel K Runtime dependency version
- type: string
- timeout:
- description: how much time to wait before time out the pipeline
- process
- type: string
- type: object
- kamelet:
- description: configuration to be executed to all Kamelets controlled
- by this IntegrationProfile
- properties:
- repositories:
- description: remote repository used to retrieve Kamelet catalog
- items:
- description: KameletRepositorySpec defines the location of the
- Kamelet catalog to use.
- properties:
- uri:
- description: the remote repository in the format github:ORG/REPO/PATH_TO_KAMELETS_FOLDER
- type: string
- type: object
- type: array
- type: object
- traits:
- description: list of traits to be executed for all the Integration/IntegrationKits
- built from this IntegrationProfile
- properties:
- 3scale:
- description: 'Deprecated: for backward compatibility.'
- properties:
- configuration:
- description: TraitConfiguration parameters configuration
- type: object
- x-kubernetes-preserve-unknown-fields: true
- required:
- - configuration
- type: object
- addons:
- additionalProperties:
- description: AddonTrait represents the configuration of an addon
- trait.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- description: The extension point with addon traits
- type: object
- affinity:
- description: The configuration of Affinity trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- nodeAffinityLabels:
- description: Defines a set of nodes the integration pod(s)
- are eligible to be scheduled on, based on labels on the
- node.
- items:
- type: string
- type: array
- podAffinity:
- description: Always co-locates multiple replicas of the integration
- in the same node (default `false`).
- type: boolean
- podAffinityLabels:
- description: |-
- Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the
- integration pod(s) should be co-located with.
- items:
- type: string
- type: array
- podAntiAffinity:
- description: Never co-locates multiple replicas of the integration
- in the same node (default `false`).
- type: boolean
- podAntiAffinityLabels:
- description: |-
- Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the
- integration pod(s) should not be co-located with.
- items:
- type: string
- type: array
- type: object
- builder:
- description: The configuration of Builder trait
- properties:
- annotations:
- additionalProperties:
- type: string
- description: When using `pod` strategy, annotation to use
- for the builder pod.
- type: object
- baseImage:
- description: |-
- Specify a base image. In order to have the application working properly it must be a container image which has a Java JDK
- installed and ready to use on path (ie `/usr/bin/java`).
- type: string
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- incrementalImageBuild:
- description: Use the incremental image build option, to reuse
- existing containers (default `true`)
- type: boolean
- limitCPU:
- description: |-
- When using `pod` strategy, the maximum amount of CPU required by the pod builder.
- Deprecated: use TasksRequestCPU instead with task name `builder`.
- type: string
- limitMemory:
- description: |-
- When using `pod` strategy, the maximum amount of memory required by the pod builder.
- Deprecated: use TasksRequestCPU instead with task name `builder`.
- type: string
- mavenProfiles:
- description: |-
- A list of references pointing to configmaps/secrets that contains a maven profile.
- This configmap/secret is a resource of the IntegrationKit created, therefore it needs to be present in the namespace where the operator is going to create the IntegrationKit.
- The content of the maven profile is expected to be a text containing a valid maven profile starting with `` and ending with `` that will be integrated as an inline profile in the POM.
- Syntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = profile.xml).
- items:
- type: string
- type: array
- nodeSelector:
- additionalProperties:
- type: string
- description: Defines a set of nodes the builder pod is eligible
- to be scheduled on, based on labels on the node.
- type: object
- orderStrategy:
- description: The build order strategy to use, either `dependencies`,
- `fifo` or `sequential` (default is the platform default)
- enum:
- - dependencies
- - fifo
- - sequential
- type: string
- platforms:
- description: The list of manifest platforms to use to build
- a container image (default `linux/amd64`).
- items:
- type: string
- type: array
- properties:
- description: A list of properties to be provided to the build
- task
- items:
- type: string
- type: array
- requestCPU:
- description: |-
- When using `pod` strategy, the minimum amount of CPU required by the pod builder.
- Deprecated: use TasksRequestCPU instead with task name `builder`.
- type: string
- requestMemory:
- description: |-
- When using `pod` strategy, the minimum amount of memory required by the pod builder.
- Deprecated: use TasksRequestCPU instead with task name `builder`.
- type: string
- strategy:
- description: The strategy to use, either `pod` or `routine`
- (default `routine`)
- enum:
- - pod
- - routine
- type: string
- tasks:
- description: A list of tasks to be executed (available only
- when using `pod` strategy) with format `;;`.
- items:
- type: string
- type: array
- tasksFilter:
- description: |-
- A list of tasks sorted by the order of execution in a csv format, ie, `,,...`.
- Mind that you must include also the operator tasks (`builder`, `quarkus-native`, `package`, `jib`, `s2i`)
- if you need to execute them. Useful only with `pod` strategy.
- type: string
- tasksLimitCPU:
- description: A list of limit cpu configuration for the specific
- task with format `:`.
- items:
- type: string
- type: array
- tasksLimitMemory:
- description: A list of limit memory configuration for the
- specific task with format `:`.
- items:
- type: string
- type: array
- tasksRequestCPU:
- description: A list of request cpu configuration for the specific
- task with format `:`.
- items:
- type: string
- type: array
- tasksRequestMemory:
- description: A list of request memory configuration for the
- specific task with format `:`.
- items:
- type: string
- type: array
- verbose:
- description: |-
- Enable verbose logging on build components that support it (e.g. Kaniko build pod).
- Deprecated no longer in use
- type: boolean
- type: object
- camel:
- description: The configuration of Camel trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- properties:
- description: A list of properties to be provided to the Integration
- runtime
- items:
- type: string
- type: array
- runtimeVersion:
- description: |-
- The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform.
- You can use a fixed version (for example "3.2.3") or a semantic version (for example "3.x") which will try to resolve
- to the best matching Catalog existing on the cluster.
- type: string
- type: object
- container:
- description: The configuration of Container trait
- properties:
- allowPrivilegeEscalation:
- description: Security Context AllowPrivilegeEscalation configuration
- (default false).
- type: boolean
- auto:
- description: To automatically enable the trait
- type: boolean
- capabilitiesAdd:
- description: Security Context Capabilities Add configuration
- (default none).
- items:
- description: Capability represent POSIX capabilities type
- type: string
- type: array
- capabilitiesDrop:
- description: Security Context Capabilities Drop configuration
- (default ALL).
- items:
- description: Capability represent POSIX capabilities type
- type: string
- type: array
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- expose:
- description: Can be used to enable/disable exposure via kubernetes
- Service.
- type: boolean
- image:
- description: |-
- The main container image to use for the Integration. When using this parameter the operator will create a synthetic IntegrationKit which
- won't be able to execute traits requiring CamelCatalog. If the container image you're using is coming from an IntegrationKit, use instead
- Integration `.spec.integrationKit` parameter. If you're moving the Integration across environments, you will also need to create an "external" IntegrationKit.
- type: string
- imagePullPolicy:
- description: 'The pull policy: Always|Never|IfNotPresent'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- limitCPU:
- description: The maximum amount of CPU to be provided (default
- 500 millicores).
- type: string
- limitMemory:
- description: The maximum amount of memory to be provided (default
- 512 Mi).
- type: string
- name:
- description: The main container name. It's named `integration`
- by default.
- type: string
- port:
- description: To configure a different port exposed by the
- container (default `8080`).
- type: integer
- portName:
- description: To configure a different port name for the port
- exposed by the container. It defaults to `http` only when
- the `expose` parameter is true.
- type: string
- requestCPU:
- description: The minimum amount of CPU required (default 125
- millicores).
- type: string
- requestMemory:
- description: The minimum amount of memory required (default
- 128 Mi).
- type: string
- runAsNonRoot:
- description: Security Context RunAsNonRoot configuration (default
- false).
- type: boolean
- runAsUser:
- description: 'Security Context RunAsUser configuration (default
- none): this value is automatically retrieved in Openshift
- clusters when not explicitly set.'
- format: int64
- type: integer
- seccompProfileType:
- description: Security Context SeccompProfileType configuration
- (default RuntimeDefault).
- enum:
- - Unconfined
- - RuntimeDefault
- type: string
- servicePort:
- description: To configure under which service port the container
- port is to be exposed (default `80`).
- type: integer
- servicePortName:
- description: To configure under which service port name the
- container port is to be exposed (default `http`).
- type: string
- type: object
- cron:
- description: The configuration of Cron trait
- properties:
- activeDeadlineSeconds:
- description: |-
- Specifies the duration in seconds, relative to the start time, that the job
- may be continuously active before it is considered to be failed.
- It defaults to 60s.
- format: int64
- type: integer
- auto:
- description: |-
- Automatically deploy the integration as CronJob when all routes are
- either starting from a periodic consumer (only `cron`, `timer` and `quartz` are supported) or a passive consumer (e.g. `direct` is a passive consumer).
-
-
- It's required that all periodic consumers have the same period, and it can be expressed as cron schedule (e.g. `1m` can be expressed as `0/1 * * * *`,
- while `35m` or `50s` cannot).
- type: boolean
- backoffLimit:
- description: |-
- Specifies the number of retries before marking the job failed.
- It defaults to 2.
- format: int32
- type: integer
- components:
- description: |-
- A comma separated list of the Camel components that need to be customized in order for them to work when the schedule is triggered externally by Kubernetes.
- A specific customizer is activated for each specified component. E.g. for the `timer` component, the `cron-timer` customizer is
- activated (it's present in the `org.apache.camel.k:camel-k-cron` library).
-
-
- Supported components are currently: `cron`, `timer` and `quartz`.
- type: string
- concurrencyPolicy:
- description: |-
- Specifies how to treat concurrent executions of a Job.
- Valid values are:
- - "Allow": allows CronJobs to run concurrently;
- - "Forbid" (default): forbids concurrent runs, skipping next run if previous run hasn't finished yet;
- - "Replace": cancels currently running job and replaces it with a new one
- enum:
- - Allow
- - Forbid
- - Replace
- type: string
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- fallback:
- description: |-
- Use the default Camel implementation of the `cron` endpoint (`quartz`) instead of trying to materialize the integration
- as Kubernetes CronJob.
- type: boolean
- schedule:
- description: |-
- The CronJob schedule for the whole integration. If multiple routes are declared, they must have the same schedule for this
- mechanism to work correctly.
- type: string
- startingDeadlineSeconds:
- description: |-
- Optional deadline in seconds for starting the job if it misses scheduled
- time for any reason. Missed jobs executions will be counted as failed ones.
- format: int64
- type: integer
- timeZone:
- description: The timezone that the CronJob will run on
- type: string
- type: object
- dependencies:
- description: The configuration of Dependencies trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- type: object
- deployer:
- description: The configuration of Deployer trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- kind:
- description: Allows to explicitly select the desired deployment
- kind between `deployment`, `cron-job` or `knative-service`
- when creating the resources for running the integration.
- enum:
- - deployment
- - cron-job
- - knative-service
- type: string
- useSSA:
- description: |-
- Use server-side apply to update the owned resources (default `true`).
- Note that it automatically falls back to client-side patching, if SSA is not available, e.g., on old Kubernetes clusters.
- type: boolean
- type: object
- deployment:
- description: The configuration of Deployment trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- progressDeadlineSeconds:
- description: |-
- The maximum time in seconds for the deployment to make progress before it
- is considered to be failed. It defaults to `60s`.
- format: int32
- type: integer
- rollingUpdateMaxSurge:
- anyOf:
- - type: integer
- - type: string
- description: |-
- The maximum number of pods that can be scheduled above the desired number of
- pods.
- Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
- This can not be 0 if MaxUnavailable is 0.
- Absolute number is calculated from percentage by rounding up.
- Defaults to `25%`.
- x-kubernetes-int-or-string: true
- rollingUpdateMaxUnavailable:
- anyOf:
- - type: integer
- - type: string
- description: |-
- The maximum number of pods that can be unavailable during the update.
- Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
- Absolute number is calculated from percentage by rounding down.
- This can not be 0 if MaxSurge is 0.
- Defaults to `25%`.
- x-kubernetes-int-or-string: true
- strategy:
- description: The deployment strategy to use to replace existing
- pods with new ones.
- enum:
- - Recreate
- - RollingUpdate
- type: string
- type: object
- environment:
- description: The configuration of Environment trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- containerMeta:
- description: Enables injection of `NAMESPACE` and `POD_NAME`
- environment variables (default `true`)
- type: boolean
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- httpProxy:
- description: Propagates the `HTTP_PROXY`, `HTTPS_PROXY` and
- `NO_PROXY` environment variables (default `true`)
- type: boolean
- vars:
- description: |-
- A list of environment variables to be added to the integration container.
- The syntax is KEY=VALUE, e.g., `MY_VAR="my value"`.
- These take precedence over the previously defined environment variables.
- items:
- type: string
- type: array
- type: object
- error-handler:
- description: The configuration of Error Handler trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- ref:
- description: The error handler ref name provided or found
- in application properties
- type: string
- type: object
- gc:
- description: The configuration of GC trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- discoveryCache:
- description: |-
- Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`).
- Deprecated: to be removed from trait configuration.
- enum:
- - disabled
- - disk
- - memory
- type: string
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- type: object
- health:
- description: The configuration of Health trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- livenessFailureThreshold:
- description: Minimum consecutive failures for the liveness
- probe to be considered failed after having succeeded.
- format: int32
- type: integer
- livenessInitialDelay:
- description: Number of seconds after the container has started
- before the liveness probe is initiated.
- format: int32
- type: integer
- livenessPeriod:
- description: How often to perform the liveness probe.
- format: int32
- type: integer
- livenessProbe:
- description: The liveness probe path to use (default provided
- by the Catalog runtime used).
- type: string
- livenessProbeEnabled:
- description: Configures the liveness probe for the integration
- container (default `false`).
- type: boolean
- livenessScheme:
- description: Scheme to use when connecting to the liveness
- probe (default `HTTP`).
- type: string
- livenessSuccessThreshold:
- description: Minimum consecutive successes for the liveness
- probe to be considered successful after having failed.
- format: int32
- type: integer
- livenessTimeout:
- description: Number of seconds after which the liveness probe
- times out.
- format: int32
- type: integer
- readinessFailureThreshold:
- description: Minimum consecutive failures for the readiness
- probe to be considered failed after having succeeded.
- format: int32
- type: integer
- readinessInitialDelay:
- description: Number of seconds after the container has started
- before the readiness probe is initiated.
- format: int32
- type: integer
- readinessPeriod:
- description: How often to perform the readiness probe.
- format: int32
- type: integer
- readinessProbe:
- description: The readiness probe path to use (default provided
- by the Catalog runtime used).
- type: string
- readinessProbeEnabled:
- description: Configures the readiness probe for the integration
- container (default `true`).
- type: boolean
- readinessScheme:
- description: Scheme to use when connecting to the readiness
- probe (default `HTTP`).
- type: string
- readinessSuccessThreshold:
- description: Minimum consecutive successes for the readiness
- probe to be considered successful after having failed.
- format: int32
- type: integer
- readinessTimeout:
- description: Number of seconds after which the readiness probe
- times out.
- format: int32
- type: integer
- startupFailureThreshold:
- description: Minimum consecutive failures for the startup
- probe to be considered failed after having succeeded.
- format: int32
- type: integer
- startupInitialDelay:
- description: Number of seconds after the container has started
- before the startup probe is initiated.
- format: int32
- type: integer
- startupPeriod:
- description: How often to perform the startup probe.
- format: int32
- type: integer
- startupProbe:
- description: The startup probe path to use (default provided
- by the Catalog runtime used).
- type: string
- startupProbeEnabled:
- description: Configures the startup probe for the integration
- container (default `false`).
- type: boolean
- startupScheme:
- description: Scheme to use when connecting to the startup
- probe (default `HTTP`).
- type: string
- startupSuccessThreshold:
- description: Minimum consecutive successes for the startup
- probe to be considered successful after having failed.
- format: int32
- type: integer
- startupTimeout:
- description: Number of seconds after which the startup probe
- times out.
- format: int32
- type: integer
- type: object
- ingress:
- description: The configuration of Ingress trait
- properties:
- annotations:
- additionalProperties:
- type: string
- description: |-
- The annotations added to the ingress.
- This can be used to set controller specific annotations, e.g., when using the NGINX Ingress controller:
- See https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md
- type: object
- auto:
- description: To automatically add an ingress whenever the
- integration uses an HTTP endpoint consumer.
- type: boolean
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- host:
- description: To configure the host exposed by the ingress.
- type: string
- path:
- description: To configure the path exposed by the ingress
- (default `/`).
- type: string
- pathType:
- description: |-
- To configure the path type exposed by the ingress.
- One of `Exact`, `Prefix`, `ImplementationSpecific` (default to `Prefix`).
- enum:
- - Exact
- - Prefix
- - ImplementationSpecific
- type: string
- tlsHosts:
- description: To configure tls hosts
- items:
- type: string
- type: array
- tlsSecretName:
- description: To configure tls secret name
- type: string
- type: object
- istio:
- description: The configuration of Istio trait
- properties:
- allow:
- description: Configures a (comma-separated) list of CIDR subnets
- that should not be intercepted by the Istio proxy (`10.0.0.0/8,172.16.0.0/12,192.168.0.0/16`
- by default).
- type: string
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- inject:
- description: Forces the value for labels `sidecar.istio.io/inject`.
- By default the label is set to `true` on deployment and
- not set on Knative Service.
- type: boolean
- type: object
- jolokia:
- description: The configuration of Jolokia trait
- properties:
- CACert:
- description: |-
- The PEM encoded CA certification file path, used to verify client certificates,
- applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`
- (default `/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt` for OpenShift).
- type: string
- clientPrincipal:
- description: |-
- The principal(s) which must be given in a client certificate to allow access to the Jolokia endpoint,
- applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`
- (default `clientPrincipal=cn=system:master-proxy`, `cn=hawtio-online.hawtio.svc` and `cn=fuse-console.fuse.svc` for OpenShift).
- items:
- type: string
- type: array
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- discoveryEnabled:
- description: Listen for multicast requests (default `false`)
- type: boolean
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- extendedClientCheck:
- description: |-
- Mandate the client certificate contains a client flag in the extended key usage section,
- applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`
- (default `true` for OpenShift).
- type: boolean
- host:
- description: |-
- The Host address to which the Jolokia agent should bind to. If `"\*"` or `"0.0.0.0"` is given,
- the servers binds to every network interface (default `"*"`).
- type: string
- options:
- description: |-
- A list of additional Jolokia options as defined
- in https://jolokia.org/reference/html/agents.html#agent-jvm-config[JVM agent configuration options]
- items:
- type: string
- type: array
- password:
- description: The password used for authentication, applicable
- when the `user` option is set.
- type: string
- port:
- description: The Jolokia endpoint port (default `8778`).
- type: integer
- protocol:
- description: The protocol to use, either `http` or `https`
- (default `https` for OpenShift)
- type: string
- useSSLClientAuthentication:
- description: Whether client certificates should be used for
- authentication (default `true` for OpenShift).
- type: boolean
- user:
- description: The user to be used for authentication
- type: string
- type: object
- jvm:
- description: The configuration of JVM trait
- properties:
- classpath:
- description: Additional JVM classpath (use `Linux` classpath
- separator)
- type: string
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- debug:
- description: Activates remote debugging, so that a debugger
- can be attached to the JVM, e.g., using port-forwarding
- type: boolean
- debugAddress:
- description: Transport address at which to listen for the
- newly launched JVM (default `*:5005`)
- type: string
- debugSuspend:
- description: Suspends the target JVM immediately before the
- main class is loaded
- type: boolean
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- jar:
- description: The Jar dependency which will run the application.
- Leave it empty for managed Integrations.
- type: string
- options:
- description: A list of JVM options
- items:
- type: string
- type: array
- printCommand:
- description: |-
- Prints the command used the start the JVM in the container logs (default `true`)
- Deprecated: no longer in use.
- type: boolean
- type: object
- kamelets:
- description: The configuration of Kamelets trait
- properties:
- auto:
- description: Automatically inject all referenced Kamelets
- and their default configuration (enabled by default)
- type: boolean
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- list:
- description: Comma separated list of Kamelet names to load
- into the current integration
- type: string
- mountPoint:
- description: The directory where the application mounts and
- reads Kamelet spec (default `/etc/camel/kamelets`)
- type: string
- type: object
- keda:
- description: 'Deprecated: for backward compatibility.'
- properties:
- configuration:
- description: TraitConfiguration parameters configuration
- type: object
- x-kubernetes-preserve-unknown-fields: true
- required:
- - configuration
- type: object
- knative:
- description: The configuration of Knative trait
- properties:
- auto:
- description: Enable automatic discovery of all trait properties.
- type: boolean
- channelSinks:
- description: |-
- List of channels used as destination of integration routes.
- Can contain simple channel names or full Camel URIs.
- items:
- type: string
- type: array
- channelSources:
- description: |-
- List of channels used as source of integration routes.
- Can contain simple channel names or full Camel URIs.
- items:
- type: string
- type: array
- config:
- description: Can be used to inject a Knative complete configuration
- in JSON format.
- type: string
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- endpointSinks:
- description: |-
- List of endpoints used as destination of integration routes.
- Can contain simple endpoint names or full Camel URIs.
- items:
- type: string
- type: array
- endpointSources:
- description: List of channels used as source of integration
- routes.
- items:
- type: string
- type: array
- eventSinks:
- description: |-
- List of event types that the integration will produce.
- Can contain simple event types or full Camel URIs (to use a specific broker).
- items:
- type: string
- type: array
- eventSources:
- description: |-
- List of event types that the integration will be subscribed to.
- Can contain simple event types or full Camel URIs (to use a specific broker different from "default").
- items:
- type: string
- type: array
- filterEventType:
- description: |-
- Enables the default filtering for the Knative trigger using the event type
- If this is true, the created Knative trigger uses the event type as a filter on the event stream when no other filter criteria is given. (default: true)
- type: boolean
- filterSourceChannels:
- description: |-
- Enables filtering on events based on the header "ce-knativehistory". Since this header has been removed in newer versions of
- Knative, filtering is disabled by default.
- type: boolean
- filters:
- description: |-
- Sets filter attributes on the event stream (such as event type, source, subject and so on).
- A list of key-value pairs that represent filter attributes and its values.
- The syntax is KEY=VALUE, e.g., `source="my.source"`.
- Filter attributes get set on the Knative trigger that is being created as part of this integration.
- items:
- type: string
- type: array
- namespaceLabel:
- description: |-
- Enables the camel-k-operator to set the "bindings.knative.dev/include=true" label to the namespace
- As Knative requires this label to perform injection of K_SINK URL into the service.
- If this is false, the integration pod may start and fail, read the SinkBinding Knative documentation. (default: true)
- type: boolean
- sinkBinding:
- description: |-
- Allows binding the integration to a sink via a Knative SinkBinding resource.
- This can be used when the integration targets a single sink.
- It's enabled by default when the integration targets a single sink
- (except when the integration is owned by a Knative source).
- type: boolean
- type: object
- knative-service:
- description: The configuration of Knative Service trait
- properties:
- annotations:
- additionalProperties:
- type: string
- description: |-
- The annotations added to route.
- This can be used to set knative service specific annotations
- CLI usage example: -t "knative-service.annotations.'haproxy.router.openshift.io/balance'=true"
- type: object
- auto:
- description: |-
- Automatically deploy the integration as Knative service when all conditions hold:
-
-
- * Integration is using the Knative profile
- * All routes are either starting from an HTTP based consumer or a passive consumer (e.g. `direct` is a passive consumer)
- type: boolean
- autoscalingMetric:
- description: |-
- Configures the Knative autoscaling metric property (e.g. to set `concurrency` based or `cpu` based autoscaling).
-
-
- Refer to the Knative documentation for more information.
- type: string
- autoscalingTarget:
- description: |-
- Sets the allowed concurrency level or CPU percentage (depending on the autoscaling metric) for each Pod.
-
-
- Refer to the Knative documentation for more information.
- type: integer
- class:
- description: |-
- Configures the Knative autoscaling class property (e.g. to set `hpa.autoscaling.knative.dev` or `kpa.autoscaling.knative.dev` autoscaling).
-
-
- Refer to the Knative documentation for more information.
- enum:
- - kpa.autoscaling.knative.dev
- - hpa.autoscaling.knative.dev
- type: string
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- maxScale:
- description: |-
- An upper bound for the number of Pods that can be running in parallel for the integration.
- Knative has its own cap value that depends on the installation.
-
-
- Refer to the Knative documentation for more information.
- type: integer
- minScale:
- description: |-
- The minimum number of Pods that should be running at any time for the integration. It's **zero** by default, meaning that
- the integration is scaled down to zero when not used for a configured amount of time.
-
-
- Refer to the Knative documentation for more information.
- type: integer
- rolloutDuration:
- description: |-
- Enables to gradually shift traffic to the latest Revision and sets the rollout duration.
- It's disabled by default and must be expressed as a Golang `time.Duration` string representation,
- rounded to a second precision.
- type: string
- timeoutSeconds:
- description: |-
- The maximum duration in seconds that the request instance is allowed to respond to a request.
- This field propagates to the integration pod's terminationGracePeriodSeconds
-
-
- Refer to the Knative documentation for more information.
- format: int64
- type: integer
- visibility:
- description: |-
- Setting `cluster-local`, Knative service becomes a private service.
- Specifically, this option applies the `networking.knative.dev/visibility` label to Knative service.
-
-
- Refer to the Knative documentation for more information.
- enum:
- - cluster-local
- type: string
- type: object
- logging:
- description: The configuration of Logging trait
- properties:
- color:
- description: Colorize the log output
- type: boolean
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- format:
- description: Logs message format
- type: string
- json:
- description: Output the logs in JSON
- type: boolean
- jsonPrettyPrint:
- description: Enable "pretty printing" of the JSON logs
- type: boolean
- level:
- description: Adjust the logging level (defaults to `INFO`)
- enum:
- - FATAL
- - WARN
- - INFO
- - DEBUG
- - TRACE
- type: string
- type: object
- master:
- description: 'Deprecated: for backward compatibility.'
- properties:
- configuration:
- description: TraitConfiguration parameters configuration
- type: object
- x-kubernetes-preserve-unknown-fields: true
- required:
- - configuration
- type: object
- mount:
- description: The configuration of Mount trait
- properties:
- configs:
- description: |-
- A list of configuration pointing to configmap/secret.
- The configuration are expected to be UTF-8 resources as they are processed by runtime Camel Context and tried to be parsed as property files.
- They are also made available on the classpath in order to ease their usage directly from the Route.
- Syntax: [configmap|secret]:name[/key], where name represents the resource name and key optionally represents the resource key to be filtered
- items:
- type: string
- type: array
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- emptyDirs:
- description: 'A list of EmptyDir volumes to be mounted. Syntax:
- [name:/container/path]'
- items:
- type: string
- type: array
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- hotReload:
- description: |-
- Enable "hot reload" when a secret/configmap mounted is edited (default `false`). The configmap/secret must be
- marked with `camel.apache.org/integration` label to be taken in account. The resource will be watched for any kind change, also for
- changes in metadata.
- type: boolean
- resources:
- description: |-
- A list of resources (text or binary content) pointing to configmap/secret.
- The resources are expected to be any resource type (text or binary content).
- The destination path can be either a default location or any path specified by the user.
- Syntax: [configmap|secret]:name[/key][@path], where name represents the resource name, key optionally represents the resource key to be filtered and path represents the destination path
- items:
- type: string
- type: array
- scanKameletsImplicitLabelSecrets:
- description: |-
- Deprecated: include your properties in an explicit property file backed by a secret.
- Let the operator to scan for secret labeled with `camel.apache.org/kamelet` and `camel.apache.org/kamelet.configuration`.
- These secrets are mounted to the application and treated as plain properties file with their key/value list
- (ie .spec.data["camel.my-property"] = my-value) (default `true`).
- type: boolean
- volumes:
- description: 'A list of Persistent Volume Claims to be mounted.
- Syntax: [pvcname:/container/path]'
- items:
- type: string
- type: array
- type: object
- openapi:
- description: The configuration of OpenAPI trait
- properties:
- configmaps:
- description: The configmaps holding the spec of the OpenAPI
- (compatible with > 3.0 spec only).
- items:
- type: string
- type: array
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- type: object
- owner:
- description: The configuration of Owner trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- targetAnnotations:
- description: The set of annotations to be transferred
- items:
- type: string
- type: array
- targetLabels:
- description: The set of labels to be transferred
- items:
- type: string
- type: array
- type: object
- pdb:
- description: The configuration of PDB trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- maxUnavailable:
- description: |-
- The number of pods for the Integration that can be unavailable after an eviction.
- It can be either an absolute number or a percentage (default `1` if `min-available` is also not set).
- Only one of `max-unavailable` and `min-available` can be specified.
- type: string
- minAvailable:
- description: |-
- The number of pods for the Integration that must still be available after an eviction.
- It can be either an absolute number or a percentage.
- Only one of `min-available` and `max-unavailable` can be specified.
- type: string
- type: object
- platform:
- description: The configuration of Platform trait
- properties:
- auto:
- description: |-
- To automatically detect from the environment if a default platform can be created (it will be created on OpenShift or when a registry address is set).
- Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility
- type: boolean
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- createDefault:
- description: |-
- To create a default (empty) platform when the platform is missing.
- Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility
- type: boolean
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- global:
- description: |-
- Indicates if the platform should be created globally in the case of global operator (default true).
- Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility
- type: boolean
- type: object
- pod:
- description: The configuration of Pod trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- type: object
- prometheus:
- description: The configuration of Prometheus trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- podMonitor:
- description: Whether a `PodMonitor` resource is created (default
- `true`).
- type: boolean
- podMonitorLabels:
- description: The `PodMonitor` resource labels, applicable
- when `pod-monitor` is `true`.
- items:
- type: string
- type: array
- type: object
- pull-secret:
- description: The configuration of Pull Secret trait
- properties:
- auto:
- description: Automatically configures the platform registry
- secret on the pod if it is of type `kubernetes.io/dockerconfigjson`.
- type: boolean
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- imagePullerDelegation:
- description: When using a global operator with a shared platform,
- this enables delegation of the `system:image-puller` cluster
- role on the operator namespace to the integration service
- account.
- type: boolean
- secretName:
- description: The pull secret name to set on the Pod. If left
- empty this is automatically taken from the `IntegrationPlatform`
- registry configuration.
- type: string
- type: object
- quarkus:
- description: The configuration of Quarkus trait
- properties:
- buildMode:
- description: |-
- The Quarkus mode to run: either `jvm` or `native` (default `jvm`).
- In case both `jvm` and `native` are specified, two `IntegrationKit` resources are created,
- with the `native` kit having precedence over the `jvm` one once ready.
- items:
- description: QuarkusMode is the type of Quarkus build packaging.
- enum:
- - jvm
- - native
- type: string
- type: array
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- nativeBaseImage:
- description: The base image to use when running a native build
- (default `quay.io/quarkus/quarkus-micro-image:2.0`)
- type: string
- nativeBuilderImage:
- description: The image containing the tooling required for
- a native build (by default it will use the one provided
- in the runtime catalog)
- type: string
- packageTypes:
- description: |-
- The Quarkus package types, `fast-jar` or `native` (default `fast-jar`).
- In case both `fast-jar` and `native` are specified, two `IntegrationKit` resources are created,
- with the native kit having precedence over the `fast-jar` one once ready.
- The order influences the resolution of the current kit for the integration.
- The kit corresponding to the first package type will be assigned to the
- integration in case no existing kit that matches the integration exists.
- Deprecated: use `build-mode` instead.
- items:
- description: |-
- QuarkusPackageType is the type of Quarkus build packaging.
- Deprecated: use `QuarkusMode` instead.
- enum:
- - fast-jar
- - native
- type: string
- type: array
- type: object
- registry:
- description: |-
- The configuration of Registry trait (support removed since version 2.5.0).
- Deprecated: use jvm trait or read documentation.
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- type: object
- route:
- description: The configuration of Route trait
- properties:
- annotations:
- additionalProperties:
- type: string
- description: |-
- The annotations added to route.
- This can be used to set route specific annotations
- For annotations options see https://docs.openshift.com/container-platform/3.11/architecture/networking/routes.html#route-specific-annotations
- CLI usage example: -t "route.annotations.'haproxy.router.openshift.io/balance'=true"
- type: object
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- host:
- description: To configure the host exposed by the route.
- type: string
- tlsCACertificate:
- description: |-
- The TLS CA certificate contents.
-
-
- Refer to the OpenShift route documentation for additional information.
- type: string
- tlsCACertificateSecret:
- description: |-
- The secret name and key reference to the TLS CA certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
-
-
- Refer to the OpenShift route documentation for additional information.
- type: string
- tlsCertificate:
- description: |-
- The TLS certificate contents.
-
-
- Refer to the OpenShift route documentation for additional information.
- type: string
- tlsCertificateSecret:
- description: |-
- The secret name and key reference to the TLS certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
-
-
- Refer to the OpenShift route documentation for additional information.
- type: string
- tlsDestinationCACertificate:
- description: |-
- The destination CA certificate provides the contents of the ca certificate of the final destination. When using reencrypt
- termination this file should be provided in order to have routers use it for health checks on the secure connection.
- If this field is not specified, the router may provide its own destination CA and perform hostname validation using
- the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically
- verify.
-
-
- Refer to the OpenShift route documentation for additional information.
- type: string
- tlsDestinationCACertificateSecret:
- description: |-
- The secret name and key reference to the destination CA certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
-
-
- Refer to the OpenShift route documentation for additional information.
- type: string
- tlsInsecureEdgeTerminationPolicy:
- description: |-
- To configure how to deal with insecure traffic, e.g. `Allow`, `Disable` or `Redirect` traffic.
-
-
- Refer to the OpenShift route documentation for additional information.
- enum:
- - None
- - Allow
- - Redirect
- type: string
- tlsKey:
- description: |-
- The TLS certificate key contents.
-
-
- Refer to the OpenShift route documentation for additional information.
- type: string
- tlsKeySecret:
- description: |-
- The secret name and key reference to the TLS certificate key. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
-
-
- Refer to the OpenShift route documentation for additional information.
- type: string
- tlsTermination:
- description: |-
- The TLS termination type, like `edge`, `passthrough` or `reencrypt`.
-
-
- Refer to the OpenShift route documentation for additional information.
- enum:
- - edge
- - reencrypt
- - passthrough
- type: string
- type: object
- security-context:
- description: The configuration of Security Context trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- runAsNonRoot:
- description: Security Context RunAsNonRoot configuration (default
- false).
- type: boolean
- runAsUser:
- description: 'Security Context RunAsUser configuration (default
- none): this value is automatically retrieved in Openshift
- clusters when not explicitly set.'
- format: int64
- type: integer
- seccompProfileType:
- description: Security Context SeccompProfileType configuration
- (default RuntimeDefault).
- enum:
- - Unconfined
- - RuntimeDefault
- type: string
- type: object
- service:
- description: The configuration of Service trait
- properties:
- auto:
- description: To automatically detect from the code if a Service
- needs to be created.
- type: boolean
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- nodePort:
- description: |-
- Enable Service to be exposed as NodePort (default `false`).
- Deprecated: Use service type instead.
- type: boolean
- type:
- description: The type of service to be used, either 'ClusterIP',
- 'NodePort' or 'LoadBalancer'.
- enum:
- - ClusterIP
- - NodePort
- - LoadBalancer
- type: string
- type: object
- service-binding:
- description: The configuration of Service Binding trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- services:
- description: List of Services in the form [[apigroup/]version:]kind:[namespace/]name
- items:
- type: string
- type: array
- type: object
- strimzi:
- description: 'Deprecated: for backward compatibility.'
- properties:
- configuration:
- description: TraitConfiguration parameters configuration
- type: object
- x-kubernetes-preserve-unknown-fields: true
- required:
- - configuration
- type: object
- toleration:
- description: The configuration of Toleration trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- taints:
- description: The list of taints to tolerate, in the form `Key[=Value]:Effect[:Seconds]`
- items:
- type: string
- type: array
- type: object
- tracing:
- description: 'Deprecated: for backward compatibility.'
- properties:
- configuration:
- description: TraitConfiguration parameters configuration
- type: object
- x-kubernetes-preserve-unknown-fields: true
- required:
- - configuration
- type: object
- type: object
- type: object
- status:
- description: IntegrationProfileStatus defines the observed state of IntegrationProfile.
- properties:
- build:
- description: specify how to build the Integration/IntegrationKits
- properties:
- baseImage:
- description: |-
- a base image that can be used as base layer for all images.
- It can be useful if you want to provide some custom base image with further utility software
- type: string
- maven:
- description: Maven configuration used to build the Camel/Camel-Quarkus
- applications
- properties:
- caSecrets:
- description: |-
- The Secrets name and key, containing the CA certificate(s) used to connect
- to remote Maven repositories.
- It can contain X.509 certificates, and PKCS#7 formatted certificate chains.
- A JKS formatted keystore is automatically created to store the CA certificate(s),
- and configured to be used as a trusted certificate(s) by the Maven commands.
- Note that the root CA certificates are also imported into the created keystore.
- items:
- description: SecretKeySelector selects a key of a Secret.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the Secret or its key must
- be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: array
- cliOptions:
- description: |-
- The CLI options that are appended to the list of arguments for Maven commands,
- e.g., `-V,--no-transfer-progress,-Dstyle.color=never`.
- See https://maven.apache.org/ref/3.8.4/maven-embedder/cli.html.
- items:
- type: string
- type: array
- extension:
- description: |-
- The Maven build extensions.
- See https://maven.apache.org/guides/mini/guide-using-extensions.html.
- items:
- description: MavenArtifact defines a GAV (Group:Artifact:Type:Version:Classifier)
- Maven artifact.
- properties:
- artifactId:
- description: Maven Artifact
- type: string
- classifier:
- description: Maven Classifier
- type: string
- groupId:
- description: Maven Group
- type: string
- type:
- description: Maven Type
- type: string
- version:
- description: Maven Version
- type: string
- required:
- - artifactId
- - groupId
- type: object
- type: array
- localRepository:
- description: The path of the local Maven repository.
- type: string
- profiles:
- description: |-
- A reference to the ConfigMap or Secret key that contains
- the Maven profile.
- items:
- description: ValueSource --.
- properties:
- configMapKeyRef:
- description: Selects a key of a ConfigMap.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the ConfigMap or its
- key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secretKeyRef:
- description: Selects a key of a secret.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the Secret or its key
- must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- type: array
- properties:
- additionalProperties:
- type: string
- description: The Maven properties.
- type: object
- settings:
- description: |-
- A reference to the ConfigMap or Secret key that contains
- the Maven settings.
- properties:
- configMapKeyRef:
- description: Selects a key of a ConfigMap.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the ConfigMap or its
- key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secretKeyRef:
- description: Selects a key of a secret.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the Secret or its key
- must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- settingsSecurity:
- description: |-
- A reference to the ConfigMap or Secret key that contains
- the security of the Maven settings.
- properties:
- configMapKeyRef:
- description: Selects a key of a ConfigMap.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the ConfigMap or its
- key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secretKeyRef:
- description: Selects a key of a secret.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the Secret or its key
- must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- type: object
- registry:
- description: the image registry used to push/pull Integration
- images
- properties:
- address:
- description: the URI to access
- type: string
- ca:
- description: the configmap which stores the Certificate Authority
- type: string
- insecure:
- description: if the container registry is insecure (ie, http
- only)
- type: boolean
- organization:
- description: the registry organization
- type: string
- secret:
- description: the secret where credentials are stored
- type: string
- type: object
- runtimeProvider:
- description: the runtime used. Likely Camel Quarkus (we used to
- have main runtime which has been discontinued since version
- 1.5)
- type: string
- runtimeVersion:
- description: the Camel K Runtime dependency version
- type: string
- timeout:
- description: how much time to wait before time out the pipeline
- process
- type: string
- type: object
- conditions:
- description: which are the conditions met (particularly useful when
- in ERROR phase)
- items:
- description: IntegrationProfileCondition describes the state of
- a resource at a certain point.
- properties:
- lastTransitionTime:
- description: Last time the condition transitioned from one status
- to another.
- format: date-time
- type: string
- lastUpdateTime:
- description: The last time this condition was updated.
- format: date-time
- type: string
- message:
- description: A human-readable message indicating details about
- the transition.
- type: string
- reason:
- description: The reason for the condition's last transition.
- type: string
- status:
- description: Status of the condition, one of True, False, Unknown.
- type: string
- type:
- description: Type of integration condition.
- type: string
- required:
- - status
- - type
- type: object
- type: array
- kamelet:
- description: configuration to be executed to all Kamelets controlled
- by this IntegrationProfile
- properties:
- repositories:
- description: remote repository used to retrieve Kamelet catalog
- items:
- description: KameletRepositorySpec defines the location of the
- Kamelet catalog to use.
- properties:
- uri:
- description: the remote repository in the format github:ORG/REPO/PATH_TO_KAMELETS_FOLDER
- type: string
- type: object
- type: array
- type: object
- observedGeneration:
- description: ObservedGeneration is the most recent generation observed
- for this IntegrationProfile.
- format: int64
- type: integer
- phase:
- description: defines in what phase the IntegrationProfile is found
- type: string
- traits:
- description: list of traits to be executed for all the Integration/IntegrationKits
- built from this IntegrationProfile
- properties:
- 3scale:
- description: 'Deprecated: for backward compatibility.'
- properties:
- configuration:
- description: TraitConfiguration parameters configuration
- type: object
- x-kubernetes-preserve-unknown-fields: true
- required:
- - configuration
- type: object
- addons:
- additionalProperties:
- description: AddonTrait represents the configuration of an addon
- trait.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- description: The extension point with addon traits
- type: object
- affinity:
- description: The configuration of Affinity trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- nodeAffinityLabels:
- description: Defines a set of nodes the integration pod(s)
- are eligible to be scheduled on, based on labels on the
- node.
- items:
- type: string
- type: array
- podAffinity:
- description: Always co-locates multiple replicas of the integration
- in the same node (default `false`).
- type: boolean
- podAffinityLabels:
- description: |-
- Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the
- integration pod(s) should be co-located with.
- items:
- type: string
- type: array
- podAntiAffinity:
- description: Never co-locates multiple replicas of the integration
- in the same node (default `false`).
- type: boolean
- podAntiAffinityLabels:
- description: |-
- Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the
- integration pod(s) should not be co-located with.
- items:
- type: string
- type: array
- type: object
- builder:
- description: The configuration of Builder trait
- properties:
- annotations:
- additionalProperties:
- type: string
- description: When using `pod` strategy, annotation to use
- for the builder pod.
- type: object
- baseImage:
- description: |-
- Specify a base image. In order to have the application working properly it must be a container image which has a Java JDK
- installed and ready to use on path (ie `/usr/bin/java`).
- type: string
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- incrementalImageBuild:
- description: Use the incremental image build option, to reuse
- existing containers (default `true`)
- type: boolean
- limitCPU:
- description: |-
- When using `pod` strategy, the maximum amount of CPU required by the pod builder.
- Deprecated: use TasksRequestCPU instead with task name `builder`.
- type: string
- limitMemory:
- description: |-
- When using `pod` strategy, the maximum amount of memory required by the pod builder.
- Deprecated: use TasksRequestCPU instead with task name `builder`.
- type: string
- mavenProfiles:
- description: |-
- A list of references pointing to configmaps/secrets that contains a maven profile.
- This configmap/secret is a resource of the IntegrationKit created, therefore it needs to be present in the namespace where the operator is going to create the IntegrationKit.
- The content of the maven profile is expected to be a text containing a valid maven profile starting with `` and ending with `` that will be integrated as an inline profile in the POM.
- Syntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = profile.xml).
- items:
- type: string
- type: array
- nodeSelector:
- additionalProperties:
- type: string
- description: Defines a set of nodes the builder pod is eligible
- to be scheduled on, based on labels on the node.
- type: object
- orderStrategy:
- description: The build order strategy to use, either `dependencies`,
- `fifo` or `sequential` (default is the platform default)
- enum:
- - dependencies
- - fifo
- - sequential
- type: string
- platforms:
- description: The list of manifest platforms to use to build
- a container image (default `linux/amd64`).
- items:
- type: string
- type: array
- properties:
- description: A list of properties to be provided to the build
- task
- items:
- type: string
- type: array
- requestCPU:
- description: |-
- When using `pod` strategy, the minimum amount of CPU required by the pod builder.
- Deprecated: use TasksRequestCPU instead with task name `builder`.
- type: string
- requestMemory:
- description: |-
- When using `pod` strategy, the minimum amount of memory required by the pod builder.
- Deprecated: use TasksRequestCPU instead with task name `builder`.
- type: string
- strategy:
- description: The strategy to use, either `pod` or `routine`
- (default `routine`)
- enum:
- - pod
- - routine
- type: string
- tasks:
- description: A list of tasks to be executed (available only
- when using `pod` strategy) with format `;;`.
- items:
- type: string
- type: array
- tasksFilter:
- description: |-
- A list of tasks sorted by the order of execution in a csv format, ie, `,,...`.
- Mind that you must include also the operator tasks (`builder`, `quarkus-native`, `package`, `jib`, `s2i`)
- if you need to execute them. Useful only with `pod` strategy.
- type: string
- tasksLimitCPU:
- description: A list of limit cpu configuration for the specific
- task with format `:`.
- items:
- type: string
- type: array
- tasksLimitMemory:
- description: A list of limit memory configuration for the
- specific task with format `:`.
- items:
- type: string
- type: array
- tasksRequestCPU:
- description: A list of request cpu configuration for the specific
- task with format `:`.
- items:
- type: string
- type: array
- tasksRequestMemory:
- description: A list of request memory configuration for the
- specific task with format `:`.
- items:
- type: string
- type: array
- verbose:
- description: |-
- Enable verbose logging on build components that support it (e.g. Kaniko build pod).
- Deprecated no longer in use
- type: boolean
- type: object
- camel:
- description: The configuration of Camel trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- properties:
- description: A list of properties to be provided to the Integration
- runtime
- items:
- type: string
- type: array
- runtimeVersion:
- description: |-
- The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform.
- You can use a fixed version (for example "3.2.3") or a semantic version (for example "3.x") which will try to resolve
- to the best matching Catalog existing on the cluster.
- type: string
- type: object
- container:
- description: The configuration of Container trait
- properties:
- allowPrivilegeEscalation:
- description: Security Context AllowPrivilegeEscalation configuration
- (default false).
- type: boolean
- auto:
- description: To automatically enable the trait
- type: boolean
- capabilitiesAdd:
- description: Security Context Capabilities Add configuration
- (default none).
- items:
- description: Capability represent POSIX capabilities type
- type: string
- type: array
- capabilitiesDrop:
- description: Security Context Capabilities Drop configuration
- (default ALL).
- items:
- description: Capability represent POSIX capabilities type
- type: string
- type: array
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- expose:
- description: Can be used to enable/disable exposure via kubernetes
- Service.
- type: boolean
- image:
- description: |-
- The main container image to use for the Integration. When using this parameter the operator will create a synthetic IntegrationKit which
- won't be able to execute traits requiring CamelCatalog. If the container image you're using is coming from an IntegrationKit, use instead
- Integration `.spec.integrationKit` parameter. If you're moving the Integration across environments, you will also need to create an "external" IntegrationKit.
- type: string
- imagePullPolicy:
- description: 'The pull policy: Always|Never|IfNotPresent'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- limitCPU:
- description: The maximum amount of CPU to be provided (default
- 500 millicores).
- type: string
- limitMemory:
- description: The maximum amount of memory to be provided (default
- 512 Mi).
- type: string
- name:
- description: The main container name. It's named `integration`
- by default.
- type: string
- port:
- description: To configure a different port exposed by the
- container (default `8080`).
- type: integer
- portName:
- description: To configure a different port name for the port
- exposed by the container. It defaults to `http` only when
- the `expose` parameter is true.
- type: string
- requestCPU:
- description: The minimum amount of CPU required (default 125
- millicores).
- type: string
- requestMemory:
- description: The minimum amount of memory required (default
- 128 Mi).
- type: string
- runAsNonRoot:
- description: Security Context RunAsNonRoot configuration (default
- false).
- type: boolean
- runAsUser:
- description: 'Security Context RunAsUser configuration (default
- none): this value is automatically retrieved in Openshift
- clusters when not explicitly set.'
- format: int64
- type: integer
- seccompProfileType:
- description: Security Context SeccompProfileType configuration
- (default RuntimeDefault).
- enum:
- - Unconfined
- - RuntimeDefault
- type: string
- servicePort:
- description: To configure under which service port the container
- port is to be exposed (default `80`).
- type: integer
- servicePortName:
- description: To configure under which service port name the
- container port is to be exposed (default `http`).
- type: string
- type: object
- cron:
- description: The configuration of Cron trait
- properties:
- activeDeadlineSeconds:
- description: |-
- Specifies the duration in seconds, relative to the start time, that the job
- may be continuously active before it is considered to be failed.
- It defaults to 60s.
- format: int64
- type: integer
- auto:
- description: |-
- Automatically deploy the integration as CronJob when all routes are
- either starting from a periodic consumer (only `cron`, `timer` and `quartz` are supported) or a passive consumer (e.g. `direct` is a passive consumer).
-
-
- It's required that all periodic consumers have the same period, and it can be expressed as cron schedule (e.g. `1m` can be expressed as `0/1 * * * *`,
- while `35m` or `50s` cannot).
- type: boolean
- backoffLimit:
- description: |-
- Specifies the number of retries before marking the job failed.
- It defaults to 2.
- format: int32
- type: integer
- components:
- description: |-
- A comma separated list of the Camel components that need to be customized in order for them to work when the schedule is triggered externally by Kubernetes.
- A specific customizer is activated for each specified component. E.g. for the `timer` component, the `cron-timer` customizer is
- activated (it's present in the `org.apache.camel.k:camel-k-cron` library).
-
-
- Supported components are currently: `cron`, `timer` and `quartz`.
- type: string
- concurrencyPolicy:
- description: |-
- Specifies how to treat concurrent executions of a Job.
- Valid values are:
- - "Allow": allows CronJobs to run concurrently;
- - "Forbid" (default): forbids concurrent runs, skipping next run if previous run hasn't finished yet;
- - "Replace": cancels currently running job and replaces it with a new one
- enum:
- - Allow
- - Forbid
- - Replace
- type: string
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- fallback:
- description: |-
- Use the default Camel implementation of the `cron` endpoint (`quartz`) instead of trying to materialize the integration
- as Kubernetes CronJob.
- type: boolean
- schedule:
- description: |-
- The CronJob schedule for the whole integration. If multiple routes are declared, they must have the same schedule for this
- mechanism to work correctly.
- type: string
- startingDeadlineSeconds:
- description: |-
- Optional deadline in seconds for starting the job if it misses scheduled
- time for any reason. Missed jobs executions will be counted as failed ones.
- format: int64
- type: integer
- timeZone:
- description: The timezone that the CronJob will run on
- type: string
- type: object
- dependencies:
- description: The configuration of Dependencies trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- type: object
- deployer:
- description: The configuration of Deployer trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- kind:
- description: Allows to explicitly select the desired deployment
- kind between `deployment`, `cron-job` or `knative-service`
- when creating the resources for running the integration.
- enum:
- - deployment
- - cron-job
- - knative-service
- type: string
- useSSA:
- description: |-
- Use server-side apply to update the owned resources (default `true`).
- Note that it automatically falls back to client-side patching, if SSA is not available, e.g., on old Kubernetes clusters.
- type: boolean
- type: object
- deployment:
- description: The configuration of Deployment trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- progressDeadlineSeconds:
- description: |-
- The maximum time in seconds for the deployment to make progress before it
- is considered to be failed. It defaults to `60s`.
- format: int32
- type: integer
- rollingUpdateMaxSurge:
- anyOf:
- - type: integer
- - type: string
- description: |-
- The maximum number of pods that can be scheduled above the desired number of
- pods.
- Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
- This can not be 0 if MaxUnavailable is 0.
- Absolute number is calculated from percentage by rounding up.
- Defaults to `25%`.
- x-kubernetes-int-or-string: true
- rollingUpdateMaxUnavailable:
- anyOf:
- - type: integer
- - type: string
- description: |-
- The maximum number of pods that can be unavailable during the update.
- Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
- Absolute number is calculated from percentage by rounding down.
- This can not be 0 if MaxSurge is 0.
- Defaults to `25%`.
- x-kubernetes-int-or-string: true
- strategy:
- description: The deployment strategy to use to replace existing
- pods with new ones.
- enum:
- - Recreate
- - RollingUpdate
- type: string
- type: object
- environment:
- description: The configuration of Environment trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- containerMeta:
- description: Enables injection of `NAMESPACE` and `POD_NAME`
- environment variables (default `true`)
- type: boolean
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- httpProxy:
- description: Propagates the `HTTP_PROXY`, `HTTPS_PROXY` and
- `NO_PROXY` environment variables (default `true`)
- type: boolean
- vars:
- description: |-
- A list of environment variables to be added to the integration container.
- The syntax is KEY=VALUE, e.g., `MY_VAR="my value"`.
- These take precedence over the previously defined environment variables.
- items:
- type: string
- type: array
- type: object
- error-handler:
- description: The configuration of Error Handler trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- ref:
- description: The error handler ref name provided or found
- in application properties
- type: string
- type: object
- gc:
- description: The configuration of GC trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- discoveryCache:
- description: |-
- Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`).
- Deprecated: to be removed from trait configuration.
- enum:
- - disabled
- - disk
- - memory
- type: string
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- type: object
- health:
- description: The configuration of Health trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- livenessFailureThreshold:
- description: Minimum consecutive failures for the liveness
- probe to be considered failed after having succeeded.
- format: int32
- type: integer
- livenessInitialDelay:
- description: Number of seconds after the container has started
- before the liveness probe is initiated.
- format: int32
- type: integer
- livenessPeriod:
- description: How often to perform the liveness probe.
- format: int32
- type: integer
- livenessProbe:
- description: The liveness probe path to use (default provided
- by the Catalog runtime used).
- type: string
- livenessProbeEnabled:
- description: Configures the liveness probe for the integration
- container (default `false`).
- type: boolean
- livenessScheme:
- description: Scheme to use when connecting to the liveness
- probe (default `HTTP`).
- type: string
- livenessSuccessThreshold:
- description: Minimum consecutive successes for the liveness
- probe to be considered successful after having failed.
- format: int32
- type: integer
- livenessTimeout:
- description: Number of seconds after which the liveness probe
- times out.
- format: int32
- type: integer
- readinessFailureThreshold:
- description: Minimum consecutive failures for the readiness
- probe to be considered failed after having succeeded.
- format: int32
- type: integer
- readinessInitialDelay:
- description: Number of seconds after the container has started
- before the readiness probe is initiated.
- format: int32
- type: integer
- readinessPeriod:
- description: How often to perform the readiness probe.
- format: int32
- type: integer
- readinessProbe:
- description: The readiness probe path to use (default provided
- by the Catalog runtime used).
- type: string
- readinessProbeEnabled:
- description: Configures the readiness probe for the integration
- container (default `true`).
- type: boolean
- readinessScheme:
- description: Scheme to use when connecting to the readiness
- probe (default `HTTP`).
- type: string
- readinessSuccessThreshold:
- description: Minimum consecutive successes for the readiness
- probe to be considered successful after having failed.
- format: int32
- type: integer
- readinessTimeout:
- description: Number of seconds after which the readiness probe
- times out.
- format: int32
- type: integer
- startupFailureThreshold:
- description: Minimum consecutive failures for the startup
- probe to be considered failed after having succeeded.
- format: int32
- type: integer
- startupInitialDelay:
- description: Number of seconds after the container has started
- before the startup probe is initiated.
- format: int32
- type: integer
- startupPeriod:
- description: How often to perform the startup probe.
- format: int32
- type: integer
- startupProbe:
- description: The startup probe path to use (default provided
- by the Catalog runtime used).
- type: string
- startupProbeEnabled:
- description: Configures the startup probe for the integration
- container (default `false`).
- type: boolean
- startupScheme:
- description: Scheme to use when connecting to the startup
- probe (default `HTTP`).
- type: string
- startupSuccessThreshold:
- description: Minimum consecutive successes for the startup
- probe to be considered successful after having failed.
- format: int32
- type: integer
- startupTimeout:
- description: Number of seconds after which the startup probe
- times out.
- format: int32
- type: integer
- type: object
- ingress:
- description: The configuration of Ingress trait
- properties:
- annotations:
- additionalProperties:
- type: string
- description: |-
- The annotations added to the ingress.
- This can be used to set controller specific annotations, e.g., when using the NGINX Ingress controller:
- See https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md
- type: object
- auto:
- description: To automatically add an ingress whenever the
- integration uses an HTTP endpoint consumer.
- type: boolean
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- host:
- description: To configure the host exposed by the ingress.
- type: string
- path:
- description: To configure the path exposed by the ingress
- (default `/`).
- type: string
- pathType:
- description: |-
- To configure the path type exposed by the ingress.
- One of `Exact`, `Prefix`, `ImplementationSpecific` (default to `Prefix`).
- enum:
- - Exact
- - Prefix
- - ImplementationSpecific
- type: string
- tlsHosts:
- description: To configure tls hosts
- items:
- type: string
- type: array
- tlsSecretName:
- description: To configure tls secret name
- type: string
- type: object
- istio:
- description: The configuration of Istio trait
- properties:
- allow:
- description: Configures a (comma-separated) list of CIDR subnets
- that should not be intercepted by the Istio proxy (`10.0.0.0/8,172.16.0.0/12,192.168.0.0/16`
- by default).
- type: string
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- inject:
- description: Forces the value for labels `sidecar.istio.io/inject`.
- By default the label is set to `true` on deployment and
- not set on Knative Service.
- type: boolean
- type: object
- jolokia:
- description: The configuration of Jolokia trait
- properties:
- CACert:
- description: |-
- The PEM encoded CA certification file path, used to verify client certificates,
- applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`
- (default `/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt` for OpenShift).
- type: string
- clientPrincipal:
- description: |-
- The principal(s) which must be given in a client certificate to allow access to the Jolokia endpoint,
- applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`
- (default `clientPrincipal=cn=system:master-proxy`, `cn=hawtio-online.hawtio.svc` and `cn=fuse-console.fuse.svc` for OpenShift).
- items:
- type: string
- type: array
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- discoveryEnabled:
- description: Listen for multicast requests (default `false`)
- type: boolean
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- extendedClientCheck:
- description: |-
- Mandate the client certificate contains a client flag in the extended key usage section,
- applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`
- (default `true` for OpenShift).
- type: boolean
- host:
- description: |-
- The Host address to which the Jolokia agent should bind to. If `"\*"` or `"0.0.0.0"` is given,
- the servers binds to every network interface (default `"*"`).
- type: string
- options:
- description: |-
- A list of additional Jolokia options as defined
- in https://jolokia.org/reference/html/agents.html#agent-jvm-config[JVM agent configuration options]
- items:
- type: string
- type: array
- password:
- description: The password used for authentication, applicable
- when the `user` option is set.
- type: string
- port:
- description: The Jolokia endpoint port (default `8778`).
- type: integer
- protocol:
- description: The protocol to use, either `http` or `https`
- (default `https` for OpenShift)
- type: string
- useSSLClientAuthentication:
- description: Whether client certificates should be used for
- authentication (default `true` for OpenShift).
- type: boolean
- user:
- description: The user to be used for authentication
- type: string
- type: object
- jvm:
- description: The configuration of JVM trait
- properties:
- classpath:
- description: Additional JVM classpath (use `Linux` classpath
- separator)
- type: string
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- debug:
- description: Activates remote debugging, so that a debugger
- can be attached to the JVM, e.g., using port-forwarding
- type: boolean
- debugAddress:
- description: Transport address at which to listen for the
- newly launched JVM (default `*:5005`)
- type: string
- debugSuspend:
- description: Suspends the target JVM immediately before the
- main class is loaded
- type: boolean
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- jar:
- description: The Jar dependency which will run the application.
- Leave it empty for managed Integrations.
- type: string
- options:
- description: A list of JVM options
- items:
- type: string
- type: array
- printCommand:
- description: |-
- Prints the command used the start the JVM in the container logs (default `true`)
- Deprecated: no longer in use.
- type: boolean
- type: object
- kamelets:
- description: The configuration of Kamelets trait
- properties:
- auto:
- description: Automatically inject all referenced Kamelets
- and their default configuration (enabled by default)
- type: boolean
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- list:
- description: Comma separated list of Kamelet names to load
- into the current integration
- type: string
- mountPoint:
- description: The directory where the application mounts and
- reads Kamelet spec (default `/etc/camel/kamelets`)
- type: string
- type: object
- keda:
- description: 'Deprecated: for backward compatibility.'
- properties:
- configuration:
- description: TraitConfiguration parameters configuration
- type: object
- x-kubernetes-preserve-unknown-fields: true
- required:
- - configuration
- type: object
- knative:
- description: The configuration of Knative trait
- properties:
- auto:
- description: Enable automatic discovery of all trait properties.
- type: boolean
- channelSinks:
- description: |-
- List of channels used as destination of integration routes.
- Can contain simple channel names or full Camel URIs.
- items:
- type: string
- type: array
- channelSources:
- description: |-
- List of channels used as source of integration routes.
- Can contain simple channel names or full Camel URIs.
- items:
- type: string
- type: array
- config:
- description: Can be used to inject a Knative complete configuration
- in JSON format.
- type: string
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- endpointSinks:
- description: |-
- List of endpoints used as destination of integration routes.
- Can contain simple endpoint names or full Camel URIs.
- items:
- type: string
- type: array
- endpointSources:
- description: List of channels used as source of integration
- routes.
- items:
- type: string
- type: array
- eventSinks:
- description: |-
- List of event types that the integration will produce.
- Can contain simple event types or full Camel URIs (to use a specific broker).
- items:
- type: string
- type: array
- eventSources:
- description: |-
- List of event types that the integration will be subscribed to.
- Can contain simple event types or full Camel URIs (to use a specific broker different from "default").
- items:
- type: string
- type: array
- filterEventType:
- description: |-
- Enables the default filtering for the Knative trigger using the event type
- If this is true, the created Knative trigger uses the event type as a filter on the event stream when no other filter criteria is given. (default: true)
- type: boolean
- filterSourceChannels:
- description: |-
- Enables filtering on events based on the header "ce-knativehistory". Since this header has been removed in newer versions of
- Knative, filtering is disabled by default.
- type: boolean
- filters:
- description: |-
- Sets filter attributes on the event stream (such as event type, source, subject and so on).
- A list of key-value pairs that represent filter attributes and its values.
- The syntax is KEY=VALUE, e.g., `source="my.source"`.
- Filter attributes get set on the Knative trigger that is being created as part of this integration.
- items:
- type: string
- type: array
- namespaceLabel:
- description: |-
- Enables the camel-k-operator to set the "bindings.knative.dev/include=true" label to the namespace
- As Knative requires this label to perform injection of K_SINK URL into the service.
- If this is false, the integration pod may start and fail, read the SinkBinding Knative documentation. (default: true)
- type: boolean
- sinkBinding:
- description: |-
- Allows binding the integration to a sink via a Knative SinkBinding resource.
- This can be used when the integration targets a single sink.
- It's enabled by default when the integration targets a single sink
- (except when the integration is owned by a Knative source).
- type: boolean
- type: object
- knative-service:
- description: The configuration of Knative Service trait
- properties:
- annotations:
- additionalProperties:
- type: string
- description: |-
- The annotations added to route.
- This can be used to set knative service specific annotations
- CLI usage example: -t "knative-service.annotations.'haproxy.router.openshift.io/balance'=true"
- type: object
- auto:
- description: |-
- Automatically deploy the integration as Knative service when all conditions hold:
-
-
- * Integration is using the Knative profile
- * All routes are either starting from an HTTP based consumer or a passive consumer (e.g. `direct` is a passive consumer)
- type: boolean
- autoscalingMetric:
- description: |-
- Configures the Knative autoscaling metric property (e.g. to set `concurrency` based or `cpu` based autoscaling).
-
-
- Refer to the Knative documentation for more information.
- type: string
- autoscalingTarget:
- description: |-
- Sets the allowed concurrency level or CPU percentage (depending on the autoscaling metric) for each Pod.
-
-
- Refer to the Knative documentation for more information.
- type: integer
- class:
- description: |-
- Configures the Knative autoscaling class property (e.g. to set `hpa.autoscaling.knative.dev` or `kpa.autoscaling.knative.dev` autoscaling).
-
-
- Refer to the Knative documentation for more information.
- enum:
- - kpa.autoscaling.knative.dev
- - hpa.autoscaling.knative.dev
- type: string
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- maxScale:
- description: |-
- An upper bound for the number of Pods that can be running in parallel for the integration.
- Knative has its own cap value that depends on the installation.
-
-
- Refer to the Knative documentation for more information.
- type: integer
- minScale:
- description: |-
- The minimum number of Pods that should be running at any time for the integration. It's **zero** by default, meaning that
- the integration is scaled down to zero when not used for a configured amount of time.
-
-
- Refer to the Knative documentation for more information.
- type: integer
- rolloutDuration:
- description: |-
- Enables to gradually shift traffic to the latest Revision and sets the rollout duration.
- It's disabled by default and must be expressed as a Golang `time.Duration` string representation,
- rounded to a second precision.
- type: string
- timeoutSeconds:
- description: |-
- The maximum duration in seconds that the request instance is allowed to respond to a request.
- This field propagates to the integration pod's terminationGracePeriodSeconds
-
-
- Refer to the Knative documentation for more information.
- format: int64
- type: integer
- visibility:
- description: |-
- Setting `cluster-local`, Knative service becomes a private service.
- Specifically, this option applies the `networking.knative.dev/visibility` label to Knative service.
-
-
- Refer to the Knative documentation for more information.
- enum:
- - cluster-local
- type: string
- type: object
- logging:
- description: The configuration of Logging trait
- properties:
- color:
- description: Colorize the log output
- type: boolean
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- format:
- description: Logs message format
- type: string
- json:
- description: Output the logs in JSON
- type: boolean
- jsonPrettyPrint:
- description: Enable "pretty printing" of the JSON logs
- type: boolean
- level:
- description: Adjust the logging level (defaults to `INFO`)
- enum:
- - FATAL
- - WARN
- - INFO
- - DEBUG
- - TRACE
- type: string
- type: object
- master:
- description: 'Deprecated: for backward compatibility.'
- properties:
- configuration:
- description: TraitConfiguration parameters configuration
- type: object
- x-kubernetes-preserve-unknown-fields: true
- required:
- - configuration
- type: object
- mount:
- description: The configuration of Mount trait
- properties:
- configs:
- description: |-
- A list of configuration pointing to configmap/secret.
- The configuration are expected to be UTF-8 resources as they are processed by runtime Camel Context and tried to be parsed as property files.
- They are also made available on the classpath in order to ease their usage directly from the Route.
- Syntax: [configmap|secret]:name[/key], where name represents the resource name and key optionally represents the resource key to be filtered
- items:
- type: string
- type: array
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- emptyDirs:
- description: 'A list of EmptyDir volumes to be mounted. Syntax:
- [name:/container/path]'
- items:
- type: string
- type: array
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- hotReload:
- description: |-
- Enable "hot reload" when a secret/configmap mounted is edited (default `false`). The configmap/secret must be
- marked with `camel.apache.org/integration` label to be taken in account. The resource will be watched for any kind change, also for
- changes in metadata.
- type: boolean
- resources:
- description: |-
- A list of resources (text or binary content) pointing to configmap/secret.
- The resources are expected to be any resource type (text or binary content).
- The destination path can be either a default location or any path specified by the user.
- Syntax: [configmap|secret]:name[/key][@path], where name represents the resource name, key optionally represents the resource key to be filtered and path represents the destination path
- items:
- type: string
- type: array
- scanKameletsImplicitLabelSecrets:
- description: |-
- Deprecated: include your properties in an explicit property file backed by a secret.
- Let the operator to scan for secret labeled with `camel.apache.org/kamelet` and `camel.apache.org/kamelet.configuration`.
- These secrets are mounted to the application and treated as plain properties file with their key/value list
- (ie .spec.data["camel.my-property"] = my-value) (default `true`).
- type: boolean
- volumes:
- description: 'A list of Persistent Volume Claims to be mounted.
- Syntax: [pvcname:/container/path]'
- items:
- type: string
- type: array
- type: object
- openapi:
- description: The configuration of OpenAPI trait
- properties:
- configmaps:
- description: The configmaps holding the spec of the OpenAPI
- (compatible with > 3.0 spec only).
- items:
- type: string
- type: array
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- type: object
- owner:
- description: The configuration of Owner trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- targetAnnotations:
- description: The set of annotations to be transferred
- items:
- type: string
- type: array
- targetLabels:
- description: The set of labels to be transferred
- items:
- type: string
- type: array
- type: object
- pdb:
- description: The configuration of PDB trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- maxUnavailable:
- description: |-
- The number of pods for the Integration that can be unavailable after an eviction.
- It can be either an absolute number or a percentage (default `1` if `min-available` is also not set).
- Only one of `max-unavailable` and `min-available` can be specified.
- type: string
- minAvailable:
- description: |-
- The number of pods for the Integration that must still be available after an eviction.
- It can be either an absolute number or a percentage.
- Only one of `min-available` and `max-unavailable` can be specified.
- type: string
- type: object
- platform:
- description: The configuration of Platform trait
- properties:
- auto:
- description: |-
- To automatically detect from the environment if a default platform can be created (it will be created on OpenShift or when a registry address is set).
- Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility
- type: boolean
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- createDefault:
- description: |-
- To create a default (empty) platform when the platform is missing.
- Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility
- type: boolean
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- global:
- description: |-
- Indicates if the platform should be created globally in the case of global operator (default true).
- Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility
- type: boolean
- type: object
- pod:
- description: The configuration of Pod trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- type: object
- prometheus:
- description: The configuration of Prometheus trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- podMonitor:
- description: Whether a `PodMonitor` resource is created (default
- `true`).
- type: boolean
- podMonitorLabels:
- description: The `PodMonitor` resource labels, applicable
- when `pod-monitor` is `true`.
- items:
- type: string
- type: array
- type: object
- pull-secret:
- description: The configuration of Pull Secret trait
- properties:
- auto:
- description: Automatically configures the platform registry
- secret on the pod if it is of type `kubernetes.io/dockerconfigjson`.
- type: boolean
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- imagePullerDelegation:
- description: When using a global operator with a shared platform,
- this enables delegation of the `system:image-puller` cluster
- role on the operator namespace to the integration service
- account.
- type: boolean
- secretName:
- description: The pull secret name to set on the Pod. If left
- empty this is automatically taken from the `IntegrationPlatform`
- registry configuration.
- type: string
- type: object
- quarkus:
- description: The configuration of Quarkus trait
- properties:
- buildMode:
- description: |-
- The Quarkus mode to run: either `jvm` or `native` (default `jvm`).
- In case both `jvm` and `native` are specified, two `IntegrationKit` resources are created,
- with the `native` kit having precedence over the `jvm` one once ready.
- items:
- description: QuarkusMode is the type of Quarkus build packaging.
- enum:
- - jvm
- - native
- type: string
- type: array
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- nativeBaseImage:
- description: The base image to use when running a native build
- (default `quay.io/quarkus/quarkus-micro-image:2.0`)
- type: string
- nativeBuilderImage:
- description: The image containing the tooling required for
- a native build (by default it will use the one provided
- in the runtime catalog)
- type: string
- packageTypes:
- description: |-
- The Quarkus package types, `fast-jar` or `native` (default `fast-jar`).
- In case both `fast-jar` and `native` are specified, two `IntegrationKit` resources are created,
- with the native kit having precedence over the `fast-jar` one once ready.
- The order influences the resolution of the current kit for the integration.
- The kit corresponding to the first package type will be assigned to the
- integration in case no existing kit that matches the integration exists.
- Deprecated: use `build-mode` instead.
- items:
- description: |-
- QuarkusPackageType is the type of Quarkus build packaging.
- Deprecated: use `QuarkusMode` instead.
- enum:
- - fast-jar
- - native
- type: string
- type: array
- type: object
- registry:
- description: |-
- The configuration of Registry trait (support removed since version 2.5.0).
- Deprecated: use jvm trait or read documentation.
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- type: object
- route:
- description: The configuration of Route trait
- properties:
- annotations:
- additionalProperties:
- type: string
- description: |-
- The annotations added to route.
- This can be used to set route specific annotations
- For annotations options see https://docs.openshift.com/container-platform/3.11/architecture/networking/routes.html#route-specific-annotations
- CLI usage example: -t "route.annotations.'haproxy.router.openshift.io/balance'=true"
- type: object
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- host:
- description: To configure the host exposed by the route.
- type: string
- tlsCACertificate:
- description: |-
- The TLS CA certificate contents.
-
-
- Refer to the OpenShift route documentation for additional information.
- type: string
- tlsCACertificateSecret:
- description: |-
- The secret name and key reference to the TLS CA certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
-
-
- Refer to the OpenShift route documentation for additional information.
- type: string
- tlsCertificate:
- description: |-
- The TLS certificate contents.
-
-
- Refer to the OpenShift route documentation for additional information.
- type: string
- tlsCertificateSecret:
- description: |-
- The secret name and key reference to the TLS certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
-
-
- Refer to the OpenShift route documentation for additional information.
- type: string
- tlsDestinationCACertificate:
- description: |-
- The destination CA certificate provides the contents of the ca certificate of the final destination. When using reencrypt
- termination this file should be provided in order to have routers use it for health checks on the secure connection.
- If this field is not specified, the router may provide its own destination CA and perform hostname validation using
- the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically
- verify.
-
-
- Refer to the OpenShift route documentation for additional information.
- type: string
- tlsDestinationCACertificateSecret:
- description: |-
- The secret name and key reference to the destination CA certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
-
-
- Refer to the OpenShift route documentation for additional information.
- type: string
- tlsInsecureEdgeTerminationPolicy:
- description: |-
- To configure how to deal with insecure traffic, e.g. `Allow`, `Disable` or `Redirect` traffic.
-
-
- Refer to the OpenShift route documentation for additional information.
- enum:
- - None
- - Allow
- - Redirect
- type: string
- tlsKey:
- description: |-
- The TLS certificate key contents.
-
-
- Refer to the OpenShift route documentation for additional information.
- type: string
- tlsKeySecret:
- description: |-
- The secret name and key reference to the TLS certificate key. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
-
-
- Refer to the OpenShift route documentation for additional information.
- type: string
- tlsTermination:
- description: |-
- The TLS termination type, like `edge`, `passthrough` or `reencrypt`.
-
-
- Refer to the OpenShift route documentation for additional information.
- enum:
- - edge
- - reencrypt
- - passthrough
- type: string
- type: object
- security-context:
- description: The configuration of Security Context trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- runAsNonRoot:
- description: Security Context RunAsNonRoot configuration (default
- false).
- type: boolean
- runAsUser:
- description: 'Security Context RunAsUser configuration (default
- none): this value is automatically retrieved in Openshift
- clusters when not explicitly set.'
- format: int64
- type: integer
- seccompProfileType:
- description: Security Context SeccompProfileType configuration
- (default RuntimeDefault).
- enum:
- - Unconfined
- - RuntimeDefault
- type: string
- type: object
- service:
- description: The configuration of Service trait
- properties:
- auto:
- description: To automatically detect from the code if a Service
- needs to be created.
- type: boolean
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- nodePort:
- description: |-
- Enable Service to be exposed as NodePort (default `false`).
- Deprecated: Use service type instead.
- type: boolean
- type:
- description: The type of service to be used, either 'ClusterIP',
- 'NodePort' or 'LoadBalancer'.
- enum:
- - ClusterIP
- - NodePort
- - LoadBalancer
- type: string
- type: object
- service-binding:
- description: The configuration of Service Binding trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- services:
- description: List of Services in the form [[apigroup/]version:]kind:[namespace/]name
- items:
- type: string
- type: array
- type: object
- strimzi:
- description: 'Deprecated: for backward compatibility.'
- properties:
- configuration:
- description: TraitConfiguration parameters configuration
- type: object
- x-kubernetes-preserve-unknown-fields: true
- required:
- - configuration
- type: object
- toleration:
- description: The configuration of Toleration trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- taints:
- description: The list of taints to tolerate, in the form `Key[=Value]:Effect[:Seconds]`
- items:
- type: string
- type: array
- type: object
- tracing:
- description: 'Deprecated: for backward compatibility.'
- properties:
- configuration:
- description: TraitConfiguration parameters configuration
- type: object
- x-kubernetes-preserve-unknown-fields: true
- required:
- - configuration
- type: object
- type: object
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
diff --git a/helm/camel-k/crds/crd-integration.yaml b/helm/camel-k/crds/crd-integration.yaml
deleted file mode 100644
index 7f99d90d69..0000000000
--- a/helm/camel-k/crds/crd-integration.yaml
+++ /dev/null
@@ -1,8318 +0,0 @@
-# ---------------------------------------------------------------------------
-# Licensed to the Apache Software Foundation (ASF) under one or more
-# contributor license agreements. See the NOTICE file distributed with
-# this work for additional information regarding copyright ownership.
-# The ASF licenses this file to You under the Apache License, Version 2.0
-# (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-# ---------------------------------------------------------------------------
-
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.15.0
- name: integrations.camel.apache.org
-spec:
- group: camel.apache.org
- names:
- categories:
- - kamel
- - camel
- kind: Integration
- listKind: IntegrationList
- plural: integrations
- shortNames:
- - it
- singular: integration
- scope: Namespaced
- versions:
- - additionalPrinterColumns:
- - description: The integration phase
- jsonPath: .status.phase
- name: Phase
- type: string
- - description: The integration readiness
- jsonPath: .status.conditions[?(@.type=="Ready")].status
- name: Ready
- type: string
- - description: The runtime version
- jsonPath: .status.runtimeProvider
- name: Runtime Provider
- type: string
- - description: The runtime provider
- jsonPath: .status.runtimeVersion
- name: Runtime Version
- type: string
- - description: The integration kit
- jsonPath: .status.integrationKit.name
- name: Kit
- type: string
- - description: The number of pods
- jsonPath: .status.replicas
- name: Replicas
- type: integer
- name: v1
- schema:
- openAPIV3Schema:
- description: Integration is the Schema for the integrations API.
- properties:
- apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
- type: string
- kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
- type: string
- metadata:
- type: object
- spec:
- description: the desired Integration specification
- properties:
- configuration:
- description: |-
- Deprecated:
- Use camel trait (camel.properties) to manage properties
- Use mount trait (mount.configs) to manage configs
- Use mount trait (mount.resources) to manage resources
- Use mount trait (mount.volumes) to manage volumes
- items:
- description: ConfigurationSpec represents a generic configuration
- specification.
- properties:
- type:
- description: 'represents the type of configuration, ie: property,
- configmap, secret, ...'
- type: string
- value:
- description: the value to assign to the configuration (syntax
- may vary depending on the `Type`)
- type: string
- required:
- - type
- - value
- type: object
- type: array
- dependencies:
- description: the list of Camel or Maven dependencies required by the
- Integration
- items:
- type: string
- type: array
- flows:
- description: a source in YAML DSL language which contain the routes
- to run
- items:
- description: Flow is an unstructured object representing a Camel
- Flow in YAML/JSON DSL.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- type: array
- integrationKit:
- description: the reference of the `IntegrationKit` which is used for
- this Integration
- properties:
- apiVersion:
- description: API version of the referent.
- type: string
- fieldPath:
- description: |-
- If referring to a piece of an object instead of an entire object, this string
- should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
- For example, if the object reference is to a container within a pod, this would take on a value like:
- "spec.containers{name}" (where "name" refers to the name of the container that triggered
- the event) or if no container name is specified "spec.containers[2]" (container with
- index 2 in this pod). This syntax is chosen only to have some well-defined way of
- referencing a part of an object.
- TODO: this design is not final and this field is subject to change in the future.
- type: string
- kind:
- description: |-
- Kind of the referent.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
- type: string
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- type: string
- namespace:
- description: |-
- Namespace of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
- type: string
- resourceVersion:
- description: |-
- Specific resourceVersion to which this reference is made, if any.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
- type: string
- uid:
- description: |-
- UID of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
- type: string
- type: object
- x-kubernetes-map-type: atomic
- profile:
- description: the profile needed to run this Integration
- type: string
- replicas:
- description: the number of `Pods` needed for the running Integration
- format: int32
- type: integer
- repositories:
- description: additional Maven repositories to be used
- items:
- type: string
- type: array
- serviceAccountName:
- description: custom SA to use for the Integration
- type: string
- sources:
- description: the sources which contain the Camel routes to run
- items:
- description: SourceSpec defines the configuration for one or more
- routes to be executed in a certain Camel DSL language.
- properties:
- compression:
- description: if the content is compressed (base64 encrypted)
- type: boolean
- content:
- description: the source code (plain text)
- type: string
- contentKey:
- description: the confimap key holding the source content
- type: string
- contentRef:
- description: the confimap reference holding the source content
- type: string
- contentType:
- description: the content type (tipically text or binary)
- type: string
- from-kamelet:
- description: True if the spec is generated from a Kamelet
- type: boolean
- interceptors:
- description: |-
- Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader
- uses to pre/post process sources
- items:
- type: string
- type: array
- language:
- description: specify which is the language (Camel DSL) used
- to interpret this source code
- type: string
- loader:
- description: |-
- Loader is an optional id of the org.apache.camel.k.RoutesLoader that will
- interpret this source at runtime
- type: string
- name:
- description: the name of the specification
- type: string
- path:
- description: the path where the file is stored
- type: string
- property-names:
- description: List of property names defined in the source (e.g.
- if type is "template")
- items:
- type: string
- type: array
- rawContent:
- description: the source code (binary)
- format: byte
- type: string
- type:
- description: Type defines the kind of source described by this
- object
- type: string
- type: object
- type: array
- template:
- description: Pod template customization
- properties:
- spec:
- description: the specification
- properties:
- activeDeadlineSeconds:
- description: ActiveDeadlineSeconds
- format: int64
- type: integer
- automountServiceAccountToken:
- description: AutomountServiceAccountToken
- type: boolean
- containers:
- description: Containers
- items:
- description: A single application container that you want
- to run within a pod.
- properties:
- args:
- description: |-
- Arguments to the entrypoint.
- The container image's CMD is used if this is not provided.
- Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
- cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced
- to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
- produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless
- of whether the variable exists or not. Cannot be updated.
- More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
- items:
- type: string
- type: array
- command:
- description: |-
- Entrypoint array. Not executed within a shell.
- The container image's ENTRYPOINT is used if this is not provided.
- Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
- cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced
- to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
- produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless
- of whether the variable exists or not. Cannot be updated.
- More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
- items:
- type: string
- type: array
- env:
- description: |-
- List of environment variables to set in the container.
- Cannot be updated.
- items:
- description: EnvVar represents an environment variable
- present in a Container.
- properties:
- name:
- description: Name of the environment variable.
- Must be a C_IDENTIFIER.
- type: string
- value:
- description: |-
- Variable references $(VAR_NAME) are expanded
- using the previously defined environment variables in the container and
- any service environment variables. If a variable cannot be resolved,
- the reference in the input string will be unchanged. Double $$ are reduced
- to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.
- "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)".
- Escaped references will never be expanded, regardless of whether the variable
- exists or not.
- Defaults to "".
- type: string
- valueFrom:
- description: Source for the environment variable's
- value. Cannot be used if value is not empty.
- properties:
- configMapKeyRef:
- description: Selects a key of a ConfigMap.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the ConfigMap
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- fieldRef:
- description: |-
- Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,
- spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.
- properties:
- apiVersion:
- description: Version of the schema the
- FieldPath is written in terms of, defaults
- to "v1".
- type: string
- fieldPath:
- description: Path of the field to select
- in the specified API version.
- type: string
- required:
- - fieldPath
- type: object
- x-kubernetes-map-type: atomic
- resourceFieldRef:
- description: |-
- Selects a resource of the container: only resources limits and requests
- (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.
- properties:
- containerName:
- description: 'Container name: required
- for volumes, optional for env vars'
- type: string
- divisor:
- anyOf:
- - type: integer
- - type: string
- description: Specifies the output format
- of the exposed resources, defaults to
- "1"
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- resource:
- description: 'Required: resource to select'
- type: string
- required:
- - resource
- type: object
- x-kubernetes-map-type: atomic
- secretKeyRef:
- description: Selects a key of a secret in
- the pod's namespace
- properties:
- key:
- description: The key of the secret to
- select from. Must be a valid secret
- key.
- type: string
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the Secret
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- required:
- - name
- type: object
- type: array
- envFrom:
- description: |-
- List of sources to populate environment variables in the container.
- The keys defined within a source must be a C_IDENTIFIER. All invalid keys
- will be reported as an event when the container is starting. When a key exists in multiple
- sources, the value associated with the last source will take precedence.
- Values defined by an Env with a duplicate key will take precedence.
- Cannot be updated.
- items:
- description: EnvFromSource represents the source of
- a set of ConfigMaps
- properties:
- configMapRef:
- description: The ConfigMap to select from
- properties:
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the ConfigMap
- must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- prefix:
- description: An optional identifier to prepend
- to each key in the ConfigMap. Must be a C_IDENTIFIER.
- type: string
- secretRef:
- description: The Secret to select from
- properties:
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the Secret must
- be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- type: object
- type: array
- image:
- description: |-
- Container image name.
- More info: https://kubernetes.io/docs/concepts/containers/images
- This field is optional to allow higher level config management to default or override
- container images in workload controllers like Deployments and StatefulSets.
- type: string
- imagePullPolicy:
- description: |-
- Image pull policy.
- One of Always, Never, IfNotPresent.
- Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
- Cannot be updated.
- More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
- type: string
- lifecycle:
- description: |-
- Actions that the management system should take in response to container lifecycle events.
- Cannot be updated.
- properties:
- postStart:
- description: |-
- PostStart is called immediately after a container is created. If the handler fails,
- the container is terminated and restarted according to its restart policy.
- Other management of the container blocks until the hook completes.
- More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
- properties:
- exec:
- description: Exec specifies the action to take.
- properties:
- command:
- description: |-
- Command is the command line to execute inside the container, the working directory for the
- command is root ('/') in the container's filesystem. The command is simply exec'd, it is
- not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
- a shell, you need to explicitly call out to that shell.
- Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
- items:
- type: string
- type: array
- type: object
- httpGet:
- description: HTTPGet specifies the http request
- to perform.
- properties:
- host:
- description: |-
- Host name to connect to, defaults to the pod IP. You probably want to set
- "Host" in httpHeaders instead.
- type: string
- httpHeaders:
- description: Custom headers to set in the
- request. HTTP allows repeated headers.
- items:
- description: HTTPHeader describes a custom
- header to be used in HTTP probes
- properties:
- name:
- description: |-
- The header field name.
- This will be canonicalized upon output, so case-variant names will be understood as the same header.
- type: string
- value:
- description: The header field value
- type: string
- required:
- - name
- - value
- type: object
- type: array
- path:
- description: Path to access on the HTTP
- server.
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: |-
- Name or number of the port to access on the container.
- Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- scheme:
- description: |-
- Scheme to use for connecting to the host.
- Defaults to HTTP.
- type: string
- required:
- - port
- type: object
- sleep:
- description: Sleep represents the duration that
- the container should sleep before being terminated.
- properties:
- seconds:
- description: Seconds is the number of seconds
- to sleep.
- format: int64
- type: integer
- required:
- - seconds
- type: object
- tcpSocket:
- description: |-
- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept
- for the backward compatibility. There are no validation of this field and
- lifecycle hooks will fail in runtime when tcp handler is specified.
- properties:
- host:
- description: 'Optional: Host name to connect
- to, defaults to the pod IP.'
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: |-
- Number or name of the port to access on the container.
- Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- required:
- - port
- type: object
- type: object
- preStop:
- description: |-
- PreStop is called immediately before a container is terminated due to an
- API request or management event such as liveness/startup probe failure,
- preemption, resource contention, etc. The handler is not called if the
- container crashes or exits. The Pod's termination grace period countdown begins before the
- PreStop hook is executed. Regardless of the outcome of the handler, the
- container will eventually terminate within the Pod's termination grace
- period (unless delayed by finalizers). Other management of the container blocks until the hook completes
- or until the termination grace period is reached.
- More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
- properties:
- exec:
- description: Exec specifies the action to take.
- properties:
- command:
- description: |-
- Command is the command line to execute inside the container, the working directory for the
- command is root ('/') in the container's filesystem. The command is simply exec'd, it is
- not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
- a shell, you need to explicitly call out to that shell.
- Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
- items:
- type: string
- type: array
- type: object
- httpGet:
- description: HTTPGet specifies the http request
- to perform.
- properties:
- host:
- description: |-
- Host name to connect to, defaults to the pod IP. You probably want to set
- "Host" in httpHeaders instead.
- type: string
- httpHeaders:
- description: Custom headers to set in the
- request. HTTP allows repeated headers.
- items:
- description: HTTPHeader describes a custom
- header to be used in HTTP probes
- properties:
- name:
- description: |-
- The header field name.
- This will be canonicalized upon output, so case-variant names will be understood as the same header.
- type: string
- value:
- description: The header field value
- type: string
- required:
- - name
- - value
- type: object
- type: array
- path:
- description: Path to access on the HTTP
- server.
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: |-
- Name or number of the port to access on the container.
- Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- scheme:
- description: |-
- Scheme to use for connecting to the host.
- Defaults to HTTP.
- type: string
- required:
- - port
- type: object
- sleep:
- description: Sleep represents the duration that
- the container should sleep before being terminated.
- properties:
- seconds:
- description: Seconds is the number of seconds
- to sleep.
- format: int64
- type: integer
- required:
- - seconds
- type: object
- tcpSocket:
- description: |-
- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept
- for the backward compatibility. There are no validation of this field and
- lifecycle hooks will fail in runtime when tcp handler is specified.
- properties:
- host:
- description: 'Optional: Host name to connect
- to, defaults to the pod IP.'
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: |-
- Number or name of the port to access on the container.
- Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- required:
- - port
- type: object
- type: object
- type: object
- livenessProbe:
- description: |-
- Periodic probe of container liveness.
- Container will be restarted if the probe fails.
- Cannot be updated.
- More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
- properties:
- exec:
- description: Exec specifies the action to take.
- properties:
- command:
- description: |-
- Command is the command line to execute inside the container, the working directory for the
- command is root ('/') in the container's filesystem. The command is simply exec'd, it is
- not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
- a shell, you need to explicitly call out to that shell.
- Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
- items:
- type: string
- type: array
- type: object
- failureThreshold:
- description: |-
- Minimum consecutive failures for the probe to be considered failed after having succeeded.
- Defaults to 3. Minimum value is 1.
- format: int32
- type: integer
- grpc:
- description: GRPC specifies an action involving
- a GRPC port.
- properties:
- port:
- description: Port number of the gRPC service.
- Number must be in the range 1 to 65535.
- format: int32
- type: integer
- service:
- description: |-
- Service is the name of the service to place in the gRPC HealthCheckRequest
- (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
-
-
- If this is not specified, the default behavior is defined by gRPC.
- type: string
- required:
- - port
- type: object
- httpGet:
- description: HTTPGet specifies the http request
- to perform.
- properties:
- host:
- description: |-
- Host name to connect to, defaults to the pod IP. You probably want to set
- "Host" in httpHeaders instead.
- type: string
- httpHeaders:
- description: Custom headers to set in the request.
- HTTP allows repeated headers.
- items:
- description: HTTPHeader describes a custom
- header to be used in HTTP probes
- properties:
- name:
- description: |-
- The header field name.
- This will be canonicalized upon output, so case-variant names will be understood as the same header.
- type: string
- value:
- description: The header field value
- type: string
- required:
- - name
- - value
- type: object
- type: array
- path:
- description: Path to access on the HTTP server.
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: |-
- Name or number of the port to access on the container.
- Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- scheme:
- description: |-
- Scheme to use for connecting to the host.
- Defaults to HTTP.
- type: string
- required:
- - port
- type: object
- initialDelaySeconds:
- description: |-
- Number of seconds after the container has started before liveness probes are initiated.
- More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
- format: int32
- type: integer
- periodSeconds:
- description: |-
- How often (in seconds) to perform the probe.
- Default to 10 seconds. Minimum value is 1.
- format: int32
- type: integer
- successThreshold:
- description: |-
- Minimum consecutive successes for the probe to be considered successful after having failed.
- Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
- format: int32
- type: integer
- tcpSocket:
- description: TCPSocket specifies an action involving
- a TCP port.
- properties:
- host:
- description: 'Optional: Host name to connect
- to, defaults to the pod IP.'
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: |-
- Number or name of the port to access on the container.
- Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- required:
- - port
- type: object
- terminationGracePeriodSeconds:
- description: |-
- Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
- The grace period is the duration in seconds after the processes running in the pod are sent
- a termination signal and the time when the processes are forcibly halted with a kill signal.
- Set this value longer than the expected cleanup time for your process.
- If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
- value overrides the value provided by the pod spec.
- Value must be non-negative integer. The value zero indicates stop immediately via
- the kill signal (no opportunity to shut down).
- This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
- Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
- format: int64
- type: integer
- timeoutSeconds:
- description: |-
- Number of seconds after which the probe times out.
- Defaults to 1 second. Minimum value is 1.
- More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
- format: int32
- type: integer
- type: object
- name:
- description: |-
- Name of the container specified as a DNS_LABEL.
- Each container in a pod must have a unique name (DNS_LABEL).
- Cannot be updated.
- type: string
- ports:
- description: |-
- List of ports to expose from the container. Not specifying a port here
- DOES NOT prevent that port from being exposed. Any port which is
- listening on the default "0.0.0.0" address inside a container will be
- accessible from the network.
- Modifying this array with strategic merge patch may corrupt the data.
- For more information See https://github.com/kubernetes/kubernetes/issues/108255.
- Cannot be updated.
- items:
- description: ContainerPort represents a network port
- in a single container.
- properties:
- containerPort:
- description: |-
- Number of port to expose on the pod's IP address.
- This must be a valid port number, 0 < x < 65536.
- format: int32
- type: integer
- hostIP:
- description: What host IP to bind the external
- port to.
- type: string
- hostPort:
- description: |-
- Number of port to expose on the host.
- If specified, this must be a valid port number, 0 < x < 65536.
- If HostNetwork is specified, this must match ContainerPort.
- Most containers do not need this.
- format: int32
- type: integer
- name:
- description: |-
- If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
- named port in a pod must have a unique name. Name for the port that can be
- referred to by services.
- type: string
- protocol:
- default: TCP
- description: |-
- Protocol for port. Must be UDP, TCP, or SCTP.
- Defaults to "TCP".
- type: string
- required:
- - containerPort
- type: object
- type: array
- x-kubernetes-list-map-keys:
- - containerPort
- - protocol
- x-kubernetes-list-type: map
- readinessProbe:
- description: |-
- Periodic probe of container service readiness.
- Container will be removed from service endpoints if the probe fails.
- Cannot be updated.
- More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
- properties:
- exec:
- description: Exec specifies the action to take.
- properties:
- command:
- description: |-
- Command is the command line to execute inside the container, the working directory for the
- command is root ('/') in the container's filesystem. The command is simply exec'd, it is
- not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
- a shell, you need to explicitly call out to that shell.
- Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
- items:
- type: string
- type: array
- type: object
- failureThreshold:
- description: |-
- Minimum consecutive failures for the probe to be considered failed after having succeeded.
- Defaults to 3. Minimum value is 1.
- format: int32
- type: integer
- grpc:
- description: GRPC specifies an action involving
- a GRPC port.
- properties:
- port:
- description: Port number of the gRPC service.
- Number must be in the range 1 to 65535.
- format: int32
- type: integer
- service:
- description: |-
- Service is the name of the service to place in the gRPC HealthCheckRequest
- (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
-
-
- If this is not specified, the default behavior is defined by gRPC.
- type: string
- required:
- - port
- type: object
- httpGet:
- description: HTTPGet specifies the http request
- to perform.
- properties:
- host:
- description: |-
- Host name to connect to, defaults to the pod IP. You probably want to set
- "Host" in httpHeaders instead.
- type: string
- httpHeaders:
- description: Custom headers to set in the request.
- HTTP allows repeated headers.
- items:
- description: HTTPHeader describes a custom
- header to be used in HTTP probes
- properties:
- name:
- description: |-
- The header field name.
- This will be canonicalized upon output, so case-variant names will be understood as the same header.
- type: string
- value:
- description: The header field value
- type: string
- required:
- - name
- - value
- type: object
- type: array
- path:
- description: Path to access on the HTTP server.
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: |-
- Name or number of the port to access on the container.
- Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- scheme:
- description: |-
- Scheme to use for connecting to the host.
- Defaults to HTTP.
- type: string
- required:
- - port
- type: object
- initialDelaySeconds:
- description: |-
- Number of seconds after the container has started before liveness probes are initiated.
- More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
- format: int32
- type: integer
- periodSeconds:
- description: |-
- How often (in seconds) to perform the probe.
- Default to 10 seconds. Minimum value is 1.
- format: int32
- type: integer
- successThreshold:
- description: |-
- Minimum consecutive successes for the probe to be considered successful after having failed.
- Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
- format: int32
- type: integer
- tcpSocket:
- description: TCPSocket specifies an action involving
- a TCP port.
- properties:
- host:
- description: 'Optional: Host name to connect
- to, defaults to the pod IP.'
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: |-
- Number or name of the port to access on the container.
- Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- required:
- - port
- type: object
- terminationGracePeriodSeconds:
- description: |-
- Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
- The grace period is the duration in seconds after the processes running in the pod are sent
- a termination signal and the time when the processes are forcibly halted with a kill signal.
- Set this value longer than the expected cleanup time for your process.
- If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
- value overrides the value provided by the pod spec.
- Value must be non-negative integer. The value zero indicates stop immediately via
- the kill signal (no opportunity to shut down).
- This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
- Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
- format: int64
- type: integer
- timeoutSeconds:
- description: |-
- Number of seconds after which the probe times out.
- Defaults to 1 second. Minimum value is 1.
- More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
- format: int32
- type: integer
- type: object
- resizePolicy:
- description: Resources resize policy for the container.
- items:
- description: ContainerResizePolicy represents resource
- resize policy for the container.
- properties:
- resourceName:
- description: |-
- Name of the resource to which this resource resize policy applies.
- Supported values: cpu, memory.
- type: string
- restartPolicy:
- description: |-
- Restart policy to apply when specified resource is resized.
- If not specified, it defaults to NotRequired.
- type: string
- required:
- - resourceName
- - restartPolicy
- type: object
- type: array
- x-kubernetes-list-type: atomic
- resources:
- description: |-
- Compute Resources required by this container.
- Cannot be updated.
- More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
- properties:
- claims:
- description: |-
- Claims lists the names of resources, defined in spec.resourceClaims,
- that are used by this container.
-
-
- This is an alpha field and requires enabling the
- DynamicResourceAllocation feature gate.
-
-
- This field is immutable. It can only be set for containers.
- items:
- description: ResourceClaim references one entry
- in PodSpec.ResourceClaims.
- properties:
- name:
- description: |-
- Name must match the name of one entry in pod.spec.resourceClaims of
- the Pod where this field is used. It makes that resource available
- inside a container.
- type: string
- required:
- - name
- type: object
- type: array
- x-kubernetes-list-map-keys:
- - name
- x-kubernetes-list-type: map
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: |-
- Limits describes the maximum amount of compute resources allowed.
- More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: |-
- Requests describes the minimum amount of compute resources required.
- If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
- otherwise to an implementation-defined value. Requests cannot exceed Limits.
- More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
- type: object
- type: object
- restartPolicy:
- description: |-
- RestartPolicy defines the restart behavior of individual containers in a pod.
- This field may only be set for init containers, and the only allowed value is "Always".
- For non-init containers or when this field is not specified,
- the restart behavior is defined by the Pod's restart policy and the container type.
- Setting the RestartPolicy as "Always" for the init container will have the following effect:
- this init container will be continually restarted on
- exit until all regular containers have terminated. Once all regular
- containers have completed, all init containers with restartPolicy "Always"
- will be shut down. This lifecycle differs from normal init containers and
- is often referred to as a "sidecar" container. Although this init
- container still starts in the init container sequence, it does not wait
- for the container to complete before proceeding to the next init
- container. Instead, the next init container starts immediately after this
- init container is started, or after any startupProbe has successfully
- completed.
- type: string
- securityContext:
- description: |-
- SecurityContext defines the security options the container should be run with.
- If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.
- More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
- properties:
- allowPrivilegeEscalation:
- description: |-
- AllowPrivilegeEscalation controls whether a process can gain more
- privileges than its parent process. This bool directly controls if
- the no_new_privs flag will be set on the container process.
- AllowPrivilegeEscalation is true always when the container is:
- 1) run as Privileged
- 2) has CAP_SYS_ADMIN
- Note that this field cannot be set when spec.os.name is windows.
- type: boolean
- capabilities:
- description: |-
- The capabilities to add/drop when running containers.
- Defaults to the default set of capabilities granted by the container runtime.
- Note that this field cannot be set when spec.os.name is windows.
- properties:
- add:
- description: Added capabilities
- items:
- description: Capability represent POSIX capabilities
- type
- type: string
- type: array
- drop:
- description: Removed capabilities
- items:
- description: Capability represent POSIX capabilities
- type
- type: string
- type: array
- type: object
- privileged:
- description: |-
- Run container in privileged mode.
- Processes in privileged containers are essentially equivalent to root on the host.
- Defaults to false.
- Note that this field cannot be set when spec.os.name is windows.
- type: boolean
- procMount:
- description: |-
- procMount denotes the type of proc mount to use for the containers.
- The default is DefaultProcMount which uses the container runtime defaults for
- readonly paths and masked paths.
- This requires the ProcMountType feature flag to be enabled.
- Note that this field cannot be set when spec.os.name is windows.
- type: string
- readOnlyRootFilesystem:
- description: |-
- Whether this container has a read-only root filesystem.
- Default is false.
- Note that this field cannot be set when spec.os.name is windows.
- type: boolean
- runAsGroup:
- description: |-
- The GID to run the entrypoint of the container process.
- Uses runtime default if unset.
- May also be set in PodSecurityContext. If set in both SecurityContext and
- PodSecurityContext, the value specified in SecurityContext takes precedence.
- Note that this field cannot be set when spec.os.name is windows.
- format: int64
- type: integer
- runAsNonRoot:
- description: |-
- Indicates that the container must run as a non-root user.
- If true, the Kubelet will validate the image at runtime to ensure that it
- does not run as UID 0 (root) and fail to start the container if it does.
- If unset or false, no such validation will be performed.
- May also be set in PodSecurityContext. If set in both SecurityContext and
- PodSecurityContext, the value specified in SecurityContext takes precedence.
- type: boolean
- runAsUser:
- description: |-
- The UID to run the entrypoint of the container process.
- Defaults to user specified in image metadata if unspecified.
- May also be set in PodSecurityContext. If set in both SecurityContext and
- PodSecurityContext, the value specified in SecurityContext takes precedence.
- Note that this field cannot be set when spec.os.name is windows.
- format: int64
- type: integer
- seLinuxOptions:
- description: |-
- The SELinux context to be applied to the container.
- If unspecified, the container runtime will allocate a random SELinux context for each
- container. May also be set in PodSecurityContext. If set in both SecurityContext and
- PodSecurityContext, the value specified in SecurityContext takes precedence.
- Note that this field cannot be set when spec.os.name is windows.
- properties:
- level:
- description: Level is SELinux level label that
- applies to the container.
- type: string
- role:
- description: Role is a SELinux role label that
- applies to the container.
- type: string
- type:
- description: Type is a SELinux type label that
- applies to the container.
- type: string
- user:
- description: User is a SELinux user label that
- applies to the container.
- type: string
- type: object
- seccompProfile:
- description: |-
- The seccomp options to use by this container. If seccomp options are
- provided at both the pod & container level, the container options
- override the pod options.
- Note that this field cannot be set when spec.os.name is windows.
