1/* 2Copyright 2015 The Kubernetes Authors. 3 4Licensed under the Apache License, Version 2.0 (the "License"); 5you may not use this file except in compliance with the License. 6You may obtain a copy of the License at 7 8 http://www.apache.org/licenses/LICENSE-2.0 9 10Unless required by applicable law or agreed to in writing, software 11distributed under the License is distributed on an "AS IS" BASIS, 12WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13See the License for the specific language governing permissions and 14limitations under the License. 15*/ 16 17package v1 18 19import ( 20 "k8s.io/apimachinery/pkg/api/resource" 21 metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" 22 "k8s.io/apimachinery/pkg/types" 23 "k8s.io/apimachinery/pkg/util/intstr" 24) 25 26const ( 27 // NamespaceDefault means the object is in the default namespace which is applied when not specified by clients 28 NamespaceDefault string = "default" 29 // NamespaceAll is the default argument to specify on a context when you want to list or filter resources across all namespaces 30 NamespaceAll string = "" 31 // NamespaceNodeLease is the namespace where we place node lease objects (used for node heartbeats) 32 NamespaceNodeLease string = "kube-node-lease" 33 // TopologyKeyAny is the service topology key that matches any node 34 TopologyKeyAny string = "*" 35) 36 37// Volume represents a named volume in a pod that may be accessed by any container in the pod. 38type Volume struct { 39 // Volume's name. 40 // Must be a DNS_LABEL and unique within the pod. 41 // More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 42 Name string `json:"name" protobuf:"bytes,1,opt,name=name"` 43 // VolumeSource represents the location and type of the mounted volume. 44 // If not specified, the Volume is implied to be an EmptyDir. 45 // This implied behavior is deprecated and will be removed in a future version. 46 VolumeSource `json:",inline" protobuf:"bytes,2,opt,name=volumeSource"` 47} 48 49// Represents the source of a volume to mount. 50// Only one of its members may be specified. 51type VolumeSource struct { 52 // HostPath represents a pre-existing file or directory on the host 53 // machine that is directly exposed to the container. This is generally 54 // used for system agents or other privileged things that are allowed 55 // to see the host machine. Most containers will NOT need this. 56 // More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath 57 // --- 58 // TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not 59 // mount host directories as read/write. 60 // +optional 61 HostPath *HostPathVolumeSource `json:"hostPath,omitempty" protobuf:"bytes,1,opt,name=hostPath"` 62 // EmptyDir represents a temporary directory that shares a pod's lifetime. 63 // More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir 64 // +optional 65 EmptyDir *EmptyDirVolumeSource `json:"emptyDir,omitempty" protobuf:"bytes,2,opt,name=emptyDir"` 66 // GCEPersistentDisk represents a GCE Disk resource that is attached to a 67 // kubelet's host machine and then exposed to the pod. 68 // More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk 69 // +optional 70 GCEPersistentDisk *GCEPersistentDiskVolumeSource `json:"gcePersistentDisk,omitempty" protobuf:"bytes,3,opt,name=gcePersistentDisk"` 71 // AWSElasticBlockStore represents an AWS Disk resource that is attached to a 72 // kubelet's host machine and then exposed to the pod. 73 // More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore 74 // +optional 75 AWSElasticBlockStore *AWSElasticBlockStoreVolumeSource `json:"awsElasticBlockStore,omitempty" protobuf:"bytes,4,opt,name=awsElasticBlockStore"` 76 // GitRepo represents a git repository at a particular revision. 77 // DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an 78 // EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir 79 // into the Pod's container. 80 // +optional 81 GitRepo *GitRepoVolumeSource `json:"gitRepo,omitempty" protobuf:"bytes,5,opt,name=gitRepo"` 82 // Secret represents a secret that should populate this volume. 83 // More info: https://kubernetes.io/docs/concepts/storage/volumes#secret 84 // +optional 85 Secret *SecretVolumeSource `json:"secret,omitempty" protobuf:"bytes,6,opt,name=secret"` 86 // NFS represents an NFS mount on the host that shares a pod's lifetime 87 // More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs 88 // +optional 89 NFS *NFSVolumeSource `json:"nfs,omitempty" protobuf:"bytes,7,opt,name=nfs"` 90 // ISCSI represents an ISCSI Disk resource that is attached to a 91 // kubelet's host machine and then exposed to the pod. 92 // More info: https://examples.k8s.io/volumes/iscsi/README.md 93 // +optional 94 ISCSI *ISCSIVolumeSource `json:"iscsi,omitempty" protobuf:"bytes,8,opt,name=iscsi"` 95 // Glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. 96 // More info: https://examples.k8s.io/volumes/glusterfs/README.md 97 // +optional 98 Glusterfs *GlusterfsVolumeSource `json:"glusterfs,omitempty" protobuf:"bytes,9,opt,name=glusterfs"` 99 // PersistentVolumeClaimVolumeSource represents a reference to a 100 // PersistentVolumeClaim in the same namespace. 101 // More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims 102 // +optional 103 PersistentVolumeClaim *PersistentVolumeClaimVolumeSource `json:"persistentVolumeClaim,omitempty" protobuf:"bytes,10,opt,name=persistentVolumeClaim"` 104 // RBD represents a Rados Block Device mount on the host that shares a pod's lifetime. 105 // More info: https://examples.k8s.io/volumes/rbd/README.md 106 // +optional 107 RBD *RBDVolumeSource `json:"rbd,omitempty" protobuf:"bytes,11,opt,name=rbd"` 108 // FlexVolume represents a generic volume resource that is 109 // provisioned/attached using an exec based plugin. 110 // +optional 111 FlexVolume *FlexVolumeSource `json:"flexVolume,omitempty" protobuf:"bytes,12,opt,name=flexVolume"` 112 // Cinder represents a cinder volume attached and mounted on kubelets host machine. 113 // More info: https://examples.k8s.io/mysql-cinder-pd/README.md 114 // +optional 115 Cinder *CinderVolumeSource `json:"cinder,omitempty" protobuf:"bytes,13,opt,name=cinder"` 116 // CephFS represents a Ceph FS mount on the host that shares a pod's lifetime 117 // +optional 118 CephFS *CephFSVolumeSource `json:"cephfs,omitempty" protobuf:"bytes,14,opt,name=cephfs"` 119 // Flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running 120 // +optional 121 Flocker *FlockerVolumeSource `json:"flocker,omitempty" protobuf:"bytes,15,opt,name=flocker"` 122 // DownwardAPI represents downward API about the pod that should populate this volume 123 // +optional 124 DownwardAPI *DownwardAPIVolumeSource `json:"downwardAPI,omitempty" protobuf:"bytes,16,opt,name=downwardAPI"` 125 // FC represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. 126 // +optional 127 FC *FCVolumeSource `json:"fc,omitempty" protobuf:"bytes,17,opt,name=fc"` 128 // AzureFile represents an Azure File Service mount on the host and bind mount to the pod. 129 // +optional 130 AzureFile *AzureFileVolumeSource `json:"azureFile,omitempty" protobuf:"bytes,18,opt,name=azureFile"` 131 // ConfigMap represents a configMap that should populate this volume 132 // +optional 133 ConfigMap *ConfigMapVolumeSource `json:"configMap,omitempty" protobuf:"bytes,19,opt,name=configMap"` 134 // VsphereVolume represents a vSphere volume attached and mounted on kubelets host machine 135 // +optional 136 VsphereVolume *VsphereVirtualDiskVolumeSource `json:"vsphereVolume,omitempty" protobuf:"bytes,20,opt,name=vsphereVolume"` 137 // Quobyte represents a Quobyte mount on the host that shares a pod's lifetime 138 // +optional 139 Quobyte *QuobyteVolumeSource `json:"quobyte,omitempty" protobuf:"bytes,21,opt,name=quobyte"` 140 // AzureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. 141 // +optional 142 AzureDisk *AzureDiskVolumeSource `json:"azureDisk,omitempty" protobuf:"bytes,22,opt,name=azureDisk"` 143 // PhotonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine 144 PhotonPersistentDisk *PhotonPersistentDiskVolumeSource `json:"photonPersistentDisk,omitempty" protobuf:"bytes,23,opt,name=photonPersistentDisk"` 145 // Items for all in one resources secrets, configmaps, and downward API 146 Projected *ProjectedVolumeSource `json:"projected,omitempty" protobuf:"bytes,26,opt,name=projected"` 147 // PortworxVolume represents a portworx volume attached and mounted on kubelets host machine 148 // +optional 149 PortworxVolume *PortworxVolumeSource `json:"portworxVolume,omitempty" protobuf:"bytes,24,opt,name=portworxVolume"` 150 // ScaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. 151 // +optional 152 ScaleIO *ScaleIOVolumeSource `json:"scaleIO,omitempty" protobuf:"bytes,25,opt,name=scaleIO"` 153 // StorageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. 154 // +optional 155 StorageOS *StorageOSVolumeSource `json:"storageos,omitempty" protobuf:"bytes,27,opt,name=storageos"` 156 // CSI (Container Storage Interface) represents storage that is handled by an external CSI driver (Alpha feature). 157 // +optional 158 CSI *CSIVolumeSource `json:"csi,omitempty" protobuf:"bytes,28,opt,name=csi"` 159} 160 161// PersistentVolumeClaimVolumeSource references the user's PVC in the same namespace. 162// This volume finds the bound PV and mounts that volume for the pod. A 163// PersistentVolumeClaimVolumeSource is, essentially, a wrapper around another 164// type of volume that is owned by someone else (the system). 165type PersistentVolumeClaimVolumeSource struct { 166 // ClaimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. 167 // More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims 168 ClaimName string `json:"claimName" protobuf:"bytes,1,opt,name=claimName"` 169 // Will force the ReadOnly setting in VolumeMounts. 170 // Default false. 171 // +optional 172 ReadOnly bool `json:"readOnly,omitempty" protobuf:"varint,2,opt,name=readOnly"` 173} 174 175// PersistentVolumeSource is similar to VolumeSource but meant for the 176// administrator who creates PVs. Exactly one of its members must be set. 177type PersistentVolumeSource struct { 178 // GCEPersistentDisk represents a GCE Disk resource that is attached to a 179 // kubelet's host machine and then exposed to the pod. Provisioned by an admin. 180 // More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk 181 // +optional 182 GCEPersistentDisk *GCEPersistentDiskVolumeSource `json:"gcePersistentDisk,omitempty" protobuf:"bytes,1,opt,name=gcePersistentDisk"` 183 // AWSElasticBlockStore represents an AWS Disk resource that is attached to a 184 // kubelet's host machine and then exposed to the pod. 185 // More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore 186 // +optional 187 AWSElasticBlockStore *AWSElasticBlockStoreVolumeSource `json:"awsElasticBlockStore,omitempty" protobuf:"bytes,2,opt,name=awsElasticBlockStore"` 188 // HostPath represents a directory on the host. 189 // Provisioned by a developer or tester. 190 // This is useful for single-node development and testing only! 191 // On-host storage is not supported in any way and WILL NOT WORK in a multi-node cluster. 192 // More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath 193 // +optional 194 HostPath *HostPathVolumeSource `json:"hostPath,omitempty" protobuf:"bytes,3,opt,name=hostPath"` 195 // Glusterfs represents a Glusterfs volume that is attached to a host and 196 // exposed to the pod. Provisioned by an admin. 197 // More info: https://examples.k8s.io/volumes/glusterfs/README.md 198 // +optional 199 Glusterfs *GlusterfsPersistentVolumeSource `json:"glusterfs,omitempty" protobuf:"bytes,4,opt,name=glusterfs"` 200 // NFS represents an NFS mount on the host. Provisioned by an admin. 201 // More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs 202 // +optional 203 NFS *NFSVolumeSource `json:"nfs,omitempty" protobuf:"bytes,5,opt,name=nfs"` 204 // RBD represents a Rados Block Device mount on the host that shares a pod's lifetime. 205 // More info: https://examples.k8s.io/volumes/rbd/README.md 206 // +optional 207 RBD *RBDPersistentVolumeSource `json:"rbd,omitempty" protobuf:"bytes,6,opt,name=rbd"` 208 // ISCSI represents an ISCSI Disk resource that is attached to a 209 // kubelet's host machine and then exposed to the pod. Provisioned by an admin. 210 // +optional 211 ISCSI *ISCSIPersistentVolumeSource `json:"iscsi,omitempty" protobuf:"bytes,7,opt,name=iscsi"` 212 // Cinder represents a cinder volume attached and mounted on kubelets host machine. 213 // More info: https://examples.k8s.io/mysql-cinder-pd/README.md 214 // +optional 215 Cinder *CinderPersistentVolumeSource `json:"cinder,omitempty" protobuf:"bytes,8,opt,name=cinder"` 216 // CephFS represents a Ceph FS mount on the host that shares a pod's lifetime 217 // +optional 218 CephFS *CephFSPersistentVolumeSource `json:"cephfs,omitempty" protobuf:"bytes,9,opt,name=cephfs"` 219 // FC represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. 220 // +optional 221 FC *FCVolumeSource `json:"fc,omitempty" protobuf:"bytes,10,opt,name=fc"` 222 // Flocker represents a Flocker volume attached to a kubelet's host machine and exposed to the pod for its usage. This depends on the Flocker control service being running 223 // +optional 224 Flocker *FlockerVolumeSource `json:"flocker,omitempty" protobuf:"bytes,11,opt,name=flocker"` 225 // FlexVolume represents a generic volume resource that is 226 // provisioned/attached using an exec based plugin. 227 // +optional 228 FlexVolume *FlexPersistentVolumeSource `json:"flexVolume,omitempty" protobuf:"bytes,12,opt,name=flexVolume"` 229 // AzureFile represents an Azure File Service mount on the host and bind mount to the pod. 230 // +optional 231 AzureFile *AzureFilePersistentVolumeSource `json:"azureFile,omitempty" protobuf:"bytes,13,opt,name=azureFile"` 232 // VsphereVolume represents a vSphere volume attached and mounted on kubelets host machine 233 // +optional 234 VsphereVolume *VsphereVirtualDiskVolumeSource `json:"vsphereVolume,omitempty" protobuf:"bytes,14,opt,name=vsphereVolume"` 235 // Quobyte represents a Quobyte mount on the host that shares a pod's lifetime 236 // +optional 237 Quobyte *QuobyteVolumeSource `json:"quobyte,omitempty" protobuf:"bytes,15,opt,name=quobyte"` 238 // AzureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. 239 // +optional 240 AzureDisk *AzureDiskVolumeSource `json:"azureDisk,omitempty" protobuf:"bytes,16,opt,name=azureDisk"` 241 // PhotonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine 242 PhotonPersistentDisk *PhotonPersistentDiskVolumeSource `json:"photonPersistentDisk,omitempty" protobuf:"bytes,17,opt,name=photonPersistentDisk"` 243 // PortworxVolume represents a portworx volume attached and mounted on kubelets host machine 244 // +optional 245 PortworxVolume *PortworxVolumeSource `json:"portworxVolume,omitempty" protobuf:"bytes,18,opt,name=portworxVolume"` 246 // ScaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. 247 // +optional 248 ScaleIO *ScaleIOPersistentVolumeSource `json:"scaleIO,omitempty" protobuf:"bytes,19,opt,name=scaleIO"` 249 // Local represents directly-attached storage with node affinity 250 // +optional 251 Local *LocalVolumeSource `json:"local,omitempty" protobuf:"bytes,20,opt,name=local"` 252 // StorageOS represents a StorageOS volume that is attached to the kubelet's host machine and mounted into the pod 253 // More info: https://examples.k8s.io/volumes/storageos/README.md 254 // +optional 255 StorageOS *StorageOSPersistentVolumeSource `json:"storageos,omitempty" protobuf:"bytes,21,opt,name=storageos"` 256 // CSI represents storage that is handled by an external CSI driver (Beta feature). 257 // +optional 258 CSI *CSIPersistentVolumeSource `json:"csi,omitempty" protobuf:"bytes,22,opt,name=csi"` 259} 260 261const ( 262 // BetaStorageClassAnnotation represents the beta/previous StorageClass annotation. 263 // It's currently still used and will be held for backwards compatibility 264 BetaStorageClassAnnotation = "volume.beta.kubernetes.io/storage-class" 265 266 // MountOptionAnnotation defines mount option annotation used in PVs 267 MountOptionAnnotation = "volume.beta.kubernetes.io/mount-options" 268) 269 270// +genclient 271// +genclient:nonNamespaced 272// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 273 274// PersistentVolume (PV) is a storage resource provisioned by an administrator. 275// It is analogous to a node. 276// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes 277type PersistentVolume struct { 278 metav1.TypeMeta `json:",inline"` 279 // Standard object's metadata. 280 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata 281 // +optional 282 metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 283 284 // Spec defines a specification of a persistent volume owned by the cluster. 285 // Provisioned by an administrator. 286 // More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistent-volumes 287 // +optional 288 Spec PersistentVolumeSpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"` 289 290 // Status represents the current information/status for the persistent volume. 291 // Populated by the system. 292 // Read-only. 293 // More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistent-volumes 294 // +optional 295 Status PersistentVolumeStatus `json:"status,omitempty" protobuf:"bytes,3,opt,name=status"` 296} 297 298// PersistentVolumeSpec is the specification of a persistent volume. 299type PersistentVolumeSpec struct { 300 // A description of the persistent volume's resources and capacity. 301 // More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#capacity 302 // +optional 303 Capacity ResourceList `json:"capacity,omitempty" protobuf:"bytes,1,rep,name=capacity,casttype=ResourceList,castkey=ResourceName"` 304 // The actual volume backing the persistent volume. 305 PersistentVolumeSource `json:",inline" protobuf:"bytes,2,opt,name=persistentVolumeSource"` 306 // AccessModes contains all ways the volume can be mounted. 307 // More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes 308 // +optional 309 AccessModes []PersistentVolumeAccessMode `json:"accessModes,omitempty" protobuf:"bytes,3,rep,name=accessModes,casttype=PersistentVolumeAccessMode"` 310 // ClaimRef is part of a bi-directional binding between PersistentVolume and PersistentVolumeClaim. 311 // Expected to be non-nil when bound. 312 // claim.VolumeName is the authoritative bind between PV and PVC. 313 // More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#binding 314 // +optional 315 ClaimRef *ObjectReference `json:"claimRef,omitempty" protobuf:"bytes,4,opt,name=claimRef"` 316 // What happens to a persistent volume when released from its claim. 317 // Valid options are Retain (default for manually created PersistentVolumes), Delete (default 318 // for dynamically provisioned PersistentVolumes), and Recycle (deprecated). 319 // Recycle must be supported by the volume plugin underlying this PersistentVolume. 320 // More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#reclaiming 321 // +optional 322 PersistentVolumeReclaimPolicy PersistentVolumeReclaimPolicy `json:"persistentVolumeReclaimPolicy,omitempty" protobuf:"bytes,5,opt,name=persistentVolumeReclaimPolicy,casttype=PersistentVolumeReclaimPolicy"` 323 // Name of StorageClass to which this persistent volume belongs. Empty value 324 // means that this volume does not belong to any StorageClass. 325 // +optional 326 StorageClassName string `json:"storageClassName,omitempty" protobuf:"bytes,6,opt,name=storageClassName"` 327 // A list of mount options, e.g. ["ro", "soft"]. Not validated - mount will 328 // simply fail if one is invalid. 329 // More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes/#mount-options 330 // +optional 331 MountOptions []string `json:"mountOptions,omitempty" protobuf:"bytes,7,opt,name=mountOptions"` 332 // volumeMode defines if a volume is intended to be used with a formatted filesystem 333 // or to remain in raw block state. Value of Filesystem is implied when not included in spec. 334 // +optional 335 VolumeMode *PersistentVolumeMode `json:"volumeMode,omitempty" protobuf:"bytes,8,opt,name=volumeMode,casttype=PersistentVolumeMode"` 336 // NodeAffinity defines constraints that limit what nodes this volume can be accessed from. 337 // This field influences the scheduling of pods that use this volume. 338 // +optional 339 NodeAffinity *VolumeNodeAffinity `json:"nodeAffinity,omitempty" protobuf:"bytes,9,opt,name=nodeAffinity"` 340} 341 342// VolumeNodeAffinity defines constraints that limit what nodes this volume can be accessed from. 343type VolumeNodeAffinity struct { 344 // Required specifies hard node constraints that must be met. 345 Required *NodeSelector `json:"required,omitempty" protobuf:"bytes,1,opt,name=required"` 346} 347 348// PersistentVolumeReclaimPolicy describes a policy for end-of-life maintenance of persistent volumes. 349type PersistentVolumeReclaimPolicy string 350 351const ( 352 // PersistentVolumeReclaimRecycle means the volume will be recycled back into the pool of unbound persistent volumes on release from its claim. 353 // The volume plugin must support Recycling. 354 PersistentVolumeReclaimRecycle PersistentVolumeReclaimPolicy = "Recycle" 355 // PersistentVolumeReclaimDelete means the volume will be deleted from Kubernetes on release from its claim. 356 // The volume plugin must support Deletion. 357 PersistentVolumeReclaimDelete PersistentVolumeReclaimPolicy = "Delete" 358 // PersistentVolumeReclaimRetain means the volume will be left in its current phase (Released) for manual reclamation by the administrator. 359 // The default policy is Retain. 360 PersistentVolumeReclaimRetain PersistentVolumeReclaimPolicy = "Retain" 361) 362 363// PersistentVolumeMode describes how a volume is intended to be consumed, either Block or Filesystem. 364type PersistentVolumeMode string 365 366const ( 367 // PersistentVolumeBlock means the volume will not be formatted with a filesystem and will remain a raw block device. 368 PersistentVolumeBlock PersistentVolumeMode = "Block" 369 // PersistentVolumeFilesystem means the volume will be or is formatted with a filesystem. 370 PersistentVolumeFilesystem PersistentVolumeMode = "Filesystem" 371) 372 373// PersistentVolumeStatus is the current status of a persistent volume. 374type PersistentVolumeStatus struct { 375 // Phase indicates if a volume is available, bound to a claim, or released by a claim. 376 // More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#phase 377 // +optional 378 Phase PersistentVolumePhase `json:"phase,omitempty" protobuf:"bytes,1,opt,name=phase,casttype=PersistentVolumePhase"` 379 // A human-readable message indicating details about why the volume is in this state. 380 // +optional 381 Message string `json:"message,omitempty" protobuf:"bytes,2,opt,name=message"` 382 // Reason is a brief CamelCase string that describes any failure and is meant 383 // for machine parsing and tidy display in the CLI. 384 // +optional 385 Reason string `json:"reason,omitempty" protobuf:"bytes,3,opt,name=reason"` 386} 387 388// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 389 390// PersistentVolumeList is a list of PersistentVolume items. 391type PersistentVolumeList struct { 392 metav1.TypeMeta `json:",inline"` 393 // Standard list metadata. 394 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 395 // +optional 396 metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 397 // List of persistent volumes. 398 // More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes 399 Items []PersistentVolume `json:"items" protobuf:"bytes,2,rep,name=items"` 400} 401 402// +genclient 403// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 404 405// PersistentVolumeClaim is a user's request for and claim to a persistent volume 406type PersistentVolumeClaim struct { 407 metav1.TypeMeta `json:",inline"` 408 // Standard object's metadata. 409 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata 410 // +optional 411 metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 412 413 // Spec defines the desired characteristics of a volume requested by a pod author. 414 // More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims 415 // +optional 416 Spec PersistentVolumeClaimSpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"` 417 418 // Status represents the current information/status of a persistent volume claim. 419 // Read-only. 420 // More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims 421 // +optional 422 Status PersistentVolumeClaimStatus `json:"status,omitempty" protobuf:"bytes,3,opt,name=status"` 423} 424 425// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 426 427// PersistentVolumeClaimList is a list of PersistentVolumeClaim items. 428type PersistentVolumeClaimList struct { 429 metav1.TypeMeta `json:",inline"` 430 // Standard list metadata. 431 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 432 // +optional 433 metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 434 // A list of persistent volume claims. 435 // More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims 436 Items []PersistentVolumeClaim `json:"items" protobuf:"bytes,2,rep,name=items"` 437} 438 439// PersistentVolumeClaimSpec describes the common attributes of storage devices 440// and allows a Source for provider-specific attributes 441type PersistentVolumeClaimSpec struct { 442 // AccessModes contains the desired access modes the volume should have. 443 // More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 444 // +optional 445 AccessModes []PersistentVolumeAccessMode `json:"accessModes,omitempty" protobuf:"bytes,1,rep,name=accessModes,casttype=PersistentVolumeAccessMode"` 446 // A label query over volumes to consider for binding. 447 // +optional 448 Selector *metav1.LabelSelector `json:"selector,omitempty" protobuf:"bytes,4,opt,name=selector"` 449 // Resources represents the minimum resources the volume should have. 450 // More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources 451 // +optional 452 Resources ResourceRequirements `json:"resources,omitempty" protobuf:"bytes,2,opt,name=resources"` 453 // VolumeName is the binding reference to the PersistentVolume backing this claim. 454 // +optional 455 VolumeName string `json:"volumeName,omitempty" protobuf:"bytes,3,opt,name=volumeName"` 456 // Name of the StorageClass required by the claim. 457 // More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 458 // +optional 459 StorageClassName *string `json:"storageClassName,omitempty" protobuf:"bytes,5,opt,name=storageClassName"` 460 // volumeMode defines what type of volume is required by the claim. 461 // Value of Filesystem is implied when not included in claim spec. 462 // +optional 463 VolumeMode *PersistentVolumeMode `json:"volumeMode,omitempty" protobuf:"bytes,6,opt,name=volumeMode,casttype=PersistentVolumeMode"` 464 // This field can be used to specify either: 465 // * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot - Beta) 466 // * An existing PVC (PersistentVolumeClaim) 467 // * An existing custom resource/object that implements data population (Alpha) 468 // In order to use VolumeSnapshot object types, the appropriate feature gate 469 // must be enabled (VolumeSnapshotDataSource or AnyVolumeDataSource) 470 // If the provisioner or an external controller can support the specified data source, 471 // it will create a new volume based on the contents of the specified data source. 472 // If the specified data source is not supported, the volume will 473 // not be created and the failure will be reported as an event. 474 // In the future, we plan to support more data source types and the behavior 475 // of the provisioner may change. 476 // +optional 477 DataSource *TypedLocalObjectReference `json:"dataSource,omitempty" protobuf:"bytes,7,opt,name=dataSource"` 478} 479 480// PersistentVolumeClaimConditionType is a valid value of PersistentVolumeClaimCondition.Type 481type PersistentVolumeClaimConditionType string 482 483const ( 484 // PersistentVolumeClaimResizing - a user trigger resize of pvc has been started 485 PersistentVolumeClaimResizing PersistentVolumeClaimConditionType = "Resizing" 486 // PersistentVolumeClaimFileSystemResizePending - controller resize is finished and a file system resize is pending on node 487 PersistentVolumeClaimFileSystemResizePending PersistentVolumeClaimConditionType = "FileSystemResizePending" 488) 489 490// PersistentVolumeClaimCondition contails details about state of pvc 491type PersistentVolumeClaimCondition struct { 492 Type PersistentVolumeClaimConditionType `json:"type" protobuf:"bytes,1,opt,name=type,casttype=PersistentVolumeClaimConditionType"` 493 Status ConditionStatus `json:"status" protobuf:"bytes,2,opt,name=status,casttype=ConditionStatus"` 494 // Last time we probed the condition. 