- properties:
- localhostProfile:
- description: |-
- localhostProfile indicates a profile defined in a file on the node should be used.
- The profile must be preconfigured on the node to work.
- Must be a descending path, relative to the kubelet's configured seccomp profile location.
- Must be set if type is "Localhost". Must NOT be set for any other type.
- type: string
- type:
- description: |-
- type indicates which kind of seccomp profile will be applied.
- Valid options are:
-
-
- Localhost - a profile defined in a file on the node should be used.
- RuntimeDefault - the container runtime default profile should be used.
- Unconfined - no profile should be applied.
- type: string
- required:
- - type
- type: object
- windowsOptions:
- description: |-
- The Windows specific settings applied to all containers.
- If unspecified, the options from the PodSecurityContext will be used.
- If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
- Note that this field cannot be set when spec.os.name is linux.
- properties:
- gmsaCredentialSpec:
- description: |-
- GMSACredentialSpec is where the GMSA admission webhook
- (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the
- GMSA credential spec named by the GMSACredentialSpecName field.
- type: string
- gmsaCredentialSpecName:
- description: GMSACredentialSpecName is the name
- of the GMSA credential spec to use.
- type: string
- hostProcess:
- description: |-
- HostProcess determines if a container should be run as a 'Host Process' container.
- All of a Pod's containers must have the same effective HostProcess value
- (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).
- In addition, if HostProcess is true then HostNetwork must also be set to true.
- type: boolean
- runAsUserName:
- description: |-
- The UserName in Windows to run the entrypoint of the container process.
- Defaults to the user specified in image metadata if unspecified.
- May also be set in PodSecurityContext. If set in both SecurityContext and
- PodSecurityContext, the value specified in SecurityContext takes precedence.
- type: string
- type: object
- type: object
- startupProbe:
- description: |-
- StartupProbe indicates that the Pod has successfully initialized.
- If specified, no other probes are executed until this completes successfully.
- If this probe fails, the Pod will be restarted, just as if the livenessProbe failed.
- This can be used to provide different probe parameters at the beginning of a Pod's lifecycle,
- when it might take a long time to load data or warm a cache, than during steady-state operation.
- This cannot be updated.
- More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
- properties:
- exec:
- description: Exec specifies the action to take.
- properties:
- command:
- description: |-
- Command is the command line to execute inside the container, the working directory for the
- command is root ('/') in the container's filesystem. The command is simply exec'd, it is
- not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
- a shell, you need to explicitly call out to that shell.
- Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
- items:
- type: string
- type: array
- type: object
- failureThreshold:
- description: |-
- Minimum consecutive failures for the probe to be considered failed after having succeeded.
- Defaults to 3. Minimum value is 1.
- format: int32
- type: integer
- grpc:
- description: GRPC specifies an action involving
- a GRPC port.
- properties:
- port:
- description: Port number of the gRPC service.
- Number must be in the range 1 to 65535.
- format: int32
- type: integer
- service:
- description: |-
- Service is the name of the service to place in the gRPC HealthCheckRequest
- (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
-
-
- If this is not specified, the default behavior is defined by gRPC.
- type: string
- required:
- - port
- type: object
- httpGet:
- description: HTTPGet specifies the http request
- to perform.
- properties:
- host:
- description: |-
- Host name to connect to, defaults to the pod IP. You probably want to set
- "Host" in httpHeaders instead.
- type: string
- httpHeaders:
- description: Custom headers to set in the request.
- HTTP allows repeated headers.
- items:
- description: HTTPHeader describes a custom
- header to be used in HTTP probes
- properties:
- name:
- description: |-
- The header field name.
- This will be canonicalized upon output, so case-variant names will be understood as the same header.
- type: string
- value:
- description: The header field value
- type: string
- required:
- - name
- - value
- type: object
- type: array
- path:
- description: Path to access on the HTTP server.
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: |-
- Name or number of the port to access on the container.
- Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- scheme:
- description: |-
- Scheme to use for connecting to the host.
- Defaults to HTTP.
- type: string
- required:
- - port
- type: object
- initialDelaySeconds:
- description: |-
- Number of seconds after the container has started before liveness probes are initiated.
- More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
- format: int32
- type: integer
- periodSeconds:
- description: |-
- How often (in seconds) to perform the probe.
- Default to 10 seconds. Minimum value is 1.
- format: int32
- type: integer
- successThreshold:
- description: |-
- Minimum consecutive successes for the probe to be considered successful after having failed.
- Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
- format: int32
- type: integer
- tcpSocket:
- description: TCPSocket specifies an action involving
- a TCP port.
- properties:
- host:
- description: 'Optional: Host name to connect
- to, defaults to the pod IP.'
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: |-
- Number or name of the port to access on the container.
- Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- required:
- - port
- type: object
- terminationGracePeriodSeconds:
- description: |-
- Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
- The grace period is the duration in seconds after the processes running in the pod are sent
- a termination signal and the time when the processes are forcibly halted with a kill signal.
- Set this value longer than the expected cleanup time for your process.
- If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
- value overrides the value provided by the pod spec.
- Value must be non-negative integer. The value zero indicates stop immediately via
- the kill signal (no opportunity to shut down).
- This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
- Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
- format: int64
- type: integer
- timeoutSeconds:
- description: |-
- Number of seconds after which the probe times out.
- Defaults to 1 second. Minimum value is 1.
- More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
- format: int32
- type: integer
- type: object
- stdin:
- description: |-
- Whether this container should allocate a buffer for stdin in the container runtime. If this
- is not set, reads from stdin in the container will always result in EOF.
- Default is false.
- type: boolean
- stdinOnce:
- description: |-
- Whether the container runtime should close the stdin channel after it has been opened by
- a single attach. When stdin is true the stdin stream will remain open across multiple attach
- sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the
- first client attaches to stdin, and then remains open and accepts data until the client disconnects,
- at which time stdin is closed and remains closed until the container is restarted. If this
- flag is false, a container processes that reads from stdin will never receive an EOF.
- Default is false
- type: boolean
- terminationMessagePath:
- description: |-
- Optional: Path at which the file to which the container's termination message
- will be written is mounted into the container's filesystem.
- Message written is intended to be brief final status, such as an assertion failure message.
- Will be truncated by the node if greater than 4096 bytes. The total message length across
- all containers will be limited to 12kb.
- Defaults to /dev/termination-log.
- Cannot be updated.
- type: string
- terminationMessagePolicy:
- description: |-
- Indicate how the termination message should be populated. File will use the contents of
- terminationMessagePath to populate the container status message on both success and failure.
- FallbackToLogsOnError will use the last chunk of container log output if the termination
- message file is empty and the container exited with an error.
- The log output is limited to 2048 bytes or 80 lines, whichever is smaller.
- Defaults to File.
- Cannot be updated.
- type: string
- tty:
- description: |-
- Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.
- Default is false.
- type: boolean
- volumeDevices:
- description: volumeDevices is the list of block devices
- to be used by the container.
- items:
- description: volumeDevice describes a mapping of a
- raw block device within a container.
- properties:
- devicePath:
- description: devicePath is the path inside of
- the container that the device will be mapped
- to.
- type: string
- name:
- description: name must match the name of a persistentVolumeClaim
- in the pod
- type: string
- required:
- - devicePath
- - name
- type: object
- type: array
- volumeMounts:
- description: |-
- Pod volumes to mount into the container's filesystem.
- Cannot be updated.
- items:
- description: VolumeMount describes a mounting of a
- Volume within a container.
- properties:
- mountPath:
- description: |-
- Path within the container at which the volume should be mounted. Must
- not contain ':'.
- type: string
- mountPropagation:
- description: |-
- mountPropagation determines how mounts are propagated from the host
- to container and the other way around.
- When not set, MountPropagationNone is used.
- This field is beta in 1.10.
- type: string
- name:
- description: This must match the Name of a Volume.
- type: string
- readOnly:
- description: |-
- Mounted read-only if true, read-write otherwise (false or unspecified).
- Defaults to false.
- type: boolean
- subPath:
- description: |-
- Path within the volume from which the container's volume should be mounted.
- Defaults to "" (volume's root).
- type: string
- subPathExpr:
- description: |-
- Expanded path within the volume from which the container's volume should be mounted.
- Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.
- Defaults to "" (volume's root).
- SubPathExpr and SubPath are mutually exclusive.
- type: string
- required:
- - mountPath
- - name
- type: object
- type: array
- workingDir:
- description: |-
- Container's working directory.
- If not specified, the container runtime's default will be used, which
- might be configured in the container image.
- Cannot be updated.
- type: string
- required:
- - name
- type: object
- type: array
- dnsPolicy:
- description: DNSPolicy
- type: string
- ephemeralContainers:
- description: EphemeralContainers
- items:
- description: |-
- An EphemeralContainer is a temporary container that you may add to an existing Pod for
- user-initiated activities such as debugging. Ephemeral containers have no resource or
- scheduling guarantees, and they will not be restarted when they exit or when a Pod is
- removed or restarted. The kubelet may evict a Pod if an ephemeral container causes the
- Pod to exceed its resource allocation.
-
-
- To add an ephemeral container, use the ephemeralcontainers subresource of an existing
- Pod. Ephemeral containers may not be removed or restarted.
- properties:
- args:
- description: |-
- Arguments to the entrypoint.
- The image's CMD is used if this is not provided.
- Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
- cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced
- to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
- produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless
- of whether the variable exists or not. Cannot be updated.
- More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
- items:
- type: string
- type: array
- command:
- description: |-
- Entrypoint array. Not executed within a shell.
- The image's ENTRYPOINT is used if this is not provided.
- Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
- cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced
- to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
- produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless
- of whether the variable exists or not. Cannot be updated.
- More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
- items:
- type: string
- type: array
- env:
- description: |-
- List of environment variables to set in the container.
- Cannot be updated.
- items:
- description: EnvVar represents an environment variable
- present in a Container.
- properties:
- name:
- description: Name of the environment variable.
- Must be a C_IDENTIFIER.
- type: string
- value:
- description: |-
- Variable references $(VAR_NAME) are expanded
- using the previously defined environment variables in the container and
- any service environment variables. If a variable cannot be resolved,
- the reference in the input string will be unchanged. Double $$ are reduced
- to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.
- "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)".
- Escaped references will never be expanded, regardless of whether the variable
- exists or not.
- Defaults to "".
- type: string
- valueFrom:
- description: Source for the environment variable's
- value. Cannot be used if value is not empty.
- properties:
- configMapKeyRef:
- description: Selects a key of a ConfigMap.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the ConfigMap
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- fieldRef:
- description: |-
- Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,
- spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.
- properties:
- apiVersion:
- description: Version of the schema the
- FieldPath is written in terms of, defaults
- to "v1".
- type: string
- fieldPath:
- description: Path of the field to select
- in the specified API version.
- type: string
- required:
- - fieldPath
- type: object
- x-kubernetes-map-type: atomic
- resourceFieldRef:
- description: |-
- Selects a resource of the container: only resources limits and requests
- (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.
- properties:
- containerName:
- description: 'Container name: required
- for volumes, optional for env vars'
- type: string
- divisor:
- anyOf:
- - type: integer
- - type: string
- description: Specifies the output format
- of the exposed resources, defaults to
- "1"
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- resource:
- description: 'Required: resource to select'
- type: string
- required:
- - resource
- type: object
- x-kubernetes-map-type: atomic
- secretKeyRef:
- description: Selects a key of a secret in
- the pod's namespace
- properties:
- key:
- description: The key of the secret to
- select from. Must be a valid secret
- key.
- type: string
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the Secret
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- required:
- - name
- type: object
- type: array
- envFrom:
- description: |-
- List of sources to populate environment variables in the container.
- The keys defined within a source must be a C_IDENTIFIER. All invalid keys
- will be reported as an event when the container is starting. When a key exists in multiple
- sources, the value associated with the last source will take precedence.
- Values defined by an Env with a duplicate key will take precedence.
- Cannot be updated.
- items:
- description: EnvFromSource represents the source of
- a set of ConfigMaps
- properties:
- configMapRef:
- description: The ConfigMap to select from
- properties:
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the ConfigMap
- must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- prefix:
- description: An optional identifier to prepend
- to each key in the ConfigMap. Must be a C_IDENTIFIER.
- type: string
- secretRef:
- description: The Secret to select from
- properties:
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the Secret must
- be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- type: object
- type: array
- image:
- description: |-
- Container image name.
- More info: https://kubernetes.io/docs/concepts/containers/images
- type: string
- imagePullPolicy:
- description: |-
- Image pull policy.
- One of Always, Never, IfNotPresent.
- Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
- Cannot be updated.
- More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
- type: string
- lifecycle:
- description: Lifecycle is not allowed for ephemeral
- containers.
- properties:
- postStart:
- description: |-
- PostStart is called immediately after a container is created. If the handler fails,
- the container is terminated and restarted according to its restart policy.
- Other management of the container blocks until the hook completes.
- More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
- properties:
- exec:
- description: Exec specifies the action to take.
- properties:
- command:
- description: |-
- Command is the command line to execute inside the container, the working directory for the
- command is root ('/') in the container's filesystem. The command is simply exec'd, it is
- not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
- a shell, you need to explicitly call out to that shell.
- Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
- items:
- type: string
- type: array
- type: object
- httpGet:
- description: HTTPGet specifies the http request
- to perform.
- properties:
- host:
- description: |-
- Host name to connect to, defaults to the pod IP. You probably want to set
- "Host" in httpHeaders instead.
- type: string
- httpHeaders:
- description: Custom headers to set in the
- request. HTTP allows repeated headers.
- items:
- description: HTTPHeader describes a custom
- header to be used in HTTP probes
- properties:
- name:
- description: |-
- The header field name.
- This will be canonicalized upon output, so case-variant names will be understood as the same header.
- type: string
- value:
- description: The header field value
- type: string
- required:
- - name
- - value
- type: object
- type: array
- path:
- description: Path to access on the HTTP
- server.
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: |-
- Name or number of the port to access on the container.
- Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- scheme:
- description: |-
- Scheme to use for connecting to the host.
- Defaults to HTTP.
- type: string
- required:
- - port
- type: object
- sleep:
- description: Sleep represents the duration that
- the container should sleep before being terminated.
- properties:
- seconds:
- description: Seconds is the number of seconds
- to sleep.
- format: int64
- type: integer
- required:
- - seconds
- type: object
- tcpSocket:
- description: |-
- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept
- for the backward compatibility. There are no validation of this field and
- lifecycle hooks will fail in runtime when tcp handler is specified.
- properties:
- host:
- description: 'Optional: Host name to connect
- to, defaults to the pod IP.'
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: |-
- Number or name of the port to access on the container.
- Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- required:
- - port
- type: object
- type: object
- preStop:
- description: |-
- PreStop is called immediately before a container is terminated due to an
- API request or management event such as liveness/startup probe failure,
- preemption, resource contention, etc. The handler is not called if the
- container crashes or exits. The Pod's termination grace period countdown begins before the
- PreStop hook is executed. Regardless of the outcome of the handler, the
- container will eventually terminate within the Pod's termination grace
- period (unless delayed by finalizers). Other management of the container blocks until the hook completes
- or until the termination grace period is reached.
- More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
- properties:
- exec:
- description: Exec specifies the action to take.
- properties:
- command:
- description: |-
- Command is the command line to execute inside the container, the working directory for the
- command is root ('/') in the container's filesystem. The command is simply exec'd, it is
- not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
- a shell, you need to explicitly call out to that shell.
- Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
- items:
- type: string
- type: array
- type: object
- httpGet:
- description: HTTPGet specifies the http request
- to perform.
- properties:
- host:
- description: |-
- Host name to connect to, defaults to the pod IP. You probably want to set
- "Host" in httpHeaders instead.
- type: string
- httpHeaders:
- description: Custom headers to set in the
- request. HTTP allows repeated headers.
- items:
- description: HTTPHeader describes a custom
- header to be used in HTTP probes
- properties:
- name:
- description: |-
- The header field name.
- This will be canonicalized upon output, so case-variant names will be understood as the same header.
- type: string
- value:
- description: The header field value
- type: string
- required:
- - name
- - value
- type: object
- type: array
- path:
- description: Path to access on the HTTP
- server.
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: |-
- Name or number of the port to access on the container.
- Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- scheme:
- description: |-
- Scheme to use for connecting to the host.
- Defaults to HTTP.
- type: string
- required:
- - port
- type: object
- sleep:
- description: Sleep represents the duration that
- the container should sleep before being terminated.
- properties:
- seconds:
- description: Seconds is the number of seconds
- to sleep.
- format: int64
- type: integer
- required:
- - seconds
- type: object
- tcpSocket:
- description: |-
- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept
- for the backward compatibility. There are no validation of this field and
- lifecycle hooks will fail in runtime when tcp handler is specified.
- properties:
- host:
- description: 'Optional: Host name to connect
- to, defaults to the pod IP.'
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: |-
- Number or name of the port to access on the container.
- Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- required:
- - port
- type: object
- type: object
- type: object
- livenessProbe:
- description: Probes are not allowed for ephemeral containers.
- properties:
- exec:
- description: Exec specifies the action to take.
- properties:
- command:
- description: |-
- Command is the command line to execute inside the container, the working directory for the
- command is root ('/') in the container's filesystem. The command is simply exec'd, it is
- not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
- a shell, you need to explicitly call out to that shell.
- Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
- items:
- type: string
- type: array
- type: object
- failureThreshold:
- description: |-
- Minimum consecutive failures for the probe to be considered failed after having succeeded.
- Defaults to 3. Minimum value is 1.
- format: int32
- type: integer
- grpc:
- description: GRPC specifies an action involving
- a GRPC port.
- properties:
- port:
- description: Port number of the gRPC service.
- Number must be in the range 1 to 65535.
- format: int32
- type: integer
- service:
- description: |-
- Service is the name of the service to place in the gRPC HealthCheckRequest
- (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
-
-
- If this is not specified, the default behavior is defined by gRPC.
- type: string
- required:
- - port
- type: object
- httpGet:
- description: HTTPGet specifies the http request
- to perform.
- properties:
- host:
- description: |-
- Host name to connect to, defaults to the pod IP. You probably want to set
- "Host" in httpHeaders instead.
- type: string
- httpHeaders:
- description: Custom headers to set in the request.
- HTTP allows repeated headers.
- items:
- description: HTTPHeader describes a custom
- header to be used in HTTP probes
- properties:
- name:
- description: |-
- The header field name.
- This will be canonicalized upon output, so case-variant names will be understood as the same header.
- type: string
- value:
- description: The header field value
- type: string
- required:
- - name
- - value
- type: object
- type: array
- path:
- description: Path to access on the HTTP server.
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: |-
- Name or number of the port to access on the container.
- Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- scheme:
- description: |-
- Scheme to use for connecting to the host.
- Defaults to HTTP.
- type: string
- required:
- - port
- type: object
- initialDelaySeconds:
- description: |-
- Number of seconds after the container has started before liveness probes are initiated.
- More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
- format: int32
- type: integer
- periodSeconds:
- description: |-
- How often (in seconds) to perform the probe.
- Default to 10 seconds. Minimum value is 1.
- format: int32
- type: integer
- successThreshold:
- description: |-
- Minimum consecutive successes for the probe to be considered successful after having failed.
- Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
- format: int32
- type: integer
- tcpSocket:
- description: TCPSocket specifies an action involving
- a TCP port.
- properties:
- host:
- description: 'Optional: Host name to connect
- to, defaults to the pod IP.'
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: |-
- Number or name of the port to access on the container.
- Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- required:
- - port
- type: object
- terminationGracePeriodSeconds:
- description: |-
- Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
- The grace period is the duration in seconds after the processes running in the pod are sent
- a termination signal and the time when the processes are forcibly halted with a kill signal.
- Set this value longer than the expected cleanup time for your process.
- If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
- value overrides the value provided by the pod spec.
- Value must be non-negative integer. The value zero indicates stop immediately via
- the kill signal (no opportunity to shut down).
- This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
- Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
- format: int64
- type: integer
- timeoutSeconds:
- description: |-
- Number of seconds after which the probe times out.
- Defaults to 1 second. Minimum value is 1.
- More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
- format: int32
- type: integer
- type: object
- name:
- description: |-
- Name of the ephemeral container specified as a DNS_LABEL.
- This name must be unique among all containers, init containers and ephemeral containers.
- type: string
- ports:
- description: Ports are not allowed for ephemeral containers.
- items:
- description: ContainerPort represents a network port
- in a single container.
- properties:
- containerPort:
- description: |-
- Number of port to expose on the pod's IP address.
- This must be a valid port number, 0 < x < 65536.
- format: int32
- type: integer
- hostIP:
- description: What host IP to bind the external
- port to.
- type: string
- hostPort:
- description: |-
- Number of port to expose on the host.
- If specified, this must be a valid port number, 0 < x < 65536.
- If HostNetwork is specified, this must match ContainerPort.
- Most containers do not need this.
- format: int32
- type: integer
- name:
- description: |-
- If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
- named port in a pod must have a unique name. Name for the port that can be
- referred to by services.
- type: string
- protocol:
- default: TCP
- description: |-
- Protocol for port. Must be UDP, TCP, or SCTP.
- Defaults to "TCP".
- type: string
- required:
- - containerPort
- type: object
- type: array
- x-kubernetes-list-map-keys:
- - containerPort
- - protocol
- x-kubernetes-list-type: map
- readinessProbe:
- description: Probes are not allowed for ephemeral containers.
- properties:
- exec:
- description: Exec specifies the action to take.
- properties:
- command:
- description: |-
- Command is the command line to execute inside the container, the working directory for the
- command is root ('/') in the container's filesystem. The command is simply exec'd, it is
- not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
- a shell, you need to explicitly call out to that shell.
- Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
- items:
- type: string
- type: array
- type: object
- failureThreshold:
- description: |-
- Minimum consecutive failures for the probe to be considered failed after having succeeded.
- Defaults to 3. Minimum value is 1.
- format: int32
- type: integer
- grpc:
- description: GRPC specifies an action involving
- a GRPC port.
- properties:
- port:
- description: Port number of the gRPC service.
- Number must be in the range 1 to 65535.
- format: int32
- type: integer
- service:
- description: |-
- Service is the name of the service to place in the gRPC HealthCheckRequest
- (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
-
-
- If this is not specified, the default behavior is defined by gRPC.
- type: string
- required:
- - port
- type: object
- httpGet:
- description: HTTPGet specifies the http request
- to perform.
- properties:
- host:
- description: |-
- Host name to connect to, defaults to the pod IP. You probably want to set
- "Host" in httpHeaders instead.
- type: string
- httpHeaders:
- description: Custom headers to set in the request.
- HTTP allows repeated headers.
- items:
- description: HTTPHeader describes a custom
- header to be used in HTTP probes
- properties:
- name:
- description: |-
- The header field name.
- This will be canonicalized upon output, so case-variant names will be understood as the same header.
- type: string
- value:
- description: The header field value
- type: string
- required:
- - name
- - value
- type: object
- type: array
- path:
- description: Path to access on the HTTP server.
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: |-
- Name or number of the port to access on the container.
- Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- scheme:
- description: |-
- Scheme to use for connecting to the host.
- Defaults to HTTP.
- type: string
- required:
- - port
- type: object
- initialDelaySeconds:
- description: |-
- Number of seconds after the container has started before liveness probes are initiated.
- More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
- format: int32
- type: integer
- periodSeconds:
- description: |-
- How often (in seconds) to perform the probe.
- Default to 10 seconds. Minimum value is 1.
- format: int32
- type: integer
- successThreshold:
- description: |-
- Minimum consecutive successes for the probe to be considered successful after having failed.
- Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
- format: int32
- type: integer
- tcpSocket:
- description: TCPSocket specifies an action involving
- a TCP port.
- properties:
- host:
- description: 'Optional: Host name to connect
- to, defaults to the pod IP.'
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: |-
- Number or name of the port to access on the container.
- Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- required:
- - port
- type: object
- terminationGracePeriodSeconds:
- description: |-
- Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
- The grace period is the duration in seconds after the processes running in the pod are sent
- a termination signal and the time when the processes are forcibly halted with a kill signal.
- Set this value longer than the expected cleanup time for your process.
- If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
- value overrides the value provided by the pod spec.
- Value must be non-negative integer. The value zero indicates stop immediately via
- the kill signal (no opportunity to shut down).
- This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
- Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
- format: int64
- type: integer
- timeoutSeconds:
- description: |-
- Number of seconds after which the probe times out.
- Defaults to 1 second. Minimum value is 1.
- More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
- format: int32
- type: integer
- type: object
- resizePolicy:
- description: Resources resize policy for the container.
- items:
- description: ContainerResizePolicy represents resource
- resize policy for the container.
- properties:
- resourceName:
- description: |-
- Name of the resource to which this resource resize policy applies.
- Supported values: cpu, memory.
- type: string
- restartPolicy:
- description: |-
- Restart policy to apply when specified resource is resized.
- If not specified, it defaults to NotRequired.
- type: string
- required:
- - resourceName
- - restartPolicy
- type: object
- type: array
- x-kubernetes-list-type: atomic
- resources:
- description: |-
- Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources
- already allocated to the pod.
- properties:
- claims:
- description: |-
- Claims lists the names of resources, defined in spec.resourceClaims,
- that are used by this container.
-
-
- This is an alpha field and requires enabling the
- DynamicResourceAllocation feature gate.
-
-
- This field is immutable. It can only be set for containers.
- items:
- description: ResourceClaim references one entry
- in PodSpec.ResourceClaims.
- properties:
- name:
- description: |-
- Name must match the name of one entry in pod.spec.resourceClaims of
- the Pod where this field is used. It makes that resource available
- inside a container.
- type: string
- required:
- - name
- type: object
- type: array
- x-kubernetes-list-map-keys:
- - name
- x-kubernetes-list-type: map
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: |-
- Limits describes the maximum amount of compute resources allowed.
- More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: |-
- Requests describes the minimum amount of compute resources required.
- If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
- otherwise to an implementation-defined value. Requests cannot exceed Limits.
- More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
- type: object
- type: object
- restartPolicy:
- description: |-
- Restart policy for the container to manage the restart behavior of each
- container within a pod.
- This may only be set for init containers. You cannot set this field on
- ephemeral containers.
- type: string
- securityContext:
- description: |-
- Optional: SecurityContext defines the security options the ephemeral container should be run with.
- If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.
- properties:
- allowPrivilegeEscalation:
- description: |-
- AllowPrivilegeEscalation controls whether a process can gain more
- privileges than its parent process. This bool directly controls if
- the no_new_privs flag will be set on the container process.
- AllowPrivilegeEscalation is true always when the container is:
- 1) run as Privileged
- 2) has CAP_SYS_ADMIN
- Note that this field cannot be set when spec.os.name is windows.
- type: boolean
- capabilities:
- description: |-
- The capabilities to add/drop when running containers.
- Defaults to the default set of capabilities granted by the container runtime.
- Note that this field cannot be set when spec.os.name is windows.
- properties:
- add:
- description: Added capabilities
- items:
- description: Capability represent POSIX capabilities
- type
- type: string
- type: array
- drop:
- description: Removed capabilities
- items:
- description: Capability represent POSIX capabilities
- type
- type: string
- type: array
- type: object
- privileged:
- description: |-
- Run container in privileged mode.
- Processes in privileged containers are essentially equivalent to root on the host.
- Defaults to false.
- Note that this field cannot be set when spec.os.name is windows.
- type: boolean
- procMount:
- description: |-
- procMount denotes the type of proc mount to use for the containers.
- The default is DefaultProcMount which uses the container runtime defaults for
- readonly paths and masked paths.
- This requires the ProcMountType feature flag to be enabled.
- Note that this field cannot be set when spec.os.name is windows.
- type: string
- readOnlyRootFilesystem:
- description: |-
- Whether this container has a read-only root filesystem.
- Default is false.
- Note that this field cannot be set when spec.os.name is windows.
- type: boolean
- runAsGroup:
- description: |-
- The GID to run the entrypoint of the container process.
- Uses runtime default if unset.
- May also be set in PodSecurityContext. If set in both SecurityContext and
- PodSecurityContext, the value specified in SecurityContext takes precedence.
- Note that this field cannot be set when spec.os.name is windows.
- format: int64
- type: integer
- runAsNonRoot:
- description: |-
- Indicates that the container must run as a non-root user.
- If true, the Kubelet will validate the image at runtime to ensure that it
- does not run as UID 0 (root) and fail to start the container if it does.
- If unset or false, no such validation will be performed.
- May also be set in PodSecurityContext. If set in both SecurityContext and
- PodSecurityContext, the value specified in SecurityContext takes precedence.
- type: boolean
- runAsUser:
- description: |-
- The UID to run the entrypoint of the container process.
- Defaults to user specified in image metadata if unspecified.
- May also be set in PodSecurityContext. If set in both SecurityContext and
- PodSecurityContext, the value specified in SecurityContext takes precedence.
- Note that this field cannot be set when spec.os.name is windows.
- format: int64
- type: integer
- seLinuxOptions:
- description: |-
- The SELinux context to be applied to the container.
- If unspecified, the container runtime will allocate a random SELinux context for each
- container. May also be set in PodSecurityContext. If set in both SecurityContext and
- PodSecurityContext, the value specified in SecurityContext takes precedence.
- Note that this field cannot be set when spec.os.name is windows.
- properties:
- level:
- description: Level is SELinux level label that
- applies to the container.
- type: string
- role:
- description: Role is a SELinux role label that
- applies to the container.
- type: string
- type:
- description: Type is a SELinux type label that
- applies to the container.
- type: string
- user:
- description: User is a SELinux user label that
- applies to the container.
- type: string
- type: object
- seccompProfile:
- description: |-
- The seccomp options to use by this container. If seccomp options are
- provided at both the pod & container level, the container options
- override the pod options.
- Note that this field cannot be set when spec.os.name is windows.
- properties:
- localhostProfile:
- description: |-
- localhostProfile indicates a profile defined in a file on the node should be used.
- The profile must be preconfigured on the node to work.
- Must be a descending path, relative to the kubelet's configured seccomp profile location.
- Must be set if type is "Localhost". Must NOT be set for any other type.
- type: string
- type:
- description: |-
- type indicates which kind of seccomp profile will be applied.
- Valid options are:
-
-
- Localhost - a profile defined in a file on the node should be used.
- RuntimeDefault - the container runtime default profile should be used.
- Unconfined - no profile should be applied.
- type: string
- required:
- - type
- type: object
- windowsOptions:
- description: |-
- The Windows specific settings applied to all containers.
- If unspecified, the options from the PodSecurityContext will be used.
- If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
- Note that this field cannot be set when spec.os.name is linux.
- properties:
- gmsaCredentialSpec:
- description: |-
- GMSACredentialSpec is where the GMSA admission webhook
- (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the
- GMSA credential spec named by the GMSACredentialSpecName field.
- type: string
- gmsaCredentialSpecName:
- description: GMSACredentialSpecName is the name
- of the GMSA credential spec to use.
- type: string
- hostProcess:
- description: |-
- HostProcess determines if a container should be run as a 'Host Process' container.
- All of a Pod's containers must have the same effective HostProcess value
- (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).
- In addition, if HostProcess is true then HostNetwork must also be set to true.
- type: boolean
- runAsUserName:
- description: |-
- The UserName in Windows to run the entrypoint of the container process.
- Defaults to the user specified in image metadata if unspecified.
- May also be set in PodSecurityContext. If set in both SecurityContext and
- PodSecurityContext, the value specified in SecurityContext takes precedence.
- type: string
- type: object
- type: object
- startupProbe:
- description: Probes are not allowed for ephemeral containers.
- properties:
- exec:
- description: Exec specifies the action to take.
- properties:
- command:
- description: |-
- Command is the command line to execute inside the container, the working directory for the
- command is root ('/') in the container's filesystem. The command is simply exec'd, it is
- not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
- a shell, you need to explicitly call out to that shell.
- Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
- items:
- type: string
- type: array
- type: object
- failureThreshold:
- description: |-
- Minimum consecutive failures for the probe to be considered failed after having succeeded.
- Defaults to 3. Minimum value is 1.
- format: int32
- type: integer
- grpc:
- description: GRPC specifies an action involving
- a GRPC port.
- properties:
- port:
- description: Port number of the gRPC service.
- Number must be in the range 1 to 65535.
- format: int32
- type: integer
- service:
- description: |-
- Service is the name of the service to place in the gRPC HealthCheckRequest
- (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
-
-
- If this is not specified, the default behavior is defined by gRPC.
- type: string
- required:
- - port
- type: object
- httpGet:
- description: HTTPGet specifies the http request
- to perform.
- properties:
- host:
- description: |-
- Host name to connect to, defaults to the pod IP. You probably want to set
- "Host" in httpHeaders instead.
- type: string
- httpHeaders:
- description: Custom headers to set in the request.
- HTTP allows repeated headers.
- items:
- description: HTTPHeader describes a custom
- header to be used in HTTP probes
- properties:
- name:
- description: |-
- The header field name.
- This will be canonicalized upon output, so case-variant names will be understood as the same header.
- type: string
- value:
- description: The header field value
- type: string
- required:
- - name
- - value
- type: object
- type: array
- path:
- description: Path to access on the HTTP server.
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: |-
- Name or number of the port to access on the container.
- Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- scheme:
- description: |-
- Scheme to use for connecting to the host.
- Defaults to HTTP.
- type: string
- required:
- - port
- type: object
- initialDelaySeconds:
- description: |-
- Number of seconds after the container has started before liveness probes are initiated.
- More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
- format: int32
- type: integer
- periodSeconds:
- description: |-
- How often (in seconds) to perform the probe.
- Default to 10 seconds. Minimum value is 1.
- format: int32
- type: integer
- successThreshold:
- description: |-
- Minimum consecutive successes for the probe to be considered successful after having failed.
- Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
- format: int32
- type: integer
- tcpSocket:
- description: TCPSocket specifies an action involving
- a TCP port.
- properties:
- host:
- description: 'Optional: Host name to connect
- to, defaults to the pod IP.'
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: |-
- Number or name of the port to access on the container.
- Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- required:
- - port
- type: object
- terminationGracePeriodSeconds:
- description: |-
- Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
- The grace period is the duration in seconds after the processes running in the pod are sent
- a termination signal and the time when the processes are forcibly halted with a kill signal.
- Set this value longer than the expected cleanup time for your process.
- If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
- value overrides the value provided by the pod spec.
- Value must be non-negative integer. The value zero indicates stop immediately via
- the kill signal (no opportunity to shut down).
- This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
- Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
- format: int64
- type: integer
- timeoutSeconds:
- description: |-
- Number of seconds after which the probe times out.
- Defaults to 1 second. Minimum value is 1.
- More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
- format: int32
- type: integer
- type: object
- stdin:
- description: |-
- Whether this container should allocate a buffer for stdin in the container runtime. If this
- is not set, reads from stdin in the container will always result in EOF.
- Default is false.
- type: boolean
- stdinOnce:
- description: |-
- Whether the container runtime should close the stdin channel after it has been opened by
- a single attach. When stdin is true the stdin stream will remain open across multiple attach
- sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the
- first client attaches to stdin, and then remains open and accepts data until the client disconnects,
- at which time stdin is closed and remains closed until the container is restarted. If this
- flag is false, a container processes that reads from stdin will never receive an EOF.
- Default is false
- type: boolean
- targetContainerName:
- description: |-
- If set, the name of the container from PodSpec that this ephemeral container targets.
- The ephemeral container will be run in the namespaces (IPC, PID, etc) of this container.
- If not set then the ephemeral container uses the namespaces configured in the Pod spec.
-
-
- The container runtime must implement support for this feature. If the runtime does not
- support namespace targeting then the result of setting this field is undefined.
- type: string
- terminationMessagePath:
- description: |-
- Optional: Path at which the file to which the container's termination message
- will be written is mounted into the container's filesystem.
- Message written is intended to be brief final status, such as an assertion failure message.
- Will be truncated by the node if greater than 4096 bytes. The total message length across
- all containers will be limited to 12kb.
- Defaults to /dev/termination-log.
- Cannot be updated.
- type: string
- terminationMessagePolicy:
- description: |-
- Indicate how the termination message should be populated. File will use the contents of
- terminationMessagePath to populate the container status message on both success and failure.
- FallbackToLogsOnError will use the last chunk of container log output if the termination
- message file is empty and the container exited with an error.
- The log output is limited to 2048 bytes or 80 lines, whichever is smaller.
- Defaults to File.
- Cannot be updated.
- type: string
- tty:
- description: |-
- Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.
- Default is false.
- type: boolean
- volumeDevices:
- description: volumeDevices is the list of block devices
- to be used by the container.
- items:
- description: volumeDevice describes a mapping of a
- raw block device within a container.
- properties:
- devicePath:
- description: devicePath is the path inside of
- the container that the device will be mapped
- to.
- type: string
- name:
- description: name must match the name of a persistentVolumeClaim
- in the pod
- type: string
- required:
- - devicePath
- - name
- type: object
- type: array
- volumeMounts:
- description: |-
- Pod volumes to mount into the container's filesystem. Subpath mounts are not allowed for ephemeral containers.
- Cannot be updated.
- items:
- description: VolumeMount describes a mounting of a
- Volume within a container.
- properties:
- mountPath:
- description: |-
- Path within the container at which the volume should be mounted. Must
- not contain ':'.
- type: string
- mountPropagation:
- description: |-
- mountPropagation determines how mounts are propagated from the host
- to container and the other way around.
- When not set, MountPropagationNone is used.
- This field is beta in 1.10.
- type: string
- name:
- description: This must match the Name of a Volume.
- type: string
- readOnly:
- description: |-
- Mounted read-only if true, read-write otherwise (false or unspecified).
- Defaults to false.
- type: boolean
- subPath:
- description: |-
- Path within the volume from which the container's volume should be mounted.
- Defaults to "" (volume's root).
- type: string
- subPathExpr:
- description: |-
- Expanded path within the volume from which the container's volume should be mounted.
- Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.
- Defaults to "" (volume's root).
- SubPathExpr and SubPath are mutually exclusive.
- type: string
- required:
- - mountPath
- - name
- type: object
- type: array
- workingDir:
- description: |-
- Container's working directory.
- If not specified, the container runtime's default will be used, which
- might be configured in the container image.
- Cannot be updated.
- type: string
- required:
- - name
- type: object
- type: array
- initContainers:
- description: InitContainers
- items:
- description: A single application container that you want
- to run within a pod.
- properties:
- args:
- description: |-
- Arguments to the entrypoint.
- The container image's CMD is used if this is not provided.
- Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
- cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced
- to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
- produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless
- of whether the variable exists or not. Cannot be updated.
- More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
- items:
- type: string
- type: array
- command:
- description: |-
- Entrypoint array. Not executed within a shell.
- The container image's ENTRYPOINT is used if this is not provided.
- Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
- cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced
- to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
- produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless
- of whether the variable exists or not. Cannot be updated.
- More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
- items:
- type: string
- type: array
- env:
- description: |-
- List of environment variables to set in the container.
- Cannot be updated.
- items:
- description: EnvVar represents an environment variable
- present in a Container.
- properties:
- name:
- description: Name of the environment variable.
- Must be a C_IDENTIFIER.
- type: string
- value:
- description: |-
- Variable references $(VAR_NAME) are expanded
- using the previously defined environment variables in the container and
- any service environment variables. If a variable cannot be resolved,
- the reference in the input string will be unchanged. Double $$ are reduced
- to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.
- "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)".
- Escaped references will never be expanded, regardless of whether the variable
- exists or not.
- Defaults to "".
- type: string
- valueFrom:
- description: Source for the environment variable's
- value. Cannot be used if value is not empty.
- properties:
- configMapKeyRef:
- description: Selects a key of a ConfigMap.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the ConfigMap
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- fieldRef:
- description: |-
- Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,
- spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.
- properties:
- apiVersion:
- description: Version of the schema the
- FieldPath is written in terms of, defaults
- to "v1".
- type: string
- fieldPath:
- description: Path of the field to select
- in the specified API version.
- type: string
- required:
- - fieldPath
- type: object
- x-kubernetes-map-type: atomic
- resourceFieldRef:
- description: |-
- Selects a resource of the container: only resources limits and requests
- (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.
- properties:
- containerName:
- description: 'Container name: required
- for volumes, optional for env vars'
- type: string
- divisor:
- anyOf:
- - type: integer
- - type: string
- description: Specifies the output format
- of the exposed resources, defaults to
- "1"
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- resource:
- description: 'Required: resource to select'
- type: string
- required:
- - resource
- type: object
- x-kubernetes-map-type: atomic
- secretKeyRef:
- description: Selects a key of a secret in
- the pod's namespace
- properties:
- key:
- description: The key of the secret to
- select from. Must be a valid secret
- key.
- type: string
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the Secret
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- required:
- - name
- type: object
- type: array
- envFrom:
- description: |-
- List of sources to populate environment variables in the container.
- The keys defined within a source must be a C_IDENTIFIER. All invalid keys
- will be reported as an event when the container is starting. When a key exists in multiple
- sources, the value associated with the last source will take precedence.
- Values defined by an Env with a duplicate key will take precedence.
- Cannot be updated.
- items:
- description: EnvFromSource represents the source of
- a set of ConfigMaps
- properties:
- configMapRef:
- description: The ConfigMap to select from
- properties:
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the ConfigMap
- must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- prefix:
- description: An optional identifier to prepend
- to each key in the ConfigMap. Must be a C_IDENTIFIER.
- type: string
- secretRef:
- description: The Secret to select from
- properties:
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the Secret must
- be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- type: object
- type: array
- image:
- description: |-
- Container image name.
- More info: https://kubernetes.io/docs/concepts/containers/images
- This field is optional to allow higher level config management to default or override
- container images in workload controllers like Deployments and StatefulSets.
- type: string
- imagePullPolicy:
- description: |-
- Image pull policy.
- One of Always, Never, IfNotPresent.
- Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
- Cannot be updated.
- More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
- type: string
- lifecycle:
- description: |-
- Actions that the management system should take in response to container lifecycle events.
- Cannot be updated.
- properties:
- postStart:
- description: |-
- PostStart is called immediately after a container is created. If the handler fails,
- the container is terminated and restarted according to its restart policy.
- Other management of the container blocks until the hook completes.
- More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
- properties:
- exec:
- description: Exec specifies the action to take.
- properties:
- command:
- description: |-
- Command is the command line to execute inside the container, the working directory for the
- command is root ('/') in the container's filesystem. The command is simply exec'd, it is
- not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
- a shell, you need to explicitly call out to that shell.
- Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
- items:
- type: string
- type: array
- type: object
- httpGet:
- description: HTTPGet specifies the http request
- to perform.
- properties:
- host:
- description: |-
- Host name to connect to, defaults to the pod IP. You probably want to set
- "Host" in httpHeaders instead.
- type: string
- httpHeaders:
- description: Custom headers to set in the
- request. HTTP allows repeated headers.
- items:
- description: HTTPHeader describes a custom
- header to be used in HTTP probes
- properties:
- name:
- description: |-
- The header field name.
- This will be canonicalized upon output, so case-variant names will be understood as the same header.
- type: string
- value:
- description: The header field value
- type: string
- required:
- - name
- - value
- type: object
- type: array
- path:
- description: Path to access on the HTTP
- server.
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: |-
- Name or number of the port to access on the container.
- Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- scheme:
- description: |-
- Scheme to use for connecting to the host.
- Defaults to HTTP.
- type: string
- required:
- - port
- type: object
- sleep:
- description: Sleep represents the duration that
- the container should sleep before being terminated.
- properties:
- seconds:
- description: Seconds is the number of seconds
- to sleep.
- format: int64
- type: integer
- required:
- - seconds
- type: object
- tcpSocket:
- description: |-
- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept
- for the backward compatibility. There are no validation of this field and
- lifecycle hooks will fail in runtime when tcp handler is specified.
- properties:
- host:
- description: 'Optional: Host name to connect
- to, defaults to the pod IP.'
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: |-
- Number or name of the port to access on the container.
- Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- required:
- - port
- type: object
- type: object
- preStop:
- description: |-
- PreStop is called immediately before a container is terminated due to an
- API request or management event such as liveness/startup probe failure,
- preemption, resource contention, etc. The handler is not called if the
- container crashes or exits. The Pod's termination grace period countdown begins before the
- PreStop hook is executed. Regardless of the outcome of the handler, the
- container will eventually terminate within the Pod's termination grace
- period (unless delayed by finalizers). Other management of the container blocks until the hook completes
- or until the termination grace period is reached.
- More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
- properties:
- exec:
- description: Exec specifies the action to take.
- properties:
- command:
- description: |-
- Command is the command line to execute inside the container, the working directory for the
- command is root ('/') in the container's filesystem. The command is simply exec'd, it is
- not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
- a shell, you need to explicitly call out to that shell.
- Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
- items:
- type: string
- type: array
- type: object
- httpGet:
- description: HTTPGet specifies the http request
- to perform.
- properties:
- host:
- description: |-
- Host name to connect to, defaults to the pod IP. You probably want to set
- "Host" in httpHeaders instead.
- type: string
- httpHeaders:
- description: Custom headers to set in the
- request. HTTP allows repeated headers.
- items:
- description: HTTPHeader describes a custom
- header to be used in HTTP probes
- properties:
- name:
- description: |-
- The header field name.
- This will be canonicalized upon output, so case-variant names will be understood as the same header.
- type: string
- value:
- description: The header field value
- type: string
- required:
- - name
- - value
- type: object
- type: array
- path:
- description: Path to access on the HTTP
- server.
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: |-
- Name or number of the port to access on the container.
- Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- scheme:
- description: |-
- Scheme to use for connecting to the host.
- Defaults to HTTP.
- type: string
- required:
- - port
- type: object
- sleep:
- description: Sleep represents the duration that
- the container should sleep before being terminated.
- properties:
- seconds:
- description: Seconds is the number of seconds
- to sleep.
- format: int64
- type: integer
- required:
- - seconds
- type: object
- tcpSocket:
- description: |-
- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept
- for the backward compatibility. There are no validation of this field and
- lifecycle hooks will fail in runtime when tcp handler is specified.
- properties:
- host:
- description: 'Optional: Host name to connect
- to, defaults to the pod IP.'
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: |-
- Number or name of the port to access on the container.
- Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- required:
- - port
- type: object
- type: object
- type: object
- livenessProbe:
- description: |-
- Periodic probe of container liveness.
- Container will be restarted if the probe fails.
- Cannot be updated.
- More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
- properties:
- exec:
- description: Exec specifies the action to take.
- properties:
- command:
- description: |-
- Command is the command line to execute inside the container, the working directory for the
- command is root ('/') in the container's filesystem. The command is simply exec'd, it is
- not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
- a shell, you need to explicitly call out to that shell.
- Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
- items:
- type: string
- type: array
- type: object
- failureThreshold:
- description: |-
- Minimum consecutive failures for the probe to be considered failed after having succeeded.
- Defaults to 3. Minimum value is 1.
- format: int32
- type: integer
- grpc:
- description: GRPC specifies an action involving
- a GRPC port.
- properties:
- port:
- description: Port number of the gRPC service.
- Number must be in the range 1 to 65535.
- format: int32
- type: integer
- service:
- description: |-
- Service is the name of the service to place in the gRPC HealthCheckRequest
- (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
-
-
- If this is not specified, the default behavior is defined by gRPC.
- type: string
- required:
- - port
- type: object
- httpGet:
- description: HTTPGet specifies the http request
- to perform.
- properties:
- host:
- description: |-
- Host name to connect to, defaults to the pod IP. You probably want to set
- "Host" in httpHeaders instead.
- type: string
- httpHeaders:
- description: Custom headers to set in the request.
- HTTP allows repeated headers.
- items:
- description: HTTPHeader describes a custom
- header to be used in HTTP probes
- properties:
- name:
- description: |-
- The header field name.
- This will be canonicalized upon output, so case-variant names will be understood as the same header.
- type: string
- value:
- description: The header field value
- type: string
- required:
- - name
- - value
- type: object
- type: array
- path:
- description: Path to access on the HTTP server.
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: |-
- Name or number of the port to access on the container.
- Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- scheme:
- description: |-
- Scheme to use for connecting to the host.
- Defaults to HTTP.
- type: string
- required:
- - port
- type: object
- initialDelaySeconds:
- description: |-
- Number of seconds after the container has started before liveness probes are initiated.
- More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
- format: int32
- type: integer
- periodSeconds:
- description: |-
- How often (in seconds) to perform the probe.
- Default to 10 seconds. Minimum value is 1.
- format: int32
- type: integer
- successThreshold:
- description: |-
- Minimum consecutive successes for the probe to be considered successful after having failed.
- Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
- format: int32
- type: integer
- tcpSocket:
- description: TCPSocket specifies an action involving
- a TCP port.
- properties:
- host:
- description: 'Optional: Host name to connect
- to, defaults to the pod IP.'
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: |-
- Number or name of the port to access on the container.
- Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- required:
- - port
- type: object
- terminationGracePeriodSeconds:
- description: |-
- Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
- The grace period is the duration in seconds after the processes running in the pod are sent
- a termination signal and the time when the processes are forcibly halted with a kill signal.
- Set this value longer than the expected cleanup time for your process.
- If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
- value overrides the value provided by the pod spec.
- Value must be non-negative integer. The value zero indicates stop immediately via
- the kill signal (no opportunity to shut down).
- This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
- Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
- format: int64
- type: integer
- timeoutSeconds:
- description: |-
- Number of seconds after which the probe times out.
- Defaults to 1 second. Minimum value is 1.
- More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
- format: int32
- type: integer
- type: object
- name:
- description: |-
- Name of the container specified as a DNS_LABEL.
- Each container in a pod must have a unique name (DNS_LABEL).
- Cannot be updated.
- type: string
- ports:
- description: |-
- List of ports to expose from the container. Not specifying a port here
- DOES NOT prevent that port from being exposed. Any port which is
- listening on the default "0.0.0.0" address inside a container will be
- accessible from the network.
- Modifying this array with strategic merge patch may corrupt the data.
- For more information See https://github.com/kubernetes/kubernetes/issues/108255.
- Cannot be updated.
- items:
- description: ContainerPort represents a network port
- in a single container.
- properties:
- containerPort:
- description: |-
- Number of port to expose on the pod's IP address.
- This must be a valid port number, 0 < x < 65536.
- format: int32
- type: integer
- hostIP:
- description: What host IP to bind the external
- port to.
- type: string
- hostPort:
- description: |-
- Number of port to expose on the host.
- If specified, this must be a valid port number, 0 < x < 65536.
- If HostNetwork is specified, this must match ContainerPort.
- Most containers do not need this.
- format: int32
- type: integer
- name:
- description: |-
- If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
- named port in a pod must have a unique name. Name for the port that can be
- referred to by services.
- type: string
- protocol:
- default: TCP
- description: |-
- Protocol for port. Must be UDP, TCP, or SCTP.
- Defaults to "TCP".
- type: string
- required:
- - containerPort
- type: object
- type: array
- x-kubernetes-list-map-keys:
- - containerPort
- - protocol
- x-kubernetes-list-type: map
- readinessProbe:
- description: |-
- Periodic probe of container service readiness.
- Container will be removed from service endpoints if the probe fails.
- Cannot be updated.
- More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
- properties:
- exec:
- description: Exec specifies the action to take.
- properties:
- command:
- description: |-
- Command is the command line to execute inside the container, the working directory for the
- command is root ('/') in the container's filesystem. The command is simply exec'd, it is
- not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
- a shell, you need to explicitly call out to that shell.
- Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
- items:
- type: string
- type: array
- type: object
- failureThreshold:
- description: |-
- Minimum consecutive failures for the probe to be considered failed after having succeeded.
- Defaults to 3. Minimum value is 1.
- format: int32
- type: integer
- grpc:
- description: GRPC specifies an action involving
- a GRPC port.
- properties:
- port:
- description: Port number of the gRPC service.
- Number must be in the range 1 to 65535.
- format: int32
- type: integer
- service:
- description: |-
- Service is the name of the service to place in the gRPC HealthCheckRequest
- (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
-
-
- If this is not specified, the default behavior is defined by gRPC.
- type: string
- required:
- - port
- type: object
- httpGet:
- description: HTTPGet specifies the http request
- to perform.
- properties:
- host:
- description: |-
- Host name to connect to, defaults to the pod IP. You probably want to set
- "Host" in httpHeaders instead.
- type: string
- httpHeaders:
- description: Custom headers to set in the request.
- HTTP allows repeated headers.
- items:
- description: HTTPHeader describes a custom
- header to be used in HTTP probes
- properties:
- name:
- description: |-
- The header field name.
- This will be canonicalized upon output, so case-variant names will be understood as the same header.
- type: string
- value:
- description: The header field value
- type: string
- required:
- - name
- - value
- type: object
- type: array
- path:
- description: Path to access on the HTTP server.
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: |-
- Name or number of the port to access on the container.
- Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- scheme:
- description: |-
- Scheme to use for connecting to the host.
- Defaults to HTTP.
- type: string
- required:
- - port
- type: object
- initialDelaySeconds:
- description: |-
- Number of seconds after the container has started before liveness probes are initiated.
- More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
- format: int32
- type: integer
- periodSeconds:
- description: |-
- How often (in seconds) to perform the probe.
- Default to 10 seconds. Minimum value is 1.
- format: int32
- type: integer
- successThreshold:
- description: |-
- Minimum consecutive successes for the probe to be considered successful after having failed.
- Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
- format: int32
- type: integer
- tcpSocket:
- description: TCPSocket specifies an action involving
- a TCP port.
- properties:
- host:
- description: 'Optional: Host name to connect
- to, defaults to the pod IP.'
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: |-
- Number or name of the port to access on the container.
- Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- required:
- - port
- type: object
- terminationGracePeriodSeconds:
- description: |-
- Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
- The grace period is the duration in seconds after the processes running in the pod are sent
- a termination signal and the time when the processes are forcibly halted with a kill signal.
- Set this value longer than the expected cleanup time for your process.
- If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
- value overrides the value provided by the pod spec.
- Value must be non-negative integer. The value zero indicates stop immediately via
- the kill signal (no opportunity to shut down).
- This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
- Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
- format: int64
- type: integer
- timeoutSeconds:
- description: |-
- Number of seconds after which the probe times out.
- Defaults to 1 second. Minimum value is 1.
- More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
- format: int32
- type: integer
- type: object
- resizePolicy:
- description: Resources resize policy for the container.
- items:
- description: ContainerResizePolicy represents resource
- resize policy for the container.
- properties:
- resourceName:
- description: |-
- Name of the resource to which this resource resize policy applies.
- Supported values: cpu, memory.
- type: string
- restartPolicy:
- description: |-
- Restart policy to apply when specified resource is resized.
- If not specified, it defaults to NotRequired.
- type: string
- required:
- - resourceName
- - restartPolicy
- type: object
- type: array
- x-kubernetes-list-type: atomic
- resources:
- description: |-
- Compute Resources required by this container.
- Cannot be updated.
- More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
- properties:
- claims:
- description: |-
- Claims lists the names of resources, defined in spec.resourceClaims,
- that are used by this container.
-
-
- This is an alpha field and requires enabling the
- DynamicResourceAllocation feature gate.
-
-
- This field is immutable. It can only be set for containers.
- items:
- description: ResourceClaim references one entry
- in PodSpec.ResourceClaims.
- properties:
- name:
- description: |-
- Name must match the name of one entry in pod.spec.resourceClaims of
- the Pod where this field is used. It makes that resource available
- inside a container.
- type: string
- required:
- - name
- type: object
- type: array
- x-kubernetes-list-map-keys:
- - name
- x-kubernetes-list-type: map
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: |-
- Limits describes the maximum amount of compute resources allowed.
- More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: |-
- Requests describes the minimum amount of compute resources required.
- If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
- otherwise to an implementation-defined value. Requests cannot exceed Limits.
- More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
- type: object
- type: object
- restartPolicy:
- description: |-
- RestartPolicy defines the restart behavior of individual containers in a pod.
- This field may only be set for init containers, and the only allowed value is "Always".
- For non-init containers or when this field is not specified,
- the restart behavior is defined by the Pod's restart policy and the container type.
- Setting the RestartPolicy as "Always" for the init container will have the following effect:
- this init container will be continually restarted on
- exit until all regular containers have terminated. Once all regular
- containers have completed, all init containers with restartPolicy "Always"
- will be shut down. This lifecycle differs from normal init containers and
- is often referred to as a "sidecar" container. Although this init
- container still starts in the init container sequence, it does not wait
- for the container to complete before proceeding to the next init
- container. Instead, the next init container starts immediately after this
- init container is started, or after any startupProbe has successfully
- completed.
- type: string
- securityContext:
- description: |-
- SecurityContext defines the security options the container should be run with.
- If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.
- More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
- properties:
- allowPrivilegeEscalation:
- description: |-
- AllowPrivilegeEscalation controls whether a process can gain more
- privileges than its parent process. This bool directly controls if
- the no_new_privs flag will be set on the container process.
- AllowPrivilegeEscalation is true always when the container is:
- 1) run as Privileged
- 2) has CAP_SYS_ADMIN
- Note that this field cannot be set when spec.os.name is windows.
- type: boolean
- capabilities:
- description: |-
- The capabilities to add/drop when running containers.
- Defaults to the default set of capabilities granted by the container runtime.
- Note that this field cannot be set when spec.os.name is windows.
- properties:
- add:
- description: Added capabilities
- items:
- description: Capability represent POSIX capabilities
- type
- type: string
- type: array
- drop:
- description: Removed capabilities
- items:
- description: Capability represent POSIX capabilities
- type
- type: string
- type: array
- type: object
- privileged:
- description: |-
- Run container in privileged mode.
- Processes in privileged containers are essentially equivalent to root on the host.
- Defaults to false.
- Note that this field cannot be set when spec.os.name is windows.
- type: boolean
- procMount:
- description: |-
- procMount denotes the type of proc mount to use for the containers.
- The default is DefaultProcMount which uses the container runtime defaults for
- readonly paths and masked paths.
- This requires the ProcMountType feature flag to be enabled.
- Note that this field cannot be set when spec.os.name is windows.
- type: string
- readOnlyRootFilesystem:
- description: |-
- Whether this container has a read-only root filesystem.
- Default is false.
- Note that this field cannot be set when spec.os.name is windows.
- type: boolean
- runAsGroup:
- description: |-
- The GID to run the entrypoint of the container process.
- Uses runtime default if unset.
- May also be set in PodSecurityContext. If set in both SecurityContext and
- PodSecurityContext, the value specified in SecurityContext takes precedence.
- Note that this field cannot be set when spec.os.name is windows.
- format: int64
- type: integer
- runAsNonRoot:
- description: |-
- Indicates that the container must run as a non-root user.
- If true, the Kubelet will validate the image at runtime to ensure that it
- does not run as UID 0 (root) and fail to start the container if it does.
- If unset or false, no such validation will be performed.
- May also be set in PodSecurityContext. If set in both SecurityContext and
- PodSecurityContext, the value specified in SecurityContext takes precedence.
- type: boolean
- runAsUser:
- description: |-
- The UID to run the entrypoint of the container process.
- Defaults to user specified in image metadata if unspecified.
- May also be set in PodSecurityContext. If set in both SecurityContext and
- PodSecurityContext, the value specified in SecurityContext takes precedence.
- Note that this field cannot be set when spec.os.name is windows.
- format: int64
- type: integer
- seLinuxOptions:
- description: |-
- The SELinux context to be applied to the container.
- If unspecified, the container runtime will allocate a random SELinux context for each
- container. May also be set in PodSecurityContext. If set in both SecurityContext and
- PodSecurityContext, the value specified in SecurityContext takes precedence.
- Note that this field cannot be set when spec.os.name is windows.
- properties:
- level:
- description: Level is SELinux level label that
- applies to the container.
- type: string
- role:
- description: Role is a SELinux role label that
- applies to the container.
- type: string
- type:
- description: Type is a SELinux type label that
- applies to the container.
- type: string
- user:
- description: User is a SELinux user label that
- applies to the container.
- type: string
- type: object
- seccompProfile:
- description: |-
- The seccomp options to use by this container. If seccomp options are
- provided at both the pod & container level, the container options
- override the pod options.
- Note that this field cannot be set when spec.os.name is windows.
- properties:
- localhostProfile:
- description: |-
- localhostProfile indicates a profile defined in a file on the node should be used.
- The profile must be preconfigured on the node to work.
- Must be a descending path, relative to the kubelet's configured seccomp profile location.
- Must be set if type is "Localhost". Must NOT be set for any other type.
- type: string
- type:
- description: |-
- type indicates which kind of seccomp profile will be applied.
- Valid options are:
-
-
- Localhost - a profile defined in a file on the node should be used.
- RuntimeDefault - the container runtime default profile should be used.
- Unconfined - no profile should be applied.
- type: string
- required:
- - type
- type: object
- windowsOptions:
- description: |-
- The Windows specific settings applied to all containers.
- If unspecified, the options from the PodSecurityContext will be used.
- If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
- Note that this field cannot be set when spec.os.name is linux.
- properties:
- gmsaCredentialSpec:
- description: |-
- GMSACredentialSpec is where the GMSA admission webhook
- (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the
- GMSA credential spec named by the GMSACredentialSpecName field.
- type: string
- gmsaCredentialSpecName:
- description: GMSACredentialSpecName is the name
- of the GMSA credential spec to use.
- type: string
- hostProcess:
- description: |-
- HostProcess determines if a container should be run as a 'Host Process' container.
- All of a Pod's containers must have the same effective HostProcess value
- (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).
- In addition, if HostProcess is true then HostNetwork must also be set to true.
- type: boolean
- runAsUserName:
- description: |-
- The UserName in Windows to run the entrypoint of the container process.
- Defaults to the user specified in image metadata if unspecified.
- May also be set in PodSecurityContext. If set in both SecurityContext and
- PodSecurityContext, the value specified in SecurityContext takes precedence.
- type: string
- type: object
- type: object
- startupProbe:
- description: |-
- StartupProbe indicates that the Pod has successfully initialized.
- If specified, no other probes are executed until this completes successfully.
- If this probe fails, the Pod will be restarted, just as if the livenessProbe failed.
- This can be used to provide different probe parameters at the beginning of a Pod's lifecycle,
- when it might take a long time to load data or warm a cache, than during steady-state operation.
- This cannot be updated.
- More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
- properties:
- exec:
- description: Exec specifies the action to take.
- properties:
- command:
- description: |-
- Command is the command line to execute inside the container, the working directory for the
- command is root ('/') in the container's filesystem. The command is simply exec'd, it is
- not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
- a shell, you need to explicitly call out to that shell.
- Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
- items:
- type: string
- type: array
- type: object
- failureThreshold:
- description: |-
- Minimum consecutive failures for the probe to be considered failed after having succeeded.
- Defaults to 3. Minimum value is 1.
- format: int32
- type: integer
- grpc:
- description: GRPC specifies an action involving
- a GRPC port.
- properties:
- port:
- description: Port number of the gRPC service.
- Number must be in the range 1 to 65535.
- format: int32
- type: integer
- service:
- description: |-
- Service is the name of the service to place in the gRPC HealthCheckRequest
- (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
-
-
- If this is not specified, the default behavior is defined by gRPC.
- type: string
- required:
- - port
- type: object
- httpGet:
- description: HTTPGet specifies the http request
- to perform.
- properties:
- host:
- description: |-
- Host name to connect to, defaults to the pod IP. You probably want to set
- "Host" in httpHeaders instead.
- type: string
- httpHeaders:
- description: Custom headers to set in the request.
- HTTP allows repeated headers.
- items:
- description: HTTPHeader describes a custom
- header to be used in HTTP probes
- properties:
- name:
- description: |-
- The header field name.
- This will be canonicalized upon output, so case-variant names will be understood as the same header.
- type: string
- value:
- description: The header field value
- type: string
- required:
- - name
- - value
- type: object
- type: array
- path:
- description: Path to access on the HTTP server.
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: |-
- Name or number of the port to access on the container.
- Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- scheme:
- description: |-
- Scheme to use for connecting to the host.
- Defaults to HTTP.
- type: string
- required:
- - port
- type: object
- initialDelaySeconds:
- description: |-
- Number of seconds after the container has started before liveness probes are initiated.
- More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
- format: int32
- type: integer
- periodSeconds:
- description: |-
- How often (in seconds) to perform the probe.
- Default to 10 seconds. Minimum value is 1.
- format: int32
- type: integer
- successThreshold:
- description: |-
- Minimum consecutive successes for the probe to be considered successful after having failed.
- Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
- format: int32
- type: integer
- tcpSocket:
- description: TCPSocket specifies an action involving
- a TCP port.
- properties:
- host:
- description: 'Optional: Host name to connect
- to, defaults to the pod IP.'
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: |-
- Number or name of the port to access on the container.
- Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- required:
- - port
- type: object
- terminationGracePeriodSeconds:
- description: |-
- Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
- The grace period is the duration in seconds after the processes running in the pod are sent
- a termination signal and the time when the processes are forcibly halted with a kill signal.
- Set this value longer than the expected cleanup time for your process.
- If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
- value overrides the value provided by the pod spec.
- Value must be non-negative integer. The value zero indicates stop immediately via
- the kill signal (no opportunity to shut down).
- This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
- Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
- format: int64
- type: integer
- timeoutSeconds:
- description: |-
- Number of seconds after which the probe times out.
- Defaults to 1 second. Minimum value is 1.
- More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
- format: int32
- type: integer
- type: object
- stdin:
- description: |-
- Whether this container should allocate a buffer for stdin in the container runtime. If this
- is not set, reads from stdin in the container will always result in EOF.
- Default is false.
- type: boolean
- stdinOnce:
- description: |-
- Whether the container runtime should close the stdin channel after it has been opened by
- a single attach. When stdin is true the stdin stream will remain open across multiple attach
- sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the
- first client attaches to stdin, and then remains open and accepts data until the client disconnects,
- at which time stdin is closed and remains closed until the container is restarted. If this
- flag is false, a container processes that reads from stdin will never receive an EOF.
- Default is false
- type: boolean
- terminationMessagePath:
- description: |-
- Optional: Path at which the file to which the container's termination message
- will be written is mounted into the container's filesystem.
- Message written is intended to be brief final status, such as an assertion failure message.
- Will be truncated by the node if greater than 4096 bytes. The total message length across
- all containers will be limited to 12kb.
- Defaults to /dev/termination-log.
- Cannot be updated.
- type: string
- terminationMessagePolicy:
- description: |-
- Indicate how the termination message should be populated. File will use the contents of
- terminationMessagePath to populate the container status message on both success and failure.
- FallbackToLogsOnError will use the last chunk of container log output if the termination
- message file is empty and the container exited with an error.
- The log output is limited to 2048 bytes or 80 lines, whichever is smaller.
- Defaults to File.
- Cannot be updated.
- type: string
- tty:
- description: |-
- Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.
- Default is false.
- type: boolean
- volumeDevices:
- description: volumeDevices is the list of block devices
- to be used by the container.
- items:
- description: volumeDevice describes a mapping of a
- raw block device within a container.
- properties:
- devicePath:
- description: devicePath is the path inside of
- the container that the device will be mapped
- to.
- type: string
- name:
- description: name must match the name of a persistentVolumeClaim
- in the pod
- type: string
- required:
- - devicePath
- - name
- type: object
- type: array
- volumeMounts:
- description: |-
- Pod volumes to mount into the container's filesystem.
- Cannot be updated.
- items:
- description: VolumeMount describes a mounting of a
- Volume within a container.
- properties:
- mountPath:
- description: |-
- Path within the container at which the volume should be mounted. Must
- not contain ':'.
- type: string
- mountPropagation:
- description: |-
- mountPropagation determines how mounts are propagated from the host
- to container and the other way around.
- When not set, MountPropagationNone is used.
- This field is beta in 1.10.
- type: string
- name:
- description: This must match the Name of a Volume.
- type: string
- readOnly:
- description: |-
- Mounted read-only if true, read-write otherwise (false or unspecified).
- Defaults to false.
- type: boolean
- subPath:
- description: |-
- Path within the volume from which the container's volume should be mounted.
- Defaults to "" (volume's root).
- type: string
- subPathExpr:
- description: |-
- Expanded path within the volume from which the container's volume should be mounted.
- Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.
- Defaults to "" (volume's root).
- SubPathExpr and SubPath are mutually exclusive.
- type: string
- required:
- - mountPath
- - name
- type: object
- type: array
- workingDir:
- description: |-
- Container's working directory.
- If not specified, the container runtime's default will be used, which
- might be configured in the container image.
- Cannot be updated.
- type: string
- required:
- - name
- type: object
- type: array
- nodeSelector:
- additionalProperties:
- type: string
- description: NodeSelector
- type: object
- restartPolicy:
- description: RestartPolicy
- type: string
- securityContext:
- description: PodSecurityContext
- properties:
- fsGroup:
- description: |-
- A special supplemental group that applies to all containers in a pod.
- Some volume types allow the Kubelet to change the ownership of that volume
- to be owned by the pod:
-
-
- 1. The owning GID will be the FSGroup
- 2. The setgid bit is set (new files created in the volume will be owned by FSGroup)
- 3. The permission bits are OR'd with rw-rw----
-
-
- If unset, the Kubelet will not modify the ownership and permissions of any volume.
- Note that this field cannot be set when spec.os.name is windows.
- format: int64
- type: integer
- fsGroupChangePolicy:
- description: |-
- fsGroupChangePolicy defines behavior of changing ownership and permission of the volume
- before being exposed inside Pod. This field will only apply to
- volume types which support fsGroup based ownership(and permissions).
- It will have no effect on ephemeral volume types such as: secret, configmaps
- and emptydir.
- Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used.
- Note that this field cannot be set when spec.os.name is windows.
- type: string
- runAsGroup:
- description: |-
- The GID to run the entrypoint of the container process.
- Uses runtime default if unset.
- May also be set in SecurityContext. If set in both SecurityContext and
- PodSecurityContext, the value specified in SecurityContext takes precedence
- for that container.
- Note that this field cannot be set when spec.os.name is windows.
- format: int64
- type: integer
- runAsNonRoot:
- description: |-
- Indicates that the container must run as a non-root user.
- If true, the Kubelet will validate the image at runtime to ensure that it
- does not run as UID 0 (root) and fail to start the container if it does.
- If unset or false, no such validation will be performed.
- May also be set in SecurityContext. If set in both SecurityContext and
- PodSecurityContext, the value specified in SecurityContext takes precedence.
- type: boolean
- runAsUser:
- description: |-
- The UID to run the entrypoint of the container process.
- Defaults to user specified in image metadata if unspecified.
- May also be set in SecurityContext. If set in both SecurityContext and
- PodSecurityContext, the value specified in SecurityContext takes precedence
- for that container.
- Note that this field cannot be set when spec.os.name is windows.
- format: int64
- type: integer
- seLinuxOptions:
- description: |-
- The SELinux context to be applied to all containers.
- If unspecified, the container runtime will allocate a random SELinux context for each
- container. May also be set in SecurityContext. If set in
- both SecurityContext and PodSecurityContext, the value specified in SecurityContext
- takes precedence for that container.
- Note that this field cannot be set when spec.os.name is windows.
- properties:
- level:
- description: Level is SELinux level label that applies
- to the container.
- type: string
- role:
- description: Role is a SELinux role label that applies
- to the container.
- type: string
- type:
- description: Type is a SELinux type label that applies
- to the container.
- type: string
- user:
- description: User is a SELinux user label that applies
- to the container.
- type: string
- type: object
- seccompProfile:
- description: |-
- The seccomp options to use by the containers in this pod.
- Note that this field cannot be set when spec.os.name is windows.
- properties:
- localhostProfile:
- description: |-
- localhostProfile indicates a profile defined in a file on the node should be used.
- The profile must be preconfigured on the node to work.
- Must be a descending path, relative to the kubelet's configured seccomp profile location.
- Must be set if type is "Localhost". Must NOT be set for any other type.
- type: string
- type:
- description: |-
- type indicates which kind of seccomp profile will be applied.
- Valid options are:
-
-
- Localhost - a profile defined in a file on the node should be used.
- RuntimeDefault - the container runtime default profile should be used.
- Unconfined - no profile should be applied.
- type: string
- required:
- - type
- type: object
- supplementalGroups:
- description: |-
- A list of groups applied to the first process run in each container, in addition
- to the container's primary GID, the fsGroup (if specified), and group memberships
- defined in the container image for the uid of the container process. If unspecified,
- no additional groups are added to any container. Note that group memberships
- defined in the container image for the uid of the container process are still effective,
- even if they are not included in this list.
- Note that this field cannot be set when spec.os.name is windows.
- items:
- format: int64
- type: integer
- type: array
- sysctls:
- description: |-
- Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported
- sysctls (by the container runtime) might fail to launch.
- Note that this field cannot be set when spec.os.name is windows.
- items:
- description: Sysctl defines a kernel parameter to be
- set
- properties:
- name:
- description: Name of a property to set
- type: string
- value:
- description: Value of a property to set
- type: string
- required:
- - name
- - value
- type: object
- type: array
- windowsOptions:
- description: |-
- The Windows specific settings applied to all containers.
- If unspecified, the options within a container's SecurityContext will be used.
- If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
- Note that this field cannot be set when spec.os.name is linux.
- properties:
- gmsaCredentialSpec:
- description: |-
- GMSACredentialSpec is where the GMSA admission webhook
- (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the
- GMSA credential spec named by the GMSACredentialSpecName field.
- type: string
- gmsaCredentialSpecName:
- description: GMSACredentialSpecName is the name of
- the GMSA credential spec to use.
- type: string
- hostProcess:
- description: |-
- HostProcess determines if a container should be run as a 'Host Process' container.
- All of a Pod's containers must have the same effective HostProcess value
- (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).
- In addition, if HostProcess is true then HostNetwork must also be set to true.
- type: boolean
- runAsUserName:
- description: |-
- The UserName in Windows to run the entrypoint of the container process.
- Defaults to the user specified in image metadata if unspecified.
- May also be set in PodSecurityContext. If set in both SecurityContext and
- PodSecurityContext, the value specified in SecurityContext takes precedence.
- type: string
- type: object
- type: object
- terminationGracePeriodSeconds:
- description: TerminationGracePeriodSeconds
- format: int64
- type: integer
- topologySpreadConstraints:
- description: TopologySpreadConstraints
- items:
- description: TopologySpreadConstraint specifies how to spread
- matching pods among the given topology.
- properties:
- labelSelector:
- description: |-
- LabelSelector is used to find matching pods.
- Pods that match this label selector are counted to determine the number of pods
- in their corresponding topology domain.
- properties:
- matchExpressions:
- description: matchExpressions is a list of label
- selector requirements. The requirements are ANDed.
- items:
- description: |-
- A label selector requirement is a selector that contains values, a key, and an operator that
- relates the key and values.
- properties:
- key:
- description: key is the label key that the
- selector applies to.
- type: string
- operator:
- description: |-
- operator represents a key's relationship to a set of values.
- Valid operators are In, NotIn, Exists and DoesNotExist.
- type: string
- values:
- description: |-
- values is an array of string values. If the operator is In or NotIn,
- the values array must be non-empty. If the operator is Exists or DoesNotExist,
- the values array must be empty. This array is replaced during a strategic
- merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: |-
- matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions, whose key field is "key", the
- operator is "In", and the values array contains only "value". The requirements are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- matchLabelKeys:
- description: |-
- MatchLabelKeys is a set of pod label keys to select the pods over which
- spreading will be calculated. The keys are used to lookup values from the
- incoming pod labels, those key-value labels are ANDed with labelSelector
- to select the group of existing pods over which spreading will be calculated
- for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.
- MatchLabelKeys cannot be set when LabelSelector isn't set.
- Keys that don't exist in the incoming pod labels will
- be ignored. A null or empty list means only match against labelSelector.
-
-
- This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default).
- items:
- type: string
- type: array
- x-kubernetes-list-type: atomic
- maxSkew:
- description: |-
- MaxSkew describes the degree to which pods may be unevenly distributed.
- When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference
- between the number of matching pods in the target topology and the global minimum.
- The global minimum is the minimum number of matching pods in an eligible domain
- or zero if the number of eligible domains is less than MinDomains.
- For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same
- labelSelector spread as 2/2/1:
- In this case, the global minimum is 1.
- | zone1 | zone2 | zone3 |
- | P P | P P | P |
- - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2;
- scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2)
- violate MaxSkew(1).
- - if MaxSkew is 2, incoming pod can be scheduled onto any zone.
- When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence
- to topologies that satisfy it.
- It's a required field. Default value is 1 and 0 is not allowed.
- format: int32
- type: integer
- minDomains:
- description: |-
- MinDomains indicates a minimum number of eligible domains.
- When the number of eligible domains with matching topology keys is less than minDomains,
- Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed.
- And when the number of eligible domains with matching topology keys equals or greater than minDomains,
- this value has no effect on scheduling.
- As a result, when the number of eligible domains is less than minDomains,
- scheduler won't schedule more than maxSkew Pods to those domains.
- If value is nil, the constraint behaves as if MinDomains is equal to 1.
- Valid values are integers greater than 0.
- When value is not nil, WhenUnsatisfiable must be DoNotSchedule.
-
-
- For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same
- labelSelector spread as 2/2/2:
- | zone1 | zone2 | zone3 |
- | P P | P P | P P |
- The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0.
- In this situation, new pod with the same labelSelector cannot be scheduled,
- because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,
- it will violate MaxSkew.
-
-
- This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default).
- format: int32
- type: integer
- nodeAffinityPolicy:
- description: |-
- NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector
- when calculating pod topology spread skew. Options are:
- - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.
- - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.
-
-
- If this value is nil, the behavior is equivalent to the Honor policy.
- This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.
- type: string
- nodeTaintsPolicy:
- description: |-
- NodeTaintsPolicy indicates how we will treat node taints when calculating
- pod topology spread skew. Options are:
- - Honor: nodes without taints, along with tainted nodes for which the incoming pod
- has a toleration, are included.
- - Ignore: node taints are ignored. All nodes are included.
-
-
- If this value is nil, the behavior is equivalent to the Ignore policy.
- This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.
- type: string
- topologyKey:
- description: |-
- TopologyKey is the key of node labels. Nodes that have a label with this key
- and identical values are considered to be in the same topology.
- We consider each as a "bucket", and try to put balanced number
- of pods into each bucket.
- We define a domain as a particular instance of a topology.
- Also, we define an eligible domain as a domain whose nodes meet the requirements of
- nodeAffinityPolicy and nodeTaintsPolicy.
- e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology.
- And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology.
- It's a required field.
- type: string
- whenUnsatisfiable:
- description: |-
- WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy
- the spread constraint.
- - DoNotSchedule (default) tells the scheduler not to schedule it.
- - ScheduleAnyway tells the scheduler to schedule the pod in any location,
- but giving higher precedence to topologies that would help reduce the
- skew.
- A constraint is considered "Unsatisfiable" for an incoming pod
- if and only if every possible node assignment for that pod would violate
- "MaxSkew" on some topology.
- For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same
- labelSelector spread as 3/1/1:
- | zone1 | zone2 | zone3 |
- | P P P | P | P |
- If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled
- to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies
- MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler
- won't make it *more* imbalanced.
- It's a required field.
- type: string
- required:
- - maxSkew
- - topologyKey
- - whenUnsatisfiable
- type: object
- type: array
- volumes:
- description: Volumes
- items:
- description: Volume represents a named volume in a pod that
- may be accessed by any container in the pod.
- properties:
- awsElasticBlockStore:
- description: |-
- awsElasticBlockStore represents an AWS Disk resource that is attached to a
- kubelet's host machine and then exposed to the pod.
- More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
- properties:
- fsType:
- description: |-
- fsType is the filesystem type of the volume that you want to mount.
- Tip: Ensure that the filesystem type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
- More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
- TODO: how do we prevent errors in the filesystem from compromising the machine
- type: string
- partition:
- description: |-
- partition is the partition in the volume that you want to mount.
- If omitted, the default is to mount by volume name.
- Examples: For volume /dev/sda1, you specify the partition as "1".
- Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty).
- format: int32
- type: integer
- readOnly:
- description: |-
- readOnly value true will force the readOnly setting in VolumeMounts.
- More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
- type: boolean
- volumeID:
- description: |-
- volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume).
- More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
- type: string
- required:
- - volumeID
- type: object
- azureDisk:
- description: azureDisk represents an Azure Data Disk
- mount on the host and bind mount to the pod.
- properties:
- cachingMode:
- description: 'cachingMode is the Host Caching mode:
- None, Read Only, Read Write.'
- type: string
- diskName:
- description: diskName is the Name of the data disk
- in the blob storage
- type: string
- diskURI:
- description: diskURI is the URI of data disk in
- the blob storage
- type: string
- fsType:
- description: |-
- fsType is Filesystem type to mount.
- Must be a filesystem type supported by the host operating system.
- Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
- type: string
- kind:
- description: 'kind expected values are Shared: multiple
- blob disks per storage account Dedicated: single
- blob disk per storage account Managed: azure
- managed data disk (only in managed availability
- set). defaults to shared'
- type: string
- readOnly:
- description: |-
- readOnly Defaults to false (read/write). ReadOnly here will force
- the ReadOnly setting in VolumeMounts.
- type: boolean
- required:
- - diskName
- - diskURI
- type: object
- azureFile:
- description: azureFile represents an Azure File Service
- mount on the host and bind mount to the pod.
- properties:
- readOnly:
- description: |-
- readOnly defaults to false (read/write). ReadOnly here will force
- the ReadOnly setting in VolumeMounts.
- type: boolean
- secretName:
- description: secretName is the name of secret that
- contains Azure Storage Account Name and Key
- type: string
- shareName:
- description: shareName is the azure share Name
- type: string
- required:
- - secretName
- - shareName
- type: object
- cephfs:
- description: cephFS represents a Ceph FS mount on the
- host that shares a pod's lifetime
- properties:
- monitors:
- description: |-
- monitors is Required: Monitors is a collection of Ceph monitors
- More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
- items:
- type: string
- type: array
- path:
- description: 'path is Optional: Used as the mounted
- root, rather than the full Ceph tree, default
- is /'
- type: string
- readOnly:
- description: |-
- readOnly is Optional: Defaults to false (read/write). ReadOnly here will force
- the ReadOnly setting in VolumeMounts.
- More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
- type: boolean
- secretFile:
- description: |-
- secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret
- More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
- type: string
- secretRef:
- description: |-
- secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.
- More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
- properties:
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- type: object
- x-kubernetes-map-type: atomic
- user:
- description: |-
- user is optional: User is the rados user name, default is admin
- More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
- type: string
- required:
- - monitors
- type: object
- cinder:
- description: |-
- cinder represents a cinder volume attached and mounted on kubelets host machine.
- More info: https://examples.k8s.io/mysql-cinder-pd/README.md
- properties:
- fsType:
- description: |-
- fsType is the filesystem type to mount.
- Must be a filesystem type supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
- More info: https://examples.k8s.io/mysql-cinder-pd/README.md
- type: string
- readOnly:
- description: |-
- readOnly defaults to false (read/write). ReadOnly here will force
- the ReadOnly setting in VolumeMounts.
- More info: https://examples.k8s.io/mysql-cinder-pd/README.md
- type: boolean
- secretRef:
- description: |-
- secretRef is optional: points to a secret object containing parameters used to connect
- to OpenStack.
- properties:
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- type: object
- x-kubernetes-map-type: atomic
- volumeID:
- description: |-
- volumeID used to identify the volume in cinder.
- More info: https://examples.k8s.io/mysql-cinder-pd/README.md
- type: string
- required:
- - volumeID
- type: object
- configMap:
- description: configMap represents a configMap that should
- populate this volume
- properties:
- defaultMode:
- description: |-
- defaultMode is optional: mode bits used to set permissions on created files by default.
- Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
- YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
- Defaults to 0644.
- Directories within the path are not affected by this setting.
- This might be in conflict with other options that affect the file
- mode, like fsGroup, and the result can be other mode bits set.
- format: int32
- type: integer
- items:
- description: |-
- items if unspecified, each key-value pair in the Data field of the referenced
- ConfigMap will be projected into the volume as a file whose name is the
- key and content is the value. If specified, the listed keys will be
- projected into the specified paths, and unlisted keys will not be
- present. If a key is specified which is not present in the ConfigMap,
- the volume setup will error unless it is marked optional. Paths must be
- relative and may not contain the '..' path or start with '..'.
- items:
- description: Maps a string key to a path within
- a volume.
- properties:
- key:
- description: key is the key to project.
- type: string
- mode:
- description: |-
- mode is Optional: mode bits used to set permissions on this file.
- Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
- YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
- If not specified, the volume defaultMode will be used.
- This might be in conflict with other options that affect the file
- mode, like fsGroup, and the result can be other mode bits set.
- format: int32
- type: integer
- path:
- description: |-
- path is the relative path of the file to map the key to.
- May not be an absolute path.
- May not contain the path element '..'.
- May not start with the string '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: optional specify whether the ConfigMap
- or its keys must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- csi:
- description: csi (Container Storage Interface) represents
- ephemeral storage that is handled by certain external
- CSI drivers (Beta feature).
- properties:
- driver:
- description: |-
- driver is the name of the CSI driver that handles this volume.
- Consult with your admin for the correct name as registered in the cluster.
- type: string
- fsType:
- description: |-
- fsType to mount. Ex. "ext4", "xfs", "ntfs".
- If not provided, the empty value is passed to the associated CSI driver
- which will determine the default filesystem to apply.
- type: string
- nodePublishSecretRef:
- description: |-
- nodePublishSecretRef is a reference to the secret object containing
- sensitive information to pass to the CSI driver to complete the CSI
- NodePublishVolume and NodeUnpublishVolume calls.
- This field is optional, and may be empty if no secret is required. If the
- secret object contains more than one secret, all secret references are passed.
- properties:
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- type: object
- x-kubernetes-map-type: atomic
- readOnly:
- description: |-
- readOnly specifies a read-only configuration for the volume.
- Defaults to false (read/write).
- type: boolean
- volumeAttributes:
- additionalProperties:
- type: string
- description: |-
- volumeAttributes stores driver-specific properties that are passed to the CSI
- driver. Consult your driver's documentation for supported values.
- type: object
- required:
- - driver
- type: object
- downwardAPI:
- description: downwardAPI represents downward API about
- the pod that should populate this volume
- properties:
- defaultMode:
- description: |-
- Optional: mode bits to use on created files by default. Must be a
- Optional: mode bits used to set permissions on created files by default.
- Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
- YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
- Defaults to 0644.
- Directories within the path are not affected by this setting.
- This might be in conflict with other options that affect the file
- mode, like fsGroup, and the result can be other mode bits set.
- format: int32
- type: integer
- items:
- description: Items is a list of downward API volume
- file
- items:
- description: DownwardAPIVolumeFile represents
- information to create the file containing the
- pod field
- properties:
- fieldRef:
- description: 'Required: Selects a field of
- the pod: only annotations, labels, name
- and namespace are supported.'
- properties:
- apiVersion:
- description: Version of the schema the
- FieldPath is written in terms of, defaults
- to "v1".
- type: string
- fieldPath:
- description: Path of the field to select
- in the specified API version.
- type: string
- required:
- - fieldPath
- type: object
- x-kubernetes-map-type: atomic
- mode:
- description: |-
- Optional: mode bits used to set permissions on this file, must be an octal value
- between 0000 and 0777 or a decimal value between 0 and 511.
- YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
- If not specified, the volume defaultMode will be used.
- This might be in conflict with other options that affect the file
- mode, like fsGroup, and the result can be other mode bits set.
- format: int32
- type: integer
- path:
- description: 'Required: Path is the relative
- path name of the file to be created. Must
- not be absolute or contain the ''..'' path.
- Must be utf-8 encoded. The first item of
- the relative path must not start with ''..'''
- type: string
- resourceFieldRef:
- description: |-
- Selects a resource of the container: only resources limits and requests
- (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.
- properties:
- containerName:
- description: 'Container name: required
- for volumes, optional for env vars'
- type: string
- divisor:
- anyOf:
- - type: integer
- - type: string
- description: Specifies the output format
- of the exposed resources, defaults to
- "1"
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- resource:
- description: 'Required: resource to select'
- type: string
- required:
- - resource
- type: object
- x-kubernetes-map-type: atomic
- required:
- - path
- type: object
- type: array
- type: object
- emptyDir:
- description: |-
- emptyDir represents a temporary directory that shares a pod's lifetime.
- More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir
- properties:
- medium:
- description: |-
- medium represents what type of storage medium should back this directory.
- The default is "" which means to use the node's default medium.
- Must be an empty string (default) or Memory.
- More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir
- type: string
- sizeLimit:
- anyOf:
- - type: integer
- - type: string
- description: |-
- sizeLimit is the total amount of local storage required for this EmptyDir volume.
- The size limit is also applicable for memory medium.
- The maximum usage on memory medium EmptyDir would be the minimum value between
- the SizeLimit specified here and the sum of memory limits of all containers in a pod.
- The default is nil which means that the limit is undefined.
- More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- type: object
- ephemeral:
- description: |-
- ephemeral represents a volume that is handled by a cluster storage driver.
- The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts,
- and deleted when the pod is removed.
-
-
- Use this if:
- a) the volume is only needed while the pod runs,
- b) features of normal volumes like restoring from snapshot or capacity
- tracking are needed,
- c) the storage driver is specified through a storage class, and
- d) the storage driver supports dynamic volume provisioning through
- a PersistentVolumeClaim (see EphemeralVolumeSource for more
- information on the connection between this volume type
- and PersistentVolumeClaim).
-
-
- Use PersistentVolumeClaim or one of the vendor-specific
- APIs for volumes that persist for longer than the lifecycle
- of an individual pod.
-
-
- Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to
- be used that way - see the documentation of the driver for
- more information.
-
-
- A pod can use both types of ephemeral volumes and
- persistent volumes at the same time.
- properties:
- volumeClaimTemplate:
- description: |-
- Will be used to create a stand-alone PVC to provision the volume.
- The pod in which this EphemeralVolumeSource is embedded will be the
- owner of the PVC, i.e. the PVC will be deleted together with the
- pod. The name of the PVC will be `-` where
- `` is the name from the `PodSpec.Volumes` array
- entry. Pod validation will reject the pod if the concatenated name
- is not valid for a PVC (for example, too long).
-
-
- An existing PVC with that name that is not owned by the pod
- will *not* be used for the pod to avoid using an unrelated
- volume by mistake. Starting the pod is then blocked until
- the unrelated PVC is removed. If such a pre-created PVC is
- meant to be used by the pod, the PVC has to updated with an
- owner reference to the pod once the pod exists. Normally
- this should not be necessary, but it may be useful when
- manually reconstructing a broken cluster.
-
-
- This field is read-only and no changes will be made by Kubernetes
- to the PVC after it has been created.
-
-
- Required, must not be nil.
- properties:
- metadata:
- description: |-
- May contain labels and annotations that will be copied into the PVC
- when creating it. No other fields are allowed and will be rejected during
- validation.
- type: object
- spec:
- description: |-
- The specification for the PersistentVolumeClaim. The entire content is
- copied unchanged into the PVC that gets created from this
- template. The same fields as in a PersistentVolumeClaim
- are also valid here.
- properties:
- accessModes:
- description: |-
- accessModes contains the desired access modes the volume should have.
- More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1
- items:
- type: string
- type: array
- dataSource:
- description: |-
- dataSource field can be used to specify either:
- * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)
- * An existing PVC (PersistentVolumeClaim)
- If the provisioner or an external controller can support the specified data source,
- it will create a new volume based on the contents of the specified data source.
- When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,
- and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.
- If the namespace is specified, then dataSourceRef will not be copied to dataSource.
- properties:
- apiGroup:
- description: |-
- APIGroup is the group for the resource being referenced.
- If APIGroup is not specified, the specified Kind must be in the core API group.
- For any other third-party types, APIGroup is required.
- type: string
- kind:
- description: Kind is the type of resource
- being referenced
- type: string
- name:
- description: Name is the name of resource
- being referenced
- type: string
- required:
- - kind
- - name
- type: object
- x-kubernetes-map-type: atomic
- dataSourceRef:
- description: |-
- dataSourceRef specifies the object from which to populate the volume with data, if a non-empty
- volume is desired. This may be any object from a non-empty API group (non
- core object) or a PersistentVolumeClaim object.
- When this field is specified, volume binding will only succeed if the type of
- the specified object matches some installed volume populator or dynamic
- provisioner.
- This field will replace the functionality of the dataSource field and as such
- if both fields are non-empty, they must have the same value. For backwards
- compatibility, when namespace isn't specified in dataSourceRef,
- both fields (dataSource and dataSourceRef) will be set to the same
- value automatically if one of them is empty and the other is non-empty.
- When namespace is specified in dataSourceRef,
- dataSource isn't set to the same value and must be empty.
- There are three important differences between dataSource and dataSourceRef:
- * While dataSource only allows two specific types of objects, dataSourceRef
- allows any non-core object, as well as PersistentVolumeClaim objects.
- * While dataSource ignores disallowed values (dropping them), dataSourceRef
- preserves all values, and generates an error if a disallowed value is
- specified.
- * While dataSource only allows local objects, dataSourceRef allows objects
- in any namespaces.
- (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.
- (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.
- properties:
- apiGroup:
- description: |-
- APIGroup is the group for the resource being referenced.
- If APIGroup is not specified, the specified Kind must be in the core API group.
- For any other third-party types, APIGroup is required.
- type: string
- kind:
- description: Kind is the type of resource
- being referenced
- type: string
- name:
- description: Name is the name of resource
- being referenced
- type: string
- namespace:
- description: |-
- Namespace is the namespace of resource being referenced
- Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.
- (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.
- type: string
- required:
- - kind
- - name
- type: object
- resources:
- description: |-
- resources represents the minimum resources the volume should have.
- If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements
- that are lower than previous value but must still be higher than capacity recorded in the
- status field of the claim.
- More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: |-
- Limits describes the maximum amount of compute resources allowed.
- More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: |-
- Requests describes the minimum amount of compute resources required.
- If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
- otherwise to an implementation-defined value. Requests cannot exceed Limits.
- More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
- type: object
- type: object
- selector:
- description: selector is a label query over
- volumes to consider for binding.
- properties:
- matchExpressions:
- description: matchExpressions is a list
- of label selector requirements. The
- requirements are ANDed.
- items:
- description: |-
- A label selector requirement is a selector that contains values, a key, and an operator that
- relates the key and values.
- properties:
- key:
- description: key is the label
- key that the selector applies
- to.
- type: string
- operator:
- description: |-
- operator represents a key's relationship to a set of values.
- Valid operators are In, NotIn, Exists and DoesNotExist.
- type: string
- values:
- description: |-
- values is an array of string values. If the operator is In or NotIn,
- the values array must be non-empty. If the operator is Exists or DoesNotExist,
- the values array must be empty. This array is replaced during a strategic
- merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: |-
- matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions, whose key field is "key", the
- operator is "In", and the values array contains only "value". The requirements are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- storageClassName:
- description: |-
- storageClassName is the name of the StorageClass required by the claim.
- More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1
- type: string
- volumeAttributesClassName:
- description: |-
- volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.
- If specified, the CSI driver will create or update the volume with the attributes defined
- in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,
- it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass
- will be applied to the claim but it's not allowed to reset this field to empty string once it is set.
- If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass
- will be set by the persistentvolume controller if it exists.
- If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be
- set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource
- exists.
- More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass
- (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.
- type: string
- volumeMode:
- description: |-
- volumeMode defines what type of volume is required by the claim.
- Value of Filesystem is implied when not included in claim spec.
- type: string
- volumeName:
- description: volumeName is the binding reference
- to the PersistentVolume backing this claim.
- type: string
- type: object
- required:
- - spec
- type: object
- type: object
- fc:
- description: fc represents a Fibre Channel resource
- that is attached to a kubelet's host machine and then
- exposed to the pod.
- properties:
- fsType:
- description: |-
- fsType is the filesystem type to mount.
- Must be a filesystem type supported by the host operating system.
- Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
- TODO: how do we prevent errors in the filesystem from compromising the machine
- type: string
- lun:
- description: 'lun is Optional: FC target lun number'
- format: int32
- type: integer
- readOnly:
- description: |-
- readOnly is Optional: Defaults to false (read/write). ReadOnly here will force
- the ReadOnly setting in VolumeMounts.
- type: boolean
- targetWWNs:
- description: 'targetWWNs is Optional: FC target
- worldwide names (WWNs)'
- items:
- type: string
- type: array
- wwids:
- description: |-
- wwids Optional: FC volume world wide identifiers (wwids)
- Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously.
- items:
- type: string
- type: array
- type: object
- flexVolume:
- description: |-
- flexVolume represents a generic volume resource that is
- provisioned/attached using an exec based plugin.
- properties:
- driver:
- description: driver is the name of the driver to
- use for this volume.
- type: string
- fsType:
- description: |-
- fsType is the filesystem type to mount.
- Must be a filesystem type supported by the host operating system.
- Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script.
- type: string
- options:
- additionalProperties:
- type: string
- description: 'options is Optional: this field holds
- extra command options if any.'
- type: object
- readOnly:
- description: |-
- readOnly is Optional: defaults to false (read/write). ReadOnly here will force
- the ReadOnly setting in VolumeMounts.
- type: boolean
- secretRef:
- description: |-
- secretRef is Optional: secretRef is reference to the secret object containing
- sensitive information to pass to the plugin scripts. This may be
- empty if no secret object is specified. If the secret object
- contains more than one secret, all secrets are passed to the plugin
- scripts.
- properties:
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- type: object
- x-kubernetes-map-type: atomic
- required:
- - driver
- type: object
- flocker:
- description: flocker represents a Flocker volume attached
- to a kubelet's host machine. This depends on the Flocker
- control service being running
- properties:
- datasetName:
- description: |-
- datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker
- should be considered as deprecated
- type: string
- datasetUUID:
- description: datasetUUID is the UUID of the dataset.
- This is unique identifier of a Flocker dataset
- type: string
- type: object
- gcePersistentDisk:
- description: |-
- gcePersistentDisk represents a GCE Disk resource that is attached to a
- kubelet's host machine and then exposed to the pod.
- More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
- properties:
- fsType:
- description: |-
- fsType is filesystem type of the volume that you want to mount.
- Tip: Ensure that the filesystem type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
- More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
- TODO: how do we prevent errors in the filesystem from compromising the machine
- type: string
- partition:
- description: |-
- partition is the partition in the volume that you want to mount.
- If omitted, the default is to mount by volume name.
- Examples: For volume /dev/sda1, you specify the partition as "1".
- Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty).
- More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
- format: int32
- type: integer
- pdName:
- description: |-
- pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE.
- More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
- type: string
- readOnly:
- description: |-
- readOnly here will force the ReadOnly setting in VolumeMounts.
- Defaults to false.
- More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
- type: boolean
- required:
- - pdName
- type: object
- gitRepo:
- description: |-
- gitRepo represents a git repository at a particular revision.
- DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an
- EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir
- into the Pod's container.
- properties:
- directory:
- description: |-
- directory is the target directory name.
- Must not contain or start with '..'. If '.' is supplied, the volume directory will be the
- git repository. Otherwise, if specified, the volume will contain the git repository in
- the subdirectory with the given name.
- type: string
- repository:
- description: repository is the URL
- type: string
- revision:
- description: revision is the commit hash for the
- specified revision.
- type: string
- required:
- - repository
- type: object
- glusterfs:
- description: |-
- glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.
- More info: https://examples.k8s.io/volumes/glusterfs/README.md
- properties:
- endpoints:
- description: |-
- endpoints is the endpoint name that details Glusterfs topology.
- More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod
- type: string
- path:
- description: |-
- path is the Glusterfs volume path.
- More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod
- type: string
- readOnly:
- description: |-
- readOnly here will force the Glusterfs volume to be mounted with read-only permissions.
- Defaults to false.
- More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod
- type: boolean
- required:
- - endpoints
- - path
- type: object
- hostPath:
- description: |-
- hostPath represents a pre-existing file or directory on the host
- machine that is directly exposed to the container. This is generally
- used for system agents or other privileged things that are allowed
- to see the host machine. Most containers will NOT need this.
- More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
- ---
- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not
- mount host directories as read/write.
- properties:
- path:
- description: |-
- path of the directory on the host.
- If the path is a symlink, it will follow the link to the real path.
- More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
- type: string
- type:
- description: |-
- type for HostPath Volume
- Defaults to ""
- More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
- type: string
- required:
- - path
- type: object
- iscsi:
- description: |-
- iscsi represents an ISCSI Disk resource that is attached to a
- kubelet's host machine and then exposed to the pod.
- More info: https://examples.k8s.io/volumes/iscsi/README.md
- properties:
- chapAuthDiscovery:
- description: chapAuthDiscovery defines whether support
- iSCSI Discovery CHAP authentication
- type: boolean
- chapAuthSession:
- description: chapAuthSession defines whether support
- iSCSI Session CHAP authentication
- type: boolean
- fsType:
- description: |-
- fsType is the filesystem type of the volume that you want to mount.
- Tip: Ensure that the filesystem type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
- More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi
- TODO: how do we prevent errors in the filesystem from compromising the machine
- type: string
- initiatorName:
- description: |-
- initiatorName is the custom iSCSI Initiator Name.
- If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface
- : will be created for the connection.
- type: string
- iqn:
- description: iqn is the target iSCSI Qualified Name.
- type: string
- iscsiInterface:
- description: |-
- iscsiInterface is the interface Name that uses an iSCSI transport.
- Defaults to 'default' (tcp).
- type: string
- lun:
- description: lun represents iSCSI Target Lun number.
- format: int32
- type: integer
- portals:
- description: |-
- portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port
- is other than default (typically TCP ports 860 and 3260).
- items:
- type: string
- type: array
- readOnly:
- description: |-
- readOnly here will force the ReadOnly setting in VolumeMounts.
- Defaults to false.
- type: boolean
- secretRef:
- description: secretRef is the CHAP Secret for iSCSI
- target and initiator authentication
- properties:
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- type: object
- x-kubernetes-map-type: atomic
- targetPortal:
- description: |-
- targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port
- is other than default (typically TCP ports 860 and 3260).
- type: string
- required:
- - iqn
- - lun
- - targetPortal
- type: object
- name:
- description: |-
- name of the volume.
- Must be a DNS_LABEL and unique within the pod.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- type: string
- nfs:
- description: |-
- nfs represents an NFS mount on the host that shares a pod's lifetime
- More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs
- properties:
- path:
- description: |-
- path that is exported by the NFS server.
- More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs
- type: string
- readOnly:
- description: |-
- readOnly here will force the NFS export to be mounted with read-only permissions.
- Defaults to false.
- More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs
- type: boolean
- server:
- description: |-
- server is the hostname or IP address of the NFS server.
- More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs
- type: string
- required:
- - path
- - server
- type: object
- persistentVolumeClaim:
- description: |-
- persistentVolumeClaimVolumeSource represents a reference to a
- PersistentVolumeClaim in the same namespace.
- More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims
- properties:
- claimName:
- description: |-
- claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume.
- More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims
- type: string
- readOnly:
- description: |-
- readOnly Will force the ReadOnly setting in VolumeMounts.
- Default false.
- type: boolean
- required:
- - claimName
- type: object
- photonPersistentDisk:
- description: photonPersistentDisk represents a PhotonController
- persistent disk attached and mounted on kubelets host
- machine
- properties:
- fsType:
- description: |-
- fsType is the filesystem type to mount.
- Must be a filesystem type supported by the host operating system.
- Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
- type: string
- pdID:
- description: pdID is the ID that identifies Photon
- Controller persistent disk
- type: string
- required:
- - pdID
- type: object
- portworxVolume:
- description: portworxVolume represents a portworx volume
- attached and mounted on kubelets host machine
- properties:
- fsType:
- description: |-
- fSType represents the filesystem type to mount
- Must be a filesystem type supported by the host operating system.
- Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified.
- type: string
- readOnly:
- description: |-
- readOnly defaults to false (read/write). ReadOnly here will force
- the ReadOnly setting in VolumeMounts.