495 // +optional 496 LastProbeTime metav1.Time `json:"lastProbeTime,omitempty" protobuf:"bytes,3,opt,name=lastProbeTime"` 497 // Last time the condition transitioned from one status to another. 498 // +optional 499 LastTransitionTime metav1.Time `json:"lastTransitionTime,omitempty" protobuf:"bytes,4,opt,name=lastTransitionTime"` 500 // Unique, this should be a short, machine understandable string that gives the reason 501 // for condition's last transition. If it reports "ResizeStarted" that means the underlying 502 // persistent volume is being resized. 503 // +optional 504 Reason string `json:"reason,omitempty" protobuf:"bytes,5,opt,name=reason"` 505 // Human-readable message indicating details about last transition. 506 // +optional 507 Message string `json:"message,omitempty" protobuf:"bytes,6,opt,name=message"` 508} 509 510// PersistentVolumeClaimStatus is the current status of a persistent volume claim. 511type PersistentVolumeClaimStatus struct { 512 // Phase represents the current phase of PersistentVolumeClaim. 513 // +optional 514 Phase PersistentVolumeClaimPhase `json:"phase,omitempty" protobuf:"bytes,1,opt,name=phase,casttype=PersistentVolumeClaimPhase"` 515 // AccessModes contains the actual access modes the volume backing the PVC has. 516 // More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 517 // +optional 518 AccessModes []PersistentVolumeAccessMode `json:"accessModes,omitempty" protobuf:"bytes,2,rep,name=accessModes,casttype=PersistentVolumeAccessMode"` 519 // Represents the actual resources of the underlying volume. 520 // +optional 521 Capacity ResourceList `json:"capacity,omitempty" protobuf:"bytes,3,rep,name=capacity,casttype=ResourceList,castkey=ResourceName"` 522 // Current Condition of persistent volume claim. If underlying persistent volume is being 523 // resized then the Condition will be set to 'ResizeStarted'. 524 // +optional 525 // +patchMergeKey=type 526 // +patchStrategy=merge 527 Conditions []PersistentVolumeClaimCondition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,4,rep,name=conditions"` 528} 529 530type PersistentVolumeAccessMode string 531 532const ( 533 // can be mounted in read/write mode to exactly 1 host 534 ReadWriteOnce PersistentVolumeAccessMode = "ReadWriteOnce" 535 // can be mounted in read-only mode to many hosts 536 ReadOnlyMany PersistentVolumeAccessMode = "ReadOnlyMany" 537 // can be mounted in read/write mode to many hosts 538 ReadWriteMany PersistentVolumeAccessMode = "ReadWriteMany" 539) 540 541type PersistentVolumePhase string 542 543const ( 544 // used for PersistentVolumes that are not available 545 VolumePending PersistentVolumePhase = "Pending" 546 // used for PersistentVolumes that are not yet bound 547 // Available volumes are held by the binder and matched to PersistentVolumeClaims 548 VolumeAvailable PersistentVolumePhase = "Available" 549 // used for PersistentVolumes that are bound 550 VolumeBound PersistentVolumePhase = "Bound" 551 // used for PersistentVolumes where the bound PersistentVolumeClaim was deleted 552 // released volumes must be recycled before becoming available again 553 // this phase is used by the persistent volume claim binder to signal to another process to reclaim the resource 554 VolumeReleased PersistentVolumePhase = "Released" 555 // used for PersistentVolumes that failed to be correctly recycled or deleted after being released from a claim 556 VolumeFailed PersistentVolumePhase = "Failed" 557) 558 559type PersistentVolumeClaimPhase string 560 561const ( 562 // used for PersistentVolumeClaims that are not yet bound 563 ClaimPending PersistentVolumeClaimPhase = "Pending" 564 // used for PersistentVolumeClaims that are bound 565 ClaimBound PersistentVolumeClaimPhase = "Bound" 566 // used for PersistentVolumeClaims that lost their underlying 567 // PersistentVolume. The claim was bound to a PersistentVolume and this 568 // volume does not exist any longer and all data on it was lost. 569 ClaimLost PersistentVolumeClaimPhase = "Lost" 570) 571 572type HostPathType string 573 574const ( 575 // For backwards compatible, leave it empty if unset 576 HostPathUnset HostPathType = "" 577 // If nothing exists at the given path, an empty directory will be created there 578 // as needed with file mode 0755, having the same group and ownership with Kubelet. 579 HostPathDirectoryOrCreate HostPathType = "DirectoryOrCreate" 580 // A directory must exist at the given path 581 HostPathDirectory HostPathType = "Directory" 582 // If nothing exists at the given path, an empty file will be created there 583 // as needed with file mode 0644, having the same group and ownership with Kubelet. 584 HostPathFileOrCreate HostPathType = "FileOrCreate" 585 // A file must exist at the given path 586 HostPathFile HostPathType = "File" 587 // A UNIX socket must exist at the given path 588 HostPathSocket HostPathType = "Socket" 589 // A character device must exist at the given path 590 HostPathCharDev HostPathType = "CharDevice" 591 // A block device must exist at the given path 592 HostPathBlockDev HostPathType = "BlockDevice" 593) 594 595// Represents a host path mapped into a pod. 596// Host path volumes do not support ownership management or SELinux relabeling. 597type HostPathVolumeSource struct { 598 // Path of the directory on the host. 599 // If the path is a symlink, it will follow the link to the real path. 600 // More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath 601 Path string `json:"path" protobuf:"bytes,1,opt,name=path"` 602 // Type for HostPath Volume 603 // Defaults to "" 604 // More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath 605 // +optional 606 Type *HostPathType `json:"type,omitempty" protobuf:"bytes,2,opt,name=type"` 607} 608 609// Represents an empty directory for a pod. 610// Empty directory volumes support ownership management and SELinux relabeling. 611type EmptyDirVolumeSource struct { 612 // What type of storage medium should back this directory. 613 // The default is "" which means to use the node's default medium. 614 // Must be an empty string (default) or Memory. 615 // More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir 616 // +optional 617 Medium StorageMedium `json:"medium,omitempty" protobuf:"bytes,1,opt,name=medium,casttype=StorageMedium"` 618 // Total amount of local storage required for this EmptyDir volume. 619 // The size limit is also applicable for memory medium. 620 // The maximum usage on memory medium EmptyDir would be the minimum value between 621 // the SizeLimit specified here and the sum of memory limits of all containers in a pod. 622 // The default is nil which means that the limit is undefined. 623 // More info: http://kubernetes.io/docs/user-guide/volumes#emptydir 624 // +optional 625 SizeLimit *resource.Quantity `json:"sizeLimit,omitempty" protobuf:"bytes,2,opt,name=sizeLimit"` 626} 627 628// Represents a Glusterfs mount that lasts the lifetime of a pod. 629// Glusterfs volumes do not support ownership management or SELinux relabeling. 630type GlusterfsVolumeSource struct { 631 // EndpointsName is the endpoint name that details Glusterfs topology. 632 // More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod 633 EndpointsName string `json:"endpoints" protobuf:"bytes,1,opt,name=endpoints"` 634 635 // Path is the Glusterfs volume path. 636 // More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod 637 Path string `json:"path" protobuf:"bytes,2,opt,name=path"` 638 639 // ReadOnly here will force the Glusterfs volume to be mounted with read-only permissions. 640 // Defaults to false. 641 // More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod 642 // +optional 643 ReadOnly bool `json:"readOnly,omitempty" protobuf:"varint,3,opt,name=readOnly"` 644} 645 646// Represents a Glusterfs mount that lasts the lifetime of a pod. 647// Glusterfs volumes do not support ownership management or SELinux relabeling. 648type GlusterfsPersistentVolumeSource struct { 649 // EndpointsName is the endpoint name that details Glusterfs topology. 650 // More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod 651 EndpointsName string `json:"endpoints" protobuf:"bytes,1,opt,name=endpoints"` 652 653 // Path is the Glusterfs volume path. 654 // More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod 655 Path string `json:"path" protobuf:"bytes,2,opt,name=path"` 656 657 // ReadOnly here will force the Glusterfs volume to be mounted with read-only permissions. 658 // Defaults to false. 659 // More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod 660 // +optional 661 ReadOnly bool `json:"readOnly,omitempty" protobuf:"varint,3,opt,name=readOnly"` 662 663 // EndpointsNamespace is the namespace that contains Glusterfs endpoint. 664 // If this field is empty, the EndpointNamespace defaults to the same namespace as the bound PVC. 665 // More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod 666 // +optional 667 EndpointsNamespace *string `json:"endpointsNamespace,omitempty" protobuf:"bytes,4,opt,name=endpointsNamespace"` 668} 669 670// Represents a Rados Block Device mount that lasts the lifetime of a pod. 671// RBD volumes support ownership management and SELinux relabeling. 672type RBDVolumeSource struct { 673 // A collection of Ceph monitors. 674 // More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it 675 CephMonitors []string `json:"monitors" protobuf:"bytes,1,rep,name=monitors"` 676 // The rados image name. 677 // More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it 678 RBDImage string `json:"image" protobuf:"bytes,2,opt,name=image"` 679 // Filesystem type of the volume that you want to mount. 680 // Tip: Ensure that the filesystem type is supported by the host operating system. 681 // Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 682 // More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd 683 // TODO: how do we prevent errors in the filesystem from compromising the machine 684 // +optional 685 FSType string `json:"fsType,omitempty" protobuf:"bytes,3,opt,name=fsType"` 686 // The rados pool name. 687 // Default is rbd. 688 // More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it 689 // +optional 690 RBDPool string `json:"pool,omitempty" protobuf:"bytes,4,opt,name=pool"` 691 // The rados user name. 692 // Default is admin. 693 // More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it 694 // +optional 695 RadosUser string `json:"user,omitempty" protobuf:"bytes,5,opt,name=user"` 696 // Keyring is the path to key ring for RBDUser. 697 // Default is /etc/ceph/keyring. 698 // More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it 699 // +optional 700 Keyring string `json:"keyring,omitempty" protobuf:"bytes,6,opt,name=keyring"` 701 // SecretRef is name of the authentication secret for RBDUser. If provided 702 // overrides keyring. 703 // Default is nil. 704 // More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it 705 // +optional 706 SecretRef *LocalObjectReference `json:"secretRef,omitempty" protobuf:"bytes,7,opt,name=secretRef"` 707 // ReadOnly here will force the ReadOnly setting in VolumeMounts. 708 // Defaults to false. 709 // More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it 710 // +optional 711 ReadOnly bool `json:"readOnly,omitempty" protobuf:"varint,8,opt,name=readOnly"` 712} 713 714// Represents a Rados Block Device mount that lasts the lifetime of a pod. 715// RBD volumes support ownership management and SELinux relabeling. 716type RBDPersistentVolumeSource struct { 717 // A collection of Ceph monitors. 718 // More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it 719 CephMonitors []string `json:"monitors" protobuf:"bytes,1,rep,name=monitors"` 720 // The rados image name. 721 // More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it 722 RBDImage string `json:"image" protobuf:"bytes,2,opt,name=image"` 723 // Filesystem type of the volume that you want to mount. 724 // Tip: Ensure that the filesystem type is supported by the host operating system. 725 // Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 726 // More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd 727 // TODO: how do we prevent errors in the filesystem from compromising the machine 728 // +optional 729 FSType string `json:"fsType,omitempty" protobuf:"bytes,3,opt,name=fsType"` 730 // The rados pool name. 731 // Default is rbd. 732 // More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it 733 // +optional 734 RBDPool string `json:"pool,omitempty" protobuf:"bytes,4,opt,name=pool"` 735 // The rados user name. 736 // Default is admin. 737 // More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it 738 // +optional 739 RadosUser string `json:"user,omitempty" protobuf:"bytes,5,opt,name=user"` 740 // Keyring is the path to key ring for RBDUser. 741 // Default is /etc/ceph/keyring. 742 // More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it 743 // +optional 744 Keyring string `json:"keyring,omitempty" protobuf:"bytes,6,opt,name=keyring"` 745 // SecretRef is name of the authentication secret for RBDUser. If provided 746 // overrides keyring. 747 // Default is nil. 748 // More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it 749 // +optional 750 SecretRef *SecretReference `json:"secretRef,omitempty" protobuf:"bytes,7,opt,name=secretRef"` 751 // ReadOnly here will force the ReadOnly setting in VolumeMounts. 752 // Defaults to false. 753 // More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it 754 // +optional 755 ReadOnly bool `json:"readOnly,omitempty" protobuf:"varint,8,opt,name=readOnly"` 756} 757 758// Represents a cinder volume resource in Openstack. 759// A Cinder volume must exist before mounting to a container. 760// The volume must also be in the same region as the kubelet. 761// Cinder volumes support ownership management and SELinux relabeling. 762type CinderVolumeSource struct { 763 // volume id used to identify the volume in cinder. 764 // More info: https://examples.k8s.io/mysql-cinder-pd/README.md 765 VolumeID string `json:"volumeID" protobuf:"bytes,1,opt,name=volumeID"` 766 // Filesystem type to mount. 767 // Must be a filesystem type supported by the host operating system. 768 // Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 769 // More info: https://examples.k8s.io/mysql-cinder-pd/README.md 770 // +optional 771 FSType string `json:"fsType,omitempty" protobuf:"bytes,2,opt,name=fsType"` 772 // Optional: Defaults to false (read/write). ReadOnly here will force 773 // the ReadOnly setting in VolumeMounts. 774 // More info: https://examples.k8s.io/mysql-cinder-pd/README.md 775 // +optional 776 ReadOnly bool `json:"readOnly,omitempty" protobuf:"varint,3,opt,name=readOnly"` 777 // Optional: points to a secret object containing parameters used to connect 778 // to OpenStack. 779 // +optional 780 SecretRef *LocalObjectReference `json:"secretRef,omitempty" protobuf:"bytes,4,opt,name=secretRef"` 781} 782 783// Represents a cinder volume resource in Openstack. 784// A Cinder volume must exist before mounting to a container. 785// The volume must also be in the same region as the kubelet. 786// Cinder volumes support ownership management and SELinux relabeling. 787type CinderPersistentVolumeSource struct { 788 // volume id used to identify the volume in cinder. 789 // More info: https://examples.k8s.io/mysql-cinder-pd/README.md 790 VolumeID string `json:"volumeID" protobuf:"bytes,1,opt,name=volumeID"` 791 // Filesystem type to mount. 792 // Must be a filesystem type supported by the host operating system. 793 // Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 794 // More info: https://examples.k8s.io/mysql-cinder-pd/README.md 795 // +optional 796 FSType string `json:"fsType,omitempty" protobuf:"bytes,2,opt,name=fsType"` 797 // Optional: Defaults to false (read/write). ReadOnly here will force 798 // the ReadOnly setting in VolumeMounts. 799 // More info: https://examples.k8s.io/mysql-cinder-pd/README.md 800 // +optional 801 ReadOnly bool `json:"readOnly,omitempty" protobuf:"varint,3,opt,name=readOnly"` 802 // Optional: points to a secret object containing parameters used to connect 803 // to OpenStack. 804 // +optional 805 SecretRef *SecretReference `json:"secretRef,omitempty" protobuf:"bytes,4,opt,name=secretRef"` 806} 807 808// Represents a Ceph Filesystem mount that lasts the lifetime of a pod 809// Cephfs volumes do not support ownership management or SELinux relabeling. 810type CephFSVolumeSource struct { 811 // Required: Monitors is a collection of Ceph monitors 812 // More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it 813 Monitors []string `json:"monitors" protobuf:"bytes,1,rep,name=monitors"` 814 // Optional: Used as the mounted root, rather than the full Ceph tree, default is / 815 // +optional 816 Path string `json:"path,omitempty" protobuf:"bytes,2,opt,name=path"` 817 // Optional: User is the rados user name, default is admin 818 // More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it 819 // +optional 820 User string `json:"user,omitempty" protobuf:"bytes,3,opt,name=user"` 821 // Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret 822 // More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it 823 // +optional 824 SecretFile string `json:"secretFile,omitempty" protobuf:"bytes,4,opt,name=secretFile"` 825 // Optional: SecretRef is reference to the authentication secret for User, default is empty. 826 // More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it 827 // +optional 828 SecretRef *LocalObjectReference `json:"secretRef,omitempty" protobuf:"bytes,5,opt,name=secretRef"` 829 // Optional: Defaults to false (read/write). ReadOnly here will force 830 // the ReadOnly setting in VolumeMounts. 831 // More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it 832 // +optional 833 ReadOnly bool `json:"readOnly,omitempty" protobuf:"varint,6,opt,name=readOnly"` 834} 835 836// SecretReference represents a Secret Reference. It has enough information to retrieve secret 837// in any namespace 838type SecretReference struct { 839 // Name is unique within a namespace to reference a secret resource. 840 // +optional 841 Name string `json:"name,omitempty" protobuf:"bytes,1,opt,name=name"` 842 // Namespace defines the space within which the secret name must be unique. 843 // +optional 844 Namespace string `json:"namespace,omitempty" protobuf:"bytes,2,opt,name=namespace"` 845} 846 847// Represents a Ceph Filesystem mount that lasts the lifetime of a pod 848// Cephfs volumes do not support ownership management or SELinux relabeling. 849type CephFSPersistentVolumeSource struct { 850 // Required: Monitors is a collection of Ceph monitors 851 // More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it 852 Monitors []string `json:"monitors" protobuf:"bytes,1,rep,name=monitors"` 853 // Optional: Used as the mounted root, rather than the full Ceph tree, default is / 854 // +optional 855 Path string `json:"path,omitempty" protobuf:"bytes,2,opt,name=path"` 856 // Optional: User is the rados user name, default is admin 857 // More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it 858 // +optional 859 User string `json:"user,omitempty" protobuf:"bytes,3,opt,name=user"` 860 // Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret 861 // More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it 862 // +optional 863 SecretFile string `json:"secretFile,omitempty" protobuf:"bytes,4,opt,name=secretFile"` 864 // Optional: SecretRef is reference to the authentication secret for User, default is empty. 865 // More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it 866 // +optional 867 SecretRef *SecretReference `json:"secretRef,omitempty" protobuf:"bytes,5,opt,name=secretRef"` 868 // Optional: Defaults to false (read/write). ReadOnly here will force 869 // the ReadOnly setting in VolumeMounts. 870 // More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it 871 // +optional 872 ReadOnly bool `json:"readOnly,omitempty" protobuf:"varint,6,opt,name=readOnly"` 873} 874 875// Represents a Flocker volume mounted by the Flocker agent. 876// One and only one of datasetName and datasetUUID should be set. 877// Flocker volumes do not support ownership management or SELinux relabeling. 878type FlockerVolumeSource struct { 879 // Name of the dataset stored as metadata -> name on the dataset for Flocker 880 // should be considered as deprecated 881 // +optional 882 DatasetName string `json:"datasetName,omitempty" protobuf:"bytes,1,opt,name=datasetName"` 883 // UUID of the dataset. This is unique identifier of a Flocker dataset 884 // +optional 885 DatasetUUID string `json:"datasetUUID,omitempty" protobuf:"bytes,2,opt,name=datasetUUID"` 886} 887 888// StorageMedium defines ways that storage can be allocated to a volume. 889type StorageMedium string 890 891const ( 892 StorageMediumDefault StorageMedium = "" // use whatever the default is for the node, assume anything we don't explicitly handle is this 893 StorageMediumMemory StorageMedium = "Memory" // use memory (e.g. tmpfs on linux) 894 StorageMediumHugePages StorageMedium = "HugePages" // use hugepages 895 StorageMediumHugePagesPrefix StorageMedium = "HugePages-" // prefix for full medium notation HugePages-<size> 896) 897 898// Protocol defines network protocols supported for things like container ports. 899type Protocol string 900 901const ( 902 // ProtocolTCP is the TCP protocol. 903 ProtocolTCP Protocol = "TCP" 904 // ProtocolUDP is the UDP protocol. 905 ProtocolUDP Protocol = "UDP" 906 // ProtocolSCTP is the SCTP protocol. 907 ProtocolSCTP Protocol = "SCTP" 908) 909 910// Represents a Persistent Disk resource in Google Compute Engine. 911// 912// A GCE PD must exist before mounting to a container. The disk must 913// also be in the same GCE project and zone as the kubelet. A GCE PD 914// can only be mounted as read/write once or read-only many times. GCE 915// PDs support ownership management and SELinux relabeling. 916type GCEPersistentDiskVolumeSource struct { 917 // Unique name of the PD resource in GCE. Used to identify the disk in GCE. 918 // More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk 919 PDName string `json:"pdName" protobuf:"bytes,1,opt,name=pdName"` 920 // Filesystem type of the volume that you want to mount. 921 // Tip: Ensure that the filesystem type is supported by the host operating system. 922 // Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 923 // More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk 924 // TODO: how do we prevent errors in the filesystem from compromising the machine 925 // +optional 926 FSType string `json:"fsType,omitempty" protobuf:"bytes,2,opt,name=fsType"` 927 // The partition in the volume that you want to mount. 928 // If omitted, the default is to mount by volume name. 929 // Examples: For volume /dev/sda1, you specify the partition as "1". 930 // Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). 931 // More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk 932 // +optional 933 Partition int32 `json:"partition,omitempty" protobuf:"varint,3,opt,name=partition"` 934 // ReadOnly here will force the ReadOnly setting in VolumeMounts. 935 // Defaults to false. 936 // More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk 937 // +optional 938 ReadOnly bool `json:"readOnly,omitempty" protobuf:"varint,4,opt,name=readOnly"` 939} 940 941// Represents a Quobyte mount that lasts the lifetime of a pod. 942// Quobyte volumes do not support ownership management or SELinux relabeling. 943type QuobyteVolumeSource struct { 944 // Registry represents a single or multiple Quobyte Registry services 945 // specified as a string as host:port pair (multiple entries are separated with commas) 946 // which acts as the central registry for volumes 947 Registry string `json:"registry" protobuf:"bytes,1,opt,name=registry"` 948 949 // Volume is a string that references an already created Quobyte volume by name. 950 Volume string `json:"volume" protobuf:"bytes,2,opt,name=volume"` 951 952 // ReadOnly here will force the Quobyte volume to be mounted with read-only permissions. 953 // Defaults to false. 954 // +optional 955 ReadOnly bool `json:"readOnly,omitempty" protobuf:"varint,3,opt,name=readOnly"` 956 957 // User to map volume access to 958 // Defaults to serivceaccount user 959 // +optional 960 User string `json:"user,omitempty" protobuf:"bytes,4,opt,name=user"` 961 962 // Group to map volume access to 963 // Default is no group 964 // +optional 965 Group string `json:"group,omitempty" protobuf:"bytes,5,opt,name=group"` 966 967 // Tenant owning the given Quobyte volume in the Backend 968 // Used with dynamically provisioned Quobyte volumes, value is set by the plugin 969 // +optional 970 Tenant string `json:"tenant,omitempty" protobuf:"bytes,6,opt,name=tenant"` 971} 972 973// FlexPersistentVolumeSource represents a generic persistent volume resource that is 974// provisioned/attached using an exec based plugin. 975type FlexPersistentVolumeSource struct { 976 // Driver is the name of the driver to use for this volume. 977 Driver string `json:"driver" protobuf:"bytes,1,opt,name=driver"` 978 // Filesystem type to mount. 979 // Must be a filesystem type supported by the host operating system. 980 // Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script. 981 // +optional 982 FSType string `json:"fsType,omitempty" protobuf:"bytes,2,opt,name=fsType"` 983 // Optional: SecretRef is reference to the secret object containing 984 // sensitive information to pass to the plugin scripts. This may be 985 // empty if no secret object is specified. If the secret object 986 // contains more than one secret, all secrets are passed to the plugin 987 // scripts. 988 // +optional 989 SecretRef *SecretReference `json:"secretRef,omitempty" protobuf:"bytes,3,opt,name=secretRef"` 990 // Optional: Defaults to false (read/write). ReadOnly here will force 991 // the ReadOnly setting in VolumeMounts. 992 // +optional 993 ReadOnly bool `json:"readOnly,omitempty" protobuf:"varint,4,opt,name=readOnly"` 994 // Optional: Extra command options if any. 995 // +optional 996 Options map[string]string `json:"options,omitempty" protobuf:"bytes,5,rep,name=options"` 997} 998 999// FlexVolume represents a generic volume resource that is 1000// provisioned/attached using an exec based plugin. 1001type FlexVolumeSource struct { 1002 // Driver is the name of the driver to use for this volume. 1003 Driver string `json:"driver" protobuf:"bytes,1,opt,name=driver"` 1004 // Filesystem type to mount. 1005 // Must be a filesystem type supported by the host operating system. 1006 // Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script. 1007 // +optional 1008 FSType string `json:"fsType,omitempty" protobuf:"bytes,2,opt,name=fsType"` 1009 // Optional: SecretRef is reference to the secret object containing 1010 // sensitive information to pass to the plugin scripts. This may be 1011 // empty if no secret object is specified. If the secret object 1012 // contains more than one secret, all secrets are passed to the plugin 1013 // scripts. 1014 // +optional 1015 SecretRef *LocalObjectReference `json:"secretRef,omitempty" protobuf:"bytes,3,opt,name=secretRef"` 1016 // Optional: Defaults to false (read/write). ReadOnly here will force 1017 // the ReadOnly setting in VolumeMounts. 1018 // +optional 1019 ReadOnly bool `json:"readOnly,omitempty" protobuf:"varint,4,opt,name=readOnly"` 1020 // Optional: Extra command options if any. 1021 // +optional 1022 Options map[string]string `json:"options,omitempty" protobuf:"bytes,5,rep,name=options"` 1023} 1024 1025// Represents a Persistent Disk resource in AWS. 1026// 1027// An AWS EBS disk must exist before mounting to a container. The disk 1028// must also be in the same AWS zone as the kubelet. An AWS EBS disk 1029// can only be mounted as read/write once. AWS EBS volumes support 1030// ownership management and SELinux relabeling. 1031type AWSElasticBlockStoreVolumeSource struct { 1032 // Unique ID of the persistent disk resource in AWS (Amazon EBS volume). 1033 // More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore 1034 VolumeID string `json:"volumeID" protobuf:"bytes,1,opt,name=volumeID"` 1035 // Filesystem type of the volume that you want to mount. 1036 // Tip: Ensure that the filesystem type is supported by the host operating system. 1037 // Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 1038 // More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore 1039 // TODO: how do we prevent errors in the filesystem from compromising the machine 1040 // +optional 1041 FSType string `json:"fsType,omitempty" protobuf:"bytes,2,opt,name=fsType"` 1042 // The partition in the volume that you want to mount. 