- type: boolean
- volumeID:
- description: volumeID uniquely identifies a Portworx
- volume
- type: string
- required:
- - volumeID
- type: object
- projected:
- description: projected items for all in one resources
- secrets, configmaps, and downward API
- properties:
- defaultMode:
- description: |-
- defaultMode are the mode bits used to set permissions on created files by default.
- Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
- YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
- Directories within the path are not affected by this setting.
- This might be in conflict with other options that affect the file
- mode, like fsGroup, and the result can be other mode bits set.
- format: int32
- type: integer
- sources:
- description: sources is the list of volume projections
- items:
- description: Projection that may be projected
- along with other supported volume types
- properties:
- clusterTrustBundle:
- description: |-
- ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field
- of ClusterTrustBundle objects in an auto-updating file.
-
-
- Alpha, gated by the ClusterTrustBundleProjection feature gate.
-
-
- ClusterTrustBundle objects can either be selected by name, or by the
- combination of signer name and a label selector.
-
-
- Kubelet performs aggressive normalization of the PEM contents written
- into the pod filesystem. Esoteric PEM features such as inter-block
- comments and block headers are stripped. Certificates are deduplicated.
- The ordering of certificates within the file is arbitrary, and Kubelet
- may change the order over time.
- properties:
- labelSelector:
- description: |-
- Select all ClusterTrustBundles that match this label selector. Only has
- effect if signerName is set. Mutually-exclusive with name. If unset,
- interpreted as "match nothing". If set but empty, interpreted as "match
- everything".
- properties:
- matchExpressions:
- description: matchExpressions is a
- list of label selector requirements.
- The requirements are ANDed.
- items:
- description: |-
- A label selector requirement is a selector that contains values, a key, and an operator that
- relates the key and values.
- properties:
- key:
- description: key is the label
- key that the selector applies
- to.
- type: string
- operator:
- description: |-
- operator represents a key's relationship to a set of values.
- Valid operators are In, NotIn, Exists and DoesNotExist.
- type: string
- values:
- description: |-
- values is an array of string values. If the operator is In or NotIn,
- the values array must be non-empty. If the operator is Exists or DoesNotExist,
- the values array must be empty. This array is replaced during a strategic
- merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: |-
- matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions, whose key field is "key", the
- operator is "In", and the values array contains only "value". The requirements are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- name:
- description: |-
- Select a single ClusterTrustBundle by object name. Mutually-exclusive
- with signerName and labelSelector.
- type: string
- optional:
- description: |-
- If true, don't block pod startup if the referenced ClusterTrustBundle(s)
- aren't available. If using name, then the named ClusterTrustBundle is
- allowed not to exist. If using signerName, then the combination of
- signerName and labelSelector is allowed to match zero
- ClusterTrustBundles.
- type: boolean
- path:
- description: Relative path from the volume
- root to write the bundle.
- type: string
- signerName:
- description: |-
- Select all ClusterTrustBundles that match this signer name.
- Mutually-exclusive with name. The contents of all selected
- ClusterTrustBundles will be unified and deduplicated.
- type: string
- required:
- - path
- type: object
- configMap:
- description: configMap information about the
- configMap data to project
- properties:
- items:
- description: |-
- items if unspecified, each key-value pair in the Data field of the referenced
- ConfigMap will be projected into the volume as a file whose name is the
- key and content is the value. If specified, the listed keys will be
- projected into the specified paths, and unlisted keys will not be
- present. If a key is specified which is not present in the ConfigMap,
- the volume setup will error unless it is marked optional. Paths must be
- relative and may not contain the '..' path or start with '..'.
- items:
- description: Maps a string key to a
- path within a volume.
- properties:
- key:
- description: key is the key to project.
- type: string
- mode:
- description: |-
- mode is Optional: mode bits used to set permissions on this file.
- Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
- YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
- If not specified, the volume defaultMode will be used.
- This might be in conflict with other options that affect the file
- mode, like fsGroup, and the result can be other mode bits set.
- format: int32
- type: integer
- path:
- description: |-
- path is the relative path of the file to map the key to.
- May not be an absolute path.
- May not contain the path element '..'.
- May not start with the string '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: optional specify whether
- the ConfigMap or its keys must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- downwardAPI:
- description: downwardAPI information about
- the downwardAPI data to project
- properties:
- items:
- description: Items is a list of DownwardAPIVolume
- file
- items:
- description: DownwardAPIVolumeFile represents
- information to create the file containing
- the pod field
- properties:
- fieldRef:
- description: 'Required: Selects
- a field of the pod: only annotations,
- labels, name and namespace are
- supported.'
- properties:
- apiVersion:
- description: Version of the
- schema the FieldPath is written
- in terms of, defaults to "v1".
- type: string
- fieldPath:
- description: Path of the field
- to select in the specified
- API version.
- type: string
- required:
- - fieldPath
- type: object
- x-kubernetes-map-type: atomic
- mode:
- description: |-
- Optional: mode bits used to set permissions on this file, must be an octal value
- between 0000 and 0777 or a decimal value between 0 and 511.
- YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
- If not specified, the volume defaultMode will be used.
- This might be in conflict with other options that affect the file
- mode, like fsGroup, and the result can be other mode bits set.
- format: int32
- type: integer
- path:
- description: 'Required: Path is the
- relative path name of the file
- to be created. Must not be absolute
- or contain the ''..'' path. Must
- be utf-8 encoded. The first item
- of the relative path must not
- start with ''..'''
- type: string
- resourceFieldRef:
- description: |-
- Selects a resource of the container: only resources limits and requests
- (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.
- properties:
- containerName:
- description: 'Container name:
- required for volumes, optional
- for env vars'
- type: string
- divisor:
- anyOf:
- - type: integer
- - type: string
- description: Specifies the output
- format of the exposed resources,
- defaults to "1"
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- resource:
- description: 'Required: resource
- to select'
- type: string
- required:
- - resource
- type: object
- x-kubernetes-map-type: atomic
- required:
- - path
- type: object
- type: array
- type: object
- secret:
- description: secret information about the
- secret data to project
- properties:
- items:
- description: |-
- items if unspecified, each key-value pair in the Data field of the referenced
- Secret will be projected into the volume as a file whose name is the
- key and content is the value. If specified, the listed keys will be
- projected into the specified paths, and unlisted keys will not be
- present. If a key is specified which is not present in the Secret,
- the volume setup will error unless it is marked optional. Paths must be
- relative and may not contain the '..' path or start with '..'.
- items:
- description: Maps a string key to a
- path within a volume.
- properties:
- key:
- description: key is the key to project.
- type: string
- mode:
- description: |-
- mode is Optional: mode bits used to set permissions on this file.
- Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
- YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
- If not specified, the volume defaultMode will be used.
- This might be in conflict with other options that affect the file
- mode, like fsGroup, and the result can be other mode bits set.
- format: int32
- type: integer
- path:
- description: |-
- path is the relative path of the file to map the key to.
- May not be an absolute path.
- May not contain the path element '..'.
- May not start with the string '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: optional field specify whether
- the Secret or its key must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- serviceAccountToken:
- description: serviceAccountToken is information
- about the serviceAccountToken data to project
- properties:
- audience:
- description: |-
- audience is the intended audience of the token. A recipient of a token
- must identify itself with an identifier specified in the audience of the
- token, and otherwise should reject the token. The audience defaults to the
- identifier of the apiserver.
- type: string
- expirationSeconds:
- description: |-
- expirationSeconds is the requested duration of validity of the service
- account token. As the token approaches expiration, the kubelet volume
- plugin will proactively rotate the service account token. The kubelet will
- start trying to rotate the token if the token is older than 80 percent of
- its time to live or if the token is older than 24 hours.Defaults to 1 hour
- and must be at least 10 minutes.
- format: int64
- type: integer
- path:
- description: |-
- path is the path relative to the mount point of the file to project the
- token into.
- type: string
- required:
- - path
- type: object
- type: object
- type: array
- type: object
- quobyte:
- description: quobyte represents a Quobyte mount on the
- host that shares a pod's lifetime
- properties:
- group:
- description: |-
- group to map volume access to
- Default is no group
- type: string
- readOnly:
- description: |-
- readOnly here will force the Quobyte volume to be mounted with read-only permissions.
- Defaults to false.
- type: boolean
- registry:
- description: |-
- registry represents a single or multiple Quobyte Registry services
- specified as a string as host:port pair (multiple entries are separated with commas)
- which acts as the central registry for volumes
- type: string
- tenant:
- description: |-
- tenant owning the given Quobyte volume in the Backend
- Used with dynamically provisioned Quobyte volumes, value is set by the plugin
- type: string
- user:
- description: |-
- user to map volume access to
- Defaults to serivceaccount user
- type: string
- volume:
- description: volume is a string that references
- an already created Quobyte volume by name.
- type: string
- required:
- - registry
- - volume
- type: object
- rbd:
- description: |-
- rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.
- More info: https://examples.k8s.io/volumes/rbd/README.md
- properties:
- fsType:
- description: |-
- fsType is the filesystem type of the volume that you want to mount.
- Tip: Ensure that the filesystem type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
- More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd
- TODO: how do we prevent errors in the filesystem from compromising the machine
- type: string
- image:
- description: |-
- image is the rados image name.
- More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
- type: string
- keyring:
- description: |-
- keyring is the path to key ring for RBDUser.
- Default is /etc/ceph/keyring.
- More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
- type: string
- monitors:
- description: |-
- monitors is a collection of Ceph monitors.
- More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
- items:
- type: string
- type: array
- pool:
- description: |-
- pool is the rados pool name.
- Default is rbd.
- More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
- type: string
- readOnly:
- description: |-
- readOnly here will force the ReadOnly setting in VolumeMounts.
- Defaults to false.
- More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
- type: boolean
- secretRef:
- description: |-
- secretRef is name of the authentication secret for RBDUser. If provided
- overrides keyring.
- Default is nil.
- More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
- properties:
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- type: object
- x-kubernetes-map-type: atomic
- user:
- description: |-
- user is the rados user name.
- Default is admin.
- More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
- type: string
- required:
- - image
- - monitors
- type: object
- scaleIO:
- description: scaleIO represents a ScaleIO persistent
- volume attached and mounted on Kubernetes nodes.
- properties:
- fsType:
- description: |-
- fsType is the filesystem type to mount.
- Must be a filesystem type supported by the host operating system.
- Ex. "ext4", "xfs", "ntfs".
- Default is "xfs".
- type: string
- gateway:
- description: gateway is the host address of the
- ScaleIO API Gateway.
- type: string
- protectionDomain:
- description: protectionDomain is the name of the
- ScaleIO Protection Domain for the configured storage.
- type: string
- readOnly:
- description: |-
- readOnly Defaults to false (read/write). ReadOnly here will force
- the ReadOnly setting in VolumeMounts.
- type: boolean
- secretRef:
- description: |-
- secretRef references to the secret for ScaleIO user and other
- sensitive information. If this is not provided, Login operation will fail.
- properties:
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- type: object
- x-kubernetes-map-type: atomic
- sslEnabled:
- description: sslEnabled Flag enable/disable SSL
- communication with Gateway, default false
- type: boolean
- storageMode:
- description: |-
- storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned.
- Default is ThinProvisioned.
- type: string
- storagePool:
- description: storagePool is the ScaleIO Storage
- Pool associated with the protection domain.
- type: string
- system:
- description: system is the name of the storage system
- as configured in ScaleIO.
- type: string
- volumeName:
- description: |-
- volumeName is the name of a volume already created in the ScaleIO system
- that is associated with this volume source.
- type: string
- required:
- - gateway
- - secretRef
- - system
- type: object
- secret:
- description: |-
- secret represents a secret that should populate this volume.
- More info: https://kubernetes.io/docs/concepts/storage/volumes#secret
- properties:
- defaultMode:
- description: |-
- defaultMode is Optional: mode bits used to set permissions on created files by default.
- Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
- YAML accepts both octal and decimal values, JSON requires decimal values
- for mode bits. Defaults to 0644.
- Directories within the path are not affected by this setting.
- This might be in conflict with other options that affect the file
- mode, like fsGroup, and the result can be other mode bits set.
- format: int32
- type: integer
- items:
- description: |-
- items If unspecified, each key-value pair in the Data field of the referenced
- Secret will be projected into the volume as a file whose name is the
- key and content is the value. If specified, the listed keys will be
- projected into the specified paths, and unlisted keys will not be
- present. If a key is specified which is not present in the Secret,
- the volume setup will error unless it is marked optional. Paths must be
- relative and may not contain the '..' path or start with '..'.
- items:
- description: Maps a string key to a path within
- a volume.
- properties:
- key:
- description: key is the key to project.
- type: string
- mode:
- description: |-
- mode is Optional: mode bits used to set permissions on this file.
- Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
- YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
- If not specified, the volume defaultMode will be used.
- This might be in conflict with other options that affect the file
- mode, like fsGroup, and the result can be other mode bits set.
- format: int32
- type: integer
- path:
- description: |-
- path is the relative path of the file to map the key to.
- May not be an absolute path.
- May not contain the path element '..'.
- May not start with the string '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- optional:
- description: optional field specify whether the
- Secret or its keys must be defined
- type: boolean
- secretName:
- description: |-
- secretName is the name of the secret in the pod's namespace to use.
- More info: https://kubernetes.io/docs/concepts/storage/volumes#secret
- type: string
- type: object
- storageos:
- description: storageOS represents a StorageOS volume
- attached and mounted on Kubernetes nodes.
- properties:
- fsType:
- description: |-
- fsType is the filesystem type to mount.
- Must be a filesystem type supported by the host operating system.
- Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
- type: string
- readOnly:
- description: |-
- readOnly defaults to false (read/write). ReadOnly here will force
- the ReadOnly setting in VolumeMounts.
- type: boolean
- secretRef:
- description: |-
- secretRef specifies the secret to use for obtaining the StorageOS API
- credentials. If not specified, default values will be attempted.
- properties:
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- type: object
- x-kubernetes-map-type: atomic
- volumeName:
- description: |-
- volumeName is the human-readable name of the StorageOS volume. Volume
- names are only unique within a namespace.
- type: string
- volumeNamespace:
- description: |-
- volumeNamespace specifies the scope of the volume within StorageOS. If no
- namespace is specified then the Pod's namespace will be used. This allows the
- Kubernetes name scoping to be mirrored within StorageOS for tighter integration.
- Set VolumeName to any name to override the default behaviour.
- Set to "default" if you are not using namespaces within StorageOS.
- Namespaces that do not pre-exist within StorageOS will be created.
- type: string
- type: object
- vsphereVolume:
- description: vsphereVolume represents a vSphere volume
- attached and mounted on kubelets host machine
- properties:
- fsType:
- description: |-
- fsType is filesystem type to mount.
- Must be a filesystem type supported by the host operating system.
- Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
- type: string
- storagePolicyID:
- description: storagePolicyID is the storage Policy
- Based Management (SPBM) profile ID associated
- with the StoragePolicyName.
- type: string
- storagePolicyName:
- description: storagePolicyName is the storage Policy
- Based Management (SPBM) profile name.
- type: string
- volumePath:
- description: volumePath is the path that identifies
- vSphere volume vmdk
- type: string
- required:
- - volumePath
- type: object
- required:
- - name
- type: object
- type: array
- required:
- - containers
- type: object
- type: object
- traits:
- description: the traits needed to run this Integration
- properties:
- 3scale:
- description: 'Deprecated: for backward compatibility.'
- properties:
- configuration:
- description: TraitConfiguration parameters configuration
- type: object
- x-kubernetes-preserve-unknown-fields: true
- required:
- - configuration
- type: object
- addons:
- additionalProperties:
- description: AddonTrait represents the configuration of an addon
- trait.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- description: The extension point with addon traits
- type: object
- affinity:
- description: The configuration of Affinity trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- nodeAffinityLabels:
- description: Defines a set of nodes the integration pod(s)
- are eligible to be scheduled on, based on labels on the
- node.
- items:
- type: string
- type: array
- podAffinity:
- description: Always co-locates multiple replicas of the integration
- in the same node (default `false`).
- type: boolean
- podAffinityLabels:
- description: |-
- Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the
- integration pod(s) should be co-located with.
- items:
- type: string
- type: array
- podAntiAffinity:
- description: Never co-locates multiple replicas of the integration
- in the same node (default `false`).
- type: boolean
- podAntiAffinityLabels:
- description: |-
- Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the
- integration pod(s) should not be co-located with.
- items:
- type: string
- type: array
- type: object
- builder:
- description: The configuration of Builder trait
- properties:
- annotations:
- additionalProperties:
- type: string
- description: When using `pod` strategy, annotation to use
- for the builder pod.
- type: object
- baseImage:
- description: |-
- Specify a base image. In order to have the application working properly it must be a container image which has a Java JDK
- installed and ready to use on path (ie `/usr/bin/java`).
- type: string
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- incrementalImageBuild:
- description: Use the incremental image build option, to reuse
- existing containers (default `true`)
- type: boolean
- limitCPU:
- description: |-
- When using `pod` strategy, the maximum amount of CPU required by the pod builder.
- Deprecated: use TasksRequestCPU instead with task name `builder`.
- type: string
- limitMemory:
- description: |-
- When using `pod` strategy, the maximum amount of memory required by the pod builder.
- Deprecated: use TasksRequestCPU instead with task name `builder`.
- type: string
- mavenProfiles:
- description: |-
- A list of references pointing to configmaps/secrets that contains a maven profile.
- This configmap/secret is a resource of the IntegrationKit created, therefore it needs to be present in the namespace where the operator is going to create the IntegrationKit.
- The content of the maven profile is expected to be a text containing a valid maven profile starting with `` and ending with `` that will be integrated as an inline profile in the POM.
- Syntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = profile.xml).
- items:
- type: string
- type: array
- nodeSelector:
- additionalProperties:
- type: string
- description: Defines a set of nodes the builder pod is eligible
- to be scheduled on, based on labels on the node.
- type: object
- orderStrategy:
- description: The build order strategy to use, either `dependencies`,
- `fifo` or `sequential` (default is the platform default)
- enum:
- - dependencies
- - fifo
- - sequential
- type: string
- platforms:
- description: The list of manifest platforms to use to build
- a container image (default `linux/amd64`).
- items:
- type: string
- type: array
- properties:
- description: A list of properties to be provided to the build
- task
- items:
- type: string
- type: array
- requestCPU:
- description: |-
- When using `pod` strategy, the minimum amount of CPU required by the pod builder.
- Deprecated: use TasksRequestCPU instead with task name `builder`.
- type: string
- requestMemory:
- description: |-
- When using `pod` strategy, the minimum amount of memory required by the pod builder.
- Deprecated: use TasksRequestCPU instead with task name `builder`.
- type: string
- strategy:
- description: The strategy to use, either `pod` or `routine`
- (default `routine`)
- enum:
- - pod
- - routine
- type: string
- tasks:
- description: A list of tasks to be executed (available only
- when using `pod` strategy) with format `;;`.
- items:
- type: string
- type: array
- tasksFilter:
- description: |-
- A list of tasks sorted by the order of execution in a csv format, ie, `,,...`.
- Mind that you must include also the operator tasks (`builder`, `quarkus-native`, `package`, `jib`, `s2i`)
- if you need to execute them. Useful only with `pod` strategy.
- type: string
- tasksLimitCPU:
- description: A list of limit cpu configuration for the specific
- task with format `:`.
- items:
- type: string
- type: array
- tasksLimitMemory:
- description: A list of limit memory configuration for the
- specific task with format `:`.
- items:
- type: string
- type: array
- tasksRequestCPU:
- description: A list of request cpu configuration for the specific
- task with format `:`.
- items:
- type: string
- type: array
- tasksRequestMemory:
- description: A list of request memory configuration for the
- specific task with format `:`.
- items:
- type: string
- type: array
- verbose:
- description: |-
- Enable verbose logging on build components that support it (e.g. Kaniko build pod).
- Deprecated no longer in use
- type: boolean
- type: object
- camel:
- description: The configuration of Camel trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- properties:
- description: A list of properties to be provided to the Integration
- runtime
- items:
- type: string
- type: array
- runtimeVersion:
- description: |-
- The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform.
- You can use a fixed version (for example "3.2.3") or a semantic version (for example "3.x") which will try to resolve
- to the best matching Catalog existing on the cluster.
- type: string
- type: object
- container:
- description: The configuration of Container trait
- properties:
- allowPrivilegeEscalation:
- description: Security Context AllowPrivilegeEscalation configuration
- (default false).
- type: boolean
- auto:
- description: To automatically enable the trait
- type: boolean
- capabilitiesAdd:
- description: Security Context Capabilities Add configuration
- (default none).
- items:
- description: Capability represent POSIX capabilities type
- type: string
- type: array
- capabilitiesDrop:
- description: Security Context Capabilities Drop configuration
- (default ALL).
- items:
- description: Capability represent POSIX capabilities type
- type: string
- type: array
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- expose:
- description: Can be used to enable/disable exposure via kubernetes
- Service.
- type: boolean
- image:
- description: |-
- The main container image to use for the Integration. When using this parameter the operator will create a synthetic IntegrationKit which
- won't be able to execute traits requiring CamelCatalog. If the container image you're using is coming from an IntegrationKit, use instead
- Integration `.spec.integrationKit` parameter. If you're moving the Integration across environments, you will also need to create an "external" IntegrationKit.
- type: string
- imagePullPolicy:
- description: 'The pull policy: Always|Never|IfNotPresent'
- enum:
- - Always
- - Never
- - IfNotPresent
- type: string
- limitCPU:
- description: The maximum amount of CPU to be provided (default
- 500 millicores).
- type: string
- limitMemory:
- description: The maximum amount of memory to be provided (default
- 512 Mi).
- type: string
- name:
- description: The main container name. It's named `integration`
- by default.
- type: string
- port:
- description: To configure a different port exposed by the
- container (default `8080`).
- type: integer
- portName:
- description: To configure a different port name for the port
- exposed by the container. It defaults to `http` only when
- the `expose` parameter is true.
- type: string
- requestCPU:
- description: The minimum amount of CPU required (default 125
- millicores).
- type: string
- requestMemory:
- description: The minimum amount of memory required (default
- 128 Mi).
- type: string
- runAsNonRoot:
- description: Security Context RunAsNonRoot configuration (default
- false).
- type: boolean
- runAsUser:
- description: 'Security Context RunAsUser configuration (default
- none): this value is automatically retrieved in Openshift
- clusters when not explicitly set.'
- format: int64
- type: integer
- seccompProfileType:
- description: Security Context SeccompProfileType configuration
- (default RuntimeDefault).
- enum:
- - Unconfined
- - RuntimeDefault
- type: string
- servicePort:
- description: To configure under which service port the container
- port is to be exposed (default `80`).
- type: integer
- servicePortName:
- description: To configure under which service port name the
- container port is to be exposed (default `http`).
- type: string
- type: object
- cron:
- description: The configuration of Cron trait
- properties:
- activeDeadlineSeconds:
- description: |-
- Specifies the duration in seconds, relative to the start time, that the job
- may be continuously active before it is considered to be failed.
- It defaults to 60s.
- format: int64
- type: integer
- auto:
- description: |-
- Automatically deploy the integration as CronJob when all routes are
- either starting from a periodic consumer (only `cron`, `timer` and `quartz` are supported) or a passive consumer (e.g. `direct` is a passive consumer).
-
-
- It's required that all periodic consumers have the same period, and it can be expressed as cron schedule (e.g. `1m` can be expressed as `0/1 * * * *`,
- while `35m` or `50s` cannot).
- type: boolean
- backoffLimit:
- description: |-
- Specifies the number of retries before marking the job failed.
- It defaults to 2.
- format: int32
- type: integer
- components:
- description: |-
- A comma separated list of the Camel components that need to be customized in order for them to work when the schedule is triggered externally by Kubernetes.
- A specific customizer is activated for each specified component. E.g. for the `timer` component, the `cron-timer` customizer is
- activated (it's present in the `org.apache.camel.k:camel-k-cron` library).
-
-
- Supported components are currently: `cron`, `timer` and `quartz`.
- type: string
- concurrencyPolicy:
- description: |-
- Specifies how to treat concurrent executions of a Job.
- Valid values are:
- - "Allow": allows CronJobs to run concurrently;
- - "Forbid" (default): forbids concurrent runs, skipping next run if previous run hasn't finished yet;
- - "Replace": cancels currently running job and replaces it with a new one
- enum:
- - Allow
- - Forbid
- - Replace
- type: string
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- fallback:
- description: |-
- Use the default Camel implementation of the `cron` endpoint (`quartz`) instead of trying to materialize the integration
- as Kubernetes CronJob.
- type: boolean
- schedule:
- description: |-
- The CronJob schedule for the whole integration. If multiple routes are declared, they must have the same schedule for this
- mechanism to work correctly.
- type: string
- startingDeadlineSeconds:
- description: |-
- Optional deadline in seconds for starting the job if it misses scheduled
- time for any reason. Missed jobs executions will be counted as failed ones.
- format: int64
- type: integer
- timeZone:
- description: The timezone that the CronJob will run on
- type: string
- type: object
- dependencies:
- description: The configuration of Dependencies trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- type: object
- deployer:
- description: The configuration of Deployer trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- kind:
- description: Allows to explicitly select the desired deployment
- kind between `deployment`, `cron-job` or `knative-service`
- when creating the resources for running the integration.
- enum:
- - deployment
- - cron-job
- - knative-service
- type: string
- useSSA:
- description: |-
- Use server-side apply to update the owned resources (default `true`).
- Note that it automatically falls back to client-side patching, if SSA is not available, e.g., on old Kubernetes clusters.
- type: boolean
- type: object
- deployment:
- description: The configuration of Deployment trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- progressDeadlineSeconds:
- description: |-
- The maximum time in seconds for the deployment to make progress before it
- is considered to be failed. It defaults to `60s`.
- format: int32
- type: integer
- rollingUpdateMaxSurge:
- anyOf:
- - type: integer
- - type: string
- description: |-
- The maximum number of pods that can be scheduled above the desired number of
- pods.
- Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
- This can not be 0 if MaxUnavailable is 0.
- Absolute number is calculated from percentage by rounding up.
- Defaults to `25%`.
- x-kubernetes-int-or-string: true
- rollingUpdateMaxUnavailable:
- anyOf:
- - type: integer
- - type: string
- description: |-
- The maximum number of pods that can be unavailable during the update.
- Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
- Absolute number is calculated from percentage by rounding down.
- This can not be 0 if MaxSurge is 0.
- Defaults to `25%`.
- x-kubernetes-int-or-string: true
- strategy:
- description: The deployment strategy to use to replace existing
- pods with new ones.
- enum:
- - Recreate
- - RollingUpdate
- type: string
- type: object
- environment:
- description: The configuration of Environment trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- containerMeta:
- description: Enables injection of `NAMESPACE` and `POD_NAME`
- environment variables (default `true`)
- type: boolean
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- httpProxy:
- description: Propagates the `HTTP_PROXY`, `HTTPS_PROXY` and
- `NO_PROXY` environment variables (default `true`)
- type: boolean
- vars:
- description: |-
- A list of environment variables to be added to the integration container.
- The syntax is KEY=VALUE, e.g., `MY_VAR="my value"`.
- These take precedence over the previously defined environment variables.
- items:
- type: string
- type: array
- type: object
- error-handler:
- description: The configuration of Error Handler trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- ref:
- description: The error handler ref name provided or found
- in application properties
- type: string
- type: object
- gc:
- description: The configuration of GC trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- discoveryCache:
- description: |-
- Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`).
- Deprecated: to be removed from trait configuration.
- enum:
- - disabled
- - disk
- - memory
- type: string
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- type: object
- health:
- description: The configuration of Health trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- livenessFailureThreshold:
- description: Minimum consecutive failures for the liveness
- probe to be considered failed after having succeeded.
- format: int32
- type: integer
- livenessInitialDelay:
- description: Number of seconds after the container has started
- before the liveness probe is initiated.
- format: int32
- type: integer
- livenessPeriod:
- description: How often to perform the liveness probe.
- format: int32
- type: integer
- livenessProbe:
- description: The liveness probe path to use (default provided
- by the Catalog runtime used).
- type: string
- livenessProbeEnabled:
- description: Configures the liveness probe for the integration
- container (default `false`).
- type: boolean
- livenessScheme:
- description: Scheme to use when connecting to the liveness
- probe (default `HTTP`).
- type: string
- livenessSuccessThreshold:
- description: Minimum consecutive successes for the liveness
- probe to be considered successful after having failed.
- format: int32
- type: integer
- livenessTimeout:
- description: Number of seconds after which the liveness probe
- times out.
- format: int32
- type: integer
- readinessFailureThreshold:
- description: Minimum consecutive failures for the readiness
- probe to be considered failed after having succeeded.
- format: int32
- type: integer
- readinessInitialDelay:
- description: Number of seconds after the container has started
- before the readiness probe is initiated.
- format: int32
- type: integer
- readinessPeriod:
- description: How often to perform the readiness probe.
- format: int32
- type: integer
- readinessProbe:
- description: The readiness probe path to use (default provided
- by the Catalog runtime used).
- type: string
- readinessProbeEnabled:
- description: Configures the readiness probe for the integration
- container (default `true`).
- type: boolean
- readinessScheme:
- description: Scheme to use when connecting to the readiness
- probe (default `HTTP`).
- type: string
- readinessSuccessThreshold:
- description: Minimum consecutive successes for the readiness
- probe to be considered successful after having failed.
- format: int32
- type: integer
- readinessTimeout:
- description: Number of seconds after which the readiness probe
- times out.
- format: int32
- type: integer
- startupFailureThreshold:
- description: Minimum consecutive failures for the startup
- probe to be considered failed after having succeeded.
- format: int32
- type: integer
- startupInitialDelay:
- description: Number of seconds after the container has started
- before the startup probe is initiated.
- format: int32
- type: integer
- startupPeriod:
- description: How often to perform the startup probe.
- format: int32
- type: integer
- startupProbe:
- description: The startup probe path to use (default provided
- by the Catalog runtime used).
- type: string
- startupProbeEnabled:
- description: Configures the startup probe for the integration
- container (default `false`).
- type: boolean
- startupScheme:
- description: Scheme to use when connecting to the startup
- probe (default `HTTP`).
- type: string
- startupSuccessThreshold:
- description: Minimum consecutive successes for the startup
- probe to be considered successful after having failed.
- format: int32
- type: integer
- startupTimeout:
- description: Number of seconds after which the startup probe
- times out.
- format: int32
- type: integer
- type: object
- ingress:
- description: The configuration of Ingress trait
- properties:
- annotations:
- additionalProperties:
- type: string
- description: |-
- The annotations added to the ingress.
- This can be used to set controller specific annotations, e.g., when using the NGINX Ingress controller:
- See https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md
- type: object
- auto:
- description: To automatically add an ingress whenever the
- integration uses an HTTP endpoint consumer.
- type: boolean
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- host:
- description: To configure the host exposed by the ingress.
- type: string
- path:
- description: To configure the path exposed by the ingress
- (default `/`).
- type: string
- pathType:
- description: |-
- To configure the path type exposed by the ingress.
- One of `Exact`, `Prefix`, `ImplementationSpecific` (default to `Prefix`).
- enum:
- - Exact
- - Prefix
- - ImplementationSpecific
- type: string
- tlsHosts:
- description: To configure tls hosts
- items:
- type: string
- type: array
- tlsSecretName:
- description: To configure tls secret name
- type: string
- type: object
- istio:
- description: The configuration of Istio trait
- properties:
- allow:
- description: Configures a (comma-separated) list of CIDR subnets
- that should not be intercepted by the Istio proxy (`10.0.0.0/8,172.16.0.0/12,192.168.0.0/16`
- by default).
- type: string
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- inject:
- description: Forces the value for labels `sidecar.istio.io/inject`.
- By default the label is set to `true` on deployment and
- not set on Knative Service.
- type: boolean
- type: object
- jolokia:
- description: The configuration of Jolokia trait
- properties:
- CACert:
- description: |-
- The PEM encoded CA certification file path, used to verify client certificates,
- applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`
- (default `/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt` for OpenShift).
- type: string
- clientPrincipal:
- description: |-
- The principal(s) which must be given in a client certificate to allow access to the Jolokia endpoint,
- applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`
- (default `clientPrincipal=cn=system:master-proxy`, `cn=hawtio-online.hawtio.svc` and `cn=fuse-console.fuse.svc` for OpenShift).
- items:
- type: string
- type: array
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- discoveryEnabled:
- description: Listen for multicast requests (default `false`)
- type: boolean
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- extendedClientCheck:
- description: |-
- Mandate the client certificate contains a client flag in the extended key usage section,
- applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`
- (default `true` for OpenShift).
- type: boolean
- host:
- description: |-
- The Host address to which the Jolokia agent should bind to. If `"\*"` or `"0.0.0.0"` is given,
- the servers binds to every network interface (default `"*"`).
- type: string
- options:
- description: |-
- A list of additional Jolokia options as defined
- in https://jolokia.org/reference/html/agents.html#agent-jvm-config[JVM agent configuration options]
- items:
- type: string
- type: array
- password:
- description: The password used for authentication, applicable
- when the `user` option is set.
- type: string
- port:
- description: The Jolokia endpoint port (default `8778`).
- type: integer
- protocol:
- description: The protocol to use, either `http` or `https`
- (default `https` for OpenShift)
- type: string
- useSSLClientAuthentication:
- description: Whether client certificates should be used for
- authentication (default `true` for OpenShift).
- type: boolean
- user:
- description: The user to be used for authentication
- type: string
- type: object
- jvm:
- description: The configuration of JVM trait
- properties:
- classpath:
- description: Additional JVM classpath (use `Linux` classpath
- separator)
- type: string
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- debug:
- description: Activates remote debugging, so that a debugger
- can be attached to the JVM, e.g., using port-forwarding
- type: boolean
- debugAddress:
- description: Transport address at which to listen for the
- newly launched JVM (default `*:5005`)
- type: string
- debugSuspend:
- description: Suspends the target JVM immediately before the
- main class is loaded
- type: boolean
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- jar:
- description: The Jar dependency which will run the application.
- Leave it empty for managed Integrations.
- type: string
- options:
- description: A list of JVM options
- items:
- type: string
- type: array
- printCommand:
- description: |-
- Prints the command used the start the JVM in the container logs (default `true`)
- Deprecated: no longer in use.
- type: boolean
- type: object
- kamelets:
- description: The configuration of Kamelets trait
- properties:
- auto:
- description: Automatically inject all referenced Kamelets
- and their default configuration (enabled by default)
- type: boolean
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- list:
- description: Comma separated list of Kamelet names to load
- into the current integration
- type: string
- mountPoint:
- description: The directory where the application mounts and
- reads Kamelet spec (default `/etc/camel/kamelets`)
- type: string
- type: object
- keda:
- description: 'Deprecated: for backward compatibility.'
- properties:
- configuration:
- description: TraitConfiguration parameters configuration
- type: object
- x-kubernetes-preserve-unknown-fields: true
- required:
- - configuration
- type: object
- knative:
- description: The configuration of Knative trait
- properties:
- auto:
- description: Enable automatic discovery of all trait properties.
- type: boolean
- channelSinks:
- description: |-
- List of channels used as destination of integration routes.
- Can contain simple channel names or full Camel URIs.
- items:
- type: string
- type: array
- channelSources:
- description: |-
- List of channels used as source of integration routes.
- Can contain simple channel names or full Camel URIs.
- items:
- type: string
- type: array
- config:
- description: Can be used to inject a Knative complete configuration
- in JSON format.
- type: string
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- endpointSinks:
- description: |-
- List of endpoints used as destination of integration routes.
- Can contain simple endpoint names or full Camel URIs.
- items:
- type: string
- type: array
- endpointSources:
- description: List of channels used as source of integration
- routes.
- items:
- type: string
- type: array
- eventSinks:
- description: |-
- List of event types that the integration will produce.
- Can contain simple event types or full Camel URIs (to use a specific broker).
- items:
- type: string
- type: array
- eventSources:
- description: |-
- List of event types that the integration will be subscribed to.
- Can contain simple event types or full Camel URIs (to use a specific broker different from "default").
- items:
- type: string
- type: array
- filterEventType:
- description: |-
- Enables the default filtering for the Knative trigger using the event type
- If this is true, the created Knative trigger uses the event type as a filter on the event stream when no other filter criteria is given. (default: true)
- type: boolean
- filterSourceChannels:
- description: |-
- Enables filtering on events based on the header "ce-knativehistory". Since this header has been removed in newer versions of
- Knative, filtering is disabled by default.
- type: boolean
- filters:
- description: |-
- Sets filter attributes on the event stream (such as event type, source, subject and so on).
- A list of key-value pairs that represent filter attributes and its values.
- The syntax is KEY=VALUE, e.g., `source="my.source"`.
- Filter attributes get set on the Knative trigger that is being created as part of this integration.
- items:
- type: string
- type: array
- namespaceLabel:
- description: |-
- Enables the camel-k-operator to set the "bindings.knative.dev/include=true" label to the namespace
- As Knative requires this label to perform injection of K_SINK URL into the service.
- If this is false, the integration pod may start and fail, read the SinkBinding Knative documentation. (default: true)
- type: boolean
- sinkBinding:
- description: |-
- Allows binding the integration to a sink via a Knative SinkBinding resource.
- This can be used when the integration targets a single sink.
- It's enabled by default when the integration targets a single sink
- (except when the integration is owned by a Knative source).
- type: boolean
- type: object
- knative-service:
- description: The configuration of Knative Service trait
- properties:
- annotations:
- additionalProperties:
- type: string
- description: |-
- The annotations added to route.
- This can be used to set knative service specific annotations
- CLI usage example: -t "knative-service.annotations.'haproxy.router.openshift.io/balance'=true"
- type: object
- auto:
- description: |-
- Automatically deploy the integration as Knative service when all conditions hold:
-
-
- * Integration is using the Knative profile
- * All routes are either starting from an HTTP based consumer or a passive consumer (e.g. `direct` is a passive consumer)
- type: boolean
- autoscalingMetric:
- description: |-
- Configures the Knative autoscaling metric property (e.g. to set `concurrency` based or `cpu` based autoscaling).
-
-
- Refer to the Knative documentation for more information.
- type: string
- autoscalingTarget:
- description: |-
- Sets the allowed concurrency level or CPU percentage (depending on the autoscaling metric) for each Pod.
-
-
- Refer to the Knative documentation for more information.
- type: integer
- class:
- description: |-
- Configures the Knative autoscaling class property (e.g. to set `hpa.autoscaling.knative.dev` or `kpa.autoscaling.knative.dev` autoscaling).
-
-
- Refer to the Knative documentation for more information.
- enum:
- - kpa.autoscaling.knative.dev
- - hpa.autoscaling.knative.dev
- type: string
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- maxScale:
- description: |-
- An upper bound for the number of Pods that can be running in parallel for the integration.
- Knative has its own cap value that depends on the installation.
-
-
- Refer to the Knative documentation for more information.
- type: integer
- minScale:
- description: |-
- The minimum number of Pods that should be running at any time for the integration. It's **zero** by default, meaning that
- the integration is scaled down to zero when not used for a configured amount of time.
-
-
- Refer to the Knative documentation for more information.
- type: integer
- rolloutDuration:
- description: |-
- Enables to gradually shift traffic to the latest Revision and sets the rollout duration.
- It's disabled by default and must be expressed as a Golang `time.Duration` string representation,
- rounded to a second precision.
- type: string
- timeoutSeconds:
- description: |-
- The maximum duration in seconds that the request instance is allowed to respond to a request.
- This field propagates to the integration pod's terminationGracePeriodSeconds
-
-
- Refer to the Knative documentation for more information.
- format: int64
- type: integer
- visibility:
- description: |-
- Setting `cluster-local`, Knative service becomes a private service.
- Specifically, this option applies the `networking.knative.dev/visibility` label to Knative service.
-
-
- Refer to the Knative documentation for more information.
- enum:
- - cluster-local
- type: string
- type: object
- logging:
- description: The configuration of Logging trait
- properties:
- color:
- description: Colorize the log output
- type: boolean
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- format:
- description: Logs message format
- type: string
- json:
- description: Output the logs in JSON
- type: boolean
- jsonPrettyPrint:
- description: Enable "pretty printing" of the JSON logs
- type: boolean
- level:
- description: Adjust the logging level (defaults to `INFO`)
- enum:
- - FATAL
- - WARN
- - INFO
- - DEBUG
- - TRACE
- type: string
- type: object
- master:
- description: 'Deprecated: for backward compatibility.'
- properties:
- configuration:
- description: TraitConfiguration parameters configuration
- type: object
- x-kubernetes-preserve-unknown-fields: true
- required:
- - configuration
- type: object
- mount:
- description: The configuration of Mount trait
- properties:
- configs:
- description: |-
- A list of configuration pointing to configmap/secret.
- The configuration are expected to be UTF-8 resources as they are processed by runtime Camel Context and tried to be parsed as property files.
- They are also made available on the classpath in order to ease their usage directly from the Route.
- Syntax: [configmap|secret]:name[/key], where name represents the resource name and key optionally represents the resource key to be filtered
- items:
- type: string
- type: array
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- emptyDirs:
- description: 'A list of EmptyDir volumes to be mounted. Syntax:
- [name:/container/path]'
- items:
- type: string
- type: array
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- hotReload:
- description: |-
- Enable "hot reload" when a secret/configmap mounted is edited (default `false`). The configmap/secret must be
- marked with `camel.apache.org/integration` label to be taken in account. The resource will be watched for any kind change, also for
- changes in metadata.
- type: boolean
- resources:
- description: |-
- A list of resources (text or binary content) pointing to configmap/secret.
- The resources are expected to be any resource type (text or binary content).
- The destination path can be either a default location or any path specified by the user.
- Syntax: [configmap|secret]:name[/key][@path], where name represents the resource name, key optionally represents the resource key to be filtered and path represents the destination path
- items:
- type: string
- type: array
- scanKameletsImplicitLabelSecrets:
- description: |-
- Deprecated: include your properties in an explicit property file backed by a secret.
- Let the operator to scan for secret labeled with `camel.apache.org/kamelet` and `camel.apache.org/kamelet.configuration`.
- These secrets are mounted to the application and treated as plain properties file with their key/value list
- (ie .spec.data["camel.my-property"] = my-value) (default `true`).
- type: boolean
- volumes:
- description: 'A list of Persistent Volume Claims to be mounted.
- Syntax: [pvcname:/container/path]'
- items:
- type: string
- type: array
- type: object
- openapi:
- description: The configuration of OpenAPI trait
- properties:
- configmaps:
- description: The configmaps holding the spec of the OpenAPI
- (compatible with > 3.0 spec only).
- items:
- type: string
- type: array
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- type: object
- owner:
- description: The configuration of Owner trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- targetAnnotations:
- description: The set of annotations to be transferred
- items:
- type: string
- type: array
- targetLabels:
- description: The set of labels to be transferred
- items:
- type: string
- type: array
- type: object
- pdb:
- description: The configuration of PDB trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- maxUnavailable:
- description: |-
- The number of pods for the Integration that can be unavailable after an eviction.
- It can be either an absolute number or a percentage (default `1` if `min-available` is also not set).
- Only one of `max-unavailable` and `min-available` can be specified.
- type: string
- minAvailable:
- description: |-
- The number of pods for the Integration that must still be available after an eviction.
- It can be either an absolute number or a percentage.
- Only one of `min-available` and `max-unavailable` can be specified.
- type: string
- type: object
- platform:
- description: The configuration of Platform trait
- properties:
- auto:
- description: |-
- To automatically detect from the environment if a default platform can be created (it will be created on OpenShift or when a registry address is set).
- Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility
- type: boolean
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- createDefault:
- description: |-
- To create a default (empty) platform when the platform is missing.
- Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility
- type: boolean
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- global:
- description: |-
- Indicates if the platform should be created globally in the case of global operator (default true).
- Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility
- type: boolean
- type: object
- pod:
- description: The configuration of Pod trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- type: object
- prometheus:
- description: The configuration of Prometheus trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- podMonitor:
- description: Whether a `PodMonitor` resource is created (default
- `true`).
- type: boolean
- podMonitorLabels:
- description: The `PodMonitor` resource labels, applicable
- when `pod-monitor` is `true`.
- items:
- type: string
- type: array
- type: object
- pull-secret:
- description: The configuration of Pull Secret trait
- properties:
- auto:
- description: Automatically configures the platform registry
- secret on the pod if it is of type `kubernetes.io/dockerconfigjson`.
- type: boolean
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- imagePullerDelegation:
- description: When using a global operator with a shared platform,
- this enables delegation of the `system:image-puller` cluster
- role on the operator namespace to the integration service
- account.
- type: boolean
- secretName:
- description: The pull secret name to set on the Pod. If left
- empty this is automatically taken from the `IntegrationPlatform`
- registry configuration.
- type: string
- type: object
- quarkus:
- description: The configuration of Quarkus trait
- properties:
- buildMode:
- description: |-
- The Quarkus mode to run: either `jvm` or `native` (default `jvm`).
- In case both `jvm` and `native` are specified, two `IntegrationKit` resources are created,
- with the `native` kit having precedence over the `jvm` one once ready.
- items:
- description: QuarkusMode is the type of Quarkus build packaging.
- enum:
- - jvm
- - native
- type: string
- type: array
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- nativeBaseImage:
- description: The base image to use when running a native build
- (default `quay.io/quarkus/quarkus-micro-image:2.0`)
- type: string
- nativeBuilderImage:
- description: The image containing the tooling required for
- a native build (by default it will use the one provided
- in the runtime catalog)
- type: string
- packageTypes:
- description: |-
- The Quarkus package types, `fast-jar` or `native` (default `fast-jar`).
- In case both `fast-jar` and `native` are specified, two `IntegrationKit` resources are created,
- with the native kit having precedence over the `fast-jar` one once ready.
- The order influences the resolution of the current kit for the integration.
- The kit corresponding to the first package type will be assigned to the
- integration in case no existing kit that matches the integration exists.
- Deprecated: use `build-mode` instead.
- items:
- description: |-
- QuarkusPackageType is the type of Quarkus build packaging.
- Deprecated: use `QuarkusMode` instead.
- enum:
- - fast-jar
- - native
- type: string
- type: array
- type: object
- registry:
- description: |-
- The configuration of Registry trait (support removed since version 2.5.0).
- Deprecated: use jvm trait or read documentation.
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- type: object
- route:
- description: The configuration of Route trait
- properties:
- annotations:
- additionalProperties:
- type: string
- description: |-
- The annotations added to route.
- This can be used to set route specific annotations
- For annotations options see https://docs.openshift.com/container-platform/3.11/architecture/networking/routes.html#route-specific-annotations
- CLI usage example: -t "route.annotations.'haproxy.router.openshift.io/balance'=true"
- type: object
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- host:
- description: To configure the host exposed by the route.
- type: string
- tlsCACertificate:
- description: |-
- The TLS CA certificate contents.
-
-
- Refer to the OpenShift route documentation for additional information.
- type: string
- tlsCACertificateSecret:
- description: |-
- The secret name and key reference to the TLS CA certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
-
-
- Refer to the OpenShift route documentation for additional information.
- type: string
- tlsCertificate:
- description: |-
- The TLS certificate contents.
-
-
- Refer to the OpenShift route documentation for additional information.
- type: string
- tlsCertificateSecret:
- description: |-
- The secret name and key reference to the TLS certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
-
-
- Refer to the OpenShift route documentation for additional information.
- type: string
- tlsDestinationCACertificate:
- description: |-
- The destination CA certificate provides the contents of the ca certificate of the final destination. When using reencrypt
- termination this file should be provided in order to have routers use it for health checks on the secure connection.
- If this field is not specified, the router may provide its own destination CA and perform hostname validation using
- the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically
- verify.
-
-
- Refer to the OpenShift route documentation for additional information.
- type: string
- tlsDestinationCACertificateSecret:
- description: |-
- The secret name and key reference to the destination CA certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
-
-
- Refer to the OpenShift route documentation for additional information.
- type: string
- tlsInsecureEdgeTerminationPolicy:
- description: |-
- To configure how to deal with insecure traffic, e.g. `Allow`, `Disable` or `Redirect` traffic.
-
-
- Refer to the OpenShift route documentation for additional information.
- enum:
- - None
- - Allow
- - Redirect
- type: string
- tlsKey:
- description: |-
- The TLS certificate key contents.
-
-
- Refer to the OpenShift route documentation for additional information.
- type: string
- tlsKeySecret:
- description: |-
- The secret name and key reference to the TLS certificate key. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
-
-
- Refer to the OpenShift route documentation for additional information.
- type: string
- tlsTermination:
- description: |-
- The TLS termination type, like `edge`, `passthrough` or `reencrypt`.
-
-
- Refer to the OpenShift route documentation for additional information.
- enum:
- - edge
- - reencrypt
- - passthrough
- type: string
- type: object
- security-context:
- description: The configuration of Security Context trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- runAsNonRoot:
- description: Security Context RunAsNonRoot configuration (default
- false).
- type: boolean
- runAsUser:
- description: 'Security Context RunAsUser configuration (default
- none): this value is automatically retrieved in Openshift
- clusters when not explicitly set.'
- format: int64
- type: integer
- seccompProfileType:
- description: Security Context SeccompProfileType configuration
- (default RuntimeDefault).
- enum:
- - Unconfined
- - RuntimeDefault
- type: string
- type: object
- service:
- description: The configuration of Service trait
- properties:
- auto:
- description: To automatically detect from the code if a Service
- needs to be created.
- type: boolean
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- nodePort:
- description: |-
- Enable Service to be exposed as NodePort (default `false`).
- Deprecated: Use service type instead.
- type: boolean
- type:
- description: The type of service to be used, either 'ClusterIP',
- 'NodePort' or 'LoadBalancer'.
- enum:
- - ClusterIP
- - NodePort
- - LoadBalancer
- type: string
- type: object
- service-binding:
- description: The configuration of Service Binding trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- services:
- description: List of Services in the form [[apigroup/]version:]kind:[namespace/]name
- items:
- type: string
- type: array
- type: object
- strimzi:
- description: 'Deprecated: for backward compatibility.'
- properties:
- configuration:
- description: TraitConfiguration parameters configuration
- type: object
- x-kubernetes-preserve-unknown-fields: true
- required:
- - configuration
- type: object
- toleration:
- description: The configuration of Toleration trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait. All
- traits share this common property.
- type: boolean
- taints:
- description: The list of taints to tolerate, in the form `Key[=Value]:Effect[:Seconds]`
- items:
- type: string
- type: array
- type: object
- tracing:
- description: 'Deprecated: for backward compatibility.'
- properties:
- configuration:
- description: TraitConfiguration parameters configuration
- type: object
- x-kubernetes-preserve-unknown-fields: true
- required:
- - configuration
- type: object
- type: object
- type: object
- status:
- description: the status of the Integration
- properties:
- capabilities:
- description: features offered by the Integration
- items:
- type: string
- type: array
- conditions:
- description: a list of events happened for the Integration
- items:
- description: IntegrationCondition describes the state of a resource
- at a certain point.
- properties:
- firstTruthyTime:
- description: First time the condition status transitioned to
- True.
- format: date-time
- type: string
- lastTransitionTime:
- description: Last time the condition transitioned from one status
- to another.
- format: date-time
- type: string
- lastUpdateTime:
- description: The last time this condition was updated.
- format: date-time
- type: string
- message:
- description: A human-readable message indicating details about
- the transition.
- type: string
- pods:
- description: Pods collect health and conditions information
- from the owned PODs
- items:
- properties:
- condition:
- description: PodCondition contains details for the current
- condition of this pod.
- properties:
- lastProbeTime:
- description: Last time we probed the condition.
- format: date-time
- type: string
- lastTransitionTime:
- description: Last time the condition transitioned
- from one status to another.
- format: date-time
- type: string
- message:
- description: Human-readable message indicating details
- about last transition.
- type: string
- reason:
- description: Unique, one-word, CamelCase reason for
- the condition's last transition.
- type: string
- status:
- description: |-
- Status is the status of the condition.
- Can be True, False, Unknown.
- More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions
- type: string
- type:
- description: |-
- Type is the type of the condition.
- More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions
- type: string
- required:
- - status
- - type
- type: object
- health:
- items:
- properties:
- data:
- description: |-
- RawMessage is a raw encoded JSON value.