1043 // If omitted, the default is to mount by volume name. 1044 // Examples: For volume /dev/sda1, you specify the partition as "1". 1045 // Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). 1046 // +optional 1047 Partition int32 `json:"partition,omitempty" protobuf:"varint,3,opt,name=partition"` 1048 // Specify "true" to force and set the ReadOnly property in VolumeMounts to "true". 1049 // If omitted, the default is "false". 1050 // More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore 1051 // +optional 1052 ReadOnly bool `json:"readOnly,omitempty" protobuf:"varint,4,opt,name=readOnly"` 1053} 1054 1055// Represents a volume that is populated with the contents of a git repository. 1056// Git repo volumes do not support ownership management. 1057// Git repo volumes support SELinux relabeling. 1058// 1059// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an 1060// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir 1061// into the Pod's container. 1062type GitRepoVolumeSource struct { 1063 // Repository URL 1064 Repository string `json:"repository" protobuf:"bytes,1,opt,name=repository"` 1065 // Commit hash for the specified revision. 1066 // +optional 1067 Revision string `json:"revision,omitempty" protobuf:"bytes,2,opt,name=revision"` 1068 // Target directory name. 1069 // Must not contain or start with '..'. If '.' is supplied, the volume directory will be the 1070 // git repository. Otherwise, if specified, the volume will contain the git repository in 1071 // the subdirectory with the given name. 1072 // +optional 1073 Directory string `json:"directory,omitempty" protobuf:"bytes,3,opt,name=directory"` 1074} 1075 1076// Adapts a Secret into a volume. 1077// 1078// The contents of the target Secret's Data field will be presented in a volume 1079// as files using the keys in the Data field as the file names. 1080// Secret volumes support ownership management and SELinux relabeling. 1081type SecretVolumeSource struct { 1082 // Name of the secret in the pod's namespace to use. 1083 // More info: https://kubernetes.io/docs/concepts/storage/volumes#secret 1084 // +optional 1085 SecretName string `json:"secretName,omitempty" protobuf:"bytes,1,opt,name=secretName"` 1086 // If unspecified, each key-value pair in the Data field of the referenced 1087 // Secret will be projected into the volume as a file whose name is the 1088 // key and content is the value. If specified, the listed keys will be 1089 // projected into the specified paths, and unlisted keys will not be 1090 // present. If a key is specified which is not present in the Secret, 1091 // the volume setup will error unless it is marked optional. Paths must be 1092 // relative and may not contain the '..' path or start with '..'. 1093 // +optional 1094 Items []KeyToPath `json:"items,omitempty" protobuf:"bytes,2,rep,name=items"` 1095 // Optional: mode bits to use on created files by default. Must be a 1096 // value between 0 and 0777. Defaults to 0644. 1097 // Directories within the path are not affected by this setting. 1098 // This might be in conflict with other options that affect the file 1099 // mode, like fsGroup, and the result can be other mode bits set. 1100 // +optional 1101 DefaultMode *int32 `json:"defaultMode,omitempty" protobuf:"bytes,3,opt,name=defaultMode"` 1102 // Specify whether the Secret or its keys must be defined 1103 // +optional 1104 Optional *bool `json:"optional,omitempty" protobuf:"varint,4,opt,name=optional"` 1105} 1106 1107const ( 1108 SecretVolumeSourceDefaultMode int32 = 0644 1109) 1110 1111// Adapts a secret into a projected volume. 1112// 1113// The contents of the target Secret's Data field will be presented in a 1114// projected volume as files using the keys in the Data field as the file names. 1115// Note that this is identical to a secret volume source without the default 1116// mode. 1117type SecretProjection struct { 1118 LocalObjectReference `json:",inline" protobuf:"bytes,1,opt,name=localObjectReference"` 1119 // If unspecified, each key-value pair in the Data field of the referenced 1120 // Secret will be projected into the volume as a file whose name is the 1121 // key and content is the value. If specified, the listed keys will be 1122 // projected into the specified paths, and unlisted keys will not be 1123 // present. If a key is specified which is not present in the Secret, 1124 // the volume setup will error unless it is marked optional. Paths must be 1125 // relative and may not contain the '..' path or start with '..'. 1126 // +optional 1127 Items []KeyToPath `json:"items,omitempty" protobuf:"bytes,2,rep,name=items"` 1128 // Specify whether the Secret or its key must be defined 1129 // +optional 1130 Optional *bool `json:"optional,omitempty" protobuf:"varint,4,opt,name=optional"` 1131} 1132 1133// Represents an NFS mount that lasts the lifetime of a pod. 1134// NFS volumes do not support ownership management or SELinux relabeling. 1135type NFSVolumeSource struct { 1136 // Server is the hostname or IP address of the NFS server. 1137 // More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs 1138 Server string `json:"server" protobuf:"bytes,1,opt,name=server"` 1139 1140 // Path that is exported by the NFS server. 1141 // More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs 1142 Path string `json:"path" protobuf:"bytes,2,opt,name=path"` 1143 1144 // ReadOnly here will force 1145 // the NFS export to be mounted with read-only permissions. 1146 // Defaults to false. 1147 // More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs 1148 // +optional 1149 ReadOnly bool `json:"readOnly,omitempty" protobuf:"varint,3,opt,name=readOnly"` 1150} 1151 1152// Represents an ISCSI disk. 1153// ISCSI volumes can only be mounted as read/write once. 1154// ISCSI volumes support ownership management and SELinux relabeling. 1155type ISCSIVolumeSource struct { 1156 // iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port 1157 // is other than default (typically TCP ports 860 and 3260). 1158 TargetPortal string `json:"targetPortal" protobuf:"bytes,1,opt,name=targetPortal"` 1159 // Target iSCSI Qualified Name. 1160 IQN string `json:"iqn" protobuf:"bytes,2,opt,name=iqn"` 1161 // iSCSI Target Lun number. 1162 Lun int32 `json:"lun" protobuf:"varint,3,opt,name=lun"` 1163 // iSCSI Interface Name that uses an iSCSI transport. 1164 // Defaults to 'default' (tcp). 1165 // +optional 1166 ISCSIInterface string `json:"iscsiInterface,omitempty" protobuf:"bytes,4,opt,name=iscsiInterface"` 1167 // Filesystem type of the volume that you want to mount. 1168 // Tip: Ensure that the filesystem type is supported by the host operating system. 1169 // Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 1170 // More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi 1171 // TODO: how do we prevent errors in the filesystem from compromising the machine 1172 // +optional 1173 FSType string `json:"fsType,omitempty" protobuf:"bytes,5,opt,name=fsType"` 1174 // ReadOnly here will force the ReadOnly setting in VolumeMounts. 1175 // Defaults to false. 1176 // +optional 1177 ReadOnly bool `json:"readOnly,omitempty" protobuf:"varint,6,opt,name=readOnly"` 1178 // iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port 1179 // is other than default (typically TCP ports 860 and 3260). 1180 // +optional 1181 Portals []string `json:"portals,omitempty" protobuf:"bytes,7,opt,name=portals"` 1182 // whether support iSCSI Discovery CHAP authentication 1183 // +optional 1184 DiscoveryCHAPAuth bool `json:"chapAuthDiscovery,omitempty" protobuf:"varint,8,opt,name=chapAuthDiscovery"` 1185 // whether support iSCSI Session CHAP authentication 1186 // +optional 1187 SessionCHAPAuth bool `json:"chapAuthSession,omitempty" protobuf:"varint,11,opt,name=chapAuthSession"` 1188 // CHAP Secret for iSCSI target and initiator authentication 1189 // +optional 1190 SecretRef *LocalObjectReference `json:"secretRef,omitempty" protobuf:"bytes,10,opt,name=secretRef"` 1191 // Custom iSCSI Initiator Name. 1192 // If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface 1193 // <target portal>:<volume name> will be created for the connection. 1194 // +optional 1195 InitiatorName *string `json:"initiatorName,omitempty" protobuf:"bytes,12,opt,name=initiatorName"` 1196} 1197 1198// ISCSIPersistentVolumeSource represents an ISCSI disk. 1199// ISCSI volumes can only be mounted as read/write once. 1200// ISCSI volumes support ownership management and SELinux relabeling. 1201type ISCSIPersistentVolumeSource struct { 1202 // iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port 1203 // is other than default (typically TCP ports 860 and 3260). 1204 TargetPortal string `json:"targetPortal" protobuf:"bytes,1,opt,name=targetPortal"` 1205 // Target iSCSI Qualified Name. 1206 IQN string `json:"iqn" protobuf:"bytes,2,opt,name=iqn"` 1207 // iSCSI Target Lun number. 1208 Lun int32 `json:"lun" protobuf:"varint,3,opt,name=lun"` 1209 // iSCSI Interface Name that uses an iSCSI transport. 1210 // Defaults to 'default' (tcp). 1211 // +optional 1212 ISCSIInterface string `json:"iscsiInterface,omitempty" protobuf:"bytes,4,opt,name=iscsiInterface"` 1213 // Filesystem type of the volume that you want to mount. 1214 // Tip: Ensure that the filesystem type is supported by the host operating system. 1215 // Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 1216 // More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi 1217 // TODO: how do we prevent errors in the filesystem from compromising the machine 1218 // +optional 1219 FSType string `json:"fsType,omitempty" protobuf:"bytes,5,opt,name=fsType"` 1220 // ReadOnly here will force the ReadOnly setting in VolumeMounts. 1221 // Defaults to false. 1222 // +optional 1223 ReadOnly bool `json:"readOnly,omitempty" protobuf:"varint,6,opt,name=readOnly"` 1224 // iSCSI Target Portal List. The Portal is either an IP or ip_addr:port if the port 1225 // is other than default (typically TCP ports 860 and 3260). 1226 // +optional 1227 Portals []string `json:"portals,omitempty" protobuf:"bytes,7,opt,name=portals"` 1228 // whether support iSCSI Discovery CHAP authentication 1229 // +optional 1230 DiscoveryCHAPAuth bool `json:"chapAuthDiscovery,omitempty" protobuf:"varint,8,opt,name=chapAuthDiscovery"` 1231 // whether support iSCSI Session CHAP authentication 1232 // +optional 1233 SessionCHAPAuth bool `json:"chapAuthSession,omitempty" protobuf:"varint,11,opt,name=chapAuthSession"` 1234 // CHAP Secret for iSCSI target and initiator authentication 1235 // +optional 1236 SecretRef *SecretReference `json:"secretRef,omitempty" protobuf:"bytes,10,opt,name=secretRef"` 1237 // Custom iSCSI Initiator Name. 1238 // If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface 1239 // <target portal>:<volume name> will be created for the connection. 1240 // +optional 1241 InitiatorName *string `json:"initiatorName,omitempty" protobuf:"bytes,12,opt,name=initiatorName"` 1242} 1243 1244// Represents a Fibre Channel volume. 1245// Fibre Channel volumes can only be mounted as read/write once. 1246// Fibre Channel volumes support ownership management and SELinux relabeling. 1247type FCVolumeSource struct { 1248 // Optional: FC target worldwide names (WWNs) 1249 // +optional 1250 TargetWWNs []string `json:"targetWWNs,omitempty" protobuf:"bytes,1,rep,name=targetWWNs"` 1251 // Optional: FC target lun number 1252 // +optional 1253 Lun *int32 `json:"lun,omitempty" protobuf:"varint,2,opt,name=lun"` 1254 // Filesystem type to mount. 1255 // Must be a filesystem type supported by the host operating system. 1256 // Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 1257 // TODO: how do we prevent errors in the filesystem from compromising the machine 1258 // +optional 1259 FSType string `json:"fsType,omitempty" protobuf:"bytes,3,opt,name=fsType"` 1260 // Optional: Defaults to false (read/write). ReadOnly here will force 1261 // the ReadOnly setting in VolumeMounts. 1262 // +optional 1263 ReadOnly bool `json:"readOnly,omitempty" protobuf:"varint,4,opt,name=readOnly"` 1264 // Optional: FC volume world wide identifiers (wwids) 1265 // Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously. 1266 // +optional 1267 WWIDs []string `json:"wwids,omitempty" protobuf:"bytes,5,rep,name=wwids"` 1268} 1269 1270// AzureFile represents an Azure File Service mount on the host and bind mount to the pod. 1271type AzureFileVolumeSource struct { 1272 // the name of secret that contains Azure Storage Account Name and Key 1273 SecretName string `json:"secretName" protobuf:"bytes,1,opt,name=secretName"` 1274 // Share Name 1275 ShareName string `json:"shareName" protobuf:"bytes,2,opt,name=shareName"` 1276 // Defaults to false (read/write). ReadOnly here will force 1277 // the ReadOnly setting in VolumeMounts. 1278 // +optional 1279 ReadOnly bool `json:"readOnly,omitempty" protobuf:"varint,3,opt,name=readOnly"` 1280} 1281 1282// AzureFile represents an Azure File Service mount on the host and bind mount to the pod. 1283type AzureFilePersistentVolumeSource struct { 1284 // the name of secret that contains Azure Storage Account Name and Key 1285 SecretName string `json:"secretName" protobuf:"bytes,1,opt,name=secretName"` 1286 // Share Name 1287 ShareName string `json:"shareName" protobuf:"bytes,2,opt,name=shareName"` 1288 // Defaults to false (read/write). ReadOnly here will force 1289 // the ReadOnly setting in VolumeMounts. 1290 // +optional 1291 ReadOnly bool `json:"readOnly,omitempty" protobuf:"varint,3,opt,name=readOnly"` 1292 // the namespace of the secret that contains Azure Storage Account Name and Key 1293 // default is the same as the Pod 1294 // +optional 1295 SecretNamespace *string `json:"secretNamespace" protobuf:"bytes,4,opt,name=secretNamespace"` 1296} 1297 1298// Represents a vSphere volume resource. 1299type VsphereVirtualDiskVolumeSource struct { 1300 // Path that identifies vSphere volume vmdk 1301 VolumePath string `json:"volumePath" protobuf:"bytes,1,opt,name=volumePath"` 1302 // Filesystem type to mount. 1303 // Must be a filesystem type supported by the host operating system. 1304 // Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 1305 // +optional 1306 FSType string `json:"fsType,omitempty" protobuf:"bytes,2,opt,name=fsType"` 1307 // Storage Policy Based Management (SPBM) profile name. 1308 // +optional 1309 StoragePolicyName string `json:"storagePolicyName,omitempty" protobuf:"bytes,3,opt,name=storagePolicyName"` 1310 // Storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName. 1311 // +optional 1312 StoragePolicyID string `json:"storagePolicyID,omitempty" protobuf:"bytes,4,opt,name=storagePolicyID"` 1313} 1314 1315// Represents a Photon Controller persistent disk resource. 1316type PhotonPersistentDiskVolumeSource struct { 1317 // ID that identifies Photon Controller persistent disk 1318 PdID string `json:"pdID" protobuf:"bytes,1,opt,name=pdID"` 1319 // Filesystem type to mount. 1320 // Must be a filesystem type supported by the host operating system. 1321 // Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 1322 FSType string `json:"fsType,omitempty" protobuf:"bytes,2,opt,name=fsType"` 1323} 1324 1325type AzureDataDiskCachingMode string 1326type AzureDataDiskKind string 1327 1328const ( 1329 AzureDataDiskCachingNone AzureDataDiskCachingMode = "None" 1330 AzureDataDiskCachingReadOnly AzureDataDiskCachingMode = "ReadOnly" 1331 AzureDataDiskCachingReadWrite AzureDataDiskCachingMode = "ReadWrite" 1332 1333 AzureSharedBlobDisk AzureDataDiskKind = "Shared" 1334 AzureDedicatedBlobDisk AzureDataDiskKind = "Dedicated" 1335 AzureManagedDisk AzureDataDiskKind = "Managed" 1336) 1337 1338// AzureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. 1339type AzureDiskVolumeSource struct { 1340 // The Name of the data disk in the blob storage 1341 DiskName string `json:"diskName" protobuf:"bytes,1,opt,name=diskName"` 1342 // The URI the data disk in the blob storage 1343 DataDiskURI string `json:"diskURI" protobuf:"bytes,2,opt,name=diskURI"` 1344 // Host Caching mode: None, Read Only, Read Write. 1345 // +optional 1346 CachingMode *AzureDataDiskCachingMode `json:"cachingMode,omitempty" protobuf:"bytes,3,opt,name=cachingMode,casttype=AzureDataDiskCachingMode"` 1347 // Filesystem type to mount. 1348 // Must be a filesystem type supported by the host operating system. 1349 // Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 1350 // +optional 1351 FSType *string `json:"fsType,omitempty" protobuf:"bytes,4,opt,name=fsType"` 1352 // Defaults to false (read/write). ReadOnly here will force 1353 // the ReadOnly setting in VolumeMounts. 1354 // +optional 1355 ReadOnly *bool `json:"readOnly,omitempty" protobuf:"varint,5,opt,name=readOnly"` 1356 // Expected values Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared 1357 Kind *AzureDataDiskKind `json:"kind,omitempty" protobuf:"bytes,6,opt,name=kind,casttype=AzureDataDiskKind"` 1358} 1359 1360// PortworxVolumeSource represents a Portworx volume resource. 1361type PortworxVolumeSource struct { 1362 // VolumeID uniquely identifies a Portworx volume 1363 VolumeID string `json:"volumeID" protobuf:"bytes,1,opt,name=volumeID"` 1364 // FSType represents the filesystem type to mount 1365 // Must be a filesystem type supported by the host operating system. 1366 // Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified. 1367 FSType string `json:"fsType,omitempty" protobuf:"bytes,2,opt,name=fsType"` 1368 // Defaults to false (read/write). ReadOnly here will force 1369 // the ReadOnly setting in VolumeMounts. 1370 // +optional 1371 ReadOnly bool `json:"readOnly,omitempty" protobuf:"varint,3,opt,name=readOnly"` 1372} 1373 1374// ScaleIOVolumeSource represents a persistent ScaleIO volume 1375type ScaleIOVolumeSource struct { 1376 // The host address of the ScaleIO API Gateway. 1377 Gateway string `json:"gateway" protobuf:"bytes,1,opt,name=gateway"` 1378 // The name of the storage system as configured in ScaleIO. 1379 System string `json:"system" protobuf:"bytes,2,opt,name=system"` 1380 // SecretRef references to the secret for ScaleIO user and other 1381 // sensitive information. If this is not provided, Login operation will fail. 1382 SecretRef *LocalObjectReference `json:"secretRef" protobuf:"bytes,3,opt,name=secretRef"` 1383 // Flag to enable/disable SSL communication with Gateway, default false 1384 // +optional 1385 SSLEnabled bool `json:"sslEnabled,omitempty" protobuf:"varint,4,opt,name=sslEnabled"` 1386 // The name of the ScaleIO Protection Domain for the configured storage. 1387 // +optional 1388 ProtectionDomain string `json:"protectionDomain,omitempty" protobuf:"bytes,5,opt,name=protectionDomain"` 1389 // The ScaleIO Storage Pool associated with the protection domain. 1390 // +optional 1391 StoragePool string `json:"storagePool,omitempty" protobuf:"bytes,6,opt,name=storagePool"` 1392 // Indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. 1393 // Default is ThinProvisioned. 1394 // +optional 1395 StorageMode string `json:"storageMode,omitempty" protobuf:"bytes,7,opt,name=storageMode"` 1396 // The name of a volume already created in the ScaleIO system 1397 // that is associated with this volume source. 1398 VolumeName string `json:"volumeName,omitempty" protobuf:"bytes,8,opt,name=volumeName"` 1399 // Filesystem type to mount. 1400 // Must be a filesystem type supported by the host operating system. 1401 // Ex. "ext4", "xfs", "ntfs". 1402 // Default is "xfs". 1403 // +optional 1404 FSType string `json:"fsType,omitempty" protobuf:"bytes,9,opt,name=fsType"` 1405 // Defaults to false (read/write). ReadOnly here will force 1406 // the ReadOnly setting in VolumeMounts. 1407 // +optional 1408 ReadOnly bool `json:"readOnly,omitempty" protobuf:"varint,10,opt,name=readOnly"` 1409} 1410 1411// ScaleIOPersistentVolumeSource represents a persistent ScaleIO volume 1412type ScaleIOPersistentVolumeSource struct { 1413 // The host address of the ScaleIO API Gateway. 1414 Gateway string `json:"gateway" protobuf:"bytes,1,opt,name=gateway"` 1415 // The name of the storage system as configured in ScaleIO. 1416 System string `json:"system" protobuf:"bytes,2,opt,name=system"` 1417 // SecretRef references to the secret for ScaleIO user and other 1418 // sensitive information. If this is not provided, Login operation will fail. 1419 SecretRef *SecretReference `json:"secretRef" protobuf:"bytes,3,opt,name=secretRef"` 1420 // Flag to enable/disable SSL communication with Gateway, default false 1421 // +optional 1422 SSLEnabled bool `json:"sslEnabled,omitempty" protobuf:"varint,4,opt,name=sslEnabled"` 1423 // The name of the ScaleIO Protection Domain for the configured storage. 1424 // +optional 1425 ProtectionDomain string `json:"protectionDomain,omitempty" protobuf:"bytes,5,opt,name=protectionDomain"` 1426 // The ScaleIO Storage Pool associated with the protection domain. 1427 // +optional 1428 StoragePool string `json:"storagePool,omitempty" protobuf:"bytes,6,opt,name=storagePool"` 1429 // Indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. 1430 // Default is ThinProvisioned. 1431 // +optional 1432 StorageMode string `json:"storageMode,omitempty" protobuf:"bytes,7,opt,name=storageMode"` 1433 // The name of a volume already created in the ScaleIO system 1434 // that is associated with this volume source. 1435 VolumeName string `json:"volumeName,omitempty" protobuf:"bytes,8,opt,name=volumeName"` 1436 // Filesystem type to mount. 1437 // Must be a filesystem type supported by the host operating system. 1438 // Ex. "ext4", "xfs", "ntfs". 1439 // Default is "xfs" 1440 // +optional 1441 FSType string `json:"fsType,omitempty" protobuf:"bytes,9,opt,name=fsType"` 1442 // Defaults to false (read/write). ReadOnly here will force 1443 // the ReadOnly setting in VolumeMounts. 1444 // +optional 1445 ReadOnly bool `json:"readOnly,omitempty" protobuf:"varint,10,opt,name=readOnly"` 1446} 1447 1448// Represents a StorageOS persistent volume resource. 1449type StorageOSVolumeSource struct { 1450 // VolumeName is the human-readable name of the StorageOS volume. Volume 1451 // names are only unique within a namespace. 1452 VolumeName string `json:"volumeName,omitempty" protobuf:"bytes,1,opt,name=volumeName"` 1453 // VolumeNamespace specifies the scope of the volume within StorageOS. If no 1454 // namespace is specified then the Pod's namespace will be used. This allows the 1455 // Kubernetes name scoping to be mirrored within StorageOS for tighter integration. 1456 // Set VolumeName to any name to override the default behaviour. 1457 // Set to "default" if you are not using namespaces within StorageOS. 1458 // Namespaces that do not pre-exist within StorageOS will be created. 1459 // +optional 1460 VolumeNamespace string `json:"volumeNamespace,omitempty" protobuf:"bytes,2,opt,name=volumeNamespace"` 1461 // Filesystem type to mount. 1462 // Must be a filesystem type supported by the host operating system. 1463 // Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 1464 // +optional 1465 FSType string `json:"fsType,omitempty" protobuf:"bytes,3,opt,name=fsType"` 1466 // Defaults to false (read/write). ReadOnly here will force 1467 // the ReadOnly setting in VolumeMounts. 1468 // +optional 1469 ReadOnly bool `json:"readOnly,omitempty" protobuf:"varint,4,opt,name=readOnly"` 1470 // SecretRef specifies the secret to use for obtaining the StorageOS API 1471 // credentials. If not specified, default values will be attempted. 1472 // +optional 1473 SecretRef *LocalObjectReference `json:"secretRef,omitempty" protobuf:"bytes,5,opt,name=secretRef"` 1474} 1475 1476// Represents a StorageOS persistent volume resource. 1477type StorageOSPersistentVolumeSource struct { 1478 // VolumeName is the human-readable name of the StorageOS volume. Volume 1479 // names are only unique within a namespace. 1480 VolumeName string `json:"volumeName,omitempty" protobuf:"bytes,1,opt,name=volumeName"` 1481 // VolumeNamespace specifies the scope of the volume within StorageOS. If no 1482 // namespace is specified then the Pod's namespace will be used. This allows the 1483 // Kubernetes name scoping to be mirrored within StorageOS for tighter integration. 1484 // Set VolumeName to any name to override the default behaviour. 1485 // Set to "default" if you are not using namespaces within StorageOS. 1486 // Namespaces that do not pre-exist within StorageOS will be created. 1487 // +optional 1488 VolumeNamespace string `json:"volumeNamespace,omitempty" protobuf:"bytes,2,opt,name=volumeNamespace"` 1489 // Filesystem type to mount. 1490 // Must be a filesystem type supported by the host operating system. 1491 // Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 1492 // +optional 1493 FSType string `json:"fsType,omitempty" protobuf:"bytes,3,opt,name=fsType"` 1494 // Defaults to false (read/write). ReadOnly here will force 1495 // the ReadOnly setting in VolumeMounts. 1496 // +optional 1497 ReadOnly bool `json:"readOnly,omitempty" protobuf:"varint,4,opt,name=readOnly"` 1498 // SecretRef specifies the secret to use for obtaining the StorageOS API 1499 // credentials. If not specified, default values will be attempted. 1500 // +optional 1501 SecretRef *ObjectReference `json:"secretRef,omitempty" protobuf:"bytes,5,opt,name=secretRef"` 1502} 1503 1504// Adapts a ConfigMap into a volume. 1505// 1506// The contents of the target ConfigMap's Data field will be presented in a 1507// volume as files using the keys in the Data field as the file names, unless 1508// the items element is populated with specific mappings of keys to paths. 1509// ConfigMap volumes support ownership management and SELinux relabeling. 1510type ConfigMapVolumeSource struct { 1511 LocalObjectReference `json:",inline" protobuf:"bytes,1,opt,name=localObjectReference"` 1512 // If unspecified, each key-value pair in the Data field of the referenced 1513 // ConfigMap will be projected into the volume as a file whose name is the 1514 // key and content is the value. If specified, the listed keys will be 1515 // projected into the specified paths, and unlisted keys will not be 1516 // present. If a key is specified which is not present in the ConfigMap, 1517 // the volume setup will error unless it is marked optional. Paths must be 1518 // relative and may not contain the '..' path or start with '..'. 1519 // +optional 1520 Items []KeyToPath `json:"items,omitempty" protobuf:"bytes,2,rep,name=items"` 1521 // Optional: mode bits to use on created files by default. Must be a 1522 // value between 0 and 0777. Defaults to 0644. 1523 // Directories within the path are not affected by this setting. 1524 // This might be in conflict with other options that affect the file 1525 // mode, like fsGroup, and the result can be other mode bits set. 1526 // +optional 1527 DefaultMode *int32 `json:"defaultMode,omitempty" protobuf:"varint,3,opt,name=defaultMode"` 1528 // Specify whether the ConfigMap or its keys must be defined 1529 // +optional 1530 Optional *bool `json:"optional,omitempty" protobuf:"varint,4,opt,name=optional"` 1531} 1532 1533const ( 1534 ConfigMapVolumeSourceDefaultMode int32 = 0644 1535) 1536 1537// Adapts a ConfigMap into a projected volume. 1538// 1539// The contents of the target ConfigMap's Data field will be presented in a 1540// projected volume as files using the keys in the Data field as the file names, 1541// unless the items element is populated with specific mappings of keys to paths. 1542// Note that this is identical to a configmap volume source without the default 1543// mode. 1544type ConfigMapProjection struct { 1545 LocalObjectReference `json:",inline" protobuf:"bytes,1,opt,name=localObjectReference"` 1546 // If unspecified, each key-value pair in the Data field of the referenced 1547 // ConfigMap will be projected into the volume as a file whose name is the 1548 // key and content is the value. If specified, the listed keys will be 1549 // projected into the specified paths, and unlisted keys will not be 1550 // present. If a key is specified which is not present in the ConfigMap, 1551 // the volume setup will error unless it is marked optional. Paths must be 1552 // relative and may not contain the '..' path or start with '..'. 1553 // +optional 1554 Items []KeyToPath `json:"items,omitempty" protobuf:"bytes,2,rep,name=items"` 1555 // Specify whether the ConfigMap or its keys must be defined 1556 // +optional 1557 Optional *bool `json:"optional,omitempty" protobuf:"varint,4,opt,name=optional"` 1558} 1559 1560// ServiceAccountTokenProjection represents a projected service account token 1561// volume. This projection can be used to insert a service account token into 1562// the pods runtime filesystem for use against APIs (Kubernetes API Server or 1563// otherwise). 1564type ServiceAccountTokenProjection struct { 1565 // Audience is the intended audience of the token. A recipient of a token 1566 // must identify itself with an identifier specified in the audience of the 1567 // token, and otherwise should reject the token. The audience defaults to the 1568 // identifier of the apiserver. 1569 //+optional 1570 Audience string `json:"audience,omitempty" protobuf:"bytes,1,rep,name=audience"` 1571 // ExpirationSeconds is the requested duration of validity of the service 1572 // account token. As the token approaches expiration, the kubelet volume 1573 // plugin will proactively rotate the service account token. The kubelet will 1574 // start trying to rotate the token if the token is older than 80 percent of 1575 // its time to live or if the token is older than 24 hours.Defaults to 1 hour 1576 // and must be at least 10 minutes. 1577 //+optional 1578 ExpirationSeconds *int64 `json:"expirationSeconds,omitempty" protobuf:"varint,2,opt,name=expirationSeconds"` 1579 // Path is the path relative to the mount point of the file to project the 1580 // token into. 1581 Path string `json:"path" protobuf:"bytes,3,opt,name=path"` 1582} 1583 1584// Represents a projected volume source 1585type ProjectedVolumeSource struct { 1586 // list of volume projections 1587 Sources []VolumeProjection `json:"sources" protobuf:"bytes,1,rep,name=sources"` 1588 // Mode bits to use on created files by default. Must be a value between 1589 // 0 and 0777. 1590 // Directories within the path are not affected by this setting. 1591 // This might be in conflict with other options that affect the file 1592 // mode, like fsGroup, and the result can be other mode bits set. 1593 // +optional 1594 DefaultMode *int32 `json:"defaultMode,omitempty" protobuf:"varint,2,opt,name=defaultMode"` 1595} 1596 1597// Projection that may be projected along with other supported volume types 1598type VolumeProjection struct { 1599 // all types below are the supported types for projection into the same volume 1600 1601 // information about the secret data to project 1602 // +optional 1603 Secret *SecretProjection `json:"secret,omitempty" protobuf:"bytes,1,opt,name=secret"` 1604 // information about the downwardAPI data to project 1605 // +optional 1606 DownwardAPI *DownwardAPIProjection `json:"downwardAPI,omitempty" protobuf:"bytes,2,opt,name=downwardAPI"` 1607 // information about the configMap data to project 1608 // +optional 1609 ConfigMap *ConfigMapProjection `json:"configMap,omitempty" protobuf:"bytes,3,opt,name=configMap"` 1610 // information about the serviceAccountToken data to project 1611 // +optional 1612 ServiceAccountToken *ServiceAccountTokenProjection `json:"serviceAccountToken,omitempty" protobuf:"bytes,4,opt,name=serviceAccountToken"` 1613} 1614 1615const ( 1616 ProjectedVolumeSourceDefaultMode int32 = 0644 1617) 1618 1619// Maps a string key to a path within a volume. 1620type KeyToPath struct { 1621 // The key to project. 1622 Key string `json:"key" protobuf:"bytes,1,opt,name=key"` 1623 1624 // The relative path of the file to map the key to. 1625 // May not be an absolute path. 1626 // May not contain the path element '..'. 1627 // May not start with the string '..'. 1628 Path string `json:"path" protobuf:"bytes,2,opt,name=path"` 1629 // Optional: mode bits to use on this file, must be a value between 0 1630 // and 0777. If not specified, the volume defaultMode will be used. 1631 // This might be in conflict with other options that affect the file 1632 // mode, like fsGroup, and the result can be other mode bits set. 1633 // +optional 1634 Mode *int32 `json:"mode,omitempty" protobuf:"varint,3,opt,name=mode"` 1635} 1636 1637// Local represents directly-attached storage with node affinity (Beta feature) 1638type LocalVolumeSource struct { 1639 // The full path to the volume on the node. 1640 // It can be either a directory or block device (disk, partition, ...). 1641 Path string `json:"path" protobuf:"bytes,1,opt,name=path"` 1642 1643 // Filesystem type to mount. 1644 // It applies only when the Path is a block device. 1645 // Must be a filesystem type supported by the host operating system. 1646 // Ex. "ext4", "xfs", "ntfs". The default value is to auto-select a fileystem if unspecified. 1647 // +optional 1648 FSType *string `json:"fsType,omitempty" protobuf:"bytes,2,opt,name=fsType"` 1649} 1650 1651// Represents storage that is managed by an external CSI volume driver (Beta feature) 1652type CSIPersistentVolumeSource struct { 1653 // Driver is the name of the driver to use for this volume. 1654 // Required. 1655 Driver string `json:"driver" protobuf:"bytes,1,opt,name=driver"` 1656 1657 // VolumeHandle is the unique volume name returned by the CSI volume 1658 // plugin’s CreateVolume to refer to the volume on all subsequent calls. 1659 // Required. 1660 VolumeHandle string `json:"volumeHandle" protobuf:"bytes,2,opt,name=volumeHandle"` 1661 1662 // Optional: The value to pass to ControllerPublishVolumeRequest. 1663 // Defaults to false (read/write). 1664 // +optional 1665 ReadOnly bool `json:"readOnly,omitempty" protobuf:"varint,3,opt,name=readOnly"` 1666 1667 // Filesystem type to mount. 1668 // Must be a filesystem type supported by the host operating system. 1669 // Ex. "ext4", "xfs", "ntfs". 1670 // +optional 1671 FSType string `json:"fsType,omitempty" protobuf:"bytes,4,opt,name=fsType"` 1672 1673 // Attributes of the volume to publish. 1674 // +optional 1675 VolumeAttributes map[string]string `json:"volumeAttributes,omitempty" protobuf:"bytes,5,rep,name=volumeAttributes"` 1676 1677 // ControllerPublishSecretRef is a reference to the secret object containing 1678 // sensitive information to pass to the CSI driver to complete the CSI 1679 // ControllerPublishVolume and ControllerUnpublishVolume calls. 1680 // This field is optional, and may be empty if no secret is required. If the 1681 // secret object contains more than one secret, all secrets are passed. 1682 // +optional 1683 ControllerPublishSecretRef *SecretReference `json:"controllerPublishSecretRef,omitempty" protobuf:"bytes,6,opt,name=controllerPublishSecretRef"` 1684 1685 // NodeStageSecretRef is a reference to the secret object containing sensitive 1686 // information to pass to the CSI driver to complete the CSI NodeStageVolume 1687 // and NodeStageVolume and NodeUnstageVolume calls. 1688 // This field is optional, and may be empty if no secret is required. If the 1689 // secret object contains more than one secret, all secrets are passed. 1690 // +optional 1691 NodeStageSecretRef *SecretReference `json:"nodeStageSecretRef,omitempty" protobuf:"bytes,7,opt,name=nodeStageSecretRef"` 1692 1693 // NodePublishSecretRef is a reference to the secret object containing 1694 // sensitive information to pass to the CSI driver to complete the CSI 1695 // NodePublishVolume and NodeUnpublishVolume calls. 1696 // This field is optional, and may be empty if no secret is required. If the 1697 // secret object contains more than one secret, all secrets are passed. 1698 // +optional 1699 NodePublishSecretRef *SecretReference `json:"nodePublishSecretRef,omitempty" protobuf:"bytes,8,opt,name=nodePublishSecretRef"` 1700 1701 // ControllerExpandSecretRef is a reference to the secret object containing 1702 // sensitive information to pass to the CSI driver to complete the CSI 1703 // ControllerExpandVolume call. 1704 // This is an alpha field and requires enabling ExpandCSIVolumes feature gate. 1705 // This field is optional, and may be empty if no secret is required. If the 1706 // secret object contains more than one secret, all secrets are passed. 1707 // +optional 1708 ControllerExpandSecretRef *SecretReference `json:"controllerExpandSecretRef,omitempty" protobuf:"bytes,9,opt,name=controllerExpandSecretRef"` 1709} 1710 1711// Represents a source location of a volume to mount, managed by an external CSI driver 1712type CSIVolumeSource struct { 1713 // Driver is the name of the CSI driver that handles this volume. 1714 // Consult with your admin for the correct name as registered in the cluster. 1715 Driver string `json:"driver" protobuf:"bytes,1,opt,name=driver"` 1716 1717 // Specifies a read-only configuration for the volume. 1718 // Defaults to false (read/write). 1719 // +optional 1720 ReadOnly *bool `json:"readOnly,omitempty" protobuf:"varint,2,opt,name=readOnly"` 1721 1722 // Filesystem type to mount. Ex. "ext4", "xfs", "ntfs". 1723 // If not provided, the empty value is passed to the associated CSI driver 1724 // which will determine the default filesystem to apply. 1725 // +optional 1726 FSType *string `json:"fsType,omitempty" protobuf:"bytes,3,opt,name=fsType"` 1727 1728 // VolumeAttributes stores driver-specific properties that are passed to the CSI 1729 // driver. Consult your driver's documentation for supported values. 1730 // +optional 1731 VolumeAttributes map[string]string `json:"volumeAttributes,omitempty" protobuf:"bytes,4,rep,name=volumeAttributes"` 1732 1733 // NodePublishSecretRef is a reference to the secret object containing 1734 // sensitive information to pass to the CSI driver to complete the CSI 1735 // NodePublishVolume and NodeUnpublishVolume calls. 1736 // This field is optional, and may be empty if no secret is required. If the 1737 // secret object contains more than one secret, all secret references are passed. 1738 // +optional 1739 NodePublishSecretRef *LocalObjectReference `json:"nodePublishSecretRef,omitempty" protobuf:"bytes,5,opt,name=nodePublishSecretRef"` 1740} 1741 1742// ContainerPort represents a network port in a single container. 1743type ContainerPort struct { 1744 // If specified, this must be an IANA_SVC_NAME and unique within the pod. Each 1745 // named port in a pod must have a unique name. Name for the port that can be 1746 // referred to by services. 1747 // +optional 1748 Name string `json:"name,omitempty" protobuf:"bytes,1,opt,name=name"` 1749 // Number of port to expose on the host. 1750 // If specified, this must be a valid port number, 0 < x < 65536. 1751 // If HostNetwork is specified, this must match ContainerPort. 1752 // Most containers do not need this. 1753 // +optional 1754 HostPort int32 `json:"hostPort,omitempty" protobuf:"varint,2,opt,name=hostPort"` 1755 // Number of port to expose on the pod's IP address. 1756 // This must be a valid port number, 0 < x < 65536. 1757 ContainerPort int32 `json:"containerPort" protobuf:"varint,3,opt,name=containerPort"` 1758 // Protocol for port. Must be UDP, TCP, or SCTP. 1759 // Defaults to "TCP". 1760 // +optional 1761 Protocol Protocol `json:"protocol,omitempty" protobuf:"bytes,4,opt,name=protocol,casttype=Protocol"` 1762 // What host IP to bind the external port to. 1763 // +optional 1764 HostIP string `json:"hostIP,omitempty" protobuf:"bytes,5,opt,name=hostIP"` 1765} 1766 1767// VolumeMount describes a mounting of a Volume within a container. 1768type VolumeMount struct { 1769 // This must match the Name of a Volume. 1770 Name string `json:"name" protobuf:"bytes,1,opt,name=name"` 1771 // Mounted read-only if true, read-write otherwise (false or unspecified). 1772 // Defaults to false. 1773 // +optional 1774 ReadOnly bool `json:"readOnly,omitempty" protobuf:"varint,2,opt,name=readOnly"` 1775 // Path within the container at which the volume should be mounted. Must 1776 // not contain ':'. 1777 MountPath string `json:"mountPath" protobuf:"bytes,3,opt,name=mountPath"` 1778 // Path within the volume from which the container's volume should be mounted. 1779 // Defaults to "" (volume's root). 1780 // +optional 1781 SubPath string `json:"subPath,omitempty" protobuf:"bytes,4,opt,name=subPath"` 1782 // mountPropagation determines how mounts are propagated from the host 1783 // to container and the other way around. 1784 // When not set, MountPropagationNone is used. 1785 // This field is beta in 1.10. 1786 // +optional 1787 MountPropagation *MountPropagationMode `json:"mountPropagation,omitempty" protobuf:"bytes,5,opt,name=mountPropagation,casttype=MountPropagationMode"` 1788 // Expanded path within the volume from which the container's volume should be mounted. 1789 // Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. 1790 // Defaults to "" (volume's root). 1791 // SubPathExpr and SubPath are mutually exclusive. 1792 // +optional 1793 SubPathExpr string `json:"subPathExpr,omitempty" protobuf:"bytes,6,opt,name=subPathExpr"` 1794} 1795 1796// MountPropagationMode describes mount propagation. 1797type MountPropagationMode string 1798 1799const ( 1800 // MountPropagationNone means that the volume in a container will 1801 // not receive new mounts from the host or other containers, and filesystems 1802 // mounted inside the container won't be propagated to the host or other 1803 // containers. 1804 // Note that this mode corresponds to "private" in Linux terminology. 1805 MountPropagationNone MountPropagationMode = "None" 1806 // MountPropagationHostToContainer means that the volume in a container will 1807 // receive new mounts from the host or other containers, but filesystems 1808 // mounted inside the container won't be propagated to the host or other 1809 // containers. 1810 // Note that this mode is recursively applied to all mounts in the volume 1811 // ("rslave" in Linux terminology). 1812 MountPropagationHostToContainer MountPropagationMode = "HostToContainer" 1813 // MountPropagationBidirectional means that the volume in a container will 1814 // receive new mounts from the host or other containers, and its own mounts 1815 // will be propagated from the container to the host or other containers. 1816 // Note that this mode is recursively applied to all mounts in the volume 1817 // ("rshared" in Linux terminology). 1818 MountPropagationBidirectional MountPropagationMode = "Bidirectional" 1819) 1820 1821// volumeDevice describes a mapping of a raw block device within a container. 1822type VolumeDevice struct { 1823 // name must match the name of a persistentVolumeClaim in the pod 1824 Name string `json:"name" protobuf:"bytes,1,opt,name=name"` 1825 // devicePath is the path inside of the container that the device will be mapped to. 1826 DevicePath string `json:"devicePath" protobuf:"bytes,2,opt,name=devicePath"` 1827} 1828 1829// EnvVar represents an environment variable present in a Container. 1830type EnvVar struct { 1831 // Name of the environment variable. Must be a C_IDENTIFIER. 1832 Name string `json:"name" protobuf:"bytes,1,opt,name=name"` 1833 1834 // Optional: no more than one of the following may be specified. 1835 1836 // Variable references $(VAR_NAME) are expanded 1837 // using the previous defined environment variables in the container and 1838 // any service environment variables. If a variable cannot be resolved, 1839 // the reference in the input string will be unchanged. The $(VAR_NAME) 1840 // syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped 1841 // references will never be expanded, regardless of whether the variable 1842 // exists or not. 1843 // Defaults to "". 1844 // +optional 1845 Value string `json:"value,omitempty" protobuf:"bytes,2,opt,name=value"` 1846 // Source for the environment variable's value. Cannot be used if value is not empty. 1847 // +optional 1848 ValueFrom *EnvVarSource `json:"valueFrom,omitempty" protobuf:"bytes,3,opt,name=valueFrom"` 1849} 1850 1851// EnvVarSource represents a source for the value of an EnvVar. 1852type EnvVarSource struct { 1853 // Selects a field of the pod: supports metadata.name, metadata.namespace, metadata.labels, metadata.annotations, 1854 // spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. 1855 // +optional 1856 FieldRef *ObjectFieldSelector `json:"fieldRef,omitempty" protobuf:"bytes,1,opt,name=fieldRef"` 1857 // Selects a resource of the container: only resources limits and requests 1858 // (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. 1859 // +optional 1860 ResourceFieldRef *ResourceFieldSelector `json:"resourceFieldRef,omitempty" protobuf:"bytes,2,opt,name=resourceFieldRef"` 1861 // Selects a key of a ConfigMap. 1862 // +optional 1863 ConfigMapKeyRef *ConfigMapKeySelector `json:"configMapKeyRef,omitempty" protobuf:"bytes,3,opt,name=configMapKeyRef"` 1864 // Selects a key of a secret in the pod's namespace 1865 // +optional 1866 SecretKeyRef *SecretKeySelector `json:"secretKeyRef,omitempty" protobuf:"bytes,4,opt,name=secretKeyRef"` 1867} 1868 1869// ObjectFieldSelector selects an APIVersioned field of an object. 1870type ObjectFieldSelector struct { 1871 // Version of the schema the FieldPath is written in terms of, defaults to "v1". 1872 // +optional 1873 APIVersion string `json:"apiVersion,omitempty" protobuf:"bytes,1,opt,name=apiVersion"` 1874 // Path of the field to select in the specified API version. 1875 FieldPath string `json:"fieldPath" protobuf:"bytes,2,opt,name=fieldPath"` 1876} 1877 1878// ResourceFieldSelector represents container resources (cpu, memory) and their output format 1879type ResourceFieldSelector struct { 1880 // Container name: required for volumes, optional for env vars 1881 // +optional 1882 ContainerName string `json:"containerName,omitempty" protobuf:"bytes,1,opt,name=containerName"` 1883 // Required: resource to select 1884 Resource string `json:"resource" protobuf:"bytes,2,opt,name=resource"` 1885 // Specifies the output format of the exposed resources, defaults to "1" 1886 // +optional 1887 Divisor resource.Quantity `json:"divisor,omitempty" protobuf:"bytes,3,opt,name=divisor"` 1888} 1889 1890// Selects a key from a ConfigMap. 1891type ConfigMapKeySelector struct { 1892 // The ConfigMap to select from. 1893 LocalObjectReference `json:",inline" protobuf:"bytes,1,opt,name=localObjectReference"` 1894 // The key to select. 1895 Key string `json:"key" protobuf:"bytes,2,opt,name=key"` 1896 // Specify whether the ConfigMap or its key must be defined 1897 // +optional 1898 Optional *bool `json:"optional,omitempty" protobuf:"varint,3,opt,name=optional"` 1899} 1900 1901// SecretKeySelector selects a key of a Secret. 1902type SecretKeySelector struct { 1903 // The name of the secret in the pod's namespace to select from. 1904 LocalObjectReference `json:",inline" protobuf:"bytes,1,opt,name=localObjectReference"` 1905 // The key of the secret to select from. Must be a valid secret key. 1906 Key string `json:"key" protobuf:"bytes,2,opt,name=key"` 1907 // Specify whether the Secret or its key must be defined 1908 // +optional 1909 Optional *bool `json:"optional,omitempty" protobuf:"varint,3,opt,name=optional"` 1910} 1911 1912// EnvFromSource represents the source of a set of ConfigMaps 1913type EnvFromSource struct { 1914 // An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. 1915 // +optional 1916 Prefix string `json:"prefix,omitempty" protobuf:"bytes,1,opt,name=prefix"` 1917 // The ConfigMap to select from 1918 // +optional 1919 ConfigMapRef *ConfigMapEnvSource `json:"configMapRef,omitempty" protobuf:"bytes,2,opt,name=configMapRef"` 1920 // The Secret to select from 1921 // +optional 1922 SecretRef *SecretEnvSource `json:"secretRef,omitempty" protobuf:"bytes,3,opt,name=secretRef"` 1923} 1924 1925// ConfigMapEnvSource selects a ConfigMap to populate the environment 1926// variables with. 1927// 1928// The contents of the target ConfigMap's Data field will represent the 1929// key-value pairs as environment variables. 1930type ConfigMapEnvSource struct { 1931 // The ConfigMap to select from. 1932 LocalObjectReference `json:",inline" protobuf:"bytes,1,opt,name=localObjectReference"` 1933 // Specify whether the ConfigMap must be defined 1934 // +optional 1935 Optional *bool `json:"optional,omitempty" protobuf:"varint,2,opt,name=optional"` 1936} 1937 1938// SecretEnvSource selects a Secret to populate the environment 1939// variables with. 1940// 1941// The contents of the target Secret's Data field will represent the 1942// key-value pairs as environment variables. 1943type SecretEnvSource struct { 1944 // The Secret to select from. 1945 LocalObjectReference `json:",inline" protobuf:"bytes,1,opt,name=localObjectReference"` 1946 // Specify whether the Secret must be defined 1947 // +optional 1948 Optional *bool `json:"optional,omitempty" protobuf:"varint,2,opt,name=optional"` 1949} 1950 1951// HTTPHeader describes a custom header to be used in HTTP probes 1952type HTTPHeader struct { 1953 // The header field name 1954 Name string `json:"name" protobuf:"bytes,1,opt,name=name"` 1955 // The header field value 1956 Value string `json:"value" protobuf:"bytes,2,opt,name=value"` 1957} 1958 1959// HTTPGetAction describes an action based on HTTP Get requests. 1960type HTTPGetAction struct { 1961 // Path to access on the HTTP server. 1962 // +optional 1963 Path string `json:"path,omitempty" protobuf:"bytes,1,opt,name=path"` 1964 // Name or number of the port to access on the container. 1965 // Number must be in the range 1 to 65535. 1966 // Name must be an IANA_SVC_NAME. 1967 Port intstr.IntOrString `json:"port" protobuf:"bytes,2,opt,name=port"` 1968 // Host name to connect to, defaults to the pod IP. You probably want to set 1969 // "Host" in httpHeaders instead. 1970 // +optional 1971 Host string `json:"host,omitempty" protobuf:"bytes,3,opt,name=host"` 1972 // Scheme to use for connecting to the host. 1973 // Defaults to HTTP. 1974 // +optional 1975 Scheme URIScheme `json:"scheme,omitempty" protobuf:"bytes,4,opt,name=scheme,casttype=URIScheme"` 1976 // Custom headers to set in the request. HTTP allows repeated headers. 1977 // +optional 1978 HTTPHeaders []HTTPHeader `json:"httpHeaders,omitempty" protobuf:"bytes,5,rep,name=httpHeaders"` 1979} 1980 1981// URIScheme identifies the scheme used for connection to a host for Get actions 1982type URIScheme string 1983 1984const ( 1985 // URISchemeHTTP means that the scheme used will be http:// 1986 URISchemeHTTP URIScheme = "HTTP" 1987 // URISchemeHTTPS means that the scheme used will be https:// 1988 URISchemeHTTPS URIScheme = "HTTPS" 1989) 1990 1991// TCPSocketAction describes an action based on opening a socket 1992type TCPSocketAction struct { 1993 // Number or name of the port to access on the container. 1994 // Number must be in the range 1 to 65535. 1995 // Name must be an IANA_SVC_NAME. 1996 Port intstr.IntOrString `json:"port" protobuf:"bytes,1,opt,name=port"` 1997 // Optional: Host name to connect to, defaults to the pod IP. 1998 // +optional 1999 Host string `json:"host,omitempty" protobuf:"bytes,2,opt,name=host"` 2000} 2001 2002// ExecAction describes a "run in container" action. 2003type ExecAction struct { 2004 // Command is the command line to execute inside the container, the working directory for the 2005 // command is root ('/') in the container's filesystem. The command is simply exec'd, it is 2006 // not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use 2007 // a shell, you need to explicitly call out to that shell. 2008 // Exit status of 0 is treated as live/healthy and non-zero is unhealthy. 2009 // +optional 2010 Command []string `json:"command,omitempty" protobuf:"bytes,1,rep,name=command"` 2011} 2012 2013// Probe describes a health check to be performed against a container to determine whether it is 2014// alive or ready to receive traffic. 2015type Probe struct { 2016 // The action taken to determine the health of a container 2017 Handler `json:",inline" protobuf:"bytes,1,opt,name=handler"` 2018 // Number of seconds after the container has started before liveness probes are initiated. 2019 // More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes 2020 // +optional 2021 InitialDelaySeconds int32 `json:"initialDelaySeconds,omitempty" protobuf:"varint,2,opt,name=initialDelaySeconds"` 2022 // Number of seconds after which the probe times out. 2023 // Defaults to 1 second. Minimum value is 1. 2024 // More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes 2025 // +optional 2026 TimeoutSeconds int32 `json:"timeoutSeconds,omitempty" protobuf:"varint,3,opt,name=timeoutSeconds"` 2027 // How often (in seconds) to perform the probe. 2028 // Default to 10 seconds. Minimum value is 1. 2029 // +optional 2030 PeriodSeconds int32 `json:"periodSeconds,omitempty" protobuf:"varint,4,opt,name=periodSeconds"` 2031 // Minimum consecutive successes for the probe to be considered successful after having failed. 2032 // Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. 2033 // +optional 2034 SuccessThreshold int32 `json:"successThreshold,omitempty" protobuf:"varint,5,opt,name=successThreshold"` 2035 // Minimum consecutive failures for the probe to be considered failed after having succeeded. 2036 // Defaults to 3. Minimum value is 1. 2037 // +optional 2038 FailureThreshold int32 `json:"failureThreshold,omitempty" protobuf:"varint,6,opt,name=failureThreshold"` 2039} 2040 2041// PullPolicy describes a policy for if/when to pull a container image 2042type PullPolicy string 2043 2044const ( 2045 // PullAlways means that kubelet always attempts to pull the latest image. Container will fail If the pull fails. 2046 PullAlways PullPolicy = "Always" 2047 // PullNever means that kubelet never pulls an image, but only uses a local image. Container will fail if the image isn't present 2048 PullNever PullPolicy = "Never" 2049 // PullIfNotPresent means that kubelet pulls if the image isn't present on disk. Container will fail if the image isn't present and the pull fails. 2050 PullIfNotPresent PullPolicy = "IfNotPresent" 2051) 2052 2053// PreemptionPolicy describes a policy for if/when to preempt a pod. 2054type PreemptionPolicy string 2055 2056const ( 2057 // PreemptLowerPriority means that pod can preempt other pods with lower priority. 2058 PreemptLowerPriority PreemptionPolicy = "PreemptLowerPriority" 2059 // PreemptNever means that pod never preempts other pods with lower priority. 2060 PreemptNever PreemptionPolicy = "Never" 2061) 2062 2063// TerminationMessagePolicy describes how termination messages are retrieved from a container. 2064type TerminationMessagePolicy string 2065 2066const ( 2067 // TerminationMessageReadFile is the default behavior and will set the container status message to 2068 // the contents of the container's terminationMessagePath when the container exits. 2069 TerminationMessageReadFile TerminationMessagePolicy = "File" 2070 // TerminationMessageFallbackToLogsOnError will read the most recent contents of the container logs 2071 // for the container status message when the container exits with an error and the 2072 // terminationMessagePath has no contents. 2073 TerminationMessageFallbackToLogsOnError TerminationMessagePolicy = "FallbackToLogsOnError" 2074) 2075 2076// Capability represent POSIX capabilities type 2077type Capability string 2078 2079// Adds and removes POSIX capabilities from running containers. 2080type Capabilities struct { 2081 // Added capabilities 2082 // +optional 2083 Add []Capability `json:"add,omitempty" protobuf:"bytes,1,rep,name=add,casttype=Capability"` 2084 // Removed capabilities 2085 // +optional 2086 Drop []Capability `json:"drop,omitempty" protobuf:"bytes,2,rep,name=drop,casttype=Capability"` 2087} 2088 2089// ResourceRequirements describes the compute resource requirements. 2090type ResourceRequirements struct { 2091 // Limits describes the maximum amount of compute resources allowed. 2092 // More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ 2093 // +optional 2094 Limits ResourceList `json:"limits,omitempty" protobuf:"bytes,1,rep,name=limits,casttype=ResourceList,castkey=ResourceName"` 2095 // Requests describes the minimum amount of compute resources required. 2096 // If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, 2097 // otherwise to an implementation-defined value. 2098 // More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ 2099 // +optional 2100 Requests ResourceList `json:"requests,omitempty" protobuf:"bytes,2,rep,name=requests,casttype=ResourceList,castkey=ResourceName"` 2101} 2102 2103const ( 2104 // TerminationMessagePathDefault means the default path to capture the application termination message running in a container 2105 TerminationMessagePathDefault string = "/dev/termination-log" 2106) 2107 2108// A single application container that you want to run within a pod. 2109type Container struct { 2110 // Name of the container specified as a DNS_LABEL. 2111 // Each container in a pod must have a unique name (DNS_LABEL). 2112 // Cannot be updated. 2113 Name string `json:"name" protobuf:"bytes,1,opt,name=name"` 2114 // Docker image name. 2115 // More info: https://kubernetes.io/docs/concepts/containers/images 2116 // This field is optional to allow higher level config management to default or override 2117 // container images in workload controllers like Deployments and StatefulSets. 