- It implements Marshaler and Unmarshaler and can
- be used to delay JSON decoding or precompute a JSON encoding.
- x-kubernetes-preserve-unknown-fields: true
- name:
- type: string
- status:
- type: string
- type: object
- type: array
- name:
- type: string
- required:
- - condition
- type: object
- type: array
- reason:
- description: The reason for the condition's last transition.
- type: string
- status:
- description: Status of the condition, one of True, False, Unknown.
- type: string
- type:
- description: Type of integration condition.
- type: string
- required:
- - status
- - type
- type: object
- type: array
- configuration:
- description: |-
- Deprecated:
- a list of configuration specification
- items:
- description: ConfigurationSpec represents a generic configuration
- specification.
- properties:
- type:
- description: 'represents the type of configuration, ie: property,
- configmap, secret, ...'
- type: string
- value:
- description: the value to assign to the configuration (syntax
- may vary depending on the `Type`)
- type: string
- required:
- - type
- - value
- type: object
- type: array
- dependencies:
- description: a list of dependencies needed by the application
- items:
- type: string
- type: array
- digest:
- description: the digest calculated for this Integration
- type: string
- generatedSources:
- description: a list of sources generated for this Integration
- items:
- description: SourceSpec defines the configuration for one or more
- routes to be executed in a certain Camel DSL language.
- properties:
- compression:
- description: if the content is compressed (base64 encrypted)
- type: boolean
- content:
- description: the source code (plain text)
- type: string
- contentKey:
- description: the confimap key holding the source content
- type: string
- contentRef:
- description: the confimap reference holding the source content
- type: string
- contentType:
- description: the content type (tipically text or binary)
- type: string
- from-kamelet:
- description: True if the spec is generated from a Kamelet
- type: boolean
- interceptors:
- description: |-
- Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader
- uses to pre/post process sources
- items:
- type: string
- type: array
- language:
- description: specify which is the language (Camel DSL) used
- to interpret this source code
- type: string
- loader:
- description: |-
- Loader is an optional id of the org.apache.camel.k.RoutesLoader that will
- interpret this source at runtime
- type: string
- name:
- description: the name of the specification
- type: string
- path:
- description: the path where the file is stored
- type: string
- property-names:
- description: List of property names defined in the source (e.g.
- if type is "template")
- items:
- type: string
- type: array
- rawContent:
- description: the source code (binary)
- format: byte
- type: string
- type:
- description: Type defines the kind of source described by this
- object
- type: string
- type: object
- type: array
- image:
- description: the container image used
- type: string
- integrationKit:
- description: the reference of the `IntegrationKit` which is used for
- this Integration
- properties:
- apiVersion:
- description: API version of the referent.
- type: string
- fieldPath:
- description: |-
- If referring to a piece of an object instead of an entire object, this string
- should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
- For example, if the object reference is to a container within a pod, this would take on a value like:
- "spec.containers{name}" (where "name" refers to the name of the container that triggered
- the event) or if no container name is specified "spec.containers[2]" (container with
- index 2 in this pod). This syntax is chosen only to have some well-defined way of
- referencing a part of an object.
- TODO: this design is not final and this field is subject to change in the future.
- type: string
- kind:
- description: |-
- Kind of the referent.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
- type: string
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- type: string
- namespace:
- description: |-
- Namespace of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
- type: string
- resourceVersion:
- description: |-
- Specific resourceVersion to which this reference is made, if any.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
- type: string
- uid:
- description: |-
- UID of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
- type: string
- type: object
- x-kubernetes-map-type: atomic
- lastInitTimestamp:
- description: the timestamp representing the last time when this integration
- was initialized.
- format: date-time
- type: string
- observedGeneration:
- description: ObservedGeneration is the most recent generation observed
- for this Integration.
- format: int64
- type: integer
- phase:
- description: the actual phase
- type: string
- platform:
- description: The IntegrationPlatform watching this Integration
- type: string
- profile:
- description: the profile needed to run this Integration
- type: string
- replicas:
- description: the number of replicas
- format: int32
- type: integer
- runtimeProvider:
- description: the runtime provider targeted for this Integration
- type: string
- runtimeVersion:
- description: the runtime version targeted for this Integration
- type: string
- selector:
- description: label selector
- type: string
- version:
- description: the operator version
- type: string
- type: object
- type: object
- served: true
- storage: true
- subresources:
- scale:
- labelSelectorPath: .status.selector
- specReplicasPath: .spec.replicas
- statusReplicasPath: .status.replicas
- status: {}
diff --git a/helm/camel-k/crds/crd-kamelet-binding.yaml b/helm/camel-k/crds/crd-kamelet-binding.yaml
deleted file mode 100644
index 2805a4bc92..0000000000
--- a/helm/camel-k/crds/crd-kamelet-binding.yaml
+++ /dev/null
@@ -1,8923 +0,0 @@
-# ---------------------------------------------------------------------------
-# Licensed to the Apache Software Foundation (ASF) under one or more
-# contributor license agreements. See the NOTICE file distributed with
-# this work for additional information regarding copyright ownership.
-# The ASF licenses this file to You under the Apache License, Version 2.0
-# (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-# ---------------------------------------------------------------------------
-
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.15.0
- name: kameletbindings.camel.apache.org
-spec:
- group: camel.apache.org
- names:
- categories:
- - kamel
- - camel
- kind: KameletBinding
- listKind: KameletBindingList
- plural: kameletbindings
- shortNames:
- - klb
- singular: kameletbinding
- scope: Namespaced
- versions:
- - additionalPrinterColumns:
- - description: The Kamelet Binding phase
- jsonPath: .status.phase
- name: Phase
- type: string
- - description: The number of pods
- jsonPath: .status.replicas
- name: Replicas
- type: integer
- deprecated: true
- deprecationWarning: v1apha1.KameletBinding is deprecated, please, use v1.Pipe
- instead
- name: v1alpha1
- schema:
- openAPIV3Schema:
- description: KameletBinding is the Schema for the kamelets binding API.
- properties:
- apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
- type: string
- kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
- type: string
- metadata:
- type: object
- spec:
- description: the specification of a KameletBinding
- properties:
- errorHandler:
- description: ErrorHandler is an optional handler called upon an error
- occurring in the integration
- type: object
- x-kubernetes-preserve-unknown-fields: true
- integration:
- description: Integration is an optional integration used to specify
- custom parameters
- properties:
- configuration:
- description: |-
- Deprecated:
- Use camel trait (camel.properties) to manage properties
- Use mount trait (mount.configs) to manage configs
- Use mount trait (mount.resources) to manage resources
- Use mount trait (mount.volumes) to manage volumes
- items:
- description: ConfigurationSpec represents a generic configuration
- specification.
- properties:
- type:
- description: 'represents the type of configuration, ie:
- property, configmap, secret, ...'
- type: string
- value:
- description: the value to assign to the configuration (syntax
- may vary depending on the `Type`)
- type: string
- required:
- - type
- - value
- type: object
- type: array
- dependencies:
- description: the list of Camel or Maven dependencies required
- by the Integration
- items:
- type: string
- type: array
- flows:
- description: a source in YAML DSL language which contain the routes
- to run
- items:
- description: Flow is an unstructured object representing a Camel
- Flow in YAML/JSON DSL.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- type: array
- integrationKit:
- description: the reference of the `IntegrationKit` which is used
- for this Integration
- properties:
- apiVersion:
- description: API version of the referent.
- type: string
- fieldPath:
- description: |-
- If referring to a piece of an object instead of an entire object, this string
- should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
- For example, if the object reference is to a container within a pod, this would take on a value like:
- "spec.containers{name}" (where "name" refers to the name of the container that triggered
- the event) or if no container name is specified "spec.containers[2]" (container with
- index 2 in this pod). This syntax is chosen only to have some well-defined way of
- referencing a part of an object.
- TODO: this design is not final and this field is subject to change in the future.
- type: string
- kind:
- description: |-
- Kind of the referent.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
- type: string
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- type: string
- namespace:
- description: |-
- Namespace of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
- type: string
- resourceVersion:
- description: |-
- Specific resourceVersion to which this reference is made, if any.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
- type: string
- uid:
- description: |-
- UID of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
- type: string
- type: object
- x-kubernetes-map-type: atomic
- profile:
- description: the profile needed to run this Integration
- type: string
- replicas:
- description: the number of `Pods` needed for the running Integration
- format: int32
- type: integer
- repositories:
- description: additional Maven repositories to be used
- items:
- type: string
- type: array
- serviceAccountName:
- description: custom SA to use for the Integration
- type: string
- sources:
- description: the sources which contain the Camel routes to run
- items:
- description: SourceSpec defines the configuration for one or
- more routes to be executed in a certain Camel DSL language.
- properties:
- compression:
- description: if the content is compressed (base64 encrypted)
- type: boolean
- content:
- description: the source code (plain text)
- type: string
- contentKey:
- description: the confimap key holding the source content
- type: string
- contentRef:
- description: the confimap reference holding the source content
- type: string
- contentType:
- description: the content type (tipically text or binary)
- type: string
- from-kamelet:
- description: True if the spec is generated from a Kamelet
- type: boolean
- interceptors:
- description: |-
- Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader
- uses to pre/post process sources
- items:
- type: string
- type: array
- language:
- description: specify which is the language (Camel DSL) used
- to interpret this source code
- type: string
- loader:
- description: |-
- Loader is an optional id of the org.apache.camel.k.RoutesLoader that will
- interpret this source at runtime
- type: string
- name:
- description: the name of the specification
- type: string
- path:
- description: the path where the file is stored
- type: string
- property-names:
- description: List of property names defined in the source
- (e.g. if type is "template")
- items:
- type: string
- type: array
- rawContent:
- description: the source code (binary)
- format: byte
- type: string
- type:
- description: Type defines the kind of source described by
- this object
- type: string
- type: object
- type: array
- template:
- description: Pod template customization
- properties:
- spec:
- description: the specification
- properties:
- activeDeadlineSeconds:
- description: ActiveDeadlineSeconds
- format: int64
- type: integer
- automountServiceAccountToken:
- description: AutomountServiceAccountToken
- type: boolean
- containers:
- description: Containers
- items:
- description: A single application container that you
- want to run within a pod.
- properties:
- args:
- description: |-
- Arguments to the entrypoint.
- The container image's CMD is used if this is not provided.
- Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
- cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced
- to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
- produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless
- of whether the variable exists or not. Cannot be updated.
- More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
- items:
- type: string
- type: array
- command:
- description: |-
- Entrypoint array. Not executed within a shell.
- The container image's ENTRYPOINT is used if this is not provided.
- Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
- cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced
- to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
- produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless
- of whether the variable exists or not. Cannot be updated.
- More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
- items:
- type: string
- type: array
- env:
- description: |-
- List of environment variables to set in the container.
- Cannot be updated.
- items:
- description: EnvVar represents an environment
- variable present in a Container.
- properties:
- name:
- description: Name of the environment variable.
- Must be a C_IDENTIFIER.
- type: string
- value:
- description: |-
- Variable references $(VAR_NAME) are expanded
- using the previously defined environment variables in the container and
- any service environment variables. If a variable cannot be resolved,
- the reference in the input string will be unchanged. Double $$ are reduced
- to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.
- "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)".
- Escaped references will never be expanded, regardless of whether the variable
- exists or not.
- Defaults to "".
- type: string
- valueFrom:
- description: Source for the environment variable's
- value. Cannot be used if value is not empty.
- properties:
- configMapKeyRef:
- description: Selects a key of a ConfigMap.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the ConfigMap
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- fieldRef:
- description: |-
- Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,
- spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.
- properties:
- apiVersion:
- description: Version of the schema
- the FieldPath is written in terms
- of, defaults to "v1".
- type: string
- fieldPath:
- description: Path of the field to
- select in the specified API version.
- type: string
- required:
- - fieldPath
- type: object
- x-kubernetes-map-type: atomic
- resourceFieldRef:
- description: |-
- Selects a resource of the container: only resources limits and requests
- (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.
- properties:
- containerName:
- description: 'Container name: required
- for volumes, optional for env vars'
- type: string
- divisor:
- anyOf:
- - type: integer
- - type: string
- description: Specifies the output
- format of the exposed resources,
- defaults to "1"
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- resource:
- description: 'Required: resource to
- select'
- type: string
- required:
- - resource
- type: object
- x-kubernetes-map-type: atomic
- secretKeyRef:
- description: Selects a key of a secret
- in the pod's namespace
- properties:
- key:
- description: The key of the secret
- to select from. Must be a valid
- secret key.
- type: string
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the Secret
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- required:
- - name
- type: object
- type: array
- envFrom:
- description: |-
- List of sources to populate environment variables in the container.
- The keys defined within a source must be a C_IDENTIFIER. All invalid keys
- will be reported as an event when the container is starting. When a key exists in multiple
- sources, the value associated with the last source will take precedence.
- Values defined by an Env with a duplicate key will take precedence.
- Cannot be updated.
- items:
- description: EnvFromSource represents the source
- of a set of ConfigMaps
- properties:
- configMapRef:
- description: The ConfigMap to select from
- properties:
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the ConfigMap
- must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- prefix:
- description: An optional identifier to prepend
- to each key in the ConfigMap. Must be a
- C_IDENTIFIER.
- type: string
- secretRef:
- description: The Secret to select from
- properties:
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the Secret
- must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- type: object
- type: array
- image:
- description: |-
- Container image name.
- More info: https://kubernetes.io/docs/concepts/containers/images
- This field is optional to allow higher level config management to default or override
- container images in workload controllers like Deployments and StatefulSets.
- type: string
- imagePullPolicy:
- description: |-
- Image pull policy.
- One of Always, Never, IfNotPresent.
- Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
- Cannot be updated.
- More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
- type: string
- lifecycle:
- description: |-
- Actions that the management system should take in response to container lifecycle events.
- Cannot be updated.
- properties:
- postStart:
- description: |-
- PostStart is called immediately after a container is created. If the handler fails,
- the container is terminated and restarted according to its restart policy.
- Other management of the container blocks until the hook completes.
- More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
- properties:
- exec:
- description: Exec specifies the action to
- take.
- properties:
- command:
- description: |-
- Command is the command line to execute inside the container, the working directory for the
- command is root ('/') in the container's filesystem. The command is simply exec'd, it is
- not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
- a shell, you need to explicitly call out to that shell.
- Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
- items:
- type: string
- type: array
- type: object
- httpGet:
- description: HTTPGet specifies the http
- request to perform.
- properties:
- host:
- description: |-
- Host name to connect to, defaults to the pod IP. You probably want to set
- "Host" in httpHeaders instead.
- type: string
- httpHeaders:
- description: Custom headers to set in
- the request. HTTP allows repeated
- headers.
- items:
- description: HTTPHeader describes
- a custom header to be used in HTTP
- probes
- properties:
- name:
- description: |-
- The header field name.
- This will be canonicalized upon output, so case-variant names will be understood as the same header.
- type: string
- value:
- description: The header field
- value
- type: string
- required:
- - name
- - value
- type: object
- type: array
- path:
- description: Path to access on the HTTP
- server.
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: |-
- Name or number of the port to access on the container.
- Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- scheme:
- description: |-
- Scheme to use for connecting to the host.
- Defaults to HTTP.
- type: string
- required:
- - port
- type: object
- sleep:
- description: Sleep represents the duration
- that the container should sleep before
- being terminated.
- properties:
- seconds:
- description: Seconds is the number of
- seconds to sleep.
- format: int64
- type: integer
- required:
- - seconds
- type: object
- tcpSocket:
- description: |-
- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept
- for the backward compatibility. There are no validation of this field and
- lifecycle hooks will fail in runtime when tcp handler is specified.
- properties:
- host:
- description: 'Optional: Host name to
- connect to, defaults to the pod IP.'
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: |-
- Number or name of the port to access on the container.
- Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- required:
- - port
- type: object
- type: object
- preStop:
- description: |-
- PreStop is called immediately before a container is terminated due to an
- API request or management event such as liveness/startup probe failure,
- preemption, resource contention, etc. The handler is not called if the
- container crashes or exits. The Pod's termination grace period countdown begins before the
- PreStop hook is executed. Regardless of the outcome of the handler, the
- container will eventually terminate within the Pod's termination grace
- period (unless delayed by finalizers). Other management of the container blocks until the hook completes
- or until the termination grace period is reached.
- More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
- properties:
- exec:
- description: Exec specifies the action to
- take.
- properties:
- command:
- description: |-
- Command is the command line to execute inside the container, the working directory for the
- command is root ('/') in the container's filesystem. The command is simply exec'd, it is
- not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
- a shell, you need to explicitly call out to that shell.
- Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
- items:
- type: string
- type: array
- type: object
- httpGet:
- description: HTTPGet specifies the http
- request to perform.
- properties:
- host:
- description: |-
- Host name to connect to, defaults to the pod IP. You probably want to set
- "Host" in httpHeaders instead.
- type: string
- httpHeaders:
- description: Custom headers to set in
- the request. HTTP allows repeated
- headers.
- items:
- description: HTTPHeader describes
- a custom header to be used in HTTP
- probes
- properties:
- name:
- description: |-
- The header field name.
- This will be canonicalized upon output, so case-variant names will be understood as the same header.
- type: string
- value:
- description: The header field
- value
- type: string
- required:
- - name
- - value
- type: object
- type: array
- path:
- description: Path to access on the HTTP
- server.
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: |-
- Name or number of the port to access on the container.
- Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- scheme:
- description: |-
- Scheme to use for connecting to the host.
- Defaults to HTTP.
- type: string
- required:
- - port
- type: object
- sleep:
- description: Sleep represents the duration
- that the container should sleep before
- being terminated.
- properties:
- seconds:
- description: Seconds is the number of
- seconds to sleep.
- format: int64
- type: integer
- required:
- - seconds
- type: object
- tcpSocket:
- description: |-
- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept
- for the backward compatibility. There are no validation of this field and
- lifecycle hooks will fail in runtime when tcp handler is specified.
- properties:
- host:
- description: 'Optional: Host name to
- connect to, defaults to the pod IP.'
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: |-
- Number or name of the port to access on the container.
- Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- required:
- - port
- type: object
- type: object
- type: object
- livenessProbe:
- description: |-
- Periodic probe of container liveness.
- Container will be restarted if the probe fails.
- Cannot be updated.
- More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
- properties:
- exec:
- description: Exec specifies the action to take.
- properties:
- command:
- description: |-
- Command is the command line to execute inside the container, the working directory for the
- command is root ('/') in the container's filesystem. The command is simply exec'd, it is
- not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
- a shell, you need to explicitly call out to that shell.
- Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
- items:
- type: string
- type: array
- type: object
- failureThreshold:
- description: |-
- Minimum consecutive failures for the probe to be considered failed after having succeeded.
- Defaults to 3. Minimum value is 1.
- format: int32
- type: integer
- grpc:
- description: GRPC specifies an action involving
- a GRPC port.
- properties:
- port:
- description: Port number of the gRPC service.
- Number must be in the range 1 to 65535.
- format: int32
- type: integer
- service:
- description: |-
- Service is the name of the service to place in the gRPC HealthCheckRequest
- (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
-
-
- If this is not specified, the default behavior is defined by gRPC.
- type: string
- required:
- - port
- type: object
- httpGet:
- description: HTTPGet specifies the http request
- to perform.
- properties:
- host:
- description: |-
- Host name to connect to, defaults to the pod IP. You probably want to set
- "Host" in httpHeaders instead.
- type: string
- httpHeaders:
- description: Custom headers to set in the
- request. HTTP allows repeated headers.
- items:
- description: HTTPHeader describes a custom
- header to be used in HTTP probes
- properties:
- name:
- description: |-
- The header field name.
- This will be canonicalized upon output, so case-variant names will be understood as the same header.
- type: string
- value:
- description: The header field value
- type: string
- required:
- - name
- - value
- type: object
- type: array
- path:
- description: Path to access on the HTTP
- server.
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: |-
- Name or number of the port to access on the container.
- Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- scheme:
- description: |-
- Scheme to use for connecting to the host.
- Defaults to HTTP.
- type: string
- required:
- - port
- type: object
- initialDelaySeconds:
- description: |-
- Number of seconds after the container has started before liveness probes are initiated.
- More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
- format: int32
- type: integer
- periodSeconds:
- description: |-
- How often (in seconds) to perform the probe.
- Default to 10 seconds. Minimum value is 1.
- format: int32
- type: integer
- successThreshold:
- description: |-
- Minimum consecutive successes for the probe to be considered successful after having failed.
- Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
- format: int32
- type: integer
- tcpSocket:
- description: TCPSocket specifies an action involving
- a TCP port.
- properties:
- host:
- description: 'Optional: Host name to connect
- to, defaults to the pod IP.'
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: |-
- Number or name of the port to access on the container.
- Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- required:
- - port
- type: object
- terminationGracePeriodSeconds:
- description: |-
- Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
- The grace period is the duration in seconds after the processes running in the pod are sent
- a termination signal and the time when the processes are forcibly halted with a kill signal.
- Set this value longer than the expected cleanup time for your process.
- If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
- value overrides the value provided by the pod spec.
- Value must be non-negative integer. The value zero indicates stop immediately via
- the kill signal (no opportunity to shut down).
- This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
- Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
- format: int64
- type: integer
- timeoutSeconds:
- description: |-
- Number of seconds after which the probe times out.
- Defaults to 1 second. Minimum value is 1.
- More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
- format: int32
- type: integer
- type: object
- name:
- description: |-
- Name of the container specified as a DNS_LABEL.
- Each container in a pod must have a unique name (DNS_LABEL).
- Cannot be updated.
- type: string
- ports:
- description: |-
- List of ports to expose from the container. Not specifying a port here
- DOES NOT prevent that port from being exposed. Any port which is
- listening on the default "0.0.0.0" address inside a container will be
- accessible from the network.
- Modifying this array with strategic merge patch may corrupt the data.
- For more information See https://github.com/kubernetes/kubernetes/issues/108255.
- Cannot be updated.
- items:
- description: ContainerPort represents a network
- port in a single container.
- properties:
- containerPort:
- description: |-
- Number of port to expose on the pod's IP address.
- This must be a valid port number, 0 < x < 65536.
- format: int32
- type: integer
- hostIP:
- description: What host IP to bind the external
- port to.
- type: string
- hostPort:
- description: |-
- Number of port to expose on the host.
- If specified, this must be a valid port number, 0 < x < 65536.
- If HostNetwork is specified, this must match ContainerPort.
- Most containers do not need this.
- format: int32
- type: integer
- name:
- description: |-
- If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
- named port in a pod must have a unique name. Name for the port that can be
- referred to by services.
- type: string
- protocol:
- default: TCP
- description: |-
- Protocol for port. Must be UDP, TCP, or SCTP.
- Defaults to "TCP".
- type: string
- required:
- - containerPort
- type: object
- type: array
- x-kubernetes-list-map-keys:
- - containerPort
- - protocol
- x-kubernetes-list-type: map
- readinessProbe:
- description: |-
- Periodic probe of container service readiness.
- Container will be removed from service endpoints if the probe fails.
- Cannot be updated.
- More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
- properties:
- exec:
- description: Exec specifies the action to take.
- properties:
- command:
- description: |-
- Command is the command line to execute inside the container, the working directory for the
- command is root ('/') in the container's filesystem. The command is simply exec'd, it is
- not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
- a shell, you need to explicitly call out to that shell.
- Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
- items:
- type: string
- type: array
- type: object
- failureThreshold:
- description: |-
- Minimum consecutive failures for the probe to be considered failed after having succeeded.
- Defaults to 3. Minimum value is 1.
- format: int32
- type: integer
- grpc:
- description: GRPC specifies an action involving
- a GRPC port.
- properties:
- port:
- description: Port number of the gRPC service.
- Number must be in the range 1 to 65535.
- format: int32
- type: integer
- service:
- description: |-
- Service is the name of the service to place in the gRPC HealthCheckRequest
- (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
-
-
- If this is not specified, the default behavior is defined by gRPC.
- type: string
- required:
- - port
- type: object
- httpGet:
- description: HTTPGet specifies the http request
- to perform.
- properties:
- host:
- description: |-
- Host name to connect to, defaults to the pod IP. You probably want to set
- "Host" in httpHeaders instead.
- type: string
- httpHeaders:
- description: Custom headers to set in the
- request. HTTP allows repeated headers.
- items:
- description: HTTPHeader describes a custom
- header to be used in HTTP probes
- properties:
- name:
- description: |-
- The header field name.
- This will be canonicalized upon output, so case-variant names will be understood as the same header.
- type: string
- value:
- description: The header field value
- type: string
- required:
- - name
- - value
- type: object
- type: array
- path:
- description: Path to access on the HTTP
- server.
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: |-
- Name or number of the port to access on the container.
- Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- scheme:
- description: |-
- Scheme to use for connecting to the host.
- Defaults to HTTP.
- type: string
- required:
- - port
- type: object
- initialDelaySeconds:
- description: |-
- Number of seconds after the container has started before liveness probes are initiated.
- More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
- format: int32
- type: integer
- periodSeconds:
- description: |-
- How often (in seconds) to perform the probe.
- Default to 10 seconds. Minimum value is 1.
- format: int32
- type: integer
- successThreshold:
- description: |-
- Minimum consecutive successes for the probe to be considered successful after having failed.
- Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
- format: int32
- type: integer
- tcpSocket:
- description: TCPSocket specifies an action involving
- a TCP port.
- properties:
- host:
- description: 'Optional: Host name to connect
- to, defaults to the pod IP.'
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: |-
- Number or name of the port to access on the container.
- Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- required:
- - port
- type: object
- terminationGracePeriodSeconds:
- description: |-
- Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
- The grace period is the duration in seconds after the processes running in the pod are sent
- a termination signal and the time when the processes are forcibly halted with a kill signal.
- Set this value longer than the expected cleanup time for your process.
- If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
- value overrides the value provided by the pod spec.
- Value must be non-negative integer. The value zero indicates stop immediately via
- the kill signal (no opportunity to shut down).
- This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
- Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
- format: int64
- type: integer
- timeoutSeconds:
- description: |-
- Number of seconds after which the probe times out.
- Defaults to 1 second. Minimum value is 1.
- More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
- format: int32
- type: integer
- type: object
- resizePolicy:
- description: Resources resize policy for the container.
- items:
- description: ContainerResizePolicy represents
- resource resize policy for the container.
- properties:
- resourceName:
- description: |-
- Name of the resource to which this resource resize policy applies.
- Supported values: cpu, memory.
- type: string
- restartPolicy:
- description: |-
- Restart policy to apply when specified resource is resized.
- If not specified, it defaults to NotRequired.
- type: string
- required:
- - resourceName
- - restartPolicy
- type: object
- type: array
- x-kubernetes-list-type: atomic
- resources:
- description: |-
- Compute Resources required by this container.
- Cannot be updated.
- More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
- properties:
- claims:
- description: |-
- Claims lists the names of resources, defined in spec.resourceClaims,
- that are used by this container.
-
-
- This is an alpha field and requires enabling the
- DynamicResourceAllocation feature gate.
-
-
- This field is immutable. It can only be set for containers.
- items:
- description: ResourceClaim references one
- entry in PodSpec.ResourceClaims.
- properties:
- name:
- description: |-
- Name must match the name of one entry in pod.spec.resourceClaims of
- the Pod where this field is used. It makes that resource available
- inside a container.
- type: string
- required:
- - name
- type: object
- type: array
- x-kubernetes-list-map-keys:
- - name
- x-kubernetes-list-type: map
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: |-
- Limits describes the maximum amount of compute resources allowed.
- More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: |-
- Requests describes the minimum amount of compute resources required.
- If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
- otherwise to an implementation-defined value. Requests cannot exceed Limits.
- More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
- type: object
- type: object
- restartPolicy:
- description: |-
- RestartPolicy defines the restart behavior of individual containers in a pod.
- This field may only be set for init containers, and the only allowed value is "Always".
- For non-init containers or when this field is not specified,
- the restart behavior is defined by the Pod's restart policy and the container type.
- Setting the RestartPolicy as "Always" for the init container will have the following effect:
- this init container will be continually restarted on
- exit until all regular containers have terminated. Once all regular
- containers have completed, all init containers with restartPolicy "Always"
- will be shut down. This lifecycle differs from normal init containers and
- is often referred to as a "sidecar" container. Although this init
- container still starts in the init container sequence, it does not wait
- for the container to complete before proceeding to the next init
- container. Instead, the next init container starts immediately after this
- init container is started, or after any startupProbe has successfully
- completed.
- type: string
- securityContext:
- description: |-
- SecurityContext defines the security options the container should be run with.
- If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.
- More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
- properties:
- allowPrivilegeEscalation:
- description: |-
- AllowPrivilegeEscalation controls whether a process can gain more
- privileges than its parent process. This bool directly controls if
- the no_new_privs flag will be set on the container process.
- AllowPrivilegeEscalation is true always when the container is:
- 1) run as Privileged
- 2) has CAP_SYS_ADMIN
- Note that this field cannot be set when spec.os.name is windows.
- type: boolean
- capabilities:
- description: |-
- The capabilities to add/drop when running containers.
- Defaults to the default set of capabilities granted by the container runtime.
- Note that this field cannot be set when spec.os.name is windows.
- properties:
- add:
- description: Added capabilities
- items:
- description: Capability represent POSIX
- capabilities type
- type: string
- type: array
- drop:
- description: Removed capabilities
- items:
- description: Capability represent POSIX
- capabilities type
- type: string
- type: array
- type: object
- privileged:
- description: |-
- Run container in privileged mode.
- Processes in privileged containers are essentially equivalent to root on the host.
- Defaults to false.
- Note that this field cannot be set when spec.os.name is windows.
- type: boolean
- procMount:
- description: |-
- procMount denotes the type of proc mount to use for the containers.
- The default is DefaultProcMount which uses the container runtime defaults for
- readonly paths and masked paths.
- This requires the ProcMountType feature flag to be enabled.
- Note that this field cannot be set when spec.os.name is windows.
- type: string
- readOnlyRootFilesystem:
- description: |-
- Whether this container has a read-only root filesystem.
- Default is false.
- Note that this field cannot be set when spec.os.name is windows.
- type: boolean
- runAsGroup:
- description: |-
- The GID to run the entrypoint of the container process.
- Uses runtime default if unset.
- May also be set in PodSecurityContext. If set in both SecurityContext and
- PodSecurityContext, the value specified in SecurityContext takes precedence.
- Note that this field cannot be set when spec.os.name is windows.
- format: int64
- type: integer
- runAsNonRoot:
- description: |-
- Indicates that the container must run as a non-root user.
- If true, the Kubelet will validate the image at runtime to ensure that it
- does not run as UID 0 (root) and fail to start the container if it does.
- If unset or false, no such validation will be performed.
- May also be set in PodSecurityContext. If set in both SecurityContext and
- PodSecurityContext, the value specified in SecurityContext takes precedence.
- type: boolean
- runAsUser:
- description: |-
- The UID to run the entrypoint of the container process.
- Defaults to user specified in image metadata if unspecified.
- May also be set in PodSecurityContext. If set in both SecurityContext and
- PodSecurityContext, the value specified in SecurityContext takes precedence.
- Note that this field cannot be set when spec.os.name is windows.
- format: int64
- type: integer
- seLinuxOptions:
- description: |-
- The SELinux context to be applied to the container.
- If unspecified, the container runtime will allocate a random SELinux context for each
- container. May also be set in PodSecurityContext. If set in both SecurityContext and
- PodSecurityContext, the value specified in SecurityContext takes precedence.
- Note that this field cannot be set when spec.os.name is windows.
- properties:
- level:
- description: Level is SELinux level label
- that applies to the container.
- type: string
- role:
- description: Role is a SELinux role label
- that applies to the container.
- type: string
- type:
- description: Type is a SELinux type label
- that applies to the container.
- type: string
- user:
- description: User is a SELinux user label
- that applies to the container.
- type: string
- type: object
- seccompProfile:
- description: |-
- The seccomp options to use by this container. If seccomp options are
- provided at both the pod & container level, the container options
- override the pod options.
- Note that this field cannot be set when spec.os.name is windows.
- properties:
- localhostProfile:
- description: |-
- localhostProfile indicates a profile defined in a file on the node should be used.
- The profile must be preconfigured on the node to work.
- Must be a descending path, relative to the kubelet's configured seccomp profile location.
- Must be set if type is "Localhost". Must NOT be set for any other type.
- type: string
- type:
- description: |-
- type indicates which kind of seccomp profile will be applied.
- Valid options are:
-
-
- Localhost - a profile defined in a file on the node should be used.
- RuntimeDefault - the container runtime default profile should be used.
- Unconfined - no profile should be applied.
- type: string
- required:
- - type
- type: object
- windowsOptions:
- description: |-
- The Windows specific settings applied to all containers.
- If unspecified, the options from the PodSecurityContext will be used.
- If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
- Note that this field cannot be set when spec.os.name is linux.
- properties:
- gmsaCredentialSpec:
- description: |-
- GMSACredentialSpec is where the GMSA admission webhook
- (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the
- GMSA credential spec named by the GMSACredentialSpecName field.
- type: string
- gmsaCredentialSpecName:
- description: GMSACredentialSpecName is the
- name of the GMSA credential spec to use.
- type: string
- hostProcess:
- description: |-
- HostProcess determines if a container should be run as a 'Host Process' container.
- All of a Pod's containers must have the same effective HostProcess value
- (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).
- In addition, if HostProcess is true then HostNetwork must also be set to true.
- type: boolean
- runAsUserName:
- description: |-
- The UserName in Windows to run the entrypoint of the container process.
- Defaults to the user specified in image metadata if unspecified.
- May also be set in PodSecurityContext. If set in both SecurityContext and
- PodSecurityContext, the value specified in SecurityContext takes precedence.
- type: string
- type: object
- type: object
- startupProbe:
- description: |-
- StartupProbe indicates that the Pod has successfully initialized.
- If specified, no other probes are executed until this completes successfully.
- If this probe fails, the Pod will be restarted, just as if the livenessProbe failed.
- This can be used to provide different probe parameters at the beginning of a Pod's lifecycle,
- when it might take a long time to load data or warm a cache, than during steady-state operation.
- This cannot be updated.
- More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
- properties:
- exec:
- description: Exec specifies the action to take.
- properties:
- command:
- description: |-
- Command is the command line to execute inside the container, the working directory for the
- command is root ('/') in the container's filesystem. The command is simply exec'd, it is
- not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
- a shell, you need to explicitly call out to that shell.
- Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
- items:
- type: string
- type: array
- type: object
- failureThreshold:
- description: |-
- Minimum consecutive failures for the probe to be considered failed after having succeeded.
- Defaults to 3. Minimum value is 1.
- format: int32
- type: integer
- grpc:
- description: GRPC specifies an action involving
- a GRPC port.
- properties:
- port:
- description: Port number of the gRPC service.
- Number must be in the range 1 to 65535.
- format: int32
- type: integer
- service:
- description: |-
- Service is the name of the service to place in the gRPC HealthCheckRequest
- (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
-
-
- If this is not specified, the default behavior is defined by gRPC.
- type: string
- required:
- - port
- type: object
- httpGet:
- description: HTTPGet specifies the http request
- to perform.
- properties:
- host:
- description: |-
- Host name to connect to, defaults to the pod IP. You probably want to set
- "Host" in httpHeaders instead.
- type: string
- httpHeaders:
- description: Custom headers to set in the
- request. HTTP allows repeated headers.
- items:
- description: HTTPHeader describes a custom
- header to be used in HTTP probes
- properties:
- name:
- description: |-
- The header field name.
- This will be canonicalized upon output, so case-variant names will be understood as the same header.
- type: string
- value:
- description: The header field value
- type: string
- required:
- - name
- - value
- type: object
- type: array
- path:
- description: Path to access on the HTTP
- server.
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: |-
- Name or number of the port to access on the container.
- Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- scheme:
- description: |-
- Scheme to use for connecting to the host.
- Defaults to HTTP.
- type: string
- required:
- - port
- type: object
- initialDelaySeconds:
- description: |-
- Number of seconds after the container has started before liveness probes are initiated.
- More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
- format: int32
- type: integer
- periodSeconds:
- description: |-
- How often (in seconds) to perform the probe.
- Default to 10 seconds. Minimum value is 1.
- format: int32
- type: integer
- successThreshold:
- description: |-
- Minimum consecutive successes for the probe to be considered successful after having failed.
- Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
- format: int32
- type: integer
- tcpSocket:
- description: TCPSocket specifies an action involving
- a TCP port.
- properties:
- host:
- description: 'Optional: Host name to connect
- to, defaults to the pod IP.'
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: |-
- Number or name of the port to access on the container.
- Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- required:
- - port
- type: object
- terminationGracePeriodSeconds:
- description: |-
- Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
- The grace period is the duration in seconds after the processes running in the pod are sent
- a termination signal and the time when the processes are forcibly halted with a kill signal.
- Set this value longer than the expected cleanup time for your process.
- If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
- value overrides the value provided by the pod spec.
- Value must be non-negative integer. The value zero indicates stop immediately via
- the kill signal (no opportunity to shut down).
- This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
- Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
- format: int64
- type: integer
- timeoutSeconds:
- description: |-
- Number of seconds after which the probe times out.
- Defaults to 1 second. Minimum value is 1.
- More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
- format: int32
- type: integer
- type: object
- stdin:
- description: |-
- Whether this container should allocate a buffer for stdin in the container runtime. If this
- is not set, reads from stdin in the container will always result in EOF.
- Default is false.
- type: boolean
- stdinOnce:
- description: |-
- Whether the container runtime should close the stdin channel after it has been opened by
- a single attach. When stdin is true the stdin stream will remain open across multiple attach
- sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the
- first client attaches to stdin, and then remains open and accepts data until the client disconnects,
- at which time stdin is closed and remains closed until the container is restarted. If this
- flag is false, a container processes that reads from stdin will never receive an EOF.
- Default is false
- type: boolean
- terminationMessagePath:
- description: |-
- Optional: Path at which the file to which the container's termination message
- will be written is mounted into the container's filesystem.
- Message written is intended to be brief final status, such as an assertion failure message.
- Will be truncated by the node if greater than 4096 bytes. The total message length across
- all containers will be limited to 12kb.
- Defaults to /dev/termination-log.
- Cannot be updated.
- type: string
- terminationMessagePolicy:
- description: |-
- Indicate how the termination message should be populated. File will use the contents of
- terminationMessagePath to populate the container status message on both success and failure.
- FallbackToLogsOnError will use the last chunk of container log output if the termination
- message file is empty and the container exited with an error.
- The log output is limited to 2048 bytes or 80 lines, whichever is smaller.
- Defaults to File.
- Cannot be updated.
- type: string
- tty:
- description: |-
- Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.
- Default is false.
- type: boolean
- volumeDevices:
- description: volumeDevices is the list of block
- devices to be used by the container.
- items:
- description: volumeDevice describes a mapping
- of a raw block device within a container.
- properties:
- devicePath:
- description: devicePath is the path inside
- of the container that the device will be
- mapped to.
- type: string
- name:
- description: name must match the name of a
- persistentVolumeClaim in the pod
- type: string
- required:
- - devicePath
- - name
- type: object
- type: array
- volumeMounts:
- description: |-
- Pod volumes to mount into the container's filesystem.
- Cannot be updated.
- items:
- description: VolumeMount describes a mounting
- of a Volume within a container.
- properties:
- mountPath:
- description: |-
- Path within the container at which the volume should be mounted. Must
- not contain ':'.
- type: string
- mountPropagation:
- description: |-
- mountPropagation determines how mounts are propagated from the host
- to container and the other way around.
- When not set, MountPropagationNone is used.
- This field is beta in 1.10.
- type: string
- name:
- description: This must match the Name of a
- Volume.
- type: string
- readOnly:
- description: |-
- Mounted read-only if true, read-write otherwise (false or unspecified).
- Defaults to false.
- type: boolean
- subPath:
- description: |-
- Path within the volume from which the container's volume should be mounted.
- Defaults to "" (volume's root).
- type: string
- subPathExpr:
- description: |-
- Expanded path within the volume from which the container's volume should be mounted.
- Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.
- Defaults to "" (volume's root).
- SubPathExpr and SubPath are mutually exclusive.
- type: string
- required:
- - mountPath
- - name
- type: object
- type: array
- workingDir:
- description: |-
- Container's working directory.
- If not specified, the container runtime's default will be used, which
- might be configured in the container image.
- Cannot be updated.
- type: string
- required:
- - name
- type: object
- type: array
- dnsPolicy:
- description: DNSPolicy
- type: string
- ephemeralContainers:
- description: EphemeralContainers
- items:
- description: |-
- An EphemeralContainer is a temporary container that you may add to an existing Pod for
- user-initiated activities such as debugging. Ephemeral containers have no resource or
- scheduling guarantees, and they will not be restarted when they exit or when a Pod is
- removed or restarted. The kubelet may evict a Pod if an ephemeral container causes the
- Pod to exceed its resource allocation.
-
-
- To add an ephemeral container, use the ephemeralcontainers subresource of an existing
- Pod. Ephemeral containers may not be removed or restarted.
- properties:
- args:
- description: |-
- Arguments to the entrypoint.
- The image's CMD is used if this is not provided.
- Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
- cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced
- to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
- produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless
- of whether the variable exists or not. Cannot be updated.
- More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
- items:
- type: string
- type: array
- command:
- description: |-
- Entrypoint array. Not executed within a shell.
- The image's ENTRYPOINT is used if this is not provided.
- Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
- cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced
- to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
- produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless
- of whether the variable exists or not. Cannot be updated.
- More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
- items:
- type: string
- type: array
- env:
- description: |-
- List of environment variables to set in the container.
- Cannot be updated.
- items:
- description: EnvVar represents an environment
- variable present in a Container.
- properties:
- name:
- description: Name of the environment variable.
- Must be a C_IDENTIFIER.
- type: string
- value:
- description: |-
- Variable references $(VAR_NAME) are expanded
- using the previously defined environment variables in the container and
- any service environment variables. If a variable cannot be resolved,
- the reference in the input string will be unchanged. Double $$ are reduced
- to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.
- "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)".
- Escaped references will never be expanded, regardless of whether the variable
- exists or not.
- Defaults to "".
- type: string
- valueFrom:
- description: Source for the environment variable's
- value. Cannot be used if value is not empty.
- properties:
- configMapKeyRef:
- description: Selects a key of a ConfigMap.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the ConfigMap
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- fieldRef:
- description: |-
- Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,
- spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.
- properties:
- apiVersion:
- description: Version of the schema
- the FieldPath is written in terms
- of, defaults to "v1".
- type: string
- fieldPath:
- description: Path of the field to
- select in the specified API version.
- type: string
- required:
- - fieldPath
- type: object
- x-kubernetes-map-type: atomic
- resourceFieldRef:
- description: |-
- Selects a resource of the container: only resources limits and requests
- (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.
- properties:
- containerName:
- description: 'Container name: required
- for volumes, optional for env vars'
- type: string
- divisor:
- anyOf:
- - type: integer
- - type: string
- description: Specifies the output
- format of the exposed resources,
- defaults to "1"
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- resource:
- description: 'Required: resource to
- select'
- type: string
- required:
- - resource
- type: object
- x-kubernetes-map-type: atomic
- secretKeyRef:
- description: Selects a key of a secret
- in the pod's namespace
- properties:
- key:
- description: The key of the secret
- to select from. Must be a valid
- secret key.
- type: string
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the Secret
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- required:
- - name
- type: object
- type: array
- envFrom:
- description: |-
- List of sources to populate environment variables in the container.
- The keys defined within a source must be a C_IDENTIFIER. All invalid keys
- will be reported as an event when the container is starting. When a key exists in multiple
- sources, the value associated with the last source will take precedence.
- Values defined by an Env with a duplicate key will take precedence.
- Cannot be updated.
- items:
- description: EnvFromSource represents the source
- of a set of ConfigMaps
- properties:
- configMapRef:
- description: The ConfigMap to select from
- properties:
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the ConfigMap
- must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- prefix:
- description: An optional identifier to prepend
- to each key in the ConfigMap. Must be a
- C_IDENTIFIER.
- type: string
- secretRef:
- description: The Secret to select from
- properties:
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the Secret
- must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- type: object
- type: array
- image:
- description: |-
- Container image name.
- More info: https://kubernetes.io/docs/concepts/containers/images
- type: string
- imagePullPolicy:
- description: |-
- Image pull policy.
- One of Always, Never, IfNotPresent.
- Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
- Cannot be updated.
- More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
- type: string
- lifecycle:
- description: Lifecycle is not allowed for ephemeral
- containers.
- properties:
- postStart:
- description: |-
- PostStart is called immediately after a container is created. If the handler fails,
- the container is terminated and restarted according to its restart policy.
- Other management of the container blocks until the hook completes.
- More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
- properties:
- exec:
- description: Exec specifies the action to
- take.
- properties:
- command:
- description: |-
- Command is the command line to execute inside the container, the working directory for the
- command is root ('/') in the container's filesystem. The command is simply exec'd, it is
- not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
- a shell, you need to explicitly call out to that shell.
- Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
- items:
- type: string
- type: array
- type: object
- httpGet:
- description: HTTPGet specifies the http
- request to perform.
- properties:
- host:
- description: |-
- Host name to connect to, defaults to the pod IP. You probably want to set
- "Host" in httpHeaders instead.
- type: string
- httpHeaders:
- description: Custom headers to set in
- the request. HTTP allows repeated
- headers.
- items:
- description: HTTPHeader describes
- a custom header to be used in HTTP
- probes
- properties:
- name:
- description: |-
- The header field name.
- This will be canonicalized upon output, so case-variant names will be understood as the same header.
- type: string
- value:
- description: The header field
- value
- type: string
- required:
- - name
- - value
- type: object
- type: array
- path:
- description: Path to access on the HTTP
- server.
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: |-
- Name or number of the port to access on the container.
- Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- scheme:
- description: |-
- Scheme to use for connecting to the host.
- Defaults to HTTP.
- type: string
- required:
- - port
- type: object
- sleep:
- description: Sleep represents the duration
- that the container should sleep before
- being terminated.
- properties:
- seconds:
- description: Seconds is the number of
- seconds to sleep.
- format: int64
- type: integer
- required:
- - seconds
- type: object
- tcpSocket:
- description: |-
- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept
- for the backward compatibility. There are no validation of this field and
- lifecycle hooks will fail in runtime when tcp handler is specified.
- properties:
- host:
- description: 'Optional: Host name to
- connect to, defaults to the pod IP.'
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: |-
- Number or name of the port to access on the container.
- Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- required:
- - port
- type: object
- type: object
- preStop:
- description: |-
- PreStop is called immediately before a container is terminated due to an
- API request or management event such as liveness/startup probe failure,
- preemption, resource contention, etc. The handler is not called if the
- container crashes or exits. The Pod's termination grace period countdown begins before the
- PreStop hook is executed. Regardless of the outcome of the handler, the
- container will eventually terminate within the Pod's termination grace
- period (unless delayed by finalizers). Other management of the container blocks until the hook completes
- or until the termination grace period is reached.
- More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
- properties:
- exec:
- description: Exec specifies the action to
- take.
- properties:
- command:
- description: |-
- Command is the command line to execute inside the container, the working directory for the
- command is root ('/') in the container's filesystem. The command is simply exec'd, it is
- not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
- a shell, you need to explicitly call out to that shell.
- Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
- items:
- type: string
- type: array
- type: object
- httpGet:
- description: HTTPGet specifies the http
- request to perform.
- properties:
- host:
- description: |-
- Host name to connect to, defaults to the pod IP. You probably want to set
- "Host" in httpHeaders instead.
- type: string
- httpHeaders:
- description: Custom headers to set in
- the request. HTTP allows repeated
- headers.
- items:
- description: HTTPHeader describes
- a custom header to be used in HTTP
- probes
- properties:
- name:
- description: |-
- The header field name.
- This will be canonicalized upon output, so case-variant names will be understood as the same header.
- type: string
- value:
- description: The header field
- value
- type: string
- required:
- - name
- - value
- type: object
- type: array
- path:
- description: Path to access on the HTTP
- server.
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: |-
- Name or number of the port to access on the container.
- Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- scheme:
- description: |-
- Scheme to use for connecting to the host.
- Defaults to HTTP.
- type: string
- required:
- - port
- type: object
- sleep:
- description: Sleep represents the duration
- that the container should sleep before
- being terminated.
- properties:
- seconds:
- description: Seconds is the number of
- seconds to sleep.
- format: int64
- type: integer
- required:
- - seconds
- type: object
- tcpSocket:
- description: |-
- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept
- for the backward compatibility. There are no validation of this field and
- lifecycle hooks will fail in runtime when tcp handler is specified.
- properties:
- host:
- description: 'Optional: Host name to
- connect to, defaults to the pod IP.'
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: |-
- Number or name of the port to access on the container.
- Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- required:
- - port
- type: object
- type: object
- type: object
- livenessProbe:
- description: Probes are not allowed for ephemeral
- containers.
- properties:
- exec:
- description: Exec specifies the action to take.
- properties:
- command:
- description: |-
- Command is the command line to execute inside the container, the working directory for the
- command is root ('/') in the container's filesystem. The command is simply exec'd, it is
- not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
- a shell, you need to explicitly call out to that shell.
- Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
- items:
- type: string
- type: array
- type: object
- failureThreshold:
- description: |-
- Minimum consecutive failures for the probe to be considered failed after having succeeded.
- Defaults to 3. Minimum value is 1.
- format: int32
- type: integer
- grpc:
- description: GRPC specifies an action involving
- a GRPC port.
- properties:
- port:
- description: Port number of the gRPC service.
- Number must be in the range 1 to 65535.
- format: int32
- type: integer
- service:
- description: |-
- Service is the name of the service to place in the gRPC HealthCheckRequest
- (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
-
-
- If this is not specified, the default behavior is defined by gRPC.
- type: string
- required:
- - port
- type: object
- httpGet:
- description: HTTPGet specifies the http request
- to perform.
- properties:
- host:
- description: |-
- Host name to connect to, defaults to the pod IP. You probably want to set
- "Host" in httpHeaders instead.
- type: string
- httpHeaders:
- description: Custom headers to set in the
- request. HTTP allows repeated headers.
- items:
- description: HTTPHeader describes a custom
- header to be used in HTTP probes
- properties:
- name:
- description: |-
- The header field name.
- This will be canonicalized upon output, so case-variant names will be understood as the same header.
- type: string
- value:
- description: The header field value
- type: string
- required:
- - name
- - value
- type: object
- type: array
- path:
- description: Path to access on the HTTP
- server.
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: |-
- Name or number of the port to access on the container.
- Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- scheme:
- description: |-
- Scheme to use for connecting to the host.
- Defaults to HTTP.
- type: string
- required:
- - port
- type: object
- initialDelaySeconds:
- description: |-
- Number of seconds after the container has started before liveness probes are initiated.
- More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
- format: int32
- type: integer
- periodSeconds:
- description: |-
- How often (in seconds) to perform the probe.
- Default to 10 seconds. Minimum value is 1.
- format: int32
- type: integer
- successThreshold:
- description: |-
- Minimum consecutive successes for the probe to be considered successful after having failed.
- Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
- format: int32
- type: integer
- tcpSocket:
- description: TCPSocket specifies an action involving
- a TCP port.
- properties:
- host:
- description: 'Optional: Host name to connect
- to, defaults to the pod IP.'
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: |-
- Number or name of the port to access on the container.
- Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- required:
- - port
- type: object
- terminationGracePeriodSeconds:
- description: |-
- Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
- The grace period is the duration in seconds after the processes running in the pod are sent
- a termination signal and the time when the processes are forcibly halted with a kill signal.
- Set this value longer than the expected cleanup time for your process.
- If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
- value overrides the value provided by the pod spec.
- Value must be non-negative integer. The value zero indicates stop immediately via
- the kill signal (no opportunity to shut down).
- This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
- Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
- format: int64
- type: integer
- timeoutSeconds:
- description: |-
- Number of seconds after which the probe times out.
- Defaults to 1 second. Minimum value is 1.
- More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
- format: int32
- type: integer
- type: object
- name:
- description: |-
- Name of the ephemeral container specified as a DNS_LABEL.
- This name must be unique among all containers, init containers and ephemeral containers.
- type: string
- ports:
- description: Ports are not allowed for ephemeral
- containers.
- items:
- description: ContainerPort represents a network
- port in a single container.
- properties:
- containerPort:
- description: |-
- Number of port to expose on the pod's IP address.
- This must be a valid port number, 0 < x < 65536.
- format: int32
- type: integer
- hostIP:
- description: What host IP to bind the external
- port to.
- type: string
- hostPort:
- description: |-
- Number of port to expose on the host.
- If specified, this must be a valid port number, 0 < x < 65536.
- If HostNetwork is specified, this must match ContainerPort.
- Most containers do not need this.
- format: int32
- type: integer
- name:
- description: |-
- If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
- named port in a pod must have a unique name. Name for the port that can be
- referred to by services.
- type: string
- protocol:
- default: TCP
- description: |-
- Protocol for port. Must be UDP, TCP, or SCTP.
- Defaults to "TCP".
- type: string
- required:
- - containerPort
- type: object
- type: array
- x-kubernetes-list-map-keys:
- - containerPort
- - protocol
- x-kubernetes-list-type: map
- readinessProbe:
- description: Probes are not allowed for ephemeral
- containers.
- properties:
- exec:
- description: Exec specifies the action to take.
- properties:
- command:
- description: |-
- Command is the command line to execute inside the container, the working directory for the
- command is root ('/') in the container's filesystem. The command is simply exec'd, it is
- not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
- a shell, you need to explicitly call out to that shell.
- Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
- items:
- type: string
- type: array
- type: object
- failureThreshold:
- description: |-
- Minimum consecutive failures for the probe to be considered failed after having succeeded.
- Defaults to 3. Minimum value is 1.
- format: int32
- type: integer
- grpc:
- description: GRPC specifies an action involving
- a GRPC port.
- properties:
- port:
- description: Port number of the gRPC service.
- Number must be in the range 1 to 65535.
- format: int32
- type: integer
- service:
- description: |-
- Service is the name of the service to place in the gRPC HealthCheckRequest
- (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
-
-
- If this is not specified, the default behavior is defined by gRPC.
- type: string
- required:
- - port
- type: object
- httpGet:
- description: HTTPGet specifies the http request
- to perform.
- properties:
- host:
- description: |-
- Host name to connect to, defaults to the pod IP. You probably want to set
- "Host" in httpHeaders instead.
- type: string
- httpHeaders:
- description: Custom headers to set in the
- request. HTTP allows repeated headers.
- items:
- description: HTTPHeader describes a custom
- header to be used in HTTP probes
- properties:
- name:
- description: |-
- The header field name.
- This will be canonicalized upon output, so case-variant names will be understood as the same header.
- type: string
- value:
- description: The header field value
- type: string
- required:
- - name
- - value
- type: object
- type: array
- path:
- description: Path to access on the HTTP
- server.
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: |-
- Name or number of the port to access on the container.
- Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- scheme:
- description: |-
- Scheme to use for connecting to the host.
- Defaults to HTTP.
- type: string
- required:
- - port
- type: object
- initialDelaySeconds:
- description: |-
- Number of seconds after the container has started before liveness probes are initiated.
- More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
- format: int32
- type: integer
- periodSeconds:
- description: |-
- How often (in seconds) to perform the probe.
- Default to 10 seconds. Minimum value is 1.
- format: int32
- type: integer
- successThreshold:
- description: |-
- Minimum consecutive successes for the probe to be considered successful after having failed.
- Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
- format: int32
- type: integer
- tcpSocket:
- description: TCPSocket specifies an action involving
- a TCP port.
- properties:
- host:
- description: 'Optional: Host name to connect
- to, defaults to the pod IP.'
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: |-
- Number or name of the port to access on the container.
- Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- required:
- - port
- type: object
- terminationGracePeriodSeconds:
- description: |-
- Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
- The grace period is the duration in seconds after the processes running in the pod are sent
- a termination signal and the time when the processes are forcibly halted with a kill signal.
- Set this value longer than the expected cleanup time for your process.
- If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
- value overrides the value provided by the pod spec.
- Value must be non-negative integer. The value zero indicates stop immediately via
- the kill signal (no opportunity to shut down).
- This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
- Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
- format: int64
- type: integer
- timeoutSeconds:
- description: |-
- Number of seconds after which the probe times out.
- Defaults to 1 second. Minimum value is 1.
- More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
- format: int32
- type: integer
- type: object
- resizePolicy:
- description: Resources resize policy for the container.
- items:
- description: ContainerResizePolicy represents
- resource resize policy for the container.
- properties:
- resourceName:
- description: |-
- Name of the resource to which this resource resize policy applies.
- Supported values: cpu, memory.
- type: string
- restartPolicy:
- description: |-
- Restart policy to apply when specified resource is resized.
- If not specified, it defaults to NotRequired.
- type: string
- required:
- - resourceName
- - restartPolicy
- type: object
- type: array
- x-kubernetes-list-type: atomic
- resources:
- description: |-
- Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources
- already allocated to the pod.
- properties:
- claims:
- description: |-
- Claims lists the names of resources, defined in spec.resourceClaims,
- that are used by this container.
-
-
- This is an alpha field and requires enabling the
- DynamicResourceAllocation feature gate.
-
-
- This field is immutable. It can only be set for containers.
- items:
- description: ResourceClaim references one
- entry in PodSpec.ResourceClaims.
- properties:
- name:
- description: |-
- Name must match the name of one entry in pod.spec.resourceClaims of
- the Pod where this field is used. It makes that resource available
- inside a container.
- type: string
- required:
- - name
- type: object
- type: array
- x-kubernetes-list-map-keys:
- - name
- x-kubernetes-list-type: map
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: |-
- Limits describes the maximum amount of compute resources allowed.
- More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: |-
- Requests describes the minimum amount of compute resources required.
- If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
- otherwise to an implementation-defined value. Requests cannot exceed Limits.
- More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
- type: object
- type: object
- restartPolicy:
- description: |-
- Restart policy for the container to manage the restart behavior of each
- container within a pod.
- This may only be set for init containers. You cannot set this field on
- ephemeral containers.
- type: string
- securityContext:
- description: |-
- Optional: SecurityContext defines the security options the ephemeral container should be run with.
- If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.
- properties:
- allowPrivilegeEscalation:
- description: |-
- AllowPrivilegeEscalation controls whether a process can gain more
- privileges than its parent process. This bool directly controls if
- the no_new_privs flag will be set on the container process.
- AllowPrivilegeEscalation is true always when the container is:
- 1) run as Privileged
- 2) has CAP_SYS_ADMIN
- Note that this field cannot be set when spec.os.name is windows.
- type: boolean
- capabilities:
- description: |-
- The capabilities to add/drop when running containers.
- Defaults to the default set of capabilities granted by the container runtime.
- Note that this field cannot be set when spec.os.name is windows.
- properties:
- add:
- description: Added capabilities
- items:
- description: Capability represent POSIX
- capabilities type
- type: string
- type: array
- drop:
- description: Removed capabilities
- items:
- description: Capability represent POSIX
- capabilities type
- type: string
- type: array
- type: object
- privileged:
- description: |-
- Run container in privileged mode.
- Processes in privileged containers are essentially equivalent to root on the host.
- Defaults to false.
- Note that this field cannot be set when spec.os.name is windows.
- type: boolean
- procMount:
- description: |-
- procMount denotes the type of proc mount to use for the containers.
- The default is DefaultProcMount which uses the container runtime defaults for
- readonly paths and masked paths.
- This requires the ProcMountType feature flag to be enabled.
- Note that this field cannot be set when spec.os.name is windows.
- type: string
- readOnlyRootFilesystem:
- description: |-
- Whether this container has a read-only root filesystem.
- Default is false.
- Note that this field cannot be set when spec.os.name is windows.
- type: boolean
- runAsGroup:
- description: |-
- The GID to run the entrypoint of the container process.
- Uses runtime default if unset.
- May also be set in PodSecurityContext. If set in both SecurityContext and
- PodSecurityContext, the value specified in SecurityContext takes precedence.
- Note that this field cannot be set when spec.os.name is windows.
- format: int64
- type: integer
- runAsNonRoot:
- description: |-
- Indicates that the container must run as a non-root user.
- If true, the Kubelet will validate the image at runtime to ensure that it
- does not run as UID 0 (root) and fail to start the container if it does.
- If unset or false, no such validation will be performed.
- May also be set in PodSecurityContext. If set in both SecurityContext and
- PodSecurityContext, the value specified in SecurityContext takes precedence.
- type: boolean
- runAsUser:
- description: |-
- The UID to run the entrypoint of the container process.
- Defaults to user specified in image metadata if unspecified.
- May also be set in PodSecurityContext. If set in both SecurityContext and
- PodSecurityContext, the value specified in SecurityContext takes precedence.
- Note that this field cannot be set when spec.os.name is windows.
- format: int64
- type: integer
- seLinuxOptions:
- description: |-
- The SELinux context to be applied to the container.
- If unspecified, the container runtime will allocate a random SELinux context for each
- container. May also be set in PodSecurityContext. If set in both SecurityContext and
- PodSecurityContext, the value specified in SecurityContext takes precedence.
- Note that this field cannot be set when spec.os.name is windows.
- properties:
- level:
- description: Level is SELinux level label
- that applies to the container.
- type: string
- role:
- description: Role is a SELinux role label
- that applies to the container.
- type: string
- type:
- description: Type is a SELinux type label
- that applies to the container.
- type: string
- user:
- description: User is a SELinux user label
- that applies to the container.
- type: string
- type: object
- seccompProfile:
- description: |-
- The seccomp options to use by this container. If seccomp options are
- provided at both the pod & container level, the container options
- override the pod options.
- Note that this field cannot be set when spec.os.name is windows.
- properties:
- localhostProfile:
- description: |-
- localhostProfile indicates a profile defined in a file on the node should be used.
- The profile must be preconfigured on the node to work.
- Must be a descending path, relative to the kubelet's configured seccomp profile location.
- Must be set if type is "Localhost". Must NOT be set for any other type.
- type: string
- type:
- description: |-
- type indicates which kind of seccomp profile will be applied.
- Valid options are:
-
-
- Localhost - a profile defined in a file on the node should be used.
- RuntimeDefault - the container runtime default profile should be used.
- Unconfined - no profile should be applied.
- type: string
- required:
- - type
- type: object
- windowsOptions:
- description: |-
- The Windows specific settings applied to all containers.
- If unspecified, the options from the PodSecurityContext will be used.
- If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
- Note that this field cannot be set when spec.os.name is linux.
- properties:
- gmsaCredentialSpec:
- description: |-
- GMSACredentialSpec is where the GMSA admission webhook
- (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the
- GMSA credential spec named by the GMSACredentialSpecName field.
- type: string
- gmsaCredentialSpecName:
- description: GMSACredentialSpecName is the
- name of the GMSA credential spec to use.
- type: string
- hostProcess:
- description: |-
- HostProcess determines if a container should be run as a 'Host Process' container.
- All of a Pod's containers must have the same effective HostProcess value
- (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).
- In addition, if HostProcess is true then HostNetwork must also be set to true.
- type: boolean
- runAsUserName:
- description: |-
- The UserName in Windows to run the entrypoint of the container process.
- Defaults to the user specified in image metadata if unspecified.
- May also be set in PodSecurityContext. If set in both SecurityContext and
- PodSecurityContext, the value specified in SecurityContext takes precedence.
- type: string
- type: object
- type: object
- startupProbe:
- description: Probes are not allowed for ephemeral
- containers.
- properties:
- exec:
- description: Exec specifies the action to take.
- properties:
- command:
- description: |-
- Command is the command line to execute inside the container, the working directory for the
- command is root ('/') in the container's filesystem. The command is simply exec'd, it is
- not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
- a shell, you need to explicitly call out to that shell.
- Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
- items:
- type: string
- type: array
- type: object
- failureThreshold:
- description: |-
- Minimum consecutive failures for the probe to be considered failed after having succeeded.
- Defaults to 3. Minimum value is 1.
- format: int32
- type: integer
- grpc:
- description: GRPC specifies an action involving
- a GRPC port.
- properties:
- port:
- description: Port number of the gRPC service.
- Number must be in the range 1 to 65535.
- format: int32
- type: integer
- service:
- description: |-
- Service is the name of the service to place in the gRPC HealthCheckRequest
- (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
-
-
- If this is not specified, the default behavior is defined by gRPC.
- type: string
- required:
- - port
- type: object
- httpGet:
- description: HTTPGet specifies the http request
- to perform.
- properties:
- host:
- description: |-
- Host name to connect to, defaults to the pod IP. You probably want to set
- "Host" in httpHeaders instead.
- type: string
- httpHeaders:
- description: Custom headers to set in the
- request. HTTP allows repeated headers.
- items:
- description: HTTPHeader describes a custom
- header to be used in HTTP probes
- properties:
- name:
- description: |-
- The header field name.
- This will be canonicalized upon output, so case-variant names will be understood as the same header.
- type: string
- value:
- description: The header field value
- type: string
- required:
- - name
- - value
- type: object
- type: array
- path:
- description: Path to access on the HTTP
- server.
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: |-
- Name or number of the port to access on the container.
- Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- scheme:
- description: |-
- Scheme to use for connecting to the host.
- Defaults to HTTP.
- type: string
- required:
- - port
- type: object
- initialDelaySeconds:
- description: |-
- Number of seconds after the container has started before liveness probes are initiated.
- More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
- format: int32
- type: integer
- periodSeconds:
- description: |-
- How often (in seconds) to perform the probe.
- Default to 10 seconds. Minimum value is 1.
- format: int32
- type: integer
- successThreshold:
- description: |-
- Minimum consecutive successes for the probe to be considered successful after having failed.
- Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
- format: int32
- type: integer
- tcpSocket:
- description: TCPSocket specifies an action involving
- a TCP port.
- properties:
- host:
- description: 'Optional: Host name to connect
- to, defaults to the pod IP.'
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: |-
- Number or name of the port to access on the container.
- Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- required:
- - port
- type: object
- terminationGracePeriodSeconds:
- description: |-
- Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
- The grace period is the duration in seconds after the processes running in the pod are sent
- a termination signal and the time when the processes are forcibly halted with a kill signal.
- Set this value longer than the expected cleanup time for your process.
- If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
- value overrides the value provided by the pod spec.
- Value must be non-negative integer. The value zero indicates stop immediately via
- the kill signal (no opportunity to shut down).
- This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
- Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
- format: int64
- type: integer
- timeoutSeconds:
- description: |-
- Number of seconds after which the probe times out.
- Defaults to 1 second. Minimum value is 1.
- More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
- format: int32
- type: integer
- type: object
- stdin:
- description: |-
- Whether this container should allocate a buffer for stdin in the container runtime. If this
- is not set, reads from stdin in the container will always result in EOF.
- Default is false.
- type: boolean
- stdinOnce:
- description: |-
- Whether the container runtime should close the stdin channel after it has been opened by
- a single attach. When stdin is true the stdin stream will remain open across multiple attach
- sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the
- first client attaches to stdin, and then remains open and accepts data until the client disconnects,
- at which time stdin is closed and remains closed until the container is restarted. If this
- flag is false, a container processes that reads from stdin will never receive an EOF.
- Default is false
- type: boolean
- targetContainerName:
- description: |-
- If set, the name of the container from PodSpec that this ephemeral container targets.
- The ephemeral container will be run in the namespaces (IPC, PID, etc) of this container.
- If not set then the ephemeral container uses the namespaces configured in the Pod spec.
-
-
- The container runtime must implement support for this feature. If the runtime does not
- support namespace targeting then the result of setting this field is undefined.
- type: string
- terminationMessagePath:
- description: |-
- Optional: Path at which the file to which the container's termination message
- will be written is mounted into the container's filesystem.
- Message written is intended to be brief final status, such as an assertion failure message.
- Will be truncated by the node if greater than 4096 bytes. The total message length across
- all containers will be limited to 12kb.
- Defaults to /dev/termination-log.
- Cannot be updated.
- type: string
- terminationMessagePolicy:
- description: |-
- Indicate how the termination message should be populated. File will use the contents of
- terminationMessagePath to populate the container status message on both success and failure.
- FallbackToLogsOnError will use the last chunk of container log output if the termination
- message file is empty and the container exited with an error.
- The log output is limited to 2048 bytes or 80 lines, whichever is smaller.
- Defaults to File.
- Cannot be updated.
- type: string
- tty:
- description: |-
- Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.
- Default is false.
- type: boolean
- volumeDevices:
- description: volumeDevices is the list of block
- devices to be used by the container.
- items:
- description: volumeDevice describes a mapping
- of a raw block device within a container.
- properties:
- devicePath:
- description: devicePath is the path inside
- of the container that the device will be
- mapped to.
- type: string
- name:
- description: name must match the name of a
- persistentVolumeClaim in the pod
- type: string
- required:
- - devicePath
- - name
- type: object
- type: array
- volumeMounts:
- description: |-
- Pod volumes to mount into the container's filesystem. Subpath mounts are not allowed for ephemeral containers.
- Cannot be updated.
- items:
- description: VolumeMount describes a mounting
- of a Volume within a container.
- properties:
- mountPath:
- description: |-
- Path within the container at which the volume should be mounted. Must
- not contain ':'.
- type: string
- mountPropagation:
- description: |-
- mountPropagation determines how mounts are propagated from the host
- to container and the other way around.
- When not set, MountPropagationNone is used.
- This field is beta in 1.10.
- type: string
- name:
- description: This must match the Name of a
- Volume.
- type: string
- readOnly:
- description: |-
- Mounted read-only if true, read-write otherwise (false or unspecified).
- Defaults to false.
- type: boolean
- subPath:
- description: |-
- Path within the volume from which the container's volume should be mounted.
- Defaults to "" (volume's root).
- type: string
- subPathExpr:
- description: |-
- Expanded path within the volume from which the container's volume should be mounted.
- Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.
- Defaults to "" (volume's root).
- SubPathExpr and SubPath are mutually exclusive.
- type: string
- required:
- - mountPath
- - name
- type: object
- type: array
- workingDir:
- description: |-
- Container's working directory.
- If not specified, the container runtime's default will be used, which
- might be configured in the container image.
- Cannot be updated.
- type: string
- required:
- - name
- type: object
- type: array
- initContainers:
- description: InitContainers
- items:
- description: A single application container that you
- want to run within a pod.
- properties:
- args:
- description: |-
- Arguments to the entrypoint.
- The container image's CMD is used if this is not provided.
- Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
- cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced
- to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
- produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless
- of whether the variable exists or not. Cannot be updated.
- More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
- items:
- type: string
- type: array
- command:
- description: |-
- Entrypoint array. Not executed within a shell.
- The container image's ENTRYPOINT is used if this is not provided.
- Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
- cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced
- to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
- produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless
- of whether the variable exists or not. Cannot be updated.
- More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
- items:
- type: string
- type: array
- env:
- description: |-
- List of environment variables to set in the container.
- Cannot be updated.
- items:
- description: EnvVar represents an environment
- variable present in a Container.
- properties:
- name:
- description: Name of the environment variable.
- Must be a C_IDENTIFIER.
- type: string
- value:
- description: |-
- Variable references $(VAR_NAME) are expanded
- using the previously defined environment variables in the container and
- any service environment variables. If a variable cannot be resolved,
- the reference in the input string will be unchanged. Double $$ are reduced
- to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.
- "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)".
- Escaped references will never be expanded, regardless of whether the variable
- exists or not.
- Defaults to "".
- type: string
- valueFrom:
- description: Source for the environment variable's
- value. Cannot be used if value is not empty.
- properties:
- configMapKeyRef:
- description: Selects a key of a ConfigMap.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the ConfigMap
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- fieldRef:
- description: |-
- Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,
- spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.
- properties:
- apiVersion:
- description: Version of the schema
- the FieldPath is written in terms
- of, defaults to "v1".
- type: string
- fieldPath:
- description: Path of the field to
- select in the specified API version.
- type: string
- required:
- - fieldPath
- type: object
- x-kubernetes-map-type: atomic
- resourceFieldRef:
- description: |-
- Selects a resource of the container: only resources limits and requests
- (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.
- properties:
- containerName:
- description: 'Container name: required
- for volumes, optional for env vars'
- type: string
- divisor:
- anyOf:
- - type: integer
- - type: string
- description: Specifies the output
- format of the exposed resources,
- defaults to "1"
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- resource:
- description: 'Required: resource to
- select'
- type: string
- required:
- - resource
- type: object
- x-kubernetes-map-type: atomic
- secretKeyRef:
- description: Selects a key of a secret
- in the pod's namespace
- properties:
- key:
- description: The key of the secret
- to select from. Must be a valid
- secret key.
- type: string
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the Secret
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- required:
- - name
- type: object
- type: array
- envFrom:
- description: |-
- List of sources to populate environment variables in the container.
- The keys defined within a source must be a C_IDENTIFIER. All invalid keys
- will be reported as an event when the container is starting. When a key exists in multiple
- sources, the value associated with the last source will take precedence.
- Values defined by an Env with a duplicate key will take precedence.
- Cannot be updated.
- items:
- description: EnvFromSource represents the source
- of a set of ConfigMaps
- properties:
- configMapRef:
- description: The ConfigMap to select from
- properties:
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the ConfigMap
- must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- prefix:
- description: An optional identifier to prepend
- to each key in the ConfigMap. Must be a
- C_IDENTIFIER.
- type: string
- secretRef:
- description: The Secret to select from
- properties:
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: Specify whether the Secret
- must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- type: object
- type: array
- image:
- description: |-
- Container image name.
- More info: https://kubernetes.io/docs/concepts/containers/images
- This field is optional to allow higher level config management to default or override
- container images in workload controllers like Deployments and StatefulSets.
- type: string
- imagePullPolicy:
- description: |-
- Image pull policy.
- One of Always, Never, IfNotPresent.
- Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
- Cannot be updated.
- More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
- type: string
- lifecycle:
- description: |-
- Actions that the management system should take in response to container lifecycle events.
- Cannot be updated.
- properties:
- postStart:
- description: |-
- PostStart is called immediately after a container is created. If the handler fails,
- the container is terminated and restarted according to its restart policy.
- Other management of the container blocks until the hook completes.
- More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
- properties:
- exec:
- description: Exec specifies the action to
- take.
- properties:
- command:
- description: |-
- Command is the command line to execute inside the container, the working directory for the
- command is root ('/') in the container's filesystem. The command is simply exec'd, it is
- not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
- a shell, you need to explicitly call out to that shell.
- Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
- items:
- type: string
- type: array
- type: object
- httpGet:
- description: HTTPGet specifies the http
- request to perform.
- properties:
- host:
- description: |-
- Host name to connect to, defaults to the pod IP. You probably want to set
- "Host" in httpHeaders instead.
- type: string
- httpHeaders:
- description: Custom headers to set in
- the request. HTTP allows repeated
- headers.
- items:
- description: HTTPHeader describes
- a custom header to be used in HTTP
- probes
- properties:
- name:
- description: |-
- The header field name.
- This will be canonicalized upon output, so case-variant names will be understood as the same header.
- type: string
- value:
- description: The header field
- value
- type: string
- required:
- - name
- - value
- type: object
- type: array
- path:
- description: Path to access on the HTTP
- server.
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: |-
- Name or number of the port to access on the container.
- Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- scheme:
- description: |-
- Scheme to use for connecting to the host.
- Defaults to HTTP.
- type: string
- required:
- - port
- type: object
- sleep:
- description: Sleep represents the duration
- that the container should sleep before
- being terminated.
- properties:
- seconds:
- description: Seconds is the number of
- seconds to sleep.
- format: int64
- type: integer
- required:
- - seconds
- type: object
- tcpSocket:
- description: |-
- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept
- for the backward compatibility. There are no validation of this field and
- lifecycle hooks will fail in runtime when tcp handler is specified.
- properties:
- host:
- description: 'Optional: Host name to
- connect to, defaults to the pod IP.'
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: |-
- Number or name of the port to access on the container.
- Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- required:
- - port
- type: object
- type: object
- preStop:
- description: |-
- PreStop is called immediately before a container is terminated due to an
- API request or management event such as liveness/startup probe failure,
- preemption, resource contention, etc. The handler is not called if the
- container crashes or exits. The Pod's termination grace period countdown begins before the
- PreStop hook is executed. Regardless of the outcome of the handler, the
- container will eventually terminate within the Pod's termination grace
- period (unless delayed by finalizers). Other management of the container blocks until the hook completes
- or until the termination grace period is reached.
- More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
- properties:
- exec:
- description: Exec specifies the action to
- take.
- properties:
- command:
- description: |-
- Command is the command line to execute inside the container, the working directory for the
- command is root ('/') in the container's filesystem. The command is simply exec'd, it is
- not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
- a shell, you need to explicitly call out to that shell.
- Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
- items:
- type: string
- type: array
- type: object
- httpGet:
- description: HTTPGet specifies the http
- request to perform.
- properties:
- host:
- description: |-
- Host name to connect to, defaults to the pod IP. You probably want to set
- "Host" in httpHeaders instead.
- type: string
- httpHeaders:
- description: Custom headers to set in
- the request. HTTP allows repeated
- headers.
- items:
- description: HTTPHeader describes
- a custom header to be used in HTTP
- probes
- properties:
- name:
- description: |-
- The header field name.
- This will be canonicalized upon output, so case-variant names will be understood as the same header.
- type: string
- value:
- description: The header field
- value
- type: string
- required:
- - name
- - value
- type: object
- type: array
- path:
- description: Path to access on the HTTP
- server.
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: |-
- Name or number of the port to access on the container.
- Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- scheme:
- description: |-
- Scheme to use for connecting to the host.
- Defaults to HTTP.
- type: string
- required:
- - port
- type: object
- sleep:
- description: Sleep represents the duration
- that the container should sleep before
- being terminated.
- properties:
- seconds:
- description: Seconds is the number of
- seconds to sleep.
- format: int64
- type: integer
- required:
- - seconds
- type: object
- tcpSocket:
- description: |-
- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept
- for the backward compatibility. There are no validation of this field and
- lifecycle hooks will fail in runtime when tcp handler is specified.
- properties:
- host:
- description: 'Optional: Host name to
- connect to, defaults to the pod IP.'
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: |-
- Number or name of the port to access on the container.
- Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- required:
- - port
- type: object
- type: object
- type: object
- livenessProbe:
- description: |-
- Periodic probe of container liveness.
- Container will be restarted if the probe fails.
- Cannot be updated.
- More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
- properties:
- exec:
- description: Exec specifies the action to take.
- properties:
- command:
- description: |-
- Command is the command line to execute inside the container, the working directory for the
- command is root ('/') in the container's filesystem. The command is simply exec'd, it is
- not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
- a shell, you need to explicitly call out to that shell.
- Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
- items:
- type: string
- type: array
- type: object
- failureThreshold:
- description: |-
- Minimum consecutive failures for the probe to be considered failed after having succeeded.
- Defaults to 3. Minimum value is 1.
- format: int32
- type: integer
- grpc:
- description: GRPC specifies an action involving
- a GRPC port.
- properties:
- port:
- description: Port number of the gRPC service.
- Number must be in the range 1 to 65535.
- format: int32
- type: integer
- service:
- description: |-
- Service is the name of the service to place in the gRPC HealthCheckRequest
- (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
-
-
- If this is not specified, the default behavior is defined by gRPC.
- type: string
- required:
- - port
- type: object
- httpGet:
- description: HTTPGet specifies the http request
- to perform.
- properties:
- host:
- description: |-
- Host name to connect to, defaults to the pod IP. You probably want to set
- "Host" in httpHeaders instead.
- type: string
- httpHeaders:
- description: Custom headers to set in the
- request. HTTP allows repeated headers.
- items:
- description: HTTPHeader describes a custom
- header to be used in HTTP probes
- properties:
- name:
- description: |-
- The header field name.
- This will be canonicalized upon output, so case-variant names will be understood as the same header.
- type: string
- value:
- description: The header field value
- type: string
- required:
- - name
- - value
- type: object
- type: array
- path:
- description: Path to access on the HTTP
- server.
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: |-
- Name or number of the port to access on the container.
- Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- scheme:
- description: |-
- Scheme to use for connecting to the host.
- Defaults to HTTP.
- type: string
- required:
- - port
- type: object
- initialDelaySeconds:
- description: |-
- Number of seconds after the container has started before liveness probes are initiated.
- More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
- format: int32
- type: integer
- periodSeconds:
- description: |-
- How often (in seconds) to perform the probe.
- Default to 10 seconds. Minimum value is 1.
- format: int32
- type: integer
- successThreshold:
- description: |-
- Minimum consecutive successes for the probe to be considered successful after having failed.
- Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
- format: int32
- type: integer
- tcpSocket:
- description: TCPSocket specifies an action involving
- a TCP port.
- properties:
- host:
- description: 'Optional: Host name to connect
- to, defaults to the pod IP.'
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: |-
- Number or name of the port to access on the container.
- Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- required:
- - port
- type: object
- terminationGracePeriodSeconds:
- description: |-
- Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
- The grace period is the duration in seconds after the processes running in the pod are sent
- a termination signal and the time when the processes are forcibly halted with a kill signal.
- Set this value longer than the expected cleanup time for your process.
- If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
- value overrides the value provided by the pod spec.
- Value must be non-negative integer. The value zero indicates stop immediately via
- the kill signal (no opportunity to shut down).
- This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
- Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
- format: int64
- type: integer
- timeoutSeconds:
- description: |-
- Number of seconds after which the probe times out.
- Defaults to 1 second. Minimum value is 1.
- More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
- format: int32
- type: integer
- type: object
- name:
- description: |-
- Name of the container specified as a DNS_LABEL.
- Each container in a pod must have a unique name (DNS_LABEL).
- Cannot be updated.
- type: string
- ports:
- description: |-
- List of ports to expose from the container. Not specifying a port here
- DOES NOT prevent that port from being exposed. Any port which is
- listening on the default "0.0.0.0" address inside a container will be
- accessible from the network.
- Modifying this array with strategic merge patch may corrupt the data.
- For more information See https://github.com/kubernetes/kubernetes/issues/108255.
- Cannot be updated.
- items:
- description: ContainerPort represents a network
- port in a single container.
- properties:
- containerPort:
- description: |-
- Number of port to expose on the pod's IP address.
- This must be a valid port number, 0 < x < 65536.
- format: int32
- type: integer
- hostIP:
- description: What host IP to bind the external
- port to.
- type: string
- hostPort:
- description: |-
- Number of port to expose on the host.
- If specified, this must be a valid port number, 0 < x < 65536.
- If HostNetwork is specified, this must match ContainerPort.
- Most containers do not need this.
- format: int32
- type: integer
- name:
- description: |-
- If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
- named port in a pod must have a unique name. Name for the port that can be
- referred to by services.
- type: string
- protocol:
- default: TCP
- description: |-
- Protocol for port. Must be UDP, TCP, or SCTP.
- Defaults to "TCP".
- type: string
- required:
- - containerPort
- type: object
- type: array
- x-kubernetes-list-map-keys:
- - containerPort
- - protocol
- x-kubernetes-list-type: map
- readinessProbe:
- description: |-
- Periodic probe of container service readiness.
- Container will be removed from service endpoints if the probe fails.
- Cannot be updated.
- More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
- properties:
- exec:
- description: Exec specifies the action to take.
- properties:
- command:
- description: |-
- Command is the command line to execute inside the container, the working directory for the
- command is root ('/') in the container's filesystem. The command is simply exec'd, it is
- not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
- a shell, you need to explicitly call out to that shell.
- Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
- items:
- type: string
- type: array
- type: object
- failureThreshold:
- description: |-
- Minimum consecutive failures for the probe to be considered failed after having succeeded.
- Defaults to 3. Minimum value is 1.
- format: int32
- type: integer
- grpc:
- description: GRPC specifies an action involving
- a GRPC port.
- properties:
- port:
- description: Port number of the gRPC service.
- Number must be in the range 1 to 65535.
- format: int32
- type: integer
- service:
- description: |-
- Service is the name of the service to place in the gRPC HealthCheckRequest
- (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
-
-
- If this is not specified, the default behavior is defined by gRPC.
- type: string
- required:
- - port
- type: object
- httpGet:
- description: HTTPGet specifies the http request
- to perform.
- properties:
- host:
- description: |-
- Host name to connect to, defaults to the pod IP. You probably want to set
- "Host" in httpHeaders instead.
- type: string
- httpHeaders:
- description: Custom headers to set in the
- request. HTTP allows repeated headers.
- items:
- description: HTTPHeader describes a custom
- header to be used in HTTP probes
- properties:
- name:
- description: |-
- The header field name.
- This will be canonicalized upon output, so case-variant names will be understood as the same header.
- type: string
- value:
- description: The header field value
- type: string
- required:
- - name
- - value
- type: object
- type: array
- path:
- description: Path to access on the HTTP
- server.
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: |-
- Name or number of the port to access on the container.
- Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- scheme:
- description: |-
- Scheme to use for connecting to the host.
- Defaults to HTTP.
- type: string
- required:
- - port
- type: object
- initialDelaySeconds:
- description: |-
- Number of seconds after the container has started before liveness probes are initiated.
- More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
- format: int32
- type: integer
- periodSeconds:
- description: |-
- How often (in seconds) to perform the probe.
- Default to 10 seconds. Minimum value is 1.
- format: int32
- type: integer
- successThreshold:
- description: |-
- Minimum consecutive successes for the probe to be considered successful after having failed.
- Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
- format: int32
- type: integer
- tcpSocket:
- description: TCPSocket specifies an action involving
- a TCP port.
- properties:
- host:
- description: 'Optional: Host name to connect
- to, defaults to the pod IP.'
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: |-
- Number or name of the port to access on the container.
- Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- required:
- - port
- type: object
- terminationGracePeriodSeconds:
- description: |-
- Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
- The grace period is the duration in seconds after the processes running in the pod are sent
- a termination signal and the time when the processes are forcibly halted with a kill signal.
- Set this value longer than the expected cleanup time for your process.
- If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
- value overrides the value provided by the pod spec.
- Value must be non-negative integer. The value zero indicates stop immediately via
- the kill signal (no opportunity to shut down).
- This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
- Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
- format: int64
- type: integer
- timeoutSeconds:
- description: |-
- Number of seconds after which the probe times out.
- Defaults to 1 second. Minimum value is 1.
- More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
- format: int32
- type: integer
- type: object
- resizePolicy:
- description: Resources resize policy for the container.
- items:
- description: ContainerResizePolicy represents
- resource resize policy for the container.
- properties:
- resourceName:
- description: |-
- Name of the resource to which this resource resize policy applies.
- Supported values: cpu, memory.
- type: string
- restartPolicy:
- description: |-
- Restart policy to apply when specified resource is resized.
- If not specified, it defaults to NotRequired.
- type: string
- required:
- - resourceName
- - restartPolicy
- type: object
- type: array
- x-kubernetes-list-type: atomic
- resources:
- description: |-
- Compute Resources required by this container.
- Cannot be updated.
- More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
- properties:
- claims:
- description: |-
- Claims lists the names of resources, defined in spec.resourceClaims,
- that are used by this container.
-
-
- This is an alpha field and requires enabling the
- DynamicResourceAllocation feature gate.
-
-
- This field is immutable. It can only be set for containers.
- items:
- description: ResourceClaim references one
- entry in PodSpec.ResourceClaims.
- properties:
- name:
- description: |-
- Name must match the name of one entry in pod.spec.resourceClaims of
- the Pod where this field is used. It makes that resource available
- inside a container.
- type: string
- required:
- - name
- type: object
- type: array
- x-kubernetes-list-map-keys:
- - name
- x-kubernetes-list-type: map
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: |-
- Limits describes the maximum amount of compute resources allowed.
- More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: |-
- Requests describes the minimum amount of compute resources required.
- If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
- otherwise to an implementation-defined value. Requests cannot exceed Limits.
- More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
- type: object
- type: object
- restartPolicy:
- description: |-
- RestartPolicy defines the restart behavior of individual containers in a pod.
- This field may only be set for init containers, and the only allowed value is "Always".
- For non-init containers or when this field is not specified,
- the restart behavior is defined by the Pod's restart policy and the container type.
- Setting the RestartPolicy as "Always" for the init container will have the following effect:
- this init container will be continually restarted on
- exit until all regular containers have terminated. Once all regular
- containers have completed, all init containers with restartPolicy "Always"
- will be shut down. This lifecycle differs from normal init containers and
- is often referred to as a "sidecar" container. Although this init
- container still starts in the init container sequence, it does not wait
- for the container to complete before proceeding to the next init
- container. Instead, the next init container starts immediately after this
- init container is started, or after any startupProbe has successfully
- completed.
- type: string
- securityContext:
- description: |-
- SecurityContext defines the security options the container should be run with.
- If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.
- More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
- properties:
- allowPrivilegeEscalation:
- description: |-
- AllowPrivilegeEscalation controls whether a process can gain more
- privileges than its parent process. This bool directly controls if
- the no_new_privs flag will be set on the container process.
- AllowPrivilegeEscalation is true always when the container is:
- 1) run as Privileged
- 2) has CAP_SYS_ADMIN
- Note that this field cannot be set when spec.os.name is windows.
- type: boolean
- capabilities:
- description: |-
- The capabilities to add/drop when running containers.
- Defaults to the default set of capabilities granted by the container runtime.
- Note that this field cannot be set when spec.os.name is windows.
- properties:
- add:
- description: Added capabilities
- items:
- description: Capability represent POSIX
- capabilities type
- type: string
- type: array
- drop:
- description: Removed capabilities
- items:
- description: Capability represent POSIX
- capabilities type
- type: string
- type: array
- type: object
- privileged:
- description: |-
- Run container in privileged mode.
- Processes in privileged containers are essentially equivalent to root on the host.
- Defaults to false.
- Note that this field cannot be set when spec.os.name is windows.
- type: boolean
- procMount:
- description: |-
- procMount denotes the type of proc mount to use for the containers.
- The default is DefaultProcMount which uses the container runtime defaults for
- readonly paths and masked paths.
- This requires the ProcMountType feature flag to be enabled.
- Note that this field cannot be set when spec.os.name is windows.
- type: string
- readOnlyRootFilesystem:
- description: |-
- Whether this container has a read-only root filesystem.
- Default is false.
- Note that this field cannot be set when spec.os.name is windows.
- type: boolean
- runAsGroup:
- description: |-
- The GID to run the entrypoint of the container process.
- Uses runtime default if unset.
- May also be set in PodSecurityContext. If set in both SecurityContext and
- PodSecurityContext, the value specified in SecurityContext takes precedence.
- Note that this field cannot be set when spec.os.name is windows.
- format: int64
- type: integer
- runAsNonRoot:
- description: |-
- Indicates that the container must run as a non-root user.
- If true, the Kubelet will validate the image at runtime to ensure that it
- does not run as UID 0 (root) and fail to start the container if it does.
- If unset or false, no such validation will be performed.
- May also be set in PodSecurityContext. If set in both SecurityContext and
- PodSecurityContext, the value specified in SecurityContext takes precedence.
- type: boolean
- runAsUser:
- description: |-
- The UID to run the entrypoint of the container process.
- Defaults to user specified in image metadata if unspecified.
- May also be set in PodSecurityContext. If set in both SecurityContext and
- PodSecurityContext, the value specified in SecurityContext takes precedence.
- Note that this field cannot be set when spec.os.name is windows.
- format: int64
- type: integer
- seLinuxOptions:
- description: |-
- The SELinux context to be applied to the container.
- If unspecified, the container runtime will allocate a random SELinux context for each
- container. May also be set in PodSecurityContext. If set in both SecurityContext and
- PodSecurityContext, the value specified in SecurityContext takes precedence.
- Note that this field cannot be set when spec.os.name is windows.
- properties:
- level:
- description: Level is SELinux level label
- that applies to the container.
- type: string
- role:
- description: Role is a SELinux role label
- that applies to the container.
- type: string
- type:
- description: Type is a SELinux type label
- that applies to the container.
- type: string
- user:
- description: User is a SELinux user label
- that applies to the container.
- type: string
- type: object
- seccompProfile:
- description: |-
- The seccomp options to use by this container. If seccomp options are
- provided at both the pod & container level, the container options
- override the pod options.
- Note that this field cannot be set when spec.os.name is windows.
- properties:
- localhostProfile:
- description: |-
- localhostProfile indicates a profile defined in a file on the node should be used.
- The profile must be preconfigured on the node to work.
- Must be a descending path, relative to the kubelet's configured seccomp profile location.
- Must be set if type is "Localhost". Must NOT be set for any other type.
- type: string
- type:
- description: |-
- type indicates which kind of seccomp profile will be applied.
- Valid options are:
-
-
- Localhost - a profile defined in a file on the node should be used.
- RuntimeDefault - the container runtime default profile should be used.
- Unconfined - no profile should be applied.
- type: string
- required:
- - type
- type: object
- windowsOptions:
- description: |-
- The Windows specific settings applied to all containers.
- If unspecified, the options from the PodSecurityContext will be used.
- If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
- Note that this field cannot be set when spec.os.name is linux.
- properties:
- gmsaCredentialSpec:
- description: |-
- GMSACredentialSpec is where the GMSA admission webhook
- (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the
- GMSA credential spec named by the GMSACredentialSpecName field.
- type: string
- gmsaCredentialSpecName:
- description: GMSACredentialSpecName is the
- name of the GMSA credential spec to use.
- type: string
- hostProcess:
- description: |-
- HostProcess determines if a container should be run as a 'Host Process' container.
- All of a Pod's containers must have the same effective HostProcess value
- (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).
- In addition, if HostProcess is true then HostNetwork must also be set to true.
- type: boolean
- runAsUserName:
- description: |-
- The UserName in Windows to run the entrypoint of the container process.
- Defaults to the user specified in image metadata if unspecified.
- May also be set in PodSecurityContext. If set in both SecurityContext and
- PodSecurityContext, the value specified in SecurityContext takes precedence.
- type: string
- type: object
- type: object
- startupProbe:
- description: |-
- StartupProbe indicates that the Pod has successfully initialized.
- If specified, no other probes are executed until this completes successfully.
- If this probe fails, the Pod will be restarted, just as if the livenessProbe failed.
- This can be used to provide different probe parameters at the beginning of a Pod's lifecycle,
- when it might take a long time to load data or warm a cache, than during steady-state operation.
- This cannot be updated.
- More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
- properties:
- exec:
- description: Exec specifies the action to take.
- properties:
- command:
- description: |-
- Command is the command line to execute inside the container, the working directory for the
- command is root ('/') in the container's filesystem. The command is simply exec'd, it is
- not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
- a shell, you need to explicitly call out to that shell.
- Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
- items:
- type: string
- type: array
- type: object
- failureThreshold:
- description: |-
- Minimum consecutive failures for the probe to be considered failed after having succeeded.
- Defaults to 3. Minimum value is 1.
- format: int32
- type: integer
- grpc:
- description: GRPC specifies an action involving
- a GRPC port.
- properties:
- port:
- description: Port number of the gRPC service.
- Number must be in the range 1 to 65535.
- format: int32
- type: integer
- service:
- description: |-
- Service is the name of the service to place in the gRPC HealthCheckRequest
- (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
-
-
- If this is not specified, the default behavior is defined by gRPC.
- type: string
- required:
- - port
- type: object
- httpGet:
- description: HTTPGet specifies the http request
- to perform.
- properties:
- host:
- description: |-
- Host name to connect to, defaults to the pod IP. You probably want to set
- "Host" in httpHeaders instead.
- type: string
- httpHeaders:
- description: Custom headers to set in the
- request. HTTP allows repeated headers.
- items:
- description: HTTPHeader describes a custom
- header to be used in HTTP probes
- properties:
- name:
- description: |-
- The header field name.
- This will be canonicalized upon output, so case-variant names will be understood as the same header.
- type: string
- value:
- description: The header field value
- type: string
- required:
- - name
- - value
- type: object
- type: array
- path:
- description: Path to access on the HTTP
- server.
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: |-
- Name or number of the port to access on the container.
- Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- scheme:
- description: |-
- Scheme to use for connecting to the host.
- Defaults to HTTP.
- type: string
- required:
- - port
- type: object
- initialDelaySeconds:
- description: |-
- Number of seconds after the container has started before liveness probes are initiated.
- More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
- format: int32
- type: integer
- periodSeconds:
- description: |-
- How often (in seconds) to perform the probe.
- Default to 10 seconds. Minimum value is 1.
- format: int32
- type: integer
- successThreshold:
- description: |-
- Minimum consecutive successes for the probe to be considered successful after having failed.
- Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
- format: int32
- type: integer
- tcpSocket:
- description: TCPSocket specifies an action involving
- a TCP port.
- properties:
- host:
- description: 'Optional: Host name to connect
- to, defaults to the pod IP.'
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: |-
- Number or name of the port to access on the container.
- Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- required:
- - port
- type: object
- terminationGracePeriodSeconds:
- description: |-
- Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
- The grace period is the duration in seconds after the processes running in the pod are sent
- a termination signal and the time when the processes are forcibly halted with a kill signal.
- Set this value longer than the expected cleanup time for your process.
- If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
- value overrides the value provided by the pod spec.
- Value must be non-negative integer. The value zero indicates stop immediately via
- the kill signal (no opportunity to shut down).
- This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
- Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
- format: int64
- type: integer
- timeoutSeconds:
- description: |-
- Number of seconds after which the probe times out.
- Defaults to 1 second. Minimum value is 1.
- More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
- format: int32
- type: integer
- type: object
- stdin:
- description: |-
- Whether this container should allocate a buffer for stdin in the container runtime. If this
- is not set, reads from stdin in the container will always result in EOF.
- Default is false.
- type: boolean
- stdinOnce:
- description: |-
- Whether the container runtime should close the stdin channel after it has been opened by
- a single attach. When stdin is true the stdin stream will remain open across multiple attach
- sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the
- first client attaches to stdin, and then remains open and accepts data until the client disconnects,
- at which time stdin is closed and remains closed until the container is restarted. If this
- flag is false, a container processes that reads from stdin will never receive an EOF.
- Default is false
- type: boolean
- terminationMessagePath:
- description: |-
- Optional: Path at which the file to which the container's termination message
- will be written is mounted into the container's filesystem.
- Message written is intended to be brief final status, such as an assertion failure message.
- Will be truncated by the node if greater than 4096 bytes. The total message length across
- all containers will be limited to 12kb.
- Defaults to /dev/termination-log.
- Cannot be updated.
- type: string
- terminationMessagePolicy:
- description: |-
- Indicate how the termination message should be populated. File will use the contents of
- terminationMessagePath to populate the container status message on both success and failure.
- FallbackToLogsOnError will use the last chunk of container log output if the termination
- message file is empty and the container exited with an error.
- The log output is limited to 2048 bytes or 80 lines, whichever is smaller.
- Defaults to File.
- Cannot be updated.
- type: string
- tty:
- description: |-
- Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.
- Default is false.
- type: boolean
- volumeDevices:
- description: volumeDevices is the list of block
- devices to be used by the container.
- items:
- description: volumeDevice describes a mapping
- of a raw block device within a container.
- properties:
- devicePath:
- description: devicePath is the path inside
- of the container that the device will be
- mapped to.
- type: string
- name:
- description: name must match the name of a
- persistentVolumeClaim in the pod
- type: string
- required:
- - devicePath
- - name
- type: object
- type: array
- volumeMounts:
- description: |-
- Pod volumes to mount into the container's filesystem.
- Cannot be updated.
- items:
- description: VolumeMount describes a mounting
- of a Volume within a container.
- properties:
- mountPath:
- description: |-
- Path within the container at which the volume should be mounted. Must
- not contain ':'.
- type: string
- mountPropagation:
- description: |-
- mountPropagation determines how mounts are propagated from the host
- to container and the other way around.
- When not set, MountPropagationNone is used.
- This field is beta in 1.10.
- type: string
- name:
- description: This must match the Name of a
- Volume.
- type: string
- readOnly:
- description: |-
- Mounted read-only if true, read-write otherwise (false or unspecified).
- Defaults to false.
- type: boolean
- subPath:
- description: |-
- Path within the volume from which the container's volume should be mounted.
- Defaults to "" (volume's root).
- type: string
- subPathExpr:
- description: |-
- Expanded path within the volume from which the container's volume should be mounted.
- Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.
- Defaults to "" (volume's root).
- SubPathExpr and SubPath are mutually exclusive.
- type: string
- required:
- - mountPath
- - name
- type: object
- type: array
- workingDir:
- description: |-
- Container's working directory.
- If not specified, the container runtime's default will be used, which
- might be configured in the container image.
- Cannot be updated.
- type: string
- required:
- - name
- type: object
- type: array
- nodeSelector:
- additionalProperties:
- type: string
- description: NodeSelector
- type: object
- restartPolicy:
- description: RestartPolicy
- type: string
- securityContext:
- description: PodSecurityContext
- properties:
- fsGroup:
- description: |-
- A special supplemental group that applies to all containers in a pod.
- Some volume types allow the Kubelet to change the ownership of that volume
- to be owned by the pod:
-
-
- 1. The owning GID will be the FSGroup
- 2. The setgid bit is set (new files created in the volume will be owned by FSGroup)
- 3. The permission bits are OR'd with rw-rw----
-
-
- If unset, the Kubelet will not modify the ownership and permissions of any volume.
- Note that this field cannot be set when spec.os.name is windows.
- format: int64
- type: integer
- fsGroupChangePolicy:
- description: |-
- fsGroupChangePolicy defines behavior of changing ownership and permission of the volume
- before being exposed inside Pod. This field will only apply to
- volume types which support fsGroup based ownership(and permissions).
- It will have no effect on ephemeral volume types such as: secret, configmaps
- and emptydir.
- Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used.
- Note that this field cannot be set when spec.os.name is windows.
- type: string
- runAsGroup:
- description: |-
- The GID to run the entrypoint of the container process.
- Uses runtime default if unset.
- May also be set in SecurityContext. If set in both SecurityContext and
- PodSecurityContext, the value specified in SecurityContext takes precedence
- for that container.
- Note that this field cannot be set when spec.os.name is windows.
- format: int64
- type: integer
- runAsNonRoot:
- description: |-
- Indicates that the container must run as a non-root user.
- If true, the Kubelet will validate the image at runtime to ensure that it
- does not run as UID 0 (root) and fail to start the container if it does.
- If unset or false, no such validation will be performed.
- May also be set in SecurityContext. If set in both SecurityContext and
- PodSecurityContext, the value specified in SecurityContext takes precedence.
- type: boolean
- runAsUser:
- description: |-
- The UID to run the entrypoint of the container process.
- Defaults to user specified in image metadata if unspecified.
- May also be set in SecurityContext. If set in both SecurityContext and
- PodSecurityContext, the value specified in SecurityContext takes precedence
- for that container.
- Note that this field cannot be set when spec.os.name is windows.
- format: int64
- type: integer
- seLinuxOptions:
- description: |-
- The SELinux context to be applied to all containers.
- If unspecified, the container runtime will allocate a random SELinux context for each
- container. May also be set in SecurityContext. If set in
- both SecurityContext and PodSecurityContext, the value specified in SecurityContext
- takes precedence for that container.
- Note that this field cannot be set when spec.os.name is windows.
- properties:
- level:
- description: Level is SELinux level label that
- applies to the container.
- type: string
- role:
- description: Role is a SELinux role label that
- applies to the container.
- type: string
- type:
- description: Type is a SELinux type label that
- applies to the container.
- type: string
- user:
- description: User is a SELinux user label that
- applies to the container.
- type: string
- type: object
- seccompProfile:
- description: |-
- The seccomp options to use by the containers in this pod.
- Note that this field cannot be set when spec.os.name is windows.
- properties:
- localhostProfile:
- description: |-
- localhostProfile indicates a profile defined in a file on the node should be used.
- The profile must be preconfigured on the node to work.
- Must be a descending path, relative to the kubelet's configured seccomp profile location.
- Must be set if type is "Localhost". Must NOT be set for any other type.
- type: string
- type:
- description: |-
- type indicates which kind of seccomp profile will be applied.
- Valid options are:
-
-
- Localhost - a profile defined in a file on the node should be used.
- RuntimeDefault - the container runtime default profile should be used.
- Unconfined - no profile should be applied.