2118 // +optional 2119 Image string `json:"image,omitempty" protobuf:"bytes,2,opt,name=image"` 2120 // Entrypoint array. Not executed within a shell. 2121 // The docker image's ENTRYPOINT is used if this is not provided. 2122 // Variable references $(VAR_NAME) are expanded using the container's environment. If a variable 2123 // cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax 2124 // can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, 2125 // regardless of whether the variable exists or not. 2126 // Cannot be updated. 2127 // More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell 2128 // +optional 2129 Command []string `json:"command,omitempty" protobuf:"bytes,3,rep,name=command"` 2130 // Arguments to the entrypoint. 2131 // The docker image's CMD is used if this is not provided. 2132 // Variable references $(VAR_NAME) are expanded using the container's environment. If a variable 2133 // cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax 2134 // can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, 2135 // regardless of whether the variable exists or not. 2136 // Cannot be updated. 2137 // More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell 2138 // +optional 2139 Args []string `json:"args,omitempty" protobuf:"bytes,4,rep,name=args"` 2140 // Container's working directory. 2141 // If not specified, the container runtime's default will be used, which 2142 // might be configured in the container image. 2143 // Cannot be updated. 2144 // +optional 2145 WorkingDir string `json:"workingDir,omitempty" protobuf:"bytes,5,opt,name=workingDir"` 2146 // List of ports to expose from the container. Exposing a port here gives 2147 // the system additional information about the network connections a 2148 // container uses, but is primarily informational. Not specifying a port here 2149 // DOES NOT prevent that port from being exposed. Any port which is 2150 // listening on the default "0.0.0.0" address inside a container will be 2151 // accessible from the network. 2152 // Cannot be updated. 2153 // +optional 2154 // +patchMergeKey=containerPort 2155 // +patchStrategy=merge 2156 // +listType=map 2157 // +listMapKey=containerPort 2158 // +listMapKey=protocol 2159 Ports []ContainerPort `json:"ports,omitempty" patchStrategy:"merge" patchMergeKey:"containerPort" protobuf:"bytes,6,rep,name=ports"` 2160 // List of sources to populate environment variables in the container. 2161 // The keys defined within a source must be a C_IDENTIFIER. All invalid keys 2162 // will be reported as an event when the container is starting. When a key exists in multiple 2163 // sources, the value associated with the last source will take precedence. 2164 // Values defined by an Env with a duplicate key will take precedence. 2165 // Cannot be updated. 2166 // +optional 2167 EnvFrom []EnvFromSource `json:"envFrom,omitempty" protobuf:"bytes,19,rep,name=envFrom"` 2168 // List of environment variables to set in the container. 2169 // Cannot be updated. 2170 // +optional 2171 // +patchMergeKey=name 2172 // +patchStrategy=merge 2173 Env []EnvVar `json:"env,omitempty" patchStrategy:"merge" patchMergeKey:"name" protobuf:"bytes,7,rep,name=env"` 2174 // Compute Resources required by this container. 2175 // Cannot be updated. 2176 // More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ 2177 // +optional 2178 Resources ResourceRequirements `json:"resources,omitempty" protobuf:"bytes,8,opt,name=resources"` 2179 // Pod volumes to mount into the container's filesystem. 2180 // Cannot be updated. 2181 // +optional 2182 // +patchMergeKey=mountPath 2183 // +patchStrategy=merge 2184 VolumeMounts []VolumeMount `json:"volumeMounts,omitempty" patchStrategy:"merge" patchMergeKey:"mountPath" protobuf:"bytes,9,rep,name=volumeMounts"` 2185 // volumeDevices is the list of block devices to be used by the container. 2186 // +patchMergeKey=devicePath 2187 // +patchStrategy=merge 2188 // +optional 2189 VolumeDevices []VolumeDevice `json:"volumeDevices,omitempty" patchStrategy:"merge" patchMergeKey:"devicePath" protobuf:"bytes,21,rep,name=volumeDevices"` 2190 // Periodic probe of container liveness. 2191 // Container will be restarted if the probe fails. 2192 // Cannot be updated. 2193 // More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes 2194 // +optional 2195 LivenessProbe *Probe `json:"livenessProbe,omitempty" protobuf:"bytes,10,opt,name=livenessProbe"` 2196 // Periodic probe of container service readiness. 2197 // Container will be removed from service endpoints if the probe fails. 2198 // Cannot be updated. 2199 // More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes 2200 // +optional 2201 ReadinessProbe *Probe `json:"readinessProbe,omitempty" protobuf:"bytes,11,opt,name=readinessProbe"` 2202 // StartupProbe indicates that the Pod has successfully initialized. 2203 // If specified, no other probes are executed until this completes successfully. 2204 // If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. 2205 // This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, 2206 // when it might take a long time to load data or warm a cache, than during steady-state operation. 2207 // This cannot be updated. 2208 // This is a beta feature enabled by the StartupProbe feature flag. 2209 // More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes 2210 // +optional 2211 StartupProbe *Probe `json:"startupProbe,omitempty" protobuf:"bytes,22,opt,name=startupProbe"` 2212 // Actions that the management system should take in response to container lifecycle events. 2213 // Cannot be updated. 2214 // +optional 2215 Lifecycle *Lifecycle `json:"lifecycle,omitempty" protobuf:"bytes,12,opt,name=lifecycle"` 2216 // Optional: Path at which the file to which the container's termination message 2217 // will be written is mounted into the container's filesystem. 2218 // Message written is intended to be brief final status, such as an assertion failure message. 2219 // Will be truncated by the node if greater than 4096 bytes. The total message length across 2220 // all containers will be limited to 12kb. 2221 // Defaults to /dev/termination-log. 2222 // Cannot be updated. 2223 // +optional 2224 TerminationMessagePath string `json:"terminationMessagePath,omitempty" protobuf:"bytes,13,opt,name=terminationMessagePath"` 2225 // Indicate how the termination message should be populated. File will use the contents of 2226 // terminationMessagePath to populate the container status message on both success and failure. 2227 // FallbackToLogsOnError will use the last chunk of container log output if the termination 2228 // message file is empty and the container exited with an error. 2229 // The log output is limited to 2048 bytes or 80 lines, whichever is smaller. 2230 // Defaults to File. 2231 // Cannot be updated. 2232 // +optional 2233 TerminationMessagePolicy TerminationMessagePolicy `json:"terminationMessagePolicy,omitempty" protobuf:"bytes,20,opt,name=terminationMessagePolicy,casttype=TerminationMessagePolicy"` 2234 // Image pull policy. 2235 // One of Always, Never, IfNotPresent. 2236 // Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. 2237 // Cannot be updated. 2238 // More info: https://kubernetes.io/docs/concepts/containers/images#updating-images 2239 // +optional 2240 ImagePullPolicy PullPolicy `json:"imagePullPolicy,omitempty" protobuf:"bytes,14,opt,name=imagePullPolicy,casttype=PullPolicy"` 2241 // Security options the pod should run with. 2242 // More info: https://kubernetes.io/docs/concepts/policy/security-context/ 2243 // More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ 2244 // +optional 2245 SecurityContext *SecurityContext `json:"securityContext,omitempty" protobuf:"bytes,15,opt,name=securityContext"` 2246 2247 // Variables for interactive containers, these have very specialized use-cases (e.g. debugging) 2248 // and shouldn't be used for general purpose containers. 2249 2250 // Whether this container should allocate a buffer for stdin in the container runtime. If this 2251 // is not set, reads from stdin in the container will always result in EOF. 2252 // Default is false. 2253 // +optional 2254 Stdin bool `json:"stdin,omitempty" protobuf:"varint,16,opt,name=stdin"` 2255 // Whether the container runtime should close the stdin channel after it has been opened by 2256 // a single attach. When stdin is true the stdin stream will remain open across multiple attach 2257 // sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the 2258 // first client attaches to stdin, and then remains open and accepts data until the client disconnects, 2259 // at which time stdin is closed and remains closed until the container is restarted. If this 2260 // flag is false, a container processes that reads from stdin will never receive an EOF. 2261 // Default is false 2262 // +optional 2263 StdinOnce bool `json:"stdinOnce,omitempty" protobuf:"varint,17,opt,name=stdinOnce"` 2264 // Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. 2265 // Default is false. 2266 // +optional 2267 TTY bool `json:"tty,omitempty" protobuf:"varint,18,opt,name=tty"` 2268} 2269 2270// Handler defines a specific action that should be taken 2271// TODO: pass structured data to these actions, and document that data here. 2272type Handler struct { 2273 // One and only one of the following should be specified. 2274 // Exec specifies the action to take. 2275 // +optional 2276 Exec *ExecAction `json:"exec,omitempty" protobuf:"bytes,1,opt,name=exec"` 2277 // HTTPGet specifies the http request to perform. 2278 // +optional 2279 HTTPGet *HTTPGetAction `json:"httpGet,omitempty" protobuf:"bytes,2,opt,name=httpGet"` 2280 // TCPSocket specifies an action involving a TCP port. 2281 // TCP hooks not yet supported 2282 // TODO: implement a realistic TCP lifecycle hook 2283 // +optional 2284 TCPSocket *TCPSocketAction `json:"tcpSocket,omitempty" protobuf:"bytes,3,opt,name=tcpSocket"` 2285} 2286 2287// Lifecycle describes actions that the management system should take in response to container lifecycle 2288// events. For the PostStart and PreStop lifecycle handlers, management of the container blocks 2289// until the action is complete, unless the container process fails, in which case the handler is aborted. 2290type Lifecycle struct { 2291 // PostStart is called immediately after a container is created. If the handler fails, 2292 // the container is terminated and restarted according to its restart policy. 2293 // Other management of the container blocks until the hook completes. 2294 // More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks 2295 // +optional 2296 PostStart *Handler `json:"postStart,omitempty" protobuf:"bytes,1,opt,name=postStart"` 2297 // PreStop is called immediately before a container is terminated due to an 2298 // API request or management event such as liveness/startup probe failure, 2299 // preemption, resource contention, etc. The handler is not called if the 2300 // container crashes or exits. The reason for termination is passed to the 2301 // handler. The Pod's termination grace period countdown begins before the 2302 // PreStop hooked is executed. Regardless of the outcome of the handler, the 2303 // container will eventually terminate within the Pod's termination grace 2304 // period. Other management of the container blocks until the hook completes 2305 // or until the termination grace period is reached. 2306 // More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks 2307 // +optional 2308 PreStop *Handler `json:"preStop,omitempty" protobuf:"bytes,2,opt,name=preStop"` 2309} 2310 2311type ConditionStatus string 2312 2313// These are valid condition statuses. "ConditionTrue" means a resource is in the condition. 2314// "ConditionFalse" means a resource is not in the condition. "ConditionUnknown" means kubernetes 2315// can't decide if a resource is in the condition or not. In the future, we could add other 2316// intermediate conditions, e.g. ConditionDegraded. 2317const ( 2318 ConditionTrue ConditionStatus = "True" 2319 ConditionFalse ConditionStatus = "False" 2320 ConditionUnknown ConditionStatus = "Unknown" 2321) 2322 2323// ContainerStateWaiting is a waiting state of a container. 2324type ContainerStateWaiting struct { 2325 // (brief) reason the container is not yet running. 2326 // +optional 2327 Reason string `json:"reason,omitempty" protobuf:"bytes,1,opt,name=reason"` 2328 // Message regarding why the container is not yet running. 2329 // +optional 2330 Message string `json:"message,omitempty" protobuf:"bytes,2,opt,name=message"` 2331} 2332 2333// ContainerStateRunning is a running state of a container. 2334type ContainerStateRunning struct { 2335 // Time at which the container was last (re-)started 2336 // +optional 2337 StartedAt metav1.Time `json:"startedAt,omitempty" protobuf:"bytes,1,opt,name=startedAt"` 2338} 2339 2340// ContainerStateTerminated is a terminated state of a container. 2341type ContainerStateTerminated struct { 2342 // Exit status from the last termination of the container 2343 ExitCode int32 `json:"exitCode" protobuf:"varint,1,opt,name=exitCode"` 2344 // Signal from the last termination of the container 2345 // +optional 2346 Signal int32 `json:"signal,omitempty" protobuf:"varint,2,opt,name=signal"` 2347 // (brief) reason from the last termination of the container 2348 // +optional 2349 Reason string `json:"reason,omitempty" protobuf:"bytes,3,opt,name=reason"` 2350 // Message regarding the last termination of the container 2351 // +optional 2352 Message string `json:"message,omitempty" protobuf:"bytes,4,opt,name=message"` 2353 // Time at which previous execution of the container started 2354 // +optional 2355 StartedAt metav1.Time `json:"startedAt,omitempty" protobuf:"bytes,5,opt,name=startedAt"` 2356 // Time at which the container last terminated 2357 // +optional 2358 FinishedAt metav1.Time `json:"finishedAt,omitempty" protobuf:"bytes,6,opt,name=finishedAt"` 2359 // Container's ID in the format 'docker://<container_id>' 2360 // +optional 2361 ContainerID string `json:"containerID,omitempty" protobuf:"bytes,7,opt,name=containerID"` 2362} 2363 2364// ContainerState holds a possible state of container. 2365// Only one of its members may be specified. 2366// If none of them is specified, the default one is ContainerStateWaiting. 2367type ContainerState struct { 2368 // Details about a waiting container 2369 // +optional 2370 Waiting *ContainerStateWaiting `json:"waiting,omitempty" protobuf:"bytes,1,opt,name=waiting"` 2371 // Details about a running container 2372 // +optional 2373 Running *ContainerStateRunning `json:"running,omitempty" protobuf:"bytes,2,opt,name=running"` 2374 // Details about a terminated container 2375 // +optional 2376 Terminated *ContainerStateTerminated `json:"terminated,omitempty" protobuf:"bytes,3,opt,name=terminated"` 2377} 2378 2379// ContainerStatus contains details for the current status of this container. 2380type ContainerStatus struct { 2381 // This must be a DNS_LABEL. Each container in a pod must have a unique name. 2382 // Cannot be updated. 2383 Name string `json:"name" protobuf:"bytes,1,opt,name=name"` 2384 // Details about the container's current condition. 2385 // +optional 2386 State ContainerState `json:"state,omitempty" protobuf:"bytes,2,opt,name=state"` 2387 // Details about the container's last termination condition. 2388 // +optional 2389 LastTerminationState ContainerState `json:"lastState,omitempty" protobuf:"bytes,3,opt,name=lastState"` 2390 // Specifies whether the container has passed its readiness probe. 2391 Ready bool `json:"ready" protobuf:"varint,4,opt,name=ready"` 2392 // The number of times the container has been restarted, currently based on 2393 // the number of dead containers that have not yet been removed. 2394 // Note that this is calculated from dead containers. But those containers are subject to 2395 // garbage collection. This value will get capped at 5 by GC. 2396 RestartCount int32 `json:"restartCount" protobuf:"varint,5,opt,name=restartCount"` 2397 // The image the container is running. 2398 // More info: https://kubernetes.io/docs/concepts/containers/images 2399 // TODO(dchen1107): Which image the container is running with? 2400 Image string `json:"image" protobuf:"bytes,6,opt,name=image"` 2401 // ImageID of the container's image. 2402 ImageID string `json:"imageID" protobuf:"bytes,7,opt,name=imageID"` 2403 // Container's ID in the format 'docker://<container_id>'. 2404 // +optional 2405 ContainerID string `json:"containerID,omitempty" protobuf:"bytes,8,opt,name=containerID"` 2406 // Specifies whether the container has passed its startup probe. 2407 // Initialized as false, becomes true after startupProbe is considered successful. 2408 // Resets to false when the container is restarted, or if kubelet loses state temporarily. 2409 // Is always true when no startupProbe is defined. 2410 // +optional 2411 Started *bool `json:"started,omitempty" protobuf:"varint,9,opt,name=started"` 2412} 2413 2414// PodPhase is a label for the condition of a pod at the current time. 2415type PodPhase string 2416 2417// These are the valid statuses of pods. 2418const ( 2419 // PodPending means the pod has been accepted by the system, but one or more of the containers 2420 // has not been started. This includes time before being bound to a node, as well as time spent 2421 // pulling images onto the host. 2422 PodPending PodPhase = "Pending" 2423 // PodRunning means the pod has been bound to a node and all of the containers have been started. 2424 // At least one container is still running or is in the process of being restarted. 2425 PodRunning PodPhase = "Running" 2426 // PodSucceeded means that all containers in the pod have voluntarily terminated 2427 // with a container exit code of 0, and the system is not going to restart any of these containers. 2428 PodSucceeded PodPhase = "Succeeded" 2429 // PodFailed means that all containers in the pod have terminated, and at least one container has 2430 // terminated in a failure (exited with a non-zero exit code or was stopped by the system). 2431 PodFailed PodPhase = "Failed" 2432 // PodUnknown means that for some reason the state of the pod could not be obtained, typically due 2433 // to an error in communicating with the host of the pod. 2434 PodUnknown PodPhase = "Unknown" 2435) 2436 2437// PodConditionType is a valid value for PodCondition.Type 2438type PodConditionType string 2439 2440// These are valid conditions of pod. 2441const ( 2442 // ContainersReady indicates whether all containers in the pod are ready. 2443 ContainersReady PodConditionType = "ContainersReady" 2444 // PodInitialized means that all init containers in the pod have started successfully. 2445 PodInitialized PodConditionType = "Initialized" 2446 // PodReady means the pod is able to service requests and should be added to the 2447 // load balancing pools of all matching services. 2448 PodReady PodConditionType = "Ready" 2449 // PodScheduled represents status of the scheduling process for this pod. 2450 PodScheduled PodConditionType = "PodScheduled" 2451) 2452 2453// These are reasons for a pod's transition to a condition. 2454const ( 2455 // PodReasonUnschedulable reason in PodScheduled PodCondition means that the scheduler 2456 // can't schedule the pod right now, for example due to insufficient resources in the cluster. 2457 PodReasonUnschedulable = "Unschedulable" 2458) 2459 2460// PodCondition contains details for the current condition of this pod. 2461type PodCondition struct { 2462 // Type is the type of the condition. 2463 // More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions 2464 Type PodConditionType `json:"type" protobuf:"bytes,1,opt,name=type,casttype=PodConditionType"` 2465 // Status is the status of the condition. 2466 // Can be True, False, Unknown. 2467 // More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions 2468 Status ConditionStatus `json:"status" protobuf:"bytes,2,opt,name=status,casttype=ConditionStatus"` 2469 // Last time we probed the condition. 2470 // +optional 2471 LastProbeTime metav1.Time `json:"lastProbeTime,omitempty" protobuf:"bytes,3,opt,name=lastProbeTime"` 2472 // Last time the condition transitioned from one status to another. 2473 // +optional 2474 LastTransitionTime metav1.Time `json:"lastTransitionTime,omitempty" protobuf:"bytes,4,opt,name=lastTransitionTime"` 2475 // Unique, one-word, CamelCase reason for the condition's last transition. 2476 // +optional 2477 Reason string `json:"reason,omitempty" protobuf:"bytes,5,opt,name=reason"` 2478 // Human-readable message indicating details about last transition. 2479 // +optional 2480 Message string `json:"message,omitempty" protobuf:"bytes,6,opt,name=message"` 2481} 2482 2483// RestartPolicy describes how the container should be restarted. 2484// Only one of the following restart policies may be specified. 2485// If none of the following policies is specified, the default one 2486// is RestartPolicyAlways. 2487type RestartPolicy string 2488 2489const ( 2490 RestartPolicyAlways RestartPolicy = "Always" 2491 RestartPolicyOnFailure RestartPolicy = "OnFailure" 2492 RestartPolicyNever RestartPolicy = "Never" 2493) 2494 2495// DNSPolicy defines how a pod's DNS will be configured. 2496type DNSPolicy string 2497 2498const ( 2499 // DNSClusterFirstWithHostNet indicates that the pod should use cluster DNS 2500 // first, if it is available, then fall back on the default 2501 // (as determined by kubelet) DNS settings. 2502 DNSClusterFirstWithHostNet DNSPolicy = "ClusterFirstWithHostNet" 2503 2504 // DNSClusterFirst indicates that the pod should use cluster DNS 2505 // first unless hostNetwork is true, if it is available, then 2506 // fall back on the default (as determined by kubelet) DNS settings. 2507 DNSClusterFirst DNSPolicy = "ClusterFirst" 2508 2509 // DNSDefault indicates that the pod should use the default (as 2510 // determined by kubelet) DNS settings. 2511 DNSDefault DNSPolicy = "Default" 2512 2513 // DNSNone indicates that the pod should use empty DNS settings. DNS 2514 // parameters such as nameservers and search paths should be defined via 2515 // DNSConfig. 2516 DNSNone DNSPolicy = "None" 2517) 2518 2519const ( 2520 // DefaultTerminationGracePeriodSeconds indicates the default duration in 2521 // seconds a pod needs to terminate gracefully. 2522 DefaultTerminationGracePeriodSeconds = 30 2523) 2524 2525// A node selector represents the union of the results of one or more label queries 2526// over a set of nodes; that is, it represents the OR of the selectors represented 2527// by the node selector terms. 2528type NodeSelector struct { 2529 //Required. A list of node selector terms. The terms are ORed. 2530 NodeSelectorTerms []NodeSelectorTerm `json:"nodeSelectorTerms" protobuf:"bytes,1,rep,name=nodeSelectorTerms"` 2531} 2532 2533// A null or empty node selector term matches no objects. The requirements of 2534// them are ANDed. 2535// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. 2536type NodeSelectorTerm struct { 2537 // A list of node selector requirements by node's labels. 2538 // +optional 2539 MatchExpressions []NodeSelectorRequirement `json:"matchExpressions,omitempty" protobuf:"bytes,1,rep,name=matchExpressions"` 2540 // A list of node selector requirements by node's fields. 2541 // +optional 2542 MatchFields []NodeSelectorRequirement `json:"matchFields,omitempty" protobuf:"bytes,2,rep,name=matchFields"` 2543} 2544 2545// A node selector requirement is a selector that contains values, a key, and an operator 2546// that relates the key and values. 2547type NodeSelectorRequirement struct { 2548 // The label key that the selector applies to. 2549 Key string `json:"key" protobuf:"bytes,1,opt,name=key"` 2550 // Represents a key's relationship to a set of values. 2551 // Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. 2552 Operator NodeSelectorOperator `json:"operator" protobuf:"bytes,2,opt,name=operator,casttype=NodeSelectorOperator"` 2553 // An array of string values. If the operator is In or NotIn, 2554 // the values array must be non-empty. If the operator is Exists or DoesNotExist, 2555 // the values array must be empty. If the operator is Gt or Lt, the values 2556 // array must have a single element, which will be interpreted as an integer. 2557 // This array is replaced during a strategic merge patch. 2558 // +optional 2559 Values []string `json:"values,omitempty" protobuf:"bytes,3,rep,name=values"` 2560} 2561 2562// A node selector operator is the set of operators that can be used in 2563// a node selector requirement. 2564type NodeSelectorOperator string 2565 2566const ( 2567 NodeSelectorOpIn NodeSelectorOperator = "In" 2568 NodeSelectorOpNotIn NodeSelectorOperator = "NotIn" 2569 NodeSelectorOpExists NodeSelectorOperator = "Exists" 2570 NodeSelectorOpDoesNotExist NodeSelectorOperator = "DoesNotExist" 2571 NodeSelectorOpGt NodeSelectorOperator = "Gt" 2572 NodeSelectorOpLt NodeSelectorOperator = "Lt" 2573) 2574 2575// A topology selector term represents the result of label queries. 2576// A null or empty topology selector term matches no objects. 2577// The requirements of them are ANDed. 2578// It provides a subset of functionality as NodeSelectorTerm. 2579// This is an alpha feature and may change in the future. 2580type TopologySelectorTerm struct { 2581 // A list of topology selector requirements by labels. 2582 // +optional 2583 MatchLabelExpressions []TopologySelectorLabelRequirement `json:"matchLabelExpressions,omitempty" protobuf:"bytes,1,rep,name=matchLabelExpressions"` 2584} 2585 2586// A topology selector requirement is a selector that matches given label. 2587// This is an alpha feature and may change in the future. 2588type TopologySelectorLabelRequirement struct { 2589 // The label key that the selector applies to. 2590 Key string `json:"key" protobuf:"bytes,1,opt,name=key"` 2591 // An array of string values. One value must match the label to be selected. 2592 // Each entry in Values is ORed. 2593 Values []string `json:"values" protobuf:"bytes,2,rep,name=values"` 2594} 2595 2596// Affinity is a group of affinity scheduling rules. 2597type Affinity struct { 2598 // Describes node affinity scheduling rules for the pod. 2599 // +optional 2600 NodeAffinity *NodeAffinity `json:"nodeAffinity,omitempty" protobuf:"bytes,1,opt,name=nodeAffinity"` 2601 // Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). 2602 // +optional 2603 PodAffinity *PodAffinity `json:"podAffinity,omitempty" protobuf:"bytes,2,opt,name=podAffinity"` 2604 // Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). 2605 // +optional 2606 PodAntiAffinity *PodAntiAffinity `json:"podAntiAffinity,omitempty" protobuf:"bytes,3,opt,name=podAntiAffinity"` 2607} 2608 2609// Pod affinity is a group of inter pod affinity scheduling rules. 2610type PodAffinity struct { 2611 // NOT YET IMPLEMENTED. TODO: Uncomment field once it is implemented. 2612 // If the affinity requirements specified by this field are not met at 2613 // scheduling time, the pod will not be scheduled onto the node. 2614 // If the affinity requirements specified by this field cease to be met 2615 // at some point during pod execution (e.g. due to a pod label update), the 2616 // system will try to eventually evict the pod from its node. 2617 // When there are multiple elements, the lists of nodes corresponding to each 2618 // podAffinityTerm are intersected, i.e. all terms must be satisfied. 2619 // +optional 2620 // RequiredDuringSchedulingRequiredDuringExecution []PodAffinityTerm `json:"requiredDuringSchedulingRequiredDuringExecution,omitempty"` 2621 2622 // If the affinity requirements specified by this field are not met at 2623 // scheduling time, the pod will not be scheduled onto the node. 2624 // If the affinity requirements specified by this field cease to be met 2625 // at some point during pod execution (e.g. due to a pod label update), the 2626 // system may or may not try to eventually evict the pod from its node. 2627 // When there are multiple elements, the lists of nodes corresponding to each 2628 // podAffinityTerm are intersected, i.e. all terms must be satisfied. 2629 // +optional 2630 RequiredDuringSchedulingIgnoredDuringExecution []PodAffinityTerm `json:"requiredDuringSchedulingIgnoredDuringExecution,omitempty" protobuf:"bytes,1,rep,name=requiredDuringSchedulingIgnoredDuringExecution"` 2631 // The scheduler will prefer to schedule pods to nodes that satisfy 2632 // the affinity expressions specified by this field, but it may choose 2633 // a node that violates one or more of the expressions. The node that is 2634 // most preferred is the one with the greatest sum of weights, i.e. 2635 // for each node that meets all of the scheduling requirements (resource 2636 // request, requiredDuringScheduling affinity expressions, etc.), 2637 // compute a sum by iterating through the elements of this field and adding 2638 // "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the 2639 // node(s) with the highest sum are the most preferred. 2640 // +optional 2641 PreferredDuringSchedulingIgnoredDuringExecution []WeightedPodAffinityTerm `json:"preferredDuringSchedulingIgnoredDuringExecution,omitempty" protobuf:"bytes,2,rep,name=preferredDuringSchedulingIgnoredDuringExecution"` 2642} 2643 2644// Pod anti affinity is a group of inter pod anti affinity scheduling rules. 2645type PodAntiAffinity struct { 2646 // NOT YET IMPLEMENTED. TODO: Uncomment field once it is implemented. 2647 // If the anti-affinity requirements specified by this field are not met at 2648 // scheduling time, the pod will not be scheduled onto the node. 2649 // If the anti-affinity requirements specified by this field cease to be met 2650 // at some point during pod execution (e.g. due to a pod label update), the 2651 // system will try to eventually evict the pod from its node. 2652 // When there are multiple elements, the lists of nodes corresponding to each 2653 // podAffinityTerm are intersected, i.e. all terms must be satisfied. 2654 // +optional 2655 // RequiredDuringSchedulingRequiredDuringExecution []PodAffinityTerm `json:"requiredDuringSchedulingRequiredDuringExecution,omitempty"` 2656 2657 // If the anti-affinity requirements specified by this field are not met at 2658 // scheduling time, the pod will not be scheduled onto the node. 2659 // If the anti-affinity requirements specified by this field cease to be met 2660 // at some point during pod execution (e.g. due to a pod label update), the 2661 // system may or may not try to eventually evict the pod from its node. 2662 // When there are multiple elements, the lists of nodes corresponding to each 2663 // podAffinityTerm are intersected, i.e. all terms must be satisfied. 2664 // +optional 2665 RequiredDuringSchedulingIgnoredDuringExecution []PodAffinityTerm `json:"requiredDuringSchedulingIgnoredDuringExecution,omitempty" protobuf:"bytes,1,rep,name=requiredDuringSchedulingIgnoredDuringExecution"` 2666 // The scheduler will prefer to schedule pods to nodes that satisfy 2667 // the anti-affinity expressions specified by this field, but it may choose 2668 // a node that violates one or more of the expressions. The node that is 2669 // most preferred is the one with the greatest sum of weights, i.e. 2670 // for each node that meets all of the scheduling requirements (resource 2671 // request, requiredDuringScheduling anti-affinity expressions, etc.), 2672 // compute a sum by iterating through the elements of this field and adding 2673 // "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the 2674 // node(s) with the highest sum are the most preferred. 2675 // +optional 2676 PreferredDuringSchedulingIgnoredDuringExecution []WeightedPodAffinityTerm `json:"preferredDuringSchedulingIgnoredDuringExecution,omitempty" protobuf:"bytes,2,rep,name=preferredDuringSchedulingIgnoredDuringExecution"` 2677} 2678 2679// The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) 2680type WeightedPodAffinityTerm struct { 2681 // weight associated with matching the corresponding podAffinityTerm, 2682 // in the range 1-100. 2683 Weight int32 `json:"weight" protobuf:"varint,1,opt,name=weight"` 2684 // Required. A pod affinity term, associated with the corresponding weight. 2685 PodAffinityTerm PodAffinityTerm `json:"podAffinityTerm" protobuf:"bytes,2,opt,name=podAffinityTerm"` 2686} 2687 2688// Defines a set of pods (namely those matching the labelSelector 2689// relative to the given namespace(s)) that this pod should be 2690// co-located (affinity) or not co-located (anti-affinity) with, 2691// where co-located is defined as running on a node whose value of 2692// the label with key <topologyKey> matches that of any node on which 2693// a pod of the set of pods is running 2694type PodAffinityTerm struct { 2695 // A label query over a set of resources, in this case pods. 2696 // +optional 2697 LabelSelector *metav1.LabelSelector `json:"labelSelector,omitempty" protobuf:"bytes,1,opt,name=labelSelector"` 2698 // namespaces specifies which namespaces the labelSelector applies to (matches against); 2699 // null or empty list means "this pod's namespace" 2700 // +optional 2701 Namespaces []string `json:"namespaces,omitempty" protobuf:"bytes,2,rep,name=namespaces"` 2702 // This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching 2703 // the labelSelector in the specified namespaces, where co-located is defined as running on a node 2704 // whose value of the label with key topologyKey matches that of any node on which any of the 2705 // selected pods is running. 2706 // Empty topologyKey is not allowed. 2707 TopologyKey string `json:"topologyKey" protobuf:"bytes,3,opt,name=topologyKey"` 2708} 2709 2710// Node affinity is a group of node affinity scheduling rules. 2711type NodeAffinity struct { 2712 // NOT YET IMPLEMENTED. TODO: Uncomment field once it is implemented. 2713 // If the affinity requirements specified by this field are not met at 2714 // scheduling time, the pod will not be scheduled onto the node. 2715 // If the affinity requirements specified by this field cease to be met 2716 // at some point during pod execution (e.g. due to an update), the system 2717 // will try to eventually evict the pod from its node. 2718 // +optional 2719 // RequiredDuringSchedulingRequiredDuringExecution *NodeSelector `json:"requiredDuringSchedulingRequiredDuringExecution,omitempty"` 2720 2721 // If the affinity requirements specified by this field are not met at 2722 // scheduling time, the pod will not be scheduled onto the node. 2723 // If the affinity requirements specified by this field cease to be met 2724 // at some point during pod execution (e.g. due to an update), the system 2725 // may or may not try to eventually evict the pod from its node. 2726 // +optional 2727 RequiredDuringSchedulingIgnoredDuringExecution *NodeSelector `json:"requiredDuringSchedulingIgnoredDuringExecution,omitempty" protobuf:"bytes,1,opt,name=requiredDuringSchedulingIgnoredDuringExecution"` 2728 // The scheduler will prefer to schedule pods to nodes that satisfy 2729 // the affinity expressions specified by this field, but it may choose 2730 // a node that violates one or more of the expressions. The node that is 2731 // most preferred is the one with the greatest sum of weights, i.e. 2732 // for each node that meets all of the scheduling requirements (resource 2733 // request, requiredDuringScheduling affinity expressions, etc.), 2734 // compute a sum by iterating through the elements of this field and adding 2735 // "weight" to the sum if the node matches the corresponding matchExpressions; the 2736 // node(s) with the highest sum are the most preferred. 2737 // +optional 2738 PreferredDuringSchedulingIgnoredDuringExecution []PreferredSchedulingTerm `json:"preferredDuringSchedulingIgnoredDuringExecution,omitempty" protobuf:"bytes,2,rep,name=preferredDuringSchedulingIgnoredDuringExecution"` 2739} 2740 2741// An empty preferred scheduling term matches all objects with implicit weight 0 2742// (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). 2743type PreferredSchedulingTerm struct { 2744 // Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. 2745 Weight int32 `json:"weight" protobuf:"varint,1,opt,name=weight"` 2746 // A node selector term, associated with the corresponding weight. 2747 Preference NodeSelectorTerm `json:"preference" protobuf:"bytes,2,opt,name=preference"` 2748} 2749 2750// The node this Taint is attached to has the "effect" on 2751// any pod that does not tolerate the Taint. 2752type Taint struct { 2753 // Required. The taint key to be applied to a node. 2754 Key string `json:"key" protobuf:"bytes,1,opt,name=key"` 2755 // The taint value corresponding to the taint key. 2756 // +optional 2757 Value string `json:"value,omitempty" protobuf:"bytes,2,opt,name=value"` 2758 // Required. The effect of the taint on pods 2759 // that do not tolerate the taint. 2760 // Valid effects are NoSchedule, PreferNoSchedule and NoExecute. 2761 Effect TaintEffect `json:"effect" protobuf:"bytes,3,opt,name=effect,casttype=TaintEffect"` 2762 // TimeAdded represents the time at which the taint was added. 2763 // It is only written for NoExecute taints. 2764 // +optional 2765 TimeAdded *metav1.Time `json:"timeAdded,omitempty" protobuf:"bytes,4,opt,name=timeAdded"` 2766} 2767 2768type TaintEffect string 2769 2770const ( 2771 // Do not allow new pods to schedule onto the node unless they tolerate the taint, 2772 // but allow all pods submitted to Kubelet without going through the scheduler 2773 // to start, and allow all already-running pods to continue running. 2774 // Enforced by the scheduler. 2775 TaintEffectNoSchedule TaintEffect = "NoSchedule" 2776 // Like TaintEffectNoSchedule, but the scheduler tries not to schedule 2777 // new pods onto the node, rather than prohibiting new pods from scheduling 2778 // onto the node entirely. Enforced by the scheduler. 2779 TaintEffectPreferNoSchedule TaintEffect = "PreferNoSchedule" 2780 // NOT YET IMPLEMENTED. TODO: Uncomment field once it is implemented. 2781 // Like TaintEffectNoSchedule, but additionally do not allow pods submitted to 2782 // Kubelet without going through the scheduler to start. 2783 // Enforced by Kubelet and the scheduler. 2784 // TaintEffectNoScheduleNoAdmit TaintEffect = "NoScheduleNoAdmit" 2785 2786 // Evict any already-running pods that do not tolerate the taint. 2787 // Currently enforced by NodeController. 2788 TaintEffectNoExecute TaintEffect = "NoExecute" 2789) 2790 2791// The pod this Toleration is attached to tolerates any taint that matches 2792// the triple <key,value,effect> using the matching operator <operator>. 2793type Toleration struct { 2794 // Key is the taint key that the toleration applies to. Empty means match all taint keys. 2795 // If the key is empty, operator must be Exists; this combination means to match all values and all keys. 2796 // +optional 2797 Key string `json:"key,omitempty" protobuf:"bytes,1,opt,name=key"` 2798 // Operator represents a key's relationship to the value. 2799 // Valid operators are Exists and Equal. Defaults to Equal. 2800 // Exists is equivalent to wildcard for value, so that a pod can 2801 // tolerate all taints of a particular category. 2802 // +optional 2803 Operator TolerationOperator `json:"operator,omitempty" protobuf:"bytes,2,opt,name=operator,casttype=TolerationOperator"` 2804 // Value is the taint value the toleration matches to. 2805 // If the operator is Exists, the value should be empty, otherwise just a regular string. 2806 // +optional 2807 Value string `json:"value,omitempty" protobuf:"bytes,3,opt,name=value"` 2808 // Effect indicates the taint effect to match. Empty means match all taint effects. 2809 // When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. 2810 // +optional 2811 Effect TaintEffect `json:"effect,omitempty" protobuf:"bytes,4,opt,name=effect,casttype=TaintEffect"` 2812 // TolerationSeconds represents the period of time the toleration (which must be 2813 // of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, 2814 // it is not set, which means tolerate the taint forever (do not evict). Zero and 2815 // negative values will be treated as 0 (evict immediately) by the system. 2816 // +optional 2817 TolerationSeconds *int64 `json:"tolerationSeconds,omitempty" protobuf:"varint,5,opt,name=tolerationSeconds"` 2818} 2819 2820// A toleration operator is the set of operators that can be used in a toleration. 2821type TolerationOperator string 2822 2823const ( 2824 TolerationOpExists TolerationOperator = "Exists" 2825 TolerationOpEqual TolerationOperator = "Equal" 2826) 2827 2828// PodReadinessGate contains the reference to a pod condition 2829type PodReadinessGate struct { 2830 // ConditionType refers to a condition in the pod's condition list with matching type. 2831 ConditionType PodConditionType `json:"conditionType" protobuf:"bytes,1,opt,name=conditionType,casttype=PodConditionType"` 2832} 2833 2834// PodSpec is a description of a pod. 2835type PodSpec struct { 2836 // List of volumes that can be mounted by containers belonging to the pod. 2837 // More info: https://kubernetes.io/docs/concepts/storage/volumes 2838 // +optional 2839 // +patchMergeKey=name 2840 // +patchStrategy=merge,retainKeys 2841 Volumes []Volume `json:"volumes,omitempty" patchStrategy:"merge,retainKeys" patchMergeKey:"name" protobuf:"bytes,1,rep,name=volumes"` 2842 // List of initialization containers belonging to the pod. 2843 // Init containers are executed in order prior to containers being started. If any 2844 // init container fails, the pod is considered to have failed and is handled according 2845 // to its restartPolicy. The name for an init container or normal container must be 2846 // unique among all containers. 2847 // Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. 2848 // The resourceRequirements of an init container are taken into account during scheduling 2849 // by finding the highest request/limit for each resource type, and then using the max of 2850 // of that value or the sum of the normal containers. Limits are applied to init containers 2851 // in a similar fashion. 2852 // Init containers cannot currently be added or removed. 2853 // Cannot be updated. 2854 // More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ 2855 // +patchMergeKey=name 2856 // +patchStrategy=merge 2857 InitContainers []Container `json:"initContainers,omitempty" patchStrategy:"merge" patchMergeKey:"name" protobuf:"bytes,20,rep,name=initContainers"` 2858 // List of containers belonging to the pod. 2859 // Containers cannot currently be added or removed. 2860 // There must be at least one container in a Pod. 2861 // Cannot be updated. 2862 // +patchMergeKey=name 2863 // +patchStrategy=merge 2864 Containers []Container `json:"containers" patchStrategy:"merge" patchMergeKey:"name" protobuf:"bytes,2,rep,name=containers"` 2865 // List of ephemeral containers run in this pod. Ephemeral containers may be run in an existing 2866 // pod to perform user-initiated actions such as debugging. This list cannot be specified when 2867 // creating a pod, and it cannot be modified by updating the pod spec. In order to add an 2868 // ephemeral container to an existing pod, use the pod's ephemeralcontainers subresource. 2869 // This field is alpha-level and is only honored by servers that enable the EphemeralContainers feature. 2870 // +optional 2871 // +patchMergeKey=name 2872 // +patchStrategy=merge 2873 EphemeralContainers []EphemeralContainer `json:"ephemeralContainers,omitempty" patchStrategy:"merge" patchMergeKey:"name" protobuf:"bytes,34,rep,name=ephemeralContainers"` 2874 // Restart policy for all containers within the pod. 2875 // One of Always, OnFailure, Never. 2876 // Default to Always. 2877 // More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy 2878 // +optional 2879 RestartPolicy RestartPolicy `json:"restartPolicy,omitempty" protobuf:"bytes,3,opt,name=restartPolicy,casttype=RestartPolicy"` 2880 // Optional duration in seconds the pod needs to terminate gracefully. May be decreased in delete request. 2881 // Value must be non-negative integer. The value zero indicates delete immediately. 2882 // If this value is nil, the default grace period will be used instead. 2883 // The grace period is the duration in seconds after the processes running in the pod are sent 2884 // a termination signal and the time when the processes are forcibly halted with a kill signal. 2885 // Set this value longer than the expected cleanup time for your process. 2886 // Defaults to 30 seconds. 2887 // +optional 2888 TerminationGracePeriodSeconds *int64 `json:"terminationGracePeriodSeconds,omitempty" protobuf:"varint,4,opt,name=terminationGracePeriodSeconds"` 2889 // Optional duration in seconds the pod may be active on the node relative to 2890 // StartTime before the system will actively try to mark it failed and kill associated containers. 2891 // Value must be a positive integer. 2892 // +optional 2893 ActiveDeadlineSeconds *int64 `json:"activeDeadlineSeconds,omitempty" protobuf:"varint,5,opt,name=activeDeadlineSeconds"` 2894 // Set DNS policy for the pod. 2895 // Defaults to "ClusterFirst". 2896 // Valid values are 'ClusterFirstWithHostNet', 'ClusterFirst', 'Default' or 'None'. 2897 // DNS parameters given in DNSConfig will be merged with the policy selected with DNSPolicy. 2898 // To have DNS options set along with hostNetwork, you have to specify DNS policy 2899 // explicitly to 'ClusterFirstWithHostNet'. 2900 // +optional 2901 DNSPolicy DNSPolicy `json:"dnsPolicy,omitempty" protobuf:"bytes,6,opt,name=dnsPolicy,casttype=DNSPolicy"` 2902 // NodeSelector is a selector which must be true for the pod to fit on a node. 2903 // Selector which must match a node's labels for the pod to be scheduled on that node. 2904 // More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ 2905 // +optional 2906 NodeSelector map[string]string `json:"nodeSelector,omitempty" protobuf:"bytes,7,rep,name=nodeSelector"` 2907 2908 // ServiceAccountName is the name of the ServiceAccount to use to run this pod. 2909 // More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ 2910 // +optional 2911 ServiceAccountName string `json:"serviceAccountName,omitempty" protobuf:"bytes,8,opt,name=serviceAccountName"` 2912 // DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. 2913 // Deprecated: Use serviceAccountName instead. 2914 // +k8s:conversion-gen=false 2915 // +optional 2916 DeprecatedServiceAccount string `json:"serviceAccount,omitempty" protobuf:"bytes,9,opt,name=serviceAccount"` 2917 // AutomountServiceAccountToken indicates whether a service account token should be automatically mounted. 2918 // +optional 2919 AutomountServiceAccountToken *bool `json:"automountServiceAccountToken,omitempty" protobuf:"varint,21,opt,name=automountServiceAccountToken"` 2920 2921 // NodeName is a request to schedule this pod onto a specific node. If it is non-empty, 2922 // the scheduler simply schedules this pod onto that node, assuming that it fits resource 2923 // requirements. 2924 // +optional 2925 NodeName string `json:"nodeName,omitempty" protobuf:"bytes,10,opt,name=nodeName"` 2926 // Host networking requested for this pod. Use the host's network namespace. 2927 // If this option is set, the ports that will be used must be specified. 2928 // Default to false. 2929 // +k8s:conversion-gen=false 2930 // +optional 2931 HostNetwork bool `json:"hostNetwork,omitempty" protobuf:"varint,11,opt,name=hostNetwork"` 2932 // Use the host's pid namespace. 2933 // Optional: Default to false. 2934 // +k8s:conversion-gen=false 2935 // +optional 2936 HostPID bool `json:"hostPID,omitempty" protobuf:"varint,12,opt,name=hostPID"` 2937 // Use the host's ipc namespace. 2938 // Optional: Default to false. 2939 // +k8s:conversion-gen=false 2940 // +optional 2941 HostIPC bool `json:"hostIPC,omitempty" protobuf:"varint,13,opt,name=hostIPC"` 2942 // Share a single process namespace between all of the containers in a pod. 2943 // When this is set containers will be able to view and signal processes from other containers 2944 // in the same pod, and the first process in each container will not be assigned PID 1. 2945 // HostPID and ShareProcessNamespace cannot both be set. 2946 // Optional: Default to false. 2947 // +k8s:conversion-gen=false 2948 // +optional 2949 ShareProcessNamespace *bool `json:"shareProcessNamespace,omitempty" protobuf:"varint,27,opt,name=shareProcessNamespace"` 2950 // SecurityContext holds pod-level security attributes and common container settings. 2951 // Optional: Defaults to empty. See type description for default values of each field. 2952 // +optional 2953 SecurityContext *PodSecurityContext `json:"securityContext,omitempty" protobuf:"bytes,14,opt,name=securityContext"` 2954 // ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. 2955 // If specified, these secrets will be passed to individual puller implementations for them to use. For example, 2956 // in the case of docker, only DockerConfig type secrets are honored. 2957 // More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod 2958 // +optional 2959 // +patchMergeKey=name 2960 // +patchStrategy=merge 2961 ImagePullSecrets []LocalObjectReference `json:"imagePullSecrets,omitempty" patchStrategy:"merge" patchMergeKey:"name" protobuf:"bytes,15,rep,name=imagePullSecrets"` 2962 // Specifies the hostname of the Pod 2963 // If not specified, the pod's hostname will be set to a system-defined value. 2964 // +optional 2965 Hostname string `json:"hostname,omitempty" protobuf:"bytes,16,opt,name=hostname"` 2966 // If specified, the fully qualified Pod hostname will be "<hostname>.<subdomain>.<pod namespace>.svc.<cluster domain>". 2967 // If not specified, the pod will not have a domainname at all. 2968 // +optional 2969 Subdomain string `json:"subdomain,omitempty" protobuf:"bytes,17,opt,name=subdomain"` 2970 // If specified, the pod's scheduling constraints 2971 // +optional 2972 Affinity *Affinity `json:"affinity,omitempty" protobuf:"bytes,18,opt,name=affinity"` 2973 // If specified, the pod will be dispatched by specified scheduler. 2974 // If not specified, the pod will be dispatched by default scheduler. 2975 // +optional 2976 SchedulerName string `json:"schedulerName,omitempty" protobuf:"bytes,19,opt,name=schedulerName"` 2977 // If specified, the pod's tolerations. 2978 // +optional 2979 Tolerations []Toleration `json:"tolerations,omitempty" protobuf:"bytes,22,opt,name=tolerations"` 2980 // HostAliases is an optional list of hosts and IPs that will be injected into the pod's hosts 2981 // file if specified. This is only valid for non-hostNetwork pods. 2982 // +optional 2983 // +patchMergeKey=ip 2984 // +patchStrategy=merge 2985 HostAliases []HostAlias `json:"hostAliases,omitempty" patchStrategy:"merge" patchMergeKey:"ip" protobuf:"bytes,23,rep,name=hostAliases"` 2986 // If specified, indicates the pod's priority. "system-node-critical" and 2987 // "system-cluster-critical" are two special keywords which indicate the 2988 // highest priorities with the former being the highest priority. Any other 2989 // name must be defined by creating a PriorityClass object with that name. 2990 // If not specified, the pod priority will be default or zero if there is no 2991 // default. 2992 // +optional 2993 PriorityClassName string `json:"priorityClassName,omitempty" protobuf:"bytes,24,opt,name=priorityClassName"` 2994 // The priority value. Various system components use this field to find the 2995 // priority of the pod. When Priority Admission Controller is enabled, it 2996 // prevents users from setting this field. The admission controller populates 2997 // this field from PriorityClassName. 2998 // The higher the value, the higher the priority. 2999 // +optional 3000 Priority *int32 `json:"priority,omitempty" protobuf:"bytes,25,opt,name=priority"` 3001 // Specifies the DNS parameters of a pod. 3002 // Parameters specified here will be merged to the generated DNS 3003 // configuration based on DNSPolicy. 3004 // +optional 3005 DNSConfig *PodDNSConfig `json:"dnsConfig,omitempty" protobuf:"bytes,26,opt,name=dnsConfig"` 3006 // If specified, all readiness gates will be evaluated for pod readiness. 3007 // A pod is ready when all its containers are ready AND 3008 // all conditions specified in the readiness gates have status equal to "True" 3009 // More info: https://git.k8s.io/enhancements/keps/sig-network/0007-pod-ready%2B%2B.md 3010 // +optional 3011 ReadinessGates []PodReadinessGate `json:"readinessGates,omitempty" protobuf:"bytes,28,opt,name=readinessGates"` 3012 // RuntimeClassName refers to a RuntimeClass object in the node.k8s.io group, which should be used 3013 // to run this pod. If no RuntimeClass resource matches the named class, the pod will not be run. 3014 // If unset or empty, the "legacy" RuntimeClass will be used, which is an implicit class with an 3015 // empty definition that uses the default runtime handler. 3016 // More info: https://git.k8s.io/enhancements/keps/sig-node/runtime-class.md 3017 // This is a beta feature as of Kubernetes v1.14. 3018 // +optional 3019 RuntimeClassName *string `json:"runtimeClassName,omitempty" protobuf:"bytes,29,opt,name=runtimeClassName"` 3020 // EnableServiceLinks indicates whether information about services should be injected into pod's 3021 // environment variables, matching the syntax of Docker links. 3022 // Optional: Defaults to true. 3023 // +optional 3024 EnableServiceLinks *bool `json:"enableServiceLinks,omitempty" protobuf:"varint,30,opt,name=enableServiceLinks"` 3025 // PreemptionPolicy is the Policy for preempting pods with lower priority. 3026 // One of Never, PreemptLowerPriority. 3027 // Defaults to PreemptLowerPriority if unset. 3028 // This field is alpha-level and is only honored by servers that enable the NonPreemptingPriority feature. 3029 // +optional 3030 PreemptionPolicy *PreemptionPolicy `json:"preemptionPolicy,omitempty" protobuf:"bytes,31,opt,name=preemptionPolicy"` 3031 // Overhead represents the resource overhead associated with running a pod for a given RuntimeClass. 3032 // This field will be autopopulated at admission time by the RuntimeClass admission controller. If 3033 // the RuntimeClass admission controller is enabled, overhead must not be set in Pod create requests. 3034 // The RuntimeClass admission controller will reject Pod create requests which have the overhead already 3035 // set. If RuntimeClass is configured and selected in the PodSpec, Overhead will be set to the value 3036 // defined in the corresponding RuntimeClass, otherwise it will remain unset and treated as zero. 3037 // More info: https://git.k8s.io/enhancements/keps/sig-node/20190226-pod-overhead.md 3038 // This field is alpha-level as of Kubernetes v1.16, and is only honored by servers that enable the PodOverhead feature. 3039 // +optional 3040 Overhead ResourceList `json:"overhead,omitempty" protobuf:"bytes,32,opt,name=overhead"` 3041 // TopologySpreadConstraints describes how a group of pods ought to spread across topology 3042 // domains. Scheduler will schedule pods in a way which abides by the constraints. 3043 // This field is only honored by clusters that enable the EvenPodsSpread feature. 3044 // All topologySpreadConstraints are ANDed. 3045 // +optional 3046 // +patchMergeKey=topologyKey 3047 // +patchStrategy=merge 3048 // +listType=map 3049 // +listMapKey=topologyKey 3050 // +listMapKey=whenUnsatisfiable 3051 TopologySpreadConstraints []TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty" patchStrategy:"merge" patchMergeKey:"topologyKey" protobuf:"bytes,33,opt,name=topologySpreadConstraints"` 3052} 3053 3054type UnsatisfiableConstraintAction string 3055 3056const ( 3057 // DoNotSchedule instructs the scheduler not to schedule the pod 3058 // when constraints are not satisfied. 3059 DoNotSchedule UnsatisfiableConstraintAction = "DoNotSchedule" 3060 // ScheduleAnyway instructs the scheduler to schedule the pod 3061 // even if constraints are not satisfied. 3062 ScheduleAnyway UnsatisfiableConstraintAction = "ScheduleAnyway" 3063) 3064 3065// TopologySpreadConstraint specifies how to spread matching pods among the given topology. 3066type TopologySpreadConstraint struct { 3067 // MaxSkew describes the degree to which pods may be unevenly distributed. 3068 // It's the maximum permitted difference between the number of matching pods in 3069 // any two topology domains of a given topology type. 3070 // For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same 3071 // labelSelector spread as 1/1/0: 3072 // +-------+-------+-------+ 3073 // | zone1 | zone2 | zone3 | 3074 // +-------+-------+-------+ 3075 // | P | P | | 3076 // +-------+-------+-------+ 3077 // - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 1/1/1; 3078 // scheduling it onto zone1(zone2) would make the ActualSkew(2-0) on zone1(zone2) 3079 // violate MaxSkew(1). 3080 // - if MaxSkew is 2, incoming pod can be scheduled onto any zone. 3081 // It's a required field. Default value is 1 and 0 is not allowed. 3082 MaxSkew int32 `json:"maxSkew" protobuf:"varint,1,opt,name=maxSkew"` 3083 // TopologyKey is the key of node labels. Nodes that have a label with this key 3084 // and identical values are considered to be in the same topology. 3085 // We consider each <key, value> as a "bucket", and try to put balanced number 3086 // of pods into each bucket. 3087 // It's a required field. 3088 TopologyKey string `json:"topologyKey" protobuf:"bytes,2,opt,name=topologyKey"` 3089 // WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy 3090 // the spread constraint. 