- type: string
- required:
- - type
- type: object
- supplementalGroups:
- description: |-
- A list of groups applied to the first process run in each container, in addition
- to the container's primary GID, the fsGroup (if specified), and group memberships
- defined in the container image for the uid of the container process. If unspecified,
- no additional groups are added to any container. Note that group memberships
- defined in the container image for the uid of the container process are still effective,
- even if they are not included in this list.
- Note that this field cannot be set when spec.os.name is windows.
- items:
- format: int64
- type: integer
- type: array
- sysctls:
- description: |-
- Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported
- sysctls (by the container runtime) might fail to launch.
- Note that this field cannot be set when spec.os.name is windows.
- items:
- description: Sysctl defines a kernel parameter to
- be set
- properties:
- name:
- description: Name of a property to set
- type: string
- value:
- description: Value of a property to set
- type: string
- required:
- - name
- - value
- type: object
- type: array
- windowsOptions:
- description: |-
- The Windows specific settings applied to all containers.
- If unspecified, the options within a container's SecurityContext will be used.
- If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
- Note that this field cannot be set when spec.os.name is linux.
- properties:
- gmsaCredentialSpec:
- description: |-
- GMSACredentialSpec is where the GMSA admission webhook
- (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the
- GMSA credential spec named by the GMSACredentialSpecName field.
- type: string
- gmsaCredentialSpecName:
- description: GMSACredentialSpecName is the name
- of the GMSA credential spec to use.
- type: string
- hostProcess:
- description: |-
- HostProcess determines if a container should be run as a 'Host Process' container.
- All of a Pod's containers must have the same effective HostProcess value
- (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).
- In addition, if HostProcess is true then HostNetwork must also be set to true.
- type: boolean
- runAsUserName:
- description: |-
- The UserName in Windows to run the entrypoint of the container process.
- Defaults to the user specified in image metadata if unspecified.
- May also be set in PodSecurityContext. If set in both SecurityContext and
- PodSecurityContext, the value specified in SecurityContext takes precedence.
- type: string
- type: object
- type: object
- terminationGracePeriodSeconds:
- description: TerminationGracePeriodSeconds
- format: int64
- type: integer
- topologySpreadConstraints:
- description: TopologySpreadConstraints
- items:
- description: TopologySpreadConstraint specifies how
- to spread matching pods among the given topology.
- properties:
- labelSelector:
- description: |-
- LabelSelector is used to find matching pods.
- Pods that match this label selector are counted to determine the number of pods
- in their corresponding topology domain.
- properties:
- matchExpressions:
- description: matchExpressions is a list of label
- selector requirements. The requirements are
- ANDed.
- items:
- description: |-
- A label selector requirement is a selector that contains values, a key, and an operator that
- relates the key and values.
- properties:
- key:
- description: key is the label key that
- the selector applies to.
- type: string
- operator:
- description: |-
- operator represents a key's relationship to a set of values.
- Valid operators are In, NotIn, Exists and DoesNotExist.
- type: string
- values:
- description: |-
- values is an array of string values. If the operator is In or NotIn,
- the values array must be non-empty. If the operator is Exists or DoesNotExist,
- the values array must be empty. This array is replaced during a strategic
- merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: |-
- matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions, whose key field is "key", the
- operator is "In", and the values array contains only "value". The requirements are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- matchLabelKeys:
- description: |-
- MatchLabelKeys is a set of pod label keys to select the pods over which
- spreading will be calculated. The keys are used to lookup values from the
- incoming pod labels, those key-value labels are ANDed with labelSelector
- to select the group of existing pods over which spreading will be calculated
- for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.
- MatchLabelKeys cannot be set when LabelSelector isn't set.
- Keys that don't exist in the incoming pod labels will
- be ignored. A null or empty list means only match against labelSelector.
-
-
- This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default).
- items:
- type: string
- type: array
- x-kubernetes-list-type: atomic
- maxSkew:
- description: |-
- MaxSkew describes the degree to which pods may be unevenly distributed.
- When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference
- between the number of matching pods in the target topology and the global minimum.
- The global minimum is the minimum number of matching pods in an eligible domain
- or zero if the number of eligible domains is less than MinDomains.
- For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same
- labelSelector spread as 2/2/1:
- In this case, the global minimum is 1.
- | zone1 | zone2 | zone3 |
- | P P | P P | P |
- - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2;
- scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2)
- violate MaxSkew(1).
- - if MaxSkew is 2, incoming pod can be scheduled onto any zone.
- When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence
- to topologies that satisfy it.
- It's a required field. Default value is 1 and 0 is not allowed.
- format: int32
- type: integer
- minDomains:
- description: |-
- MinDomains indicates a minimum number of eligible domains.
- When the number of eligible domains with matching topology keys is less than minDomains,
- Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed.
- And when the number of eligible domains with matching topology keys equals or greater than minDomains,
- this value has no effect on scheduling.
- As a result, when the number of eligible domains is less than minDomains,
- scheduler won't schedule more than maxSkew Pods to those domains.
- If value is nil, the constraint behaves as if MinDomains is equal to 1.
- Valid values are integers greater than 0.
- When value is not nil, WhenUnsatisfiable must be DoNotSchedule.
-
-
- For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same
- labelSelector spread as 2/2/2:
- | zone1 | zone2 | zone3 |
- | P P | P P | P P |
- The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0.
- In this situation, new pod with the same labelSelector cannot be scheduled,
- because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,
- it will violate MaxSkew.
-
-
- This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default).
- format: int32
- type: integer
- nodeAffinityPolicy:
- description: |-
- NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector
- when calculating pod topology spread skew. Options are:
- - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.
- - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.
-
-
- If this value is nil, the behavior is equivalent to the Honor policy.
- This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.
- type: string
- nodeTaintsPolicy:
- description: |-
- NodeTaintsPolicy indicates how we will treat node taints when calculating
- pod topology spread skew. Options are:
- - Honor: nodes without taints, along with tainted nodes for which the incoming pod
- has a toleration, are included.
- - Ignore: node taints are ignored. All nodes are included.
-
-
- If this value is nil, the behavior is equivalent to the Ignore policy.
- This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.
- type: string
- topologyKey:
- description: |-
- TopologyKey is the key of node labels. Nodes that have a label with this key
- and identical values are considered to be in the same topology.
- We consider each as a "bucket", and try to put balanced number
- of pods into each bucket.
- We define a domain as a particular instance of a topology.
- Also, we define an eligible domain as a domain whose nodes meet the requirements of
- nodeAffinityPolicy and nodeTaintsPolicy.
- e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology.
- And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology.
- It's a required field.
- type: string
- whenUnsatisfiable:
- description: |-
- WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy
- the spread constraint.
- - DoNotSchedule (default) tells the scheduler not to schedule it.
- - ScheduleAnyway tells the scheduler to schedule the pod in any location,
- but giving higher precedence to topologies that would help reduce the
- skew.
- A constraint is considered "Unsatisfiable" for an incoming pod
- if and only if every possible node assignment for that pod would violate
- "MaxSkew" on some topology.
- For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same
- labelSelector spread as 3/1/1:
- | zone1 | zone2 | zone3 |
- | P P P | P | P |
- If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled
- to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies
- MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler
- won't make it *more* imbalanced.
- It's a required field.
- type: string
- required:
- - maxSkew
- - topologyKey
- - whenUnsatisfiable
- type: object
- type: array
- volumes:
- description: Volumes
- items:
- description: Volume represents a named volume in a pod
- that may be accessed by any container in the pod.
- properties:
- awsElasticBlockStore:
- description: |-
- awsElasticBlockStore represents an AWS Disk resource that is attached to a
- kubelet's host machine and then exposed to the pod.
- More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
- properties:
- fsType:
- description: |-
- fsType is the filesystem type of the volume that you want to mount.
- Tip: Ensure that the filesystem type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
- More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
- TODO: how do we prevent errors in the filesystem from compromising the machine
- type: string
- partition:
- description: |-
- partition is the partition in the volume that you want to mount.
- If omitted, the default is to mount by volume name.
- Examples: For volume /dev/sda1, you specify the partition as "1".
- Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty).
- format: int32
- type: integer
- readOnly:
- description: |-
- readOnly value true will force the readOnly setting in VolumeMounts.
- More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
- type: boolean
- volumeID:
- description: |-
- volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume).
- More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
- type: string
- required:
- - volumeID
- type: object
- azureDisk:
- description: azureDisk represents an Azure Data
- Disk mount on the host and bind mount to the pod.
- properties:
- cachingMode:
- description: 'cachingMode is the Host Caching
- mode: None, Read Only, Read Write.'
- type: string
- diskName:
- description: diskName is the Name of the data
- disk in the blob storage
- type: string
- diskURI:
- description: diskURI is the URI of data disk
- in the blob storage
- type: string
- fsType:
- description: |-
- fsType is Filesystem type to mount.
- Must be a filesystem type supported by the host operating system.
- Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
- type: string
- kind:
- description: 'kind expected values are Shared:
- multiple blob disks per storage account Dedicated:
- single blob disk per storage account Managed:
- azure managed data disk (only in managed availability
- set). defaults to shared'
- type: string
- readOnly:
- description: |-
- readOnly Defaults to false (read/write). ReadOnly here will force
- the ReadOnly setting in VolumeMounts.
- type: boolean
- required:
- - diskName
- - diskURI
- type: object
- azureFile:
- description: azureFile represents an Azure File
- Service mount on the host and bind mount to the
- pod.
- properties:
- readOnly:
- description: |-
- readOnly defaults to false (read/write). ReadOnly here will force
- the ReadOnly setting in VolumeMounts.
- type: boolean
- secretName:
- description: secretName is the name of secret
- that contains Azure Storage Account Name and
- Key
- type: string
- shareName:
- description: shareName is the azure share Name
- type: string
- required:
- - secretName
- - shareName
- type: object
- cephfs:
- description: cephFS represents a Ceph FS mount on
- the host that shares a pod's lifetime
- properties:
- monitors:
- description: |-
- monitors is Required: Monitors is a collection of Ceph monitors
- More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
- items:
- type: string
- type: array
- path:
- description: 'path is Optional: Used as the
- mounted root, rather than the full Ceph tree,
- default is /'
- type: string
- readOnly:
- description: |-
- readOnly is Optional: Defaults to false (read/write). ReadOnly here will force
- the ReadOnly setting in VolumeMounts.
- More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
- type: boolean
- secretFile:
- description: |-
- secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret
- More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
- type: string
- secretRef:
- description: |-
- secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.
- More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
- properties:
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- type: object
- x-kubernetes-map-type: atomic
- user:
- description: |-
- user is optional: User is the rados user name, default is admin
- More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
- type: string
- required:
- - monitors
- type: object
- cinder:
- description: |-
- cinder represents a cinder volume attached and mounted on kubelets host machine.
- More info: https://examples.k8s.io/mysql-cinder-pd/README.md
- properties:
- fsType:
- description: |-
- fsType is the filesystem type to mount.
- Must be a filesystem type supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
- More info: https://examples.k8s.io/mysql-cinder-pd/README.md
- type: string
- readOnly:
- description: |-
- readOnly defaults to false (read/write). ReadOnly here will force
- the ReadOnly setting in VolumeMounts.
- More info: https://examples.k8s.io/mysql-cinder-pd/README.md
- type: boolean
- secretRef:
- description: |-
- secretRef is optional: points to a secret object containing parameters used to connect
- to OpenStack.
- properties:
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- type: object
- x-kubernetes-map-type: atomic
- volumeID:
- description: |-
- volumeID used to identify the volume in cinder.
- More info: https://examples.k8s.io/mysql-cinder-pd/README.md
- type: string
- required:
- - volumeID
- type: object
- configMap:
- description: configMap represents a configMap that
- should populate this volume
- properties:
- defaultMode:
- description: |-
- defaultMode is optional: mode bits used to set permissions on created files by default.
- Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
- YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
- Defaults to 0644.
- Directories within the path are not affected by this setting.
- This might be in conflict with other options that affect the file
- mode, like fsGroup, and the result can be other mode bits set.
- format: int32
- type: integer
- items:
- description: |-
- items if unspecified, each key-value pair in the Data field of the referenced
- ConfigMap will be projected into the volume as a file whose name is the
- key and content is the value. If specified, the listed keys will be
- projected into the specified paths, and unlisted keys will not be
- present. If a key is specified which is not present in the ConfigMap,
- the volume setup will error unless it is marked optional. Paths must be
- relative and may not contain the '..' path or start with '..'.
- items:
- description: Maps a string key to a path within
- a volume.
- properties:
- key:
- description: key is the key to project.
- type: string
- mode:
- description: |-
- mode is Optional: mode bits used to set permissions on this file.
- Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
- YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
- If not specified, the volume defaultMode will be used.
- This might be in conflict with other options that affect the file
- mode, like fsGroup, and the result can be other mode bits set.
- format: int32
- type: integer
- path:
- description: |-
- path is the relative path of the file to map the key to.
- May not be an absolute path.
- May not contain the path element '..'.
- May not start with the string '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: optional specify whether the ConfigMap
- or its keys must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- csi:
- description: csi (Container Storage Interface) represents
- ephemeral storage that is handled by certain external
- CSI drivers (Beta feature).
- properties:
- driver:
- description: |-
- driver is the name of the CSI driver that handles this volume.
- Consult with your admin for the correct name as registered in the cluster.
- type: string
- fsType:
- description: |-
- fsType to mount. Ex. "ext4", "xfs", "ntfs".
- If not provided, the empty value is passed to the associated CSI driver
- which will determine the default filesystem to apply.
- type: string
- nodePublishSecretRef:
- description: |-
- nodePublishSecretRef is a reference to the secret object containing
- sensitive information to pass to the CSI driver to complete the CSI
- NodePublishVolume and NodeUnpublishVolume calls.
- This field is optional, and may be empty if no secret is required. If the
- secret object contains more than one secret, all secret references are passed.
- properties:
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- type: object
- x-kubernetes-map-type: atomic
- readOnly:
- description: |-
- readOnly specifies a read-only configuration for the volume.
- Defaults to false (read/write).
- type: boolean
- volumeAttributes:
- additionalProperties:
- type: string
- description: |-
- volumeAttributes stores driver-specific properties that are passed to the CSI
- driver. Consult your driver's documentation for supported values.
- type: object
- required:
- - driver
- type: object
- downwardAPI:
- description: downwardAPI represents downward API
- about the pod that should populate this volume
- properties:
- defaultMode:
- description: |-
- Optional: mode bits to use on created files by default. Must be a
- Optional: mode bits used to set permissions on created files by default.
- Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
- YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
- Defaults to 0644.
- Directories within the path are not affected by this setting.
- This might be in conflict with other options that affect the file
- mode, like fsGroup, and the result can be other mode bits set.
- format: int32
- type: integer
- items:
- description: Items is a list of downward API
- volume file
- items:
- description: DownwardAPIVolumeFile represents
- information to create the file containing
- the pod field
- properties:
- fieldRef:
- description: 'Required: Selects a field
- of the pod: only annotations, labels,
- name and namespace are supported.'
- properties:
- apiVersion:
- description: Version of the schema
- the FieldPath is written in terms
- of, defaults to "v1".
- type: string
- fieldPath:
- description: Path of the field to
- select in the specified API version.
- type: string
- required:
- - fieldPath
- type: object
- x-kubernetes-map-type: atomic
- mode:
- description: |-
- Optional: mode bits used to set permissions on this file, must be an octal value
- between 0000 and 0777 or a decimal value between 0 and 511.
- YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
- If not specified, the volume defaultMode will be used.
- This might be in conflict with other options that affect the file
- mode, like fsGroup, and the result can be other mode bits set.
- format: int32
- type: integer
- path:
- description: 'Required: Path is the relative
- path name of the file to be created.
- Must not be absolute or contain the
- ''..'' path. Must be utf-8 encoded.
- The first item of the relative path
- must not start with ''..'''
- type: string
- resourceFieldRef:
- description: |-
- Selects a resource of the container: only resources limits and requests
- (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.
- properties:
- containerName:
- description: 'Container name: required
- for volumes, optional for env vars'
- type: string
- divisor:
- anyOf:
- - type: integer
- - type: string
- description: Specifies the output
- format of the exposed resources,
- defaults to "1"
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- resource:
- description: 'Required: resource to
- select'
- type: string
- required:
- - resource
- type: object
- x-kubernetes-map-type: atomic
- required:
- - path
- type: object
- type: array
- type: object
- emptyDir:
- description: |-
- emptyDir represents a temporary directory that shares a pod's lifetime.
- More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir
- properties:
- medium:
- description: |-
- medium represents what type of storage medium should back this directory.
- The default is "" which means to use the node's default medium.
- Must be an empty string (default) or Memory.
- More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir
- type: string
- sizeLimit:
- anyOf:
- - type: integer
- - type: string
- description: |-
- sizeLimit is the total amount of local storage required for this EmptyDir volume.
- The size limit is also applicable for memory medium.
- The maximum usage on memory medium EmptyDir would be the minimum value between
- the SizeLimit specified here and the sum of memory limits of all containers in a pod.
- The default is nil which means that the limit is undefined.
- More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- type: object
- ephemeral:
- description: |-
- ephemeral represents a volume that is handled by a cluster storage driver.
- The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts,
- and deleted when the pod is removed.
-
-
- Use this if:
- a) the volume is only needed while the pod runs,
- b) features of normal volumes like restoring from snapshot or capacity
- tracking are needed,
- c) the storage driver is specified through a storage class, and
- d) the storage driver supports dynamic volume provisioning through
- a PersistentVolumeClaim (see EphemeralVolumeSource for more
- information on the connection between this volume type
- and PersistentVolumeClaim).
-
-
- Use PersistentVolumeClaim or one of the vendor-specific
- APIs for volumes that persist for longer than the lifecycle
- of an individual pod.
-
-
- Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to
- be used that way - see the documentation of the driver for
- more information.
-
-
- A pod can use both types of ephemeral volumes and
- persistent volumes at the same time.
- properties:
- volumeClaimTemplate:
- description: |-
- Will be used to create a stand-alone PVC to provision the volume.
- The pod in which this EphemeralVolumeSource is embedded will be the
- owner of the PVC, i.e. the PVC will be deleted together with the
- pod. The name of the PVC will be `-` where
- `` is the name from the `PodSpec.Volumes` array
- entry. Pod validation will reject the pod if the concatenated name
- is not valid for a PVC (for example, too long).
-
-
- An existing PVC with that name that is not owned by the pod
- will *not* be used for the pod to avoid using an unrelated
- volume by mistake. Starting the pod is then blocked until
- the unrelated PVC is removed. If such a pre-created PVC is
- meant to be used by the pod, the PVC has to updated with an
- owner reference to the pod once the pod exists. Normally
- this should not be necessary, but it may be useful when
- manually reconstructing a broken cluster.
-
-
- This field is read-only and no changes will be made by Kubernetes
- to the PVC after it has been created.
-
-
- Required, must not be nil.
- properties:
- metadata:
- description: |-
- May contain labels and annotations that will be copied into the PVC
- when creating it. No other fields are allowed and will be rejected during
- validation.
- type: object
- spec:
- description: |-
- The specification for the PersistentVolumeClaim. The entire content is
- copied unchanged into the PVC that gets created from this
- template. The same fields as in a PersistentVolumeClaim
- are also valid here.
- properties:
- accessModes:
- description: |-
- accessModes contains the desired access modes the volume should have.
- More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1
- items:
- type: string
- type: array
- dataSource:
- description: |-
- dataSource field can be used to specify either:
- * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)
- * An existing PVC (PersistentVolumeClaim)
- If the provisioner or an external controller can support the specified data source,
- it will create a new volume based on the contents of the specified data source.
- When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,
- and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.
- If the namespace is specified, then dataSourceRef will not be copied to dataSource.
- properties:
- apiGroup:
- description: |-
- APIGroup is the group for the resource being referenced.
- If APIGroup is not specified, the specified Kind must be in the core API group.
- For any other third-party types, APIGroup is required.
- type: string
- kind:
- description: Kind is the type of
- resource being referenced
- type: string
- name:
- description: Name is the name of
- resource being referenced
- type: string
- required:
- - kind
- - name
- type: object
- x-kubernetes-map-type: atomic
- dataSourceRef:
- description: |-
- dataSourceRef specifies the object from which to populate the volume with data, if a non-empty
- volume is desired. This may be any object from a non-empty API group (non
- core object) or a PersistentVolumeClaim object.
- When this field is specified, volume binding will only succeed if the type of
- the specified object matches some installed volume populator or dynamic
- provisioner.
- This field will replace the functionality of the dataSource field and as such
- if both fields are non-empty, they must have the same value. For backwards
- compatibility, when namespace isn't specified in dataSourceRef,
- both fields (dataSource and dataSourceRef) will be set to the same
- value automatically if one of them is empty and the other is non-empty.
- When namespace is specified in dataSourceRef,
- dataSource isn't set to the same value and must be empty.
- There are three important differences between dataSource and dataSourceRef:
- * While dataSource only allows two specific types of objects, dataSourceRef
- allows any non-core object, as well as PersistentVolumeClaim objects.
- * While dataSource ignores disallowed values (dropping them), dataSourceRef
- preserves all values, and generates an error if a disallowed value is
- specified.
- * While dataSource only allows local objects, dataSourceRef allows objects
- in any namespaces.
- (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.
- (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.
- properties:
- apiGroup:
- description: |-
- APIGroup is the group for the resource being referenced.
- If APIGroup is not specified, the specified Kind must be in the core API group.
- For any other third-party types, APIGroup is required.
- type: string
- kind:
- description: Kind is the type of
- resource being referenced
- type: string
- name:
- description: Name is the name of
- resource being referenced
- type: string
- namespace:
- description: |-
- Namespace is the namespace of resource being referenced
- Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.
- (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.
- type: string
- required:
- - kind
- - name
- type: object
- resources:
- description: |-
- resources represents the minimum resources the volume should have.
- If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements
- that are lower than previous value but must still be higher than capacity recorded in the
- status field of the claim.
- More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: |-
- Limits describes the maximum amount of compute resources allowed.
- More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: |-
- Requests describes the minimum amount of compute resources required.
- If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
- otherwise to an implementation-defined value. Requests cannot exceed Limits.
- More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
- type: object
- type: object
- selector:
- description: selector is a label query
- over volumes to consider for binding.
- properties:
- matchExpressions:
- description: matchExpressions is
- a list of label selector requirements.
- The requirements are ANDed.
- items:
- description: |-
- A label selector requirement is a selector that contains values, a key, and an operator that
- relates the key and values.
- properties:
- key:
- description: key is the label
- key that the selector applies
- to.
- type: string
- operator:
- description: |-
- operator represents a key's relationship to a set of values.
- Valid operators are In, NotIn, Exists and DoesNotExist.
- type: string
- values:
- description: |-
- values is an array of string values. If the operator is In or NotIn,
- the values array must be non-empty. If the operator is Exists or DoesNotExist,
- the values array must be empty. This array is replaced during a strategic
- merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: |-
- matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions, whose key field is "key", the
- operator is "In", and the values array contains only "value". The requirements are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- storageClassName:
- description: |-
- storageClassName is the name of the StorageClass required by the claim.
- More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1
- type: string
- volumeAttributesClassName:
- description: |-
- volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.
- If specified, the CSI driver will create or update the volume with the attributes defined
- in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,
- it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass
- will be applied to the claim but it's not allowed to reset this field to empty string once it is set.
- If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass
- will be set by the persistentvolume controller if it exists.
- If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be
- set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource
- exists.
- More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass
- (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.
- type: string
- volumeMode:
- description: |-
- volumeMode defines what type of volume is required by the claim.
- Value of Filesystem is implied when not included in claim spec.
- type: string
- volumeName:
- description: volumeName is the binding
- reference to the PersistentVolume
- backing this claim.
- type: string
- type: object
- required:
- - spec
- type: object
- type: object
- fc:
- description: fc represents a Fibre Channel resource
- that is attached to a kubelet's host machine and
- then exposed to the pod.
- properties:
- fsType:
- description: |-
- fsType is the filesystem type to mount.
- Must be a filesystem type supported by the host operating system.
- Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
- TODO: how do we prevent errors in the filesystem from compromising the machine
- type: string
- lun:
- description: 'lun is Optional: FC target lun
- number'
- format: int32
- type: integer
- readOnly:
- description: |-
- readOnly is Optional: Defaults to false (read/write). ReadOnly here will force
- the ReadOnly setting in VolumeMounts.
- type: boolean
- targetWWNs:
- description: 'targetWWNs is Optional: FC target
- worldwide names (WWNs)'
- items:
- type: string
- type: array
- wwids:
- description: |-
- wwids Optional: FC volume world wide identifiers (wwids)
- Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously.
- items:
- type: string
- type: array
- type: object
- flexVolume:
- description: |-
- flexVolume represents a generic volume resource that is
- provisioned/attached using an exec based plugin.
- properties:
- driver:
- description: driver is the name of the driver
- to use for this volume.
- type: string
- fsType:
- description: |-
- fsType is the filesystem type to mount.
- Must be a filesystem type supported by the host operating system.
- Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script.
- type: string
- options:
- additionalProperties:
- type: string
- description: 'options is Optional: this field
- holds extra command options if any.'
- type: object
- readOnly:
- description: |-
- readOnly is Optional: defaults to false (read/write). ReadOnly here will force
- the ReadOnly setting in VolumeMounts.
- type: boolean
- secretRef:
- description: |-
- secretRef is Optional: secretRef is reference to the secret object containing
- sensitive information to pass to the plugin scripts. This may be
- empty if no secret object is specified. If the secret object
- contains more than one secret, all secrets are passed to the plugin
- scripts.
- properties:
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- type: object
- x-kubernetes-map-type: atomic
- required:
- - driver
- type: object
- flocker:
- description: flocker represents a Flocker volume
- attached to a kubelet's host machine. This depends
- on the Flocker control service being running
- properties:
- datasetName:
- description: |-
- datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker
- should be considered as deprecated
- type: string
- datasetUUID:
- description: datasetUUID is the UUID of the
- dataset. This is unique identifier of a Flocker
- dataset
- type: string
- type: object
- gcePersistentDisk:
- description: |-
- gcePersistentDisk represents a GCE Disk resource that is attached to a
- kubelet's host machine and then exposed to the pod.
- More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
- properties:
- fsType:
- description: |-
- fsType is filesystem type of the volume that you want to mount.
- Tip: Ensure that the filesystem type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
- More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
- TODO: how do we prevent errors in the filesystem from compromising the machine
- type: string
- partition:
- description: |-
- partition is the partition in the volume that you want to mount.
- If omitted, the default is to mount by volume name.
- Examples: For volume /dev/sda1, you specify the partition as "1".
- Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty).
- More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
- format: int32
- type: integer
- pdName:
- description: |-
- pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE.
- More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
- type: string
- readOnly:
- description: |-
- readOnly here will force the ReadOnly setting in VolumeMounts.
- Defaults to false.
- More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
- type: boolean
- required:
- - pdName
- type: object
- gitRepo:
- description: |-
- gitRepo represents a git repository at a particular revision.
- DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an
- EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir
- into the Pod's container.
- properties:
- directory:
- description: |-
- directory is the target directory name.
- Must not contain or start with '..'. If '.' is supplied, the volume directory will be the
- git repository. Otherwise, if specified, the volume will contain the git repository in
- the subdirectory with the given name.
- type: string
- repository:
- description: repository is the URL
- type: string
- revision:
- description: revision is the commit hash for
- the specified revision.
- type: string
- required:
- - repository
- type: object
- glusterfs:
- description: |-
- glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.
- More info: https://examples.k8s.io/volumes/glusterfs/README.md
- properties:
- endpoints:
- description: |-
- endpoints is the endpoint name that details Glusterfs topology.
- More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod
- type: string
- path:
- description: |-
- path is the Glusterfs volume path.
- More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod
- type: string
- readOnly:
- description: |-
- readOnly here will force the Glusterfs volume to be mounted with read-only permissions.
- Defaults to false.
- More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod
- type: boolean
- required:
- - endpoints
- - path
- type: object
- hostPath:
- description: |-
- hostPath represents a pre-existing file or directory on the host
- machine that is directly exposed to the container. This is generally
- used for system agents or other privileged things that are allowed
- to see the host machine. Most containers will NOT need this.
- More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
- ---
- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not
- mount host directories as read/write.
- properties:
- path:
- description: |-
- path of the directory on the host.
- If the path is a symlink, it will follow the link to the real path.
- More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
- type: string
- type:
- description: |-
- type for HostPath Volume
- Defaults to ""
- More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
- type: string
- required:
- - path
- type: object
- iscsi:
- description: |-
- iscsi represents an ISCSI Disk resource that is attached to a
- kubelet's host machine and then exposed to the pod.
- More info: https://examples.k8s.io/volumes/iscsi/README.md
- properties:
- chapAuthDiscovery:
- description: chapAuthDiscovery defines whether
- support iSCSI Discovery CHAP authentication
- type: boolean
- chapAuthSession:
- description: chapAuthSession defines whether
- support iSCSI Session CHAP authentication
- type: boolean
- fsType:
- description: |-
- fsType is the filesystem type of the volume that you want to mount.
- Tip: Ensure that the filesystem type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
- More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi
- TODO: how do we prevent errors in the filesystem from compromising the machine
- type: string
- initiatorName:
- description: |-
- initiatorName is the custom iSCSI Initiator Name.
- If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface
- : will be created for the connection.
- type: string
- iqn:
- description: iqn is the target iSCSI Qualified
- Name.
- type: string
- iscsiInterface:
- description: |-
- iscsiInterface is the interface Name that uses an iSCSI transport.
- Defaults to 'default' (tcp).
- type: string
- lun:
- description: lun represents iSCSI Target Lun
- number.
- format: int32
- type: integer
- portals:
- description: |-
- portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port
- is other than default (typically TCP ports 860 and 3260).
- items:
- type: string
- type: array
- readOnly:
- description: |-
- readOnly here will force the ReadOnly setting in VolumeMounts.
- Defaults to false.
- type: boolean
- secretRef:
- description: secretRef is the CHAP Secret for
- iSCSI target and initiator authentication
- properties:
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- type: object
- x-kubernetes-map-type: atomic
- targetPortal:
- description: |-
- targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port
- is other than default (typically TCP ports 860 and 3260).
- type: string
- required:
- - iqn
- - lun
- - targetPortal
- type: object
- name:
- description: |-
- name of the volume.
- Must be a DNS_LABEL and unique within the pod.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- type: string
- nfs:
- description: |-
- nfs represents an NFS mount on the host that shares a pod's lifetime
- More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs
- properties:
- path:
- description: |-
- path that is exported by the NFS server.
- More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs
- type: string
- readOnly:
- description: |-
- readOnly here will force the NFS export to be mounted with read-only permissions.
- Defaults to false.
- More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs
- type: boolean
- server:
- description: |-
- server is the hostname or IP address of the NFS server.
- More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs
- type: string
- required:
- - path
- - server
- type: object
- persistentVolumeClaim:
- description: |-
- persistentVolumeClaimVolumeSource represents a reference to a
- PersistentVolumeClaim in the same namespace.
- More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims
- properties:
- claimName:
- description: |-
- claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume.
- More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims
- type: string
- readOnly:
- description: |-
- readOnly Will force the ReadOnly setting in VolumeMounts.
- Default false.
- type: boolean
- required:
- - claimName
- type: object
- photonPersistentDisk:
- description: photonPersistentDisk represents a PhotonController
- persistent disk attached and mounted on kubelets
- host machine
- properties:
- fsType:
- description: |-
- fsType is the filesystem type to mount.
- Must be a filesystem type supported by the host operating system.
- Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
- type: string
- pdID:
- description: pdID is the ID that identifies
- Photon Controller persistent disk
- type: string
- required:
- - pdID
- type: object
- portworxVolume:
- description: portworxVolume represents a portworx
- volume attached and mounted on kubelets host machine
- properties:
- fsType:
- description: |-
- fSType represents the filesystem type to mount
- Must be a filesystem type supported by the host operating system.
- Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified.
- type: string
- readOnly:
- description: |-
- readOnly defaults to false (read/write). ReadOnly here will force
- the ReadOnly setting in VolumeMounts.
- type: boolean
- volumeID:
- description: volumeID uniquely identifies a
- Portworx volume
- type: string
- required:
- - volumeID
- type: object
- projected:
- description: projected items for all in one resources
- secrets, configmaps, and downward API
- properties:
- defaultMode:
- description: |-
- defaultMode are the mode bits used to set permissions on created files by default.
- Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
- YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
- Directories within the path are not affected by this setting.
- This might be in conflict with other options that affect the file
- mode, like fsGroup, and the result can be other mode bits set.
- format: int32
- type: integer
- sources:
- description: sources is the list of volume projections
- items:
- description: Projection that may be projected
- along with other supported volume types
- properties:
- clusterTrustBundle:
- description: |-
- ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field
- of ClusterTrustBundle objects in an auto-updating file.
-
-
- Alpha, gated by the ClusterTrustBundleProjection feature gate.
-
-
- ClusterTrustBundle objects can either be selected by name, or by the
- combination of signer name and a label selector.
-
-
- Kubelet performs aggressive normalization of the PEM contents written
- into the pod filesystem. Esoteric PEM features such as inter-block
- comments and block headers are stripped. Certificates are deduplicated.
- The ordering of certificates within the file is arbitrary, and Kubelet
- may change the order over time.
- properties:
- labelSelector:
- description: |-
- Select all ClusterTrustBundles that match this label selector. Only has
- effect if signerName is set. Mutually-exclusive with name. If unset,
- interpreted as "match nothing". If set but empty, interpreted as "match
- everything".
- properties:
- matchExpressions:
- description: matchExpressions
- is a list of label selector
- requirements. The requirements
- are ANDed.
- items:
- description: |-
- A label selector requirement is a selector that contains values, a key, and an operator that
- relates the key and values.
- properties:
- key:
- description: key is the
- label key that the selector
- applies to.
- type: string
- operator:
- description: |-
- operator represents a key's relationship to a set of values.
- Valid operators are In, NotIn, Exists and DoesNotExist.
- type: string
- values:
- description: |-
- values is an array of string values. If the operator is In or NotIn,
- the values array must be non-empty. If the operator is Exists or DoesNotExist,
- the values array must be empty. This array is replaced during a strategic
- merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: |-
- matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions, whose key field is "key", the
- operator is "In", and the values array contains only "value". The requirements are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- name:
- description: |-
- Select a single ClusterTrustBundle by object name. Mutually-exclusive
- with signerName and labelSelector.
- type: string
- optional:
- description: |-
- If true, don't block pod startup if the referenced ClusterTrustBundle(s)
- aren't available. If using name, then the named ClusterTrustBundle is
- allowed not to exist. If using signerName, then the combination of
- signerName and labelSelector is allowed to match zero
- ClusterTrustBundles.
- type: boolean
- path:
- description: Relative path from the
- volume root to write the bundle.
- type: string
- signerName:
- description: |-
- Select all ClusterTrustBundles that match this signer name.
- Mutually-exclusive with name. The contents of all selected
- ClusterTrustBundles will be unified and deduplicated.
- type: string
- required:
- - path
- type: object
- configMap:
- description: configMap information about
- the configMap data to project
- properties:
- items:
- description: |-
- items if unspecified, each key-value pair in the Data field of the referenced
- ConfigMap will be projected into the volume as a file whose name is the
- key and content is the value. If specified, the listed keys will be
- projected into the specified paths, and unlisted keys will not be
- present. If a key is specified which is not present in the ConfigMap,
- the volume setup will error unless it is marked optional. Paths must be
- relative and may not contain the '..' path or start with '..'.
- items:
- description: Maps a string key to
- a path within a volume.
- properties:
- key:
- description: key is the key
- to project.
- type: string
- mode:
- description: |-
- mode is Optional: mode bits used to set permissions on this file.
- Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
- YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
- If not specified, the volume defaultMode will be used.
- This might be in conflict with other options that affect the file
- mode, like fsGroup, and the result can be other mode bits set.
- format: int32
- type: integer
- path:
- description: |-
- path is the relative path of the file to map the key to.
- May not be an absolute path.
- May not contain the path element '..'.
- May not start with the string '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: optional specify whether
- the ConfigMap or its keys must be
- defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- downwardAPI:
- description: downwardAPI information about
- the downwardAPI data to project
- properties:
- items:
- description: Items is a list of DownwardAPIVolume
- file
- items:
- description: DownwardAPIVolumeFile
- represents information to create
- the file containing the pod field
- properties:
- fieldRef:
- description: 'Required: Selects
- a field of the pod: only annotations,
- labels, name and namespace
- are supported.'
- properties:
- apiVersion:
- description: Version of
- the schema the FieldPath
- is written in terms of,
- defaults to "v1".
- type: string
- fieldPath:
- description: Path of the
- field to select in the
- specified API version.
- type: string
- required:
- - fieldPath
- type: object
- x-kubernetes-map-type: atomic
- mode:
- description: |-
- Optional: mode bits used to set permissions on this file, must be an octal value
- between 0000 and 0777 or a decimal value between 0 and 511.
- YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
- If not specified, the volume defaultMode will be used.
- This might be in conflict with other options that affect the file
- mode, like fsGroup, and the result can be other mode bits set.
- format: int32
- type: integer
- path:
- description: 'Required: Path
- is the relative path name
- of the file to be created.
- Must not be absolute or contain
- the ''..'' path. Must be utf-8
- encoded. The first item of
- the relative path must not
- start with ''..'''
- type: string
- resourceFieldRef:
- description: |-
- Selects a resource of the container: only resources limits and requests
- (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.
- properties:
- containerName:
- description: 'Container
- name: required for volumes,
- optional for env vars'
- type: string
- divisor:
- anyOf:
- - type: integer
- - type: string
- description: Specifies the
- output format of the exposed
- resources, defaults to
- "1"
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- resource:
- description: 'Required:
- resource to select'
- type: string
- required:
- - resource
- type: object
- x-kubernetes-map-type: atomic
- required:
- - path
- type: object
- type: array
- type: object
- secret:
- description: secret information about
- the secret data to project
- properties:
- items:
- description: |-
- items if unspecified, each key-value pair in the Data field of the referenced
- Secret will be projected into the volume as a file whose name is the
- key and content is the value. If specified, the listed keys will be
- projected into the specified paths, and unlisted keys will not be
- present. If a key is specified which is not present in the Secret,
- the volume setup will error unless it is marked optional. Paths must be
- relative and may not contain the '..' path or start with '..'.
- items:
- description: Maps a string key to
- a path within a volume.
- properties:
- key:
- description: key is the key
- to project.
- type: string
- mode:
- description: |-
- mode is Optional: mode bits used to set permissions on this file.
- Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
- YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
- If not specified, the volume defaultMode will be used.
- This might be in conflict with other options that affect the file
- mode, like fsGroup, and the result can be other mode bits set.
- format: int32
- type: integer
- path:
- description: |-
- path is the relative path of the file to map the key to.
- May not be an absolute path.
- May not contain the path element '..'.
- May not start with the string '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- optional:
- description: optional field specify
- whether the Secret or its key must
- be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- serviceAccountToken:
- description: serviceAccountToken is information
- about the serviceAccountToken data to
- project
- properties:
- audience:
- description: |-
- audience is the intended audience of the token. A recipient of a token
- must identify itself with an identifier specified in the audience of the
- token, and otherwise should reject the token. The audience defaults to the
- identifier of the apiserver.
- type: string
- expirationSeconds:
- description: |-
- expirationSeconds is the requested duration of validity of the service
- account token. As the token approaches expiration, the kubelet volume
- plugin will proactively rotate the service account token. The kubelet will
- start trying to rotate the token if the token is older than 80 percent of
- its time to live or if the token is older than 24 hours.Defaults to 1 hour
- and must be at least 10 minutes.
- format: int64
- type: integer
- path:
- description: |-
- path is the path relative to the mount point of the file to project the
- token into.
- type: string
- required:
- - path
- type: object
- type: object
- type: array
- type: object
- quobyte:
- description: quobyte represents a Quobyte mount
- on the host that shares a pod's lifetime
- properties:
- group:
- description: |-
- group to map volume access to
- Default is no group
- type: string
- readOnly:
- description: |-
- readOnly here will force the Quobyte volume to be mounted with read-only permissions.
- Defaults to false.
- type: boolean
- registry:
- description: |-
- registry represents a single or multiple Quobyte Registry services
- specified as a string as host:port pair (multiple entries are separated with commas)
- which acts as the central registry for volumes
- type: string
- tenant:
- description: |-
- tenant owning the given Quobyte volume in the Backend
- Used with dynamically provisioned Quobyte volumes, value is set by the plugin
- type: string
- user:
- description: |-
- user to map volume access to
- Defaults to serivceaccount user
- type: string
- volume:
- description: volume is a string that references
- an already created Quobyte volume by name.
- type: string
- required:
- - registry
- - volume
- type: object
- rbd:
- description: |-
- rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.
- More info: https://examples.k8s.io/volumes/rbd/README.md
- properties:
- fsType:
- description: |-
- fsType is the filesystem type of the volume that you want to mount.
- Tip: Ensure that the filesystem type is supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
- More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd
- TODO: how do we prevent errors in the filesystem from compromising the machine
- type: string
- image:
- description: |-
- image is the rados image name.
- More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
- type: string
- keyring:
- description: |-
- keyring is the path to key ring for RBDUser.
- Default is /etc/ceph/keyring.
- More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
- type: string
- monitors:
- description: |-
- monitors is a collection of Ceph monitors.
- More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
- items:
- type: string
- type: array
- pool:
- description: |-
- pool is the rados pool name.
- Default is rbd.
- More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
- type: string
- readOnly:
- description: |-
- readOnly here will force the ReadOnly setting in VolumeMounts.
- Defaults to false.
- More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
- type: boolean
- secretRef:
- description: |-
- secretRef is name of the authentication secret for RBDUser. If provided
- overrides keyring.
- Default is nil.
- More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
- properties:
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- type: object
- x-kubernetes-map-type: atomic
- user:
- description: |-
- user is the rados user name.
- Default is admin.
- More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
- type: string
- required:
- - image
- - monitors
- type: object
- scaleIO:
- description: scaleIO represents a ScaleIO persistent
- volume attached and mounted on Kubernetes nodes.
- properties:
- fsType:
- description: |-
- fsType is the filesystem type to mount.
- Must be a filesystem type supported by the host operating system.
- Ex. "ext4", "xfs", "ntfs".
- Default is "xfs".
- type: string
- gateway:
- description: gateway is the host address of
- the ScaleIO API Gateway.
- type: string
- protectionDomain:
- description: protectionDomain is the name of
- the ScaleIO Protection Domain for the configured
- storage.
- type: string
- readOnly:
- description: |-
- readOnly Defaults to false (read/write). ReadOnly here will force
- the ReadOnly setting in VolumeMounts.
- type: boolean
- secretRef:
- description: |-
- secretRef references to the secret for ScaleIO user and other
- sensitive information. If this is not provided, Login operation will fail.
- properties:
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- type: object
- x-kubernetes-map-type: atomic
- sslEnabled:
- description: sslEnabled Flag enable/disable
- SSL communication with Gateway, default false
- type: boolean
- storageMode:
- description: |-
- storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned.
- Default is ThinProvisioned.
- type: string
- storagePool:
- description: storagePool is the ScaleIO Storage
- Pool associated with the protection domain.
- type: string
- system:
- description: system is the name of the storage
- system as configured in ScaleIO.
- type: string
- volumeName:
- description: |-
- volumeName is the name of a volume already created in the ScaleIO system
- that is associated with this volume source.
- type: string
- required:
- - gateway
- - secretRef
- - system
- type: object
- secret:
- description: |-
- secret represents a secret that should populate this volume.
- More info: https://kubernetes.io/docs/concepts/storage/volumes#secret
- properties:
- defaultMode:
- description: |-
- defaultMode is Optional: mode bits used to set permissions on created files by default.
- Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
- YAML accepts both octal and decimal values, JSON requires decimal values
- for mode bits. Defaults to 0644.
- Directories within the path are not affected by this setting.
- This might be in conflict with other options that affect the file
- mode, like fsGroup, and the result can be other mode bits set.
- format: int32
- type: integer
- items:
- description: |-
- items If unspecified, each key-value pair in the Data field of the referenced
- Secret will be projected into the volume as a file whose name is the
- key and content is the value. If specified, the listed keys will be
- projected into the specified paths, and unlisted keys will not be
- present. If a key is specified which is not present in the Secret,
- the volume setup will error unless it is marked optional. Paths must be
- relative and may not contain the '..' path or start with '..'.
- items:
- description: Maps a string key to a path within
- a volume.
- properties:
- key:
- description: key is the key to project.
- type: string
- mode:
- description: |-
- mode is Optional: mode bits used to set permissions on this file.
- Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
- YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
- If not specified, the volume defaultMode will be used.
- This might be in conflict with other options that affect the file
- mode, like fsGroup, and the result can be other mode bits set.
- format: int32
- type: integer
- path:
- description: |-
- path is the relative path of the file to map the key to.
- May not be an absolute path.
- May not contain the path element '..'.
- May not start with the string '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- optional:
- description: optional field specify whether
- the Secret or its keys must be defined
- type: boolean
- secretName:
- description: |-
- secretName is the name of the secret in the pod's namespace to use.
- More info: https://kubernetes.io/docs/concepts/storage/volumes#secret
- type: string
- type: object
- storageos:
- description: storageOS represents a StorageOS volume
- attached and mounted on Kubernetes nodes.
- properties:
- fsType:
- description: |-
- fsType is the filesystem type to mount.
- Must be a filesystem type supported by the host operating system.
- Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
- type: string
- readOnly:
- description: |-
- readOnly defaults to false (read/write). ReadOnly here will force
- the ReadOnly setting in VolumeMounts.
- type: boolean
- secretRef:
- description: |-
- secretRef specifies the secret to use for obtaining the StorageOS API
- credentials. If not specified, default values will be attempted.
- properties:
- name:
- description: |-
- Name of the referent.
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?
- type: string
- type: object
- x-kubernetes-map-type: atomic
- volumeName:
- description: |-
- volumeName is the human-readable name of the StorageOS volume. Volume
- names are only unique within a namespace.
- type: string
- volumeNamespace:
- description: |-
- volumeNamespace specifies the scope of the volume within StorageOS. If no
- namespace is specified then the Pod's namespace will be used. This allows the
- Kubernetes name scoping to be mirrored within StorageOS for tighter integration.
- Set VolumeName to any name to override the default behaviour.
- Set to "default" if you are not using namespaces within StorageOS.
- Namespaces that do not pre-exist within StorageOS will be created.
- type: string
- type: object
- vsphereVolume:
- description: vsphereVolume represents a vSphere
- volume attached and mounted on kubelets host machine
- properties:
- fsType:
- description: |-
- fsType is filesystem type to mount.
- Must be a filesystem type supported by the host operating system.
- Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
- type: string
- storagePolicyID:
- description: storagePolicyID is the storage
- Policy Based Management (SPBM) profile ID
- associated with the StoragePolicyName.
- type: string
- storagePolicyName:
- description: storagePolicyName is the storage
- Policy Based Management (SPBM) profile name.
- type: string
- volumePath:
- description: volumePath is the path that identifies
- vSphere volume vmdk
- type: string
- required:
- - volumePath
- type: object
- required:
- - name
- type: object
- type: array
- required:
- - containers
- type: object
- type: object
- traits:
- description: the traits needed to run this Integration
- properties:
- 3scale:
- description: 'Deprecated: for backward compatibility.'
- properties:
- configuration:
- description: TraitConfiguration parameters configuration
- type: object
- x-kubernetes-preserve-unknown-fields: true
- required:
- - configuration
- type: object
- addons:
- additionalProperties:
- description: AddonTrait represents the configuration of
- an addon trait.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- description: The extension point with addon traits
- type: object
- affinity:
- description: The configuration of Affinity trait
- properties:
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: Can be used to enable or disable a trait.
- All traits share this common property.
- type: boolean
- nodeAffinityLabels:
- description: Defines a set of nodes the integration pod(s)
- are eligible to be scheduled on, based on labels on
- the node.
- items:
- type: string
- type: array
- podAffinity:
- description: Always co-locates multiple replicas of the
- integration in the same node (default `false`).
- type: boolean
- podAffinityLabels:
- description: |-
- Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the
- integration pod(s) should be co-located with.
- items:
- type: string
- type: array
- podAntiAffinity:
- description: Never co-locates multiple replicas of the
- integration in the same node (default `false`).
- type: boolean
- podAntiAffinityLabels:
- description: |-
- Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the
- integration pod(s) should not be co-located with.
- items:
- type: string
- type: array
- type: object
- builder:
- description: The configuration of Builder trait
- properties:
- annotations:
- additionalProperties:
- type: string
- description: When using `pod` strategy, annotation to
- use for the builder pod.
- type: object
- baseImage:
- description: |-
- Specify a base image. In order to have the application working properly it must be a container image which has a Java JDK
- installed and ready to use on path (ie `/usr/bin/java`).
- type: string
- configuration:
- description: |-
- Legacy trait configuration parameters.
- Deprecated: for backward compatibility.
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enabled:
- description: 'Deprecated: no longer in use.'
- type: boolean
- incrementalImageBuild:
- description: Use the incremental image build option, to
- reuse existing containers (default `true`)
- type: boolean
- limitCPU:
- description: |-
- When using `pod` strategy, the maximum amount of CPU required by the pod builder.
- Deprecated: use TasksRequestCPU instead with task name `builder`.
- type: string
- limitMemory:
- description: |-
- When using `pod` strategy, the maximum amount of memory required by the pod builder.
- Deprecated: use TasksRequestCPU instead with task name `builder`.
- type: string
- mavenProfiles:
- description: |-
- A list of references pointing to configmaps/secrets that contains a maven profile.
- This configmap/secret is a resource of the IntegrationKit created, therefore it needs to be present in the namespace where the operator is going to create the IntegrationKit.
- The content of the maven profile is expected to be a text containing a valid maven profile starting with `` and ending with `` that will be integrated as an inline profile in the POM.
- Syntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = profile.xml).
- items:
- type: string
- type: array
- nodeSelector:
- additionalProperties:
- type: string
- description: Defines a set of nodes the builder pod is
- eligible to be scheduled on, based on labels on the
- node.
- type: object
- orderStrategy:
- description: The build order strategy to use, either `dependencies`,
- `fifo` or `sequential` (default is the platform default)
- enum:
- - dependencies
- - fifo
- - sequential
- type: string
- platforms:
- description: The list of manifest platforms to use to
- build a container image (default `linux/amd64`).
- items:
- type: string
- type: array
- properties:
- description: A list of properties to be provided to the
- build task
- items:
- type: string
- type: array
- requestCPU:
- description: |-
- When using `pod` strategy, the minimum amount of CPU required by the pod builder.
- Deprecated: use TasksRequestCPU instead with task name `builder`.
- type: string
- requestMemory:
- description: |-
- When using `pod` strategy, the minimum amount of memory required by the pod builder.
- Deprecated: use TasksRequestCPU instead with task name `builder`.
- type: string
- strategy:
- description: The strategy to use, either `pod` or `routine`
- (default `routine`)
- enum:
- - pod
- - routine
- type: string
- tasks:
- description: A list of tasks to be executed (available
- only when using `pod` strategy) with format `;;`.
- items:
- type: string
- type: array
- tasksFilter:
- description: |-
- A list of tasks sorted by the order of execution in a csv format, ie, `,,...`.
- Mind that you must include also the operator tasks (`builder`, `quarkus-native`, `package`, `jib`, `s2i`)
- if you need to execute them. Useful only with `pod` strategy.
- type: string
- tasksLimitCPU:
- description: A list of limit cpu configuration for the
- specific task with format `:`.
- items:
- type: string
- type: array
- tasksLimitMemory:
- description: A list of limit memory configuration for
- the specific task with format `:`.
- items:
- type: string
- type: array
- tasksRequestCPU:
- description: A list of request cpu configuration for the
- specific task with format `:`.
- items:
- type: string
- type: array
- tasksRequestMemory:
- description: A list of request memory configuration for
- the specific task with format `