3091 // - DoNotSchedule (default) tells the scheduler not to schedule it 3092 // - ScheduleAnyway tells the scheduler to still schedule it 3093 // It's considered as "Unsatisfiable" if and only if placing incoming pod on any 3094 // topology violates "MaxSkew". 3095 // For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same 3096 // labelSelector spread as 3/1/1: 3097 // +-------+-------+-------+ 3098 // | zone1 | zone2 | zone3 | 3099 // +-------+-------+-------+ 3100 // | P P P | P | P | 3101 // +-------+-------+-------+ 3102 // If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled 3103 // to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies 3104 // MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler 3105 // won't make it *more* imbalanced. 3106 // It's a required field. 3107 WhenUnsatisfiable UnsatisfiableConstraintAction `json:"whenUnsatisfiable" protobuf:"bytes,3,opt,name=whenUnsatisfiable,casttype=UnsatisfiableConstraintAction"` 3108 // LabelSelector is used to find matching pods. 3109 // Pods that match this label selector are counted to determine the number of pods 3110 // in their corresponding topology domain. 3111 // +optional 3112 LabelSelector *metav1.LabelSelector `json:"labelSelector,omitempty" protobuf:"bytes,4,opt,name=labelSelector"` 3113} 3114 3115const ( 3116 // The default value for enableServiceLinks attribute. 3117 DefaultEnableServiceLinks = true 3118) 3119 3120// HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the 3121// pod's hosts file. 3122type HostAlias struct { 3123 // IP address of the host file entry. 3124 IP string `json:"ip,omitempty" protobuf:"bytes,1,opt,name=ip"` 3125 // Hostnames for the above IP address. 3126 Hostnames []string `json:"hostnames,omitempty" protobuf:"bytes,2,rep,name=hostnames"` 3127} 3128 3129// PodFSGroupChangePolicy holds policies that will be used for applying fsGroup to a volume 3130// when volume is mounted. 3131type PodFSGroupChangePolicy string 3132 3133const ( 3134 // FSGroupChangeOnRootMismatch indicates that volume's ownership and permissions will be changed 3135 // only when permission and ownership of root directory does not match with expected 3136 // permissions on the volume. This can help shorten the time it takes to change 3137 // ownership and permissions of a volume. 3138 FSGroupChangeOnRootMismatch PodFSGroupChangePolicy = "OnRootMismatch" 3139 // FSGroupChangeAlways indicates that volume's ownership and permissions 3140 // should always be changed whenever volume is mounted inside a Pod. This the default 3141 // behavior. 3142 FSGroupChangeAlways PodFSGroupChangePolicy = "Always" 3143) 3144 3145// PodSecurityContext holds pod-level security attributes and common container settings. 3146// Some fields are also present in container.securityContext. Field values of 3147// container.securityContext take precedence over field values of PodSecurityContext. 3148type PodSecurityContext struct { 3149 // The SELinux context to be applied to all containers. 3150 // If unspecified, the container runtime will allocate a random SELinux context for each 3151 // container. May also be set in SecurityContext. If set in 3152 // both SecurityContext and PodSecurityContext, the value specified in SecurityContext 3153 // takes precedence for that container. 3154 // +optional 3155 SELinuxOptions *SELinuxOptions `json:"seLinuxOptions,omitempty" protobuf:"bytes,1,opt,name=seLinuxOptions"` 3156 // The Windows specific settings applied to all containers. 3157 // If unspecified, the options within a container's SecurityContext will be used. 3158 // If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. 3159 // +optional 3160 WindowsOptions *WindowsSecurityContextOptions `json:"windowsOptions,omitempty" protobuf:"bytes,8,opt,name=windowsOptions"` 3161 // The UID to run the entrypoint of the container process. 3162 // Defaults to user specified in image metadata if unspecified. 3163 // May also be set in SecurityContext. If set in both SecurityContext and 3164 // PodSecurityContext, the value specified in SecurityContext takes precedence 3165 // for that container. 3166 // +optional 3167 RunAsUser *int64 `json:"runAsUser,omitempty" protobuf:"varint,2,opt,name=runAsUser"` 3168 // The GID to run the entrypoint of the container process. 3169 // Uses runtime default if unset. 3170 // May also be set in SecurityContext. If set in both SecurityContext and 3171 // PodSecurityContext, the value specified in SecurityContext takes precedence 3172 // for that container. 3173 // +optional 3174 RunAsGroup *int64 `json:"runAsGroup,omitempty" protobuf:"varint,6,opt,name=runAsGroup"` 3175 // Indicates that the container must run as a non-root user. 3176 // If true, the Kubelet will validate the image at runtime to ensure that it 3177 // does not run as UID 0 (root) and fail to start the container if it does. 3178 // If unset or false, no such validation will be performed. 3179 // May also be set in SecurityContext. If set in both SecurityContext and 3180 // PodSecurityContext, the value specified in SecurityContext takes precedence. 3181 // +optional 3182 RunAsNonRoot *bool `json:"runAsNonRoot,omitempty" protobuf:"varint,3,opt,name=runAsNonRoot"` 3183 // A list of groups applied to the first process run in each container, in addition 3184 // to the container's primary GID. If unspecified, no groups will be added to 3185 // any container. 3186 // +optional 3187 SupplementalGroups []int64 `json:"supplementalGroups,omitempty" protobuf:"varint,4,rep,name=supplementalGroups"` 3188 // A special supplemental group that applies to all containers in a pod. 3189 // Some volume types allow the Kubelet to change the ownership of that volume 3190 // to be owned by the pod: 3191 // 3192 // 1. The owning GID will be the FSGroup 3193 // 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3194 // 3. The permission bits are OR'd with rw-rw---- 3195 // 3196 // If unset, the Kubelet will not modify the ownership and permissions of any volume. 3197 // +optional 3198 FSGroup *int64 `json:"fsGroup,omitempty" protobuf:"varint,5,opt,name=fsGroup"` 3199 // Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported 3200 // sysctls (by the container runtime) might fail to launch. 3201 // +optional 3202 Sysctls []Sysctl `json:"sysctls,omitempty" protobuf:"bytes,7,rep,name=sysctls"` 3203 // fsGroupChangePolicy defines behavior of changing ownership and permission of the volume 3204 // before being exposed inside Pod. This field will only apply to 3205 // volume types which support fsGroup based ownership(and permissions). 3206 // It will have no effect on ephemeral volume types such as: secret, configmaps 3207 // and emptydir. 3208 // Valid values are "OnRootMismatch" and "Always". If not specified defaults to "Always". 3209 // +optional 3210 FSGroupChangePolicy *PodFSGroupChangePolicy `json:"fsGroupChangePolicy,omitempty" protobuf:"bytes,9,opt,name=fsGroupChangePolicy"` 3211} 3212 3213// PodQOSClass defines the supported qos classes of Pods. 3214type PodQOSClass string 3215 3216const ( 3217 // PodQOSGuaranteed is the Guaranteed qos class. 3218 PodQOSGuaranteed PodQOSClass = "Guaranteed" 3219 // PodQOSBurstable is the Burstable qos class. 3220 PodQOSBurstable PodQOSClass = "Burstable" 3221 // PodQOSBestEffort is the BestEffort qos class. 3222 PodQOSBestEffort PodQOSClass = "BestEffort" 3223) 3224 3225// PodDNSConfig defines the DNS parameters of a pod in addition to 3226// those generated from DNSPolicy. 3227type PodDNSConfig struct { 3228 // A list of DNS name server IP addresses. 3229 // This will be appended to the base nameservers generated from DNSPolicy. 3230 // Duplicated nameservers will be removed. 3231 // +optional 3232 Nameservers []string `json:"nameservers,omitempty" protobuf:"bytes,1,rep,name=nameservers"` 3233 // A list of DNS search domains for host-name lookup. 3234 // This will be appended to the base search paths generated from DNSPolicy. 3235 // Duplicated search paths will be removed. 3236 // +optional 3237 Searches []string `json:"searches,omitempty" protobuf:"bytes,2,rep,name=searches"` 3238 // A list of DNS resolver options. 3239 // This will be merged with the base options generated from DNSPolicy. 3240 // Duplicated entries will be removed. Resolution options given in Options 3241 // will override those that appear in the base DNSPolicy. 3242 // +optional 3243 Options []PodDNSConfigOption `json:"options,omitempty" protobuf:"bytes,3,rep,name=options"` 3244} 3245 3246// PodDNSConfigOption defines DNS resolver options of a pod. 3247type PodDNSConfigOption struct { 3248 // Required. 3249 Name string `json:"name,omitempty" protobuf:"bytes,1,opt,name=name"` 3250 // +optional 3251 Value *string `json:"value,omitempty" protobuf:"bytes,2,opt,name=value"` 3252} 3253 3254// IP address information for entries in the (plural) PodIPs field. 3255// Each entry includes: 3256// IP: An IP address allocated to the pod. Routable at least within the cluster. 3257type PodIP struct { 3258 // ip is an IP address (IPv4 or IPv6) assigned to the pod 3259 IP string `json:"ip,omitempty" protobuf:"bytes,1,opt,name=ip"` 3260} 3261 3262// EphemeralContainerCommon is a copy of all fields in Container to be inlined in 3263// EphemeralContainer. This separate type allows easy conversion from EphemeralContainer 3264// to Container and allows separate documentation for the fields of EphemeralContainer. 3265// When a new field is added to Container it must be added here as well. 3266type EphemeralContainerCommon struct { 3267 // Name of the ephemeral container specified as a DNS_LABEL. 3268 // This name must be unique among all containers, init containers and ephemeral containers. 3269 Name string `json:"name" protobuf:"bytes,1,opt,name=name"` 3270 // Docker image name. 3271 // More info: https://kubernetes.io/docs/concepts/containers/images 3272 Image string `json:"image,omitempty" protobuf:"bytes,2,opt,name=image"` 3273 // Entrypoint array. Not executed within a shell. 3274 // The docker image's ENTRYPOINT is used if this is not provided. 3275 // Variable references $(VAR_NAME) are expanded using the container's environment. If a variable 3276 // cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax 3277 // can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, 3278 // regardless of whether the variable exists or not. 3279 // Cannot be updated. 3280 // More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell 3281 // +optional 3282 Command []string `json:"command,omitempty" protobuf:"bytes,3,rep,name=command"` 3283 // Arguments to the entrypoint. 3284 // The docker image's CMD is used if this is not provided. 3285 // Variable references $(VAR_NAME) are expanded using the container's environment. If a variable 3286 // cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax 3287 // can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, 3288 // regardless of whether the variable exists or not. 3289 // Cannot be updated. 3290 // More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell 3291 // +optional 3292 Args []string `json:"args,omitempty" protobuf:"bytes,4,rep,name=args"` 3293 // Container's working directory. 3294 // If not specified, the container runtime's default will be used, which 3295 // might be configured in the container image. 3296 // Cannot be updated. 3297 // +optional 3298 WorkingDir string `json:"workingDir,omitempty" protobuf:"bytes,5,opt,name=workingDir"` 3299 // Ports are not allowed for ephemeral containers. 3300 Ports []ContainerPort `json:"ports,omitempty" protobuf:"bytes,6,rep,name=ports"` 3301 // List of sources to populate environment variables in the container. 3302 // The keys defined within a source must be a C_IDENTIFIER. All invalid keys 3303 // will be reported as an event when the container is starting. When a key exists in multiple 3304 // sources, the value associated with the last source will take precedence. 3305 // Values defined by an Env with a duplicate key will take precedence. 3306 // Cannot be updated. 3307 // +optional 3308 EnvFrom []EnvFromSource `json:"envFrom,omitempty" protobuf:"bytes,19,rep,name=envFrom"` 3309 // List of environment variables to set in the container. 3310 // Cannot be updated. 3311 // +optional 3312 // +patchMergeKey=name 3313 // +patchStrategy=merge 3314 Env []EnvVar `json:"env,omitempty" patchStrategy:"merge" patchMergeKey:"name" protobuf:"bytes,7,rep,name=env"` 3315 // Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources 3316 // already allocated to the pod. 3317 // +optional 3318 Resources ResourceRequirements `json:"resources,omitempty" protobuf:"bytes,8,opt,name=resources"` 3319 // Pod volumes to mount into the container's filesystem. 3320 // Cannot be updated. 3321 // +optional 3322 // +patchMergeKey=mountPath 3323 // +patchStrategy=merge 3324 VolumeMounts []VolumeMount `json:"volumeMounts,omitempty" patchStrategy:"merge" patchMergeKey:"mountPath" protobuf:"bytes,9,rep,name=volumeMounts"` 3325 // volumeDevices is the list of block devices to be used by the container. 3326 // +patchMergeKey=devicePath 3327 // +patchStrategy=merge 3328 // +optional 3329 VolumeDevices []VolumeDevice `json:"volumeDevices,omitempty" patchStrategy:"merge" patchMergeKey:"devicePath" protobuf:"bytes,21,rep,name=volumeDevices"` 3330 // Probes are not allowed for ephemeral containers. 3331 // +optional 3332 LivenessProbe *Probe `json:"livenessProbe,omitempty" protobuf:"bytes,10,opt,name=livenessProbe"` 3333 // Probes are not allowed for ephemeral containers. 3334 // +optional 3335 ReadinessProbe *Probe `json:"readinessProbe,omitempty" protobuf:"bytes,11,opt,name=readinessProbe"` 3336 // Probes are not allowed for ephemeral containers. 3337 // +optional 3338 StartupProbe *Probe `json:"startupProbe,omitempty" protobuf:"bytes,22,opt,name=startupProbe"` 3339 // Lifecycle is not allowed for ephemeral containers. 3340 // +optional 3341 Lifecycle *Lifecycle `json:"lifecycle,omitempty" protobuf:"bytes,12,opt,name=lifecycle"` 3342 // Optional: Path at which the file to which the container's termination message 3343 // will be written is mounted into the container's filesystem. 3344 // Message written is intended to be brief final status, such as an assertion failure message. 3345 // Will be truncated by the node if greater than 4096 bytes. The total message length across 3346 // all containers will be limited to 12kb. 3347 // Defaults to /dev/termination-log. 3348 // Cannot be updated. 3349 // +optional 3350 TerminationMessagePath string `json:"terminationMessagePath,omitempty" protobuf:"bytes,13,opt,name=terminationMessagePath"` 3351 // Indicate how the termination message should be populated. File will use the contents of 3352 // terminationMessagePath to populate the container status message on both success and failure. 3353 // FallbackToLogsOnError will use the last chunk of container log output if the termination 3354 // message file is empty and the container exited with an error. 3355 // The log output is limited to 2048 bytes or 80 lines, whichever is smaller. 3356 // Defaults to File. 3357 // Cannot be updated. 3358 // +optional 3359 TerminationMessagePolicy TerminationMessagePolicy `json:"terminationMessagePolicy,omitempty" protobuf:"bytes,20,opt,name=terminationMessagePolicy,casttype=TerminationMessagePolicy"` 3360 // Image pull policy. 3361 // One of Always, Never, IfNotPresent. 3362 // Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. 3363 // Cannot be updated. 3364 // More info: https://kubernetes.io/docs/concepts/containers/images#updating-images 3365 // +optional 3366 ImagePullPolicy PullPolicy `json:"imagePullPolicy,omitempty" protobuf:"bytes,14,opt,name=imagePullPolicy,casttype=PullPolicy"` 3367 // SecurityContext is not allowed for ephemeral containers. 3368 // +optional 3369 SecurityContext *SecurityContext `json:"securityContext,omitempty" protobuf:"bytes,15,opt,name=securityContext"` 3370 3371 // Variables for interactive containers, these have very specialized use-cases (e.g. debugging) 3372 // and shouldn't be used for general purpose containers. 3373 3374 // Whether this container should allocate a buffer for stdin in the container runtime. If this 3375 // is not set, reads from stdin in the container will always result in EOF. 3376 // Default is false. 3377 // +optional 3378 Stdin bool `json:"stdin,omitempty" protobuf:"varint,16,opt,name=stdin"` 3379 // Whether the container runtime should close the stdin channel after it has been opened by 3380 // a single attach. When stdin is true the stdin stream will remain open across multiple attach 3381 // sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the 3382 // first client attaches to stdin, and then remains open and accepts data until the client disconnects, 3383 // at which time stdin is closed and remains closed until the container is restarted. If this 3384 // flag is false, a container processes that reads from stdin will never receive an EOF. 3385 // Default is false 3386 // +optional 3387 StdinOnce bool `json:"stdinOnce,omitempty" protobuf:"varint,17,opt,name=stdinOnce"` 3388 // Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. 3389 // Default is false. 3390 // +optional 3391 TTY bool `json:"tty,omitempty" protobuf:"varint,18,opt,name=tty"` 3392} 3393 3394// EphemeralContainerCommon converts to Container. All fields must be kept in sync between 3395// these two types. 3396var _ = Container(EphemeralContainerCommon{}) 3397 3398// An EphemeralContainer is a container that may be added temporarily to an existing pod for 3399// user-initiated activities such as debugging. Ephemeral containers have no resource or 3400// scheduling guarantees, and they will not be restarted when they exit or when a pod is 3401// removed or restarted. If an ephemeral container causes a pod to exceed its resource 3402// allocation, the pod may be evicted. 3403// Ephemeral containers may not be added by directly updating the pod spec. They must be added 3404// via the pod's ephemeralcontainers subresource, and they will appear in the pod spec 3405// once added. 3406// This is an alpha feature enabled by the EphemeralContainers feature flag. 3407type EphemeralContainer struct { 3408 // Ephemeral containers have all of the fields of Container, plus additional fields 3409 // specific to ephemeral containers. Fields in common with Container are in the 3410 // following inlined struct so than an EphemeralContainer may easily be converted 3411 // to a Container. 3412 EphemeralContainerCommon `json:",inline" protobuf:"bytes,1,req"` 3413 3414 // If set, the name of the container from PodSpec that this ephemeral container targets. 3415 // The ephemeral container will be run in the namespaces (IPC, PID, etc) of this container. 3416 // If not set then the ephemeral container is run in whatever namespaces are shared 3417 // for the pod. Note that the container runtime must support this feature. 3418 // +optional 3419 TargetContainerName string `json:"targetContainerName,omitempty" protobuf:"bytes,2,opt,name=targetContainerName"` 3420} 3421 3422// PodStatus represents information about the status of a pod. Status may trail the actual 3423// state of a system, especially if the node that hosts the pod cannot contact the control 3424// plane. 3425type PodStatus struct { 3426 // The phase of a Pod is a simple, high-level summary of where the Pod is in its lifecycle. 3427 // The conditions array, the reason and message fields, and the individual container status 3428 // arrays contain more detail about the pod's status. 3429 // There are five possible phase values: 3430 // 3431 // Pending: The pod has been accepted by the Kubernetes system, but one or more of the 3432 // container images has not been created. This includes time before being scheduled as 3433 // well as time spent downloading images over the network, which could take a while. 3434 // Running: The pod has been bound to a node, and all of the containers have been created. 3435 // At least one container is still running, or is in the process of starting or restarting. 3436 // Succeeded: All containers in the pod have terminated in success, and will not be restarted. 3437 // Failed: All containers in the pod have terminated, and at least one container has 3438 // terminated in failure. The container either exited with non-zero status or was terminated 3439 // by the system. 3440 // Unknown: For some reason the state of the pod could not be obtained, typically due to an 3441 // error in communicating with the host of the pod. 3442 // 3443 // More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-phase 3444 // +optional 3445 Phase PodPhase `json:"phase,omitempty" protobuf:"bytes,1,opt,name=phase,casttype=PodPhase"` 3446 // Current service state of pod. 3447 // More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions 3448 // +optional 3449 // +patchMergeKey=type 3450 // +patchStrategy=merge 3451 Conditions []PodCondition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,2,rep,name=conditions"` 3452 // A human readable message indicating details about why the pod is in this condition. 3453 // +optional 3454 Message string `json:"message,omitempty" protobuf:"bytes,3,opt,name=message"` 3455 // A brief CamelCase message indicating details about why the pod is in this state. 3456 // e.g. 'Evicted' 3457 // +optional 3458 Reason string `json:"reason,omitempty" protobuf:"bytes,4,opt,name=reason"` 3459 // nominatedNodeName is set only when this pod preempts other pods on the node, but it cannot be 3460 // scheduled right away as preemption victims receive their graceful termination periods. 3461 // This field does not guarantee that the pod will be scheduled on this node. Scheduler may decide 3462 // to place the pod elsewhere if other nodes become available sooner. Scheduler may also decide to 3463 // give the resources on this node to a higher priority pod that is created after preemption. 3464 // As a result, this field may be different than PodSpec.nodeName when the pod is 3465 // scheduled. 3466 // +optional 3467 NominatedNodeName string `json:"nominatedNodeName,omitempty" protobuf:"bytes,11,opt,name=nominatedNodeName"` 3468 3469 // IP address of the host to which the pod is assigned. Empty if not yet scheduled. 3470 // +optional 3471 HostIP string `json:"hostIP,omitempty" protobuf:"bytes,5,opt,name=hostIP"` 3472 // IP address allocated to the pod. Routable at least within the cluster. 3473 // Empty if not yet allocated. 3474 // +optional 3475 PodIP string `json:"podIP,omitempty" protobuf:"bytes,6,opt,name=podIP"` 3476 3477 // podIPs holds the IP addresses allocated to the pod. If this field is specified, the 0th entry must 3478 // match the podIP field. Pods may be allocated at most 1 value for each of IPv4 and IPv6. This list 3479 // is empty if no IPs have been allocated yet. 3480 // +optional 3481 // +patchStrategy=merge 3482 // +patchMergeKey=ip 3483 PodIPs []PodIP `json:"podIPs,omitempty" protobuf:"bytes,12,rep,name=podIPs" patchStrategy:"merge" patchMergeKey:"ip"` 3484 3485 // RFC 3339 date and time at which the object was acknowledged by the Kubelet. 3486 // This is before the Kubelet pulled the container image(s) for the pod. 3487 // +optional 3488 StartTime *metav1.Time `json:"startTime,omitempty" protobuf:"bytes,7,opt,name=startTime"` 3489 3490 // The list has one entry per init container in the manifest. The most recent successful 3491 // init container will have ready = true, the most recently started container will have 3492 // startTime set. 3493 // More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status 3494 InitContainerStatuses []ContainerStatus `json:"initContainerStatuses,omitempty" protobuf:"bytes,10,rep,name=initContainerStatuses"` 3495 3496 // The list has one entry per container in the manifest. Each entry is currently the output 3497 // of `docker inspect`. 3498 // More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status 3499 // +optional 3500 ContainerStatuses []ContainerStatus `json:"containerStatuses,omitempty" protobuf:"bytes,8,rep,name=containerStatuses"` 3501 // The Quality of Service (QOS) classification assigned to the pod based on resource requirements 3502 // See PodQOSClass type for available QOS classes 3503 // More info: https://git.k8s.io/community/contributors/design-proposals/node/resource-qos.md 3504 // +optional 3505 QOSClass PodQOSClass `json:"qosClass,omitempty" protobuf:"bytes,9,rep,name=qosClass"` 3506 // Status for any ephemeral containers that have run in this pod. 3507 // This field is alpha-level and is only populated by servers that enable the EphemeralContainers feature. 3508 // +optional 3509 EphemeralContainerStatuses []ContainerStatus `json:"ephemeralContainerStatuses,omitempty" protobuf:"bytes,13,rep,name=ephemeralContainerStatuses"` 3510} 3511 3512// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 3513 3514// PodStatusResult is a wrapper for PodStatus returned by kubelet that can be encode/decoded 3515type PodStatusResult struct { 3516 metav1.TypeMeta `json:",inline"` 3517 // Standard object's metadata. 3518 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata 3519 // +optional 3520 metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 3521 // Most recently observed status of the pod. 3522 // This data may not be up to date. 3523 // Populated by the system. 3524 // Read-only. 3525 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status 3526 // +optional 3527 Status PodStatus `json:"status,omitempty" protobuf:"bytes,2,opt,name=status"` 3528} 3529 3530// +genclient 3531// +genclient:method=GetEphemeralContainers,verb=get,subresource=ephemeralcontainers,result=EphemeralContainers 3532// +genclient:method=UpdateEphemeralContainers,verb=update,subresource=ephemeralcontainers,input=EphemeralContainers,result=EphemeralContainers 3533// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 3534 3535// Pod is a collection of containers that can run on a host. This resource is created 3536// by clients and scheduled onto hosts. 3537type Pod struct { 3538 metav1.TypeMeta `json:",inline"` 3539 // Standard object's metadata. 3540 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata 3541 // +optional 3542 metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 3543 3544 // Specification of the desired behavior of the pod. 3545 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status 3546 // +optional 3547 Spec PodSpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"` 3548 3549 // Most recently observed status of the pod. 3550 // This data may not be up to date. 3551 // Populated by the system. 3552 // Read-only. 3553 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status 3554 // +optional 3555 Status PodStatus `json:"status,omitempty" protobuf:"bytes,3,opt,name=status"` 3556} 3557 3558// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 3559 3560// PodList is a list of Pods. 3561type PodList struct { 3562 metav1.TypeMeta `json:",inline"` 3563 // Standard list metadata. 3564 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 3565 // +optional 3566 metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 3567 3568 // List of pods. 3569 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md 3570 Items []Pod `json:"items" protobuf:"bytes,2,rep,name=items"` 3571} 3572 3573// PodTemplateSpec describes the data a pod should have when created from a template 3574type PodTemplateSpec struct { 3575 // Standard object's metadata. 3576 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata 3577 // +optional 3578 metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 3579 3580 // Specification of the desired behavior of the pod. 3581 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status 3582 // +optional 3583 Spec PodSpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"` 3584} 3585 3586// +genclient 3587// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 3588 3589// PodTemplate describes a template for creating copies of a predefined pod. 3590type PodTemplate struct { 3591 metav1.TypeMeta `json:",inline"` 3592 // Standard object's metadata. 3593 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata 3594 // +optional 3595 metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 3596 3597 // Template defines the pods that will be created from this pod template. 3598 // https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status 3599 // +optional 3600 Template PodTemplateSpec `json:"template,omitempty" protobuf:"bytes,2,opt,name=template"` 3601} 3602 3603// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 3604 3605// PodTemplateList is a list of PodTemplates. 3606type PodTemplateList struct { 3607 metav1.TypeMeta `json:",inline"` 3608 // Standard list metadata. 3609 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 3610 // +optional 3611 metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 3612 3613 // List of pod templates 3614 Items []PodTemplate `json:"items" protobuf:"bytes,2,rep,name=items"` 3615} 3616 3617// ReplicationControllerSpec is the specification of a replication controller. 3618type ReplicationControllerSpec struct { 3619 // Replicas is the number of desired replicas. 3620 // This is a pointer to distinguish between explicit zero and unspecified. 3621 // Defaults to 1. 3622 // More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller 3623 // +optional 3624 Replicas *int32 `json:"replicas,omitempty" protobuf:"varint,1,opt,name=replicas"` 3625 3626 // Minimum number of seconds for which a newly created pod should be ready 3627 // without any of its container crashing, for it to be considered available. 3628 // Defaults to 0 (pod will be considered available as soon as it is ready) 3629 // +optional 3630 MinReadySeconds int32 `json:"minReadySeconds,omitempty" protobuf:"varint,4,opt,name=minReadySeconds"` 3631 3632 // Selector is a label query over pods that should match the Replicas count. 3633 // If Selector is empty, it is defaulted to the labels present on the Pod template. 3634 // Label keys and values that must match in order to be controlled by this replication 3635 // controller, if empty defaulted to labels on Pod template. 3636 // More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors 3637 // +optional 3638 Selector map[string]string `json:"selector,omitempty" protobuf:"bytes,2,rep,name=selector"` 3639 3640 // TemplateRef is a reference to an object that describes the pod that will be created if 3641 // insufficient replicas are detected. 3642 // Reference to an object that describes the pod that will be created if insufficient replicas are detected. 3643 // +optional 3644 // TemplateRef *ObjectReference `json:"templateRef,omitempty"` 3645 3646 // Template is the object that describes the pod that will be created if 3647 // insufficient replicas are detected. This takes precedence over a TemplateRef. 3648 // More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template 3649 // +optional 3650 Template *PodTemplateSpec `json:"template,omitempty" protobuf:"bytes,3,opt,name=template"` 3651} 3652 3653// ReplicationControllerStatus represents the current status of a replication 3654// controller. 3655type ReplicationControllerStatus struct { 3656 // Replicas is the most recently oberved number of replicas. 3657 // More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller 3658 Replicas int32 `json:"replicas" protobuf:"varint,1,opt,name=replicas"` 3659 3660 // The number of pods that have labels matching the labels of the pod template of the replication controller. 3661 // +optional 3662 FullyLabeledReplicas int32 `json:"fullyLabeledReplicas,omitempty" protobuf:"varint,2,opt,name=fullyLabeledReplicas"` 3663 3664 // The number of ready replicas for this replication controller. 3665 // +optional 3666 ReadyReplicas int32 `json:"readyReplicas,omitempty" protobuf:"varint,4,opt,name=readyReplicas"` 3667 3668 // The number of available replicas (ready for at least minReadySeconds) for this replication controller. 3669 // +optional 3670 AvailableReplicas int32 `json:"availableReplicas,omitempty" protobuf:"varint,5,opt,name=availableReplicas"` 3671 3672 // ObservedGeneration reflects the generation of the most recently observed replication controller. 3673 // +optional 3674 ObservedGeneration int64 `json:"observedGeneration,omitempty" protobuf:"varint,3,opt,name=observedGeneration"` 3675 3676 // Represents the latest available observations of a replication controller's current state. 3677 // +optional 3678 // +patchMergeKey=type 3679 // +patchStrategy=merge 3680 Conditions []ReplicationControllerCondition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,6,rep,name=conditions"` 3681} 3682 3683type ReplicationControllerConditionType string 3684 3685// These are valid conditions of a replication controller. 3686const ( 3687 // ReplicationControllerReplicaFailure is added in a replication controller when one of its pods 3688 // fails to be created due to insufficient quota, limit ranges, pod security policy, node selectors, 3689 // etc. or deleted due to kubelet being down or finalizers are failing. 3690 ReplicationControllerReplicaFailure ReplicationControllerConditionType = "ReplicaFailure" 3691) 3692 3693// ReplicationControllerCondition describes the state of a replication controller at a certain point. 3694type ReplicationControllerCondition struct { 3695 // Type of replication controller condition. 3696 Type ReplicationControllerConditionType `json:"type" protobuf:"bytes,1,opt,name=type,casttype=ReplicationControllerConditionType"` 3697 // Status of the condition, one of True, False, Unknown. 3698 Status ConditionStatus `json:"status" protobuf:"bytes,2,opt,name=status,casttype=ConditionStatus"` 3699 // The last time the condition transitioned from one status to another. 3700 // +optional 3701 LastTransitionTime metav1.Time `json:"lastTransitionTime,omitempty" protobuf:"bytes,3,opt,name=lastTransitionTime"` 3702 // The reason for the condition's last transition. 3703 // +optional 3704 Reason string `json:"reason,omitempty" protobuf:"bytes,4,opt,name=reason"` 3705 // A human readable message indicating details about the transition. 3706 // +optional 3707 Message string `json:"message,omitempty" protobuf:"bytes,5,opt,name=message"` 3708} 3709 3710// +genclient 3711// +genclient:method=GetScale,verb=get,subresource=scale,result=k8s.io/api/autoscaling/v1.Scale 3712// +genclient:method=UpdateScale,verb=update,subresource=scale,input=k8s.io/api/autoscaling/v1.Scale,result=k8s.io/api/autoscaling/v1.Scale 3713// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 3714 3715// ReplicationController represents the configuration of a replication controller. 3716type ReplicationController struct { 3717 metav1.TypeMeta `json:",inline"` 3718 3719 // If the Labels of a ReplicationController are empty, they are defaulted to 3720 // be the same as the Pod(s) that the replication controller manages. 3721 // Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata 3722 // +optional 3723 metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 3724 3725 // Spec defines the specification of the desired behavior of the replication controller. 3726 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status 3727 // +optional 3728 Spec ReplicationControllerSpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"` 3729 3730 // Status is the most recently observed status of the replication controller. 3731 // This data may be out of date by some window of time. 3732 // Populated by the system. 3733 // Read-only. 3734 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status 3735 // +optional 3736 Status ReplicationControllerStatus `json:"status,omitempty" protobuf:"bytes,3,opt,name=status"` 3737} 3738 3739// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 3740 3741// ReplicationControllerList is a collection of replication controllers. 3742type ReplicationControllerList struct { 3743 metav1.TypeMeta `json:",inline"` 3744 // Standard list metadata. 3745 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 3746 // +optional 3747 metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 3748 3749 // List of replication controllers. 3750 // More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller 3751 Items []ReplicationController `json:"items" protobuf:"bytes,2,rep,name=items"` 3752} 3753 3754// Session Affinity Type string 3755type ServiceAffinity string 3756 3757const ( 3758 // ServiceAffinityClientIP is the Client IP based. 3759 ServiceAffinityClientIP ServiceAffinity = "ClientIP" 3760 3761 // ServiceAffinityNone - no session affinity. 3762 ServiceAffinityNone ServiceAffinity = "None" 3763) 3764 3765const DefaultClientIPServiceAffinitySeconds int32 = 10800 3766 3767// SessionAffinityConfig represents the configurations of session affinity. 3768type SessionAffinityConfig struct { 3769 // clientIP contains the configurations of Client IP based session affinity. 3770 // +optional 3771 ClientIP *ClientIPConfig `json:"clientIP,omitempty" protobuf:"bytes,1,opt,name=clientIP"` 3772} 3773 3774// ClientIPConfig represents the configurations of Client IP based session affinity. 3775type ClientIPConfig struct { 3776 // timeoutSeconds specifies the seconds of ClientIP type session sticky time. 3777 // The value must be >0 && <=86400(for 1 day) if ServiceAffinity == "ClientIP". 3778 // Default value is 10800(for 3 hours). 3779 // +optional 3780 TimeoutSeconds *int32 `json:"timeoutSeconds,omitempty" protobuf:"varint,1,opt,name=timeoutSeconds"` 3781} 3782 3783// Service Type string describes ingress methods for a service 3784type ServiceType string 3785 3786const ( 3787 // ServiceTypeClusterIP means a service will only be accessible inside the 3788 // cluster, via the cluster IP. 3789 ServiceTypeClusterIP ServiceType = "ClusterIP" 3790 3791 // ServiceTypeNodePort means a service will be exposed on one port of 3792 // every node, in addition to 'ClusterIP' type. 3793 ServiceTypeNodePort ServiceType = "NodePort" 3794 3795 // ServiceTypeLoadBalancer means a service will be exposed via an 3796 // external load balancer (if the cloud provider supports it), in addition 3797 // to 'NodePort' type. 3798 ServiceTypeLoadBalancer ServiceType = "LoadBalancer" 3799 3800 // ServiceTypeExternalName means a service consists of only a reference to 3801 // an external name that kubedns or equivalent will return as a CNAME 3802 // record, with no exposing or proxying of any pods involved. 3803 ServiceTypeExternalName ServiceType = "ExternalName" 3804) 3805 3806// Service External Traffic Policy Type string 3807type ServiceExternalTrafficPolicyType string 3808 3809const ( 3810 // ServiceExternalTrafficPolicyTypeLocal specifies node-local endpoints behavior. 3811 ServiceExternalTrafficPolicyTypeLocal ServiceExternalTrafficPolicyType = "Local" 3812 // ServiceExternalTrafficPolicyTypeCluster specifies node-global (legacy) behavior. 3813 ServiceExternalTrafficPolicyTypeCluster ServiceExternalTrafficPolicyType = "Cluster" 3814) 3815 3816// ServiceStatus represents the current status of a service. 3817type ServiceStatus struct { 3818 // LoadBalancer contains the current status of the load-balancer, 3819 // if one is present. 3820 // +optional 3821 LoadBalancer LoadBalancerStatus `json:"loadBalancer,omitempty" protobuf:"bytes,1,opt,name=loadBalancer"` 3822} 3823 3824// LoadBalancerStatus represents the status of a load-balancer. 3825type LoadBalancerStatus struct { 3826 // Ingress is a list containing ingress points for the load-balancer. 3827 // Traffic intended for the service should be sent to these ingress points. 3828 // +optional 3829 Ingress []LoadBalancerIngress `json:"ingress,omitempty" protobuf:"bytes,1,rep,name=ingress"` 3830} 3831 3832// LoadBalancerIngress represents the status of a load-balancer ingress point: 3833// traffic intended for the service should be sent to an ingress point. 3834type LoadBalancerIngress struct { 3835 // IP is set for load-balancer ingress points that are IP based 3836 // (typically GCE or OpenStack load-balancers) 3837 // +optional 3838 IP string `json:"ip,omitempty" protobuf:"bytes,1,opt,name=ip"` 3839 3840 // Hostname is set for load-balancer ingress points that are DNS based 3841 // (typically AWS load-balancers) 3842 // +optional 3843 Hostname string `json:"hostname,omitempty" protobuf:"bytes,2,opt,name=hostname"` 3844} 3845 3846// IPFamily represents the IP Family (IPv4 or IPv6). This type is used 3847// to express the family of an IP expressed by a type (i.e. service.Spec.IPFamily) 3848type IPFamily string 3849 3850const ( 3851 // IPv4Protocol indicates that this IP is IPv4 protocol 3852 IPv4Protocol IPFamily = "IPv4" 3853 // IPv6Protocol indicates that this IP is IPv6 protocol 3854 IPv6Protocol IPFamily = "IPv6" 3855 // MaxServiceTopologyKeys is the largest number of topology keys allowed on a service 3856 MaxServiceTopologyKeys = 16 3857) 3858 3859// ServiceSpec describes the attributes that a user creates on a service. 3860type ServiceSpec struct { 3861 // The list of ports that are exposed by this service. 3862 // More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies 3863 // +patchMergeKey=port 3864 // +patchStrategy=merge 3865 // +listType=map 3866 // +listMapKey=port 3867 // +listMapKey=protocol 3868 Ports []ServicePort `json:"ports,omitempty" patchStrategy:"merge" patchMergeKey:"port" protobuf:"bytes,1,rep,name=ports"` 3869 3870 // Route service traffic to pods with label keys and values matching this 3871 // selector. If empty or not present, the service is assumed to have an 3872 // external process managing its endpoints, which Kubernetes will not 3873 // modify. Only applies to types ClusterIP, NodePort, and LoadBalancer. 3874 // Ignored if type is ExternalName. 3875 // More info: https://kubernetes.io/docs/concepts/services-networking/service/ 3876 // +optional 3877 Selector map[string]string `json:"selector,omitempty" protobuf:"bytes,2,rep,name=selector"` 3878 3879 // clusterIP is the IP address of the service and is usually assigned 3880 // randomly by the master. If an address is specified manually and is not in 3881 // use by others, it will be allocated to the service; otherwise, creation 3882 // of the service will fail. This field can not be changed through updates. 3883 // Valid values are "None", empty string (""), or a valid IP address. "None" 3884 // can be specified for headless services when proxying is not required. 3885 // Only applies to types ClusterIP, NodePort, and LoadBalancer. Ignored if 3886 // type is ExternalName. 3887 // More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies 3888 // +optional 3889 ClusterIP string `json:"clusterIP,omitempty" protobuf:"bytes,3,opt,name=clusterIP"` 3890 3891 // type determines how the Service is exposed. Defaults to ClusterIP. Valid 3892 // options are ExternalName, ClusterIP, NodePort, and LoadBalancer. 3893 // "ExternalName" maps to the specified externalName. 3894 // "ClusterIP" allocates a cluster-internal IP address for load-balancing to 3895 // endpoints. Endpoints are determined by the selector or if that is not 3896 // specified, by manual construction of an Endpoints object. If clusterIP is 3897 // "None", no virtual IP is allocated and the endpoints are published as a 3898 // set of endpoints rather than a stable IP. 3899 // "NodePort" builds on ClusterIP and allocates a port on every node which 3900 // routes to the clusterIP. 3901 // "LoadBalancer" builds on NodePort and creates an 3902 // external load-balancer (if supported in the current cloud) which routes 3903 // to the clusterIP. 3904 // More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types 3905 // +optional 3906 Type ServiceType `json:"type,omitempty" protobuf:"bytes,4,opt,name=type,casttype=ServiceType"` 3907 3908 // externalIPs is a list of IP addresses for which nodes in the cluster 3909 // will also accept traffic for this service. These IPs are not managed by 3910 // Kubernetes. The user is responsible for ensuring that traffic arrives 3911 // at a node with this IP. A common example is external load-balancers 3912 // that are not part of the Kubernetes system. 3913 // +optional 3914 ExternalIPs []string `json:"externalIPs,omitempty" protobuf:"bytes,5,rep,name=externalIPs"` 3915 3916 // Supports "ClientIP" and "None". Used to maintain session affinity. 3917 // Enable client IP based session affinity. 3918 // Must be ClientIP or None. 3919 // Defaults to None. 3920 // More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies 3921 // +optional 3922 SessionAffinity ServiceAffinity `json:"sessionAffinity,omitempty" protobuf:"bytes,7,opt,name=sessionAffinity,casttype=ServiceAffinity"` 3923 3924 // Only applies to Service Type: LoadBalancer 3925 // LoadBalancer will get created with the IP specified in this field. 3926 // This feature depends on whether the underlying cloud-provider supports specifying 3927 // the loadBalancerIP when a load balancer is created. 3928 // This field will be ignored if the cloud-provider does not support the feature. 3929 // +optional 3930 LoadBalancerIP string `json:"loadBalancerIP,omitempty" protobuf:"bytes,8,opt,name=loadBalancerIP"` 3931 3932 // If specified and supported by the platform, this will restrict traffic through the cloud-provider 3933 // load-balancer will be restricted to the specified client IPs. This field will be ignored if the 3934 // cloud-provider does not support the feature." 3935 // More info: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/ 3936 // +optional 3937 LoadBalancerSourceRanges []string `json:"loadBalancerSourceRanges,omitempty" protobuf:"bytes,9,opt,name=loadBalancerSourceRanges"` 3938 3939 // externalName is the external reference that kubedns or equivalent will 3940 // return as a CNAME record for this service. No proxying will be involved. 3941 // Must be a valid RFC-1123 hostname (https://tools.ietf.org/html/rfc1123) 3942 // and requires Type to be ExternalName. 3943 // +optional 3944 ExternalName string `json:"externalName,omitempty" protobuf:"bytes,10,opt,name=externalName"` 3945 3946 // externalTrafficPolicy denotes if this Service desires to route external 3947 // traffic to node-local or cluster-wide endpoints. "Local" preserves the 3948 // client source IP and avoids a second hop for LoadBalancer and Nodeport 3949 // type services, but risks potentially imbalanced traffic spreading. 3950 // "Cluster" obscures the client source IP and may cause a second hop to 3951 // another node, but should have good overall load-spreading. 3952 // +optional 3953 ExternalTrafficPolicy ServiceExternalTrafficPolicyType `json:"externalTrafficPolicy,omitempty" protobuf:"bytes,11,opt,name=externalTrafficPolicy"` 3954 3955 // healthCheckNodePort specifies the healthcheck nodePort for the service. 3956 // If not specified, HealthCheckNodePort is created by the service api 3957 // backend with the allocated nodePort. Will use user-specified nodePort value 3958 // if specified by the client. Only effects when Type is set to LoadBalancer 3959 // and ExternalTrafficPolicy is set to Local. 3960 // +optional 3961 HealthCheckNodePort int32 `json:"healthCheckNodePort,omitempty" protobuf:"bytes,12,opt,name=healthCheckNodePort"` 3962 3963 // publishNotReadyAddresses, when set to true, indicates that DNS implementations 3964 // must publish the notReadyAddresses of subsets for the Endpoints associated with 3965 // the Service. The default value is false. 3966 // The primary use case for setting this field is to use a StatefulSet's Headless Service 3967 // to propagate SRV records for its Pods without respect to their readiness for purpose 3968 // of peer discovery. 3969 // +optional 3970 PublishNotReadyAddresses bool `json:"publishNotReadyAddresses,omitempty" protobuf:"varint,13,opt,name=publishNotReadyAddresses"` 3971 3972 // sessionAffinityConfig contains the configurations of session affinity. 3973 // +optional 3974 SessionAffinityConfig *SessionAffinityConfig `json:"sessionAffinityConfig,omitempty" protobuf:"bytes,14,opt,name=sessionAffinityConfig"` 3975 3976 // ipFamily specifies whether this Service has a preference for a particular IP family (e.g. IPv4 vs. 3977 // IPv6). If a specific IP family is requested, the clusterIP field will be allocated from that family, if it is 3978 // available in the cluster. If no IP family is requested, the cluster's primary IP family will be used. 3979 // Other IP fields (loadBalancerIP, loadBalancerSourceRanges, externalIPs) and controllers which 3980 // allocate external load-balancers should use the same IP family. Endpoints for this Service will be of 3981 // this family. This field is immutable after creation. Assigning a ServiceIPFamily not available in the 3982 // cluster (e.g. IPv6 in IPv4 only cluster) is an error condition and will fail during clusterIP assignment. 3983 // +optional 3984 IPFamily *IPFamily `json:"ipFamily,omitempty" protobuf:"bytes,15,opt,name=ipFamily,Configcasttype=IPFamily"` 3985 3986 // topologyKeys is a preference-order list of topology keys which 3987 // implementations of services should use to preferentially sort endpoints 3988 // when accessing this Service, it can not be used at the same time as 3989 // externalTrafficPolicy=Local. 3990 // Topology keys must be valid label keys and at most 16 keys may be specified. 3991 // Endpoints are chosen based on the first topology key with available backends. 3992 // If this field is specified and all entries have no backends that match 3993 // the topology of the client, the service has no backends for that client 3994 // and connections should fail. 3995 // The special value "*" may be used to mean "any topology". This catch-all 3996 // value, if used, only makes sense as the last value in the list. 3997 // If this is not specified or empty, no topology constraints will be applied. 3998 // +optional 3999 TopologyKeys []string `json:"topologyKeys,omitempty" protobuf:"bytes,16,opt,name=topologyKeys"` 4000} 4001 4002// ServicePort contains information on service's port. 4003type ServicePort struct { 4004 // The name of this port within the service. This must be a DNS_LABEL. 4005 // All ports within a ServiceSpec must have unique names. When considering 4006 // the endpoints for a Service, this must match the 'name' field in the 4007 // EndpointPort. 4008 // Optional if only one ServicePort is defined on this service. 4009 // +optional 4010 Name string `json:"name,omitempty" protobuf:"bytes,1,opt,name=name"` 4011 4012 // The IP protocol for this port. Supports "TCP", "UDP", and "SCTP". 4013 // Default is TCP. 4014 // +optional 4015 Protocol Protocol `json:"protocol,omitempty" protobuf:"bytes,2,opt,name=protocol,casttype=Protocol"` 4016 4017 // The application protocol for this port. 4018 // This field follows standard Kubernetes label syntax. 4019 // Un-prefixed names are reserved for IANA standard service names (as per 4020 // RFC-6335 and http://www.iana.org/assignments/service-names). 4021 // Non-standard protocols should use prefixed names such as 4022 // mycompany.com/my-custom-protocol. 4023 // Field can be enabled with ServiceAppProtocol feature gate. 4024 // +optional 4025 AppProtocol *string `json:"appProtocol,omitempty" protobuf:"bytes,6,opt,name=appProtocol"` 4026 4027 // The port that will be exposed by this service. 4028 Port int32 `json:"port" protobuf:"varint,3,opt,name=port"` 4029 4030 // Number or name of the port to access on the pods targeted by the service. 4031 // Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 4032 // If this is a string, it will be looked up as a named port in the 4033 // target Pod's container ports. If this is not specified, the value 4034 // of the 'port' field is used (an identity map). 4035 // This field is ignored for services with clusterIP=None, and should be 4036 // omitted or set equal to the 'port' field. 4037 // More info: https://kubernetes.io/docs/concepts/services-networking/service/#defining-a-service 4038 // +optional 4039 TargetPort intstr.IntOrString `json:"targetPort,omitempty" protobuf:"bytes,4,opt,name=targetPort"` 4040 4041 // The port on each node on which this service is exposed when type=NodePort or LoadBalancer. 4042 // Usually assigned by the system. If specified, it will be allocated to the service 4043 // if unused or else creation of the service will fail. 4044 // Default is to auto-allocate a port if the ServiceType of this Service requires one. 4045 // More info: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport 4046 // +optional 4047 NodePort int32 `json:"nodePort,omitempty" protobuf:"varint,5,opt,name=nodePort"` 4048} 4049 4050// +genclient 4051// +genclient:skipVerbs=deleteCollection 4052// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 4053 4054// Service is a named abstraction of software service (for example, mysql) consisting of local port 4055// (for example 3306) that the proxy listens on, and the selector that determines which pods 4056// will answer requests sent through the proxy. 4057type Service struct { 4058 metav1.TypeMeta `json:",inline"` 4059 // Standard object's metadata. 4060 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata 4061 // +optional 4062 metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 4063 4064 // Spec defines the behavior of a service. 4065 // https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status 4066 // +optional 4067 Spec ServiceSpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"` 4068 4069 // Most recently observed status of the service. 4070 // Populated by the system. 4071 // Read-only. 4072 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status 4073 // +optional 4074 Status ServiceStatus `json:"status,omitempty" protobuf:"bytes,3,opt,name=status"` 4075} 4076 4077const ( 4078 // ClusterIPNone - do not assign a cluster IP 4079 // no proxying required and no environment variables should be created for pods 4080 ClusterIPNone = "None" 4081) 4082 4083// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 4084 4085// ServiceList holds a list of services. 4086type ServiceList struct { 4087 metav1.TypeMeta `json:",inline"` 4088 // Standard list metadata. 4089 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 4090 // +optional 4091 metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 4092 4093 // List of services 4094 Items []Service `json:"items" protobuf:"bytes,2,rep,name=items"` 4095} 4096 4097// +genclient 4098// +genclient:method=CreateToken,verb=create,subresource=token,input=k8s.io/api/authentication/v1.TokenRequest,result=k8s.io/api/authentication/v1.TokenRequest 4099// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 4100 4101// ServiceAccount binds together: 4102// * a name, understood by users, and perhaps by peripheral systems, for an identity 4103// * a principal that can be authenticated and authorized 4104// * a set of secrets 4105type ServiceAccount struct { 4106 metav1.TypeMeta `json:",inline"` 4107 // Standard object's metadata. 4108 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata 4109 // +optional 4110 metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 4111 4112 // Secrets is the list of secrets allowed to be used by pods running using this ServiceAccount. 4113 // More info: https://kubernetes.io/docs/concepts/configuration/secret 4114 // +optional 4115 // +patchMergeKey=name 4116 // +patchStrategy=merge 4117 Secrets []ObjectReference `json:"secrets,omitempty" patchStrategy:"merge" patchMergeKey:"name" protobuf:"bytes,2,rep,name=secrets"` 4118 4119 // ImagePullSecrets is a list of references to secrets in the same namespace to use for pulling any images 4120 // in pods that reference this ServiceAccount. ImagePullSecrets are distinct from Secrets because Secrets 4121 // can be mounted in the pod, but ImagePullSecrets are only accessed by the kubelet. 4122 // More info: https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod 4123 // +optional 4124 ImagePullSecrets []LocalObjectReference `json:"imagePullSecrets,omitempty" protobuf:"bytes,3,rep,name=imagePullSecrets"` 4125 4126 // AutomountServiceAccountToken indicates whether pods running as this service account should have an API token automatically mounted. 4127 // Can be overridden at the pod level. 4128 // +optional 4129 AutomountServiceAccountToken *bool `json:"automountServiceAccountToken,omitempty" protobuf:"varint,4,opt,name=automountServiceAccountToken"` 4130} 4131 4132// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 4133 4134// ServiceAccountList is a list of ServiceAccount objects 4135type ServiceAccountList struct { 4136 metav1.TypeMeta `json:",inline"` 4137 // Standard list metadata. 4138 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 4139 // +optional 4140 metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 4141 4142 // List of ServiceAccounts. 4143 // More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ 4144 Items []ServiceAccount `json:"items" protobuf:"bytes,2,rep,name=items"` 4145} 4146 4147// +genclient 4148// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 4149 4150// Endpoints is a collection of endpoints that implement the actual service. Example: 4151// Name: "mysvc", 4152// Subsets: [ 4153// { 4154// Addresses: [{"ip": "10.10.1.1"}, {"ip": "10.10.2.2"}], 4155// Ports: [{"name": "a", "port": 8675}, {"name": "b", "port": 309}] 4156// }, 4157// { 4158// Addresses: [{"ip": "10.10.3.3"}], 4159// Ports: [{"name": "a", "port": 93}, {"name": "b", "port": 76}] 4160// }, 4161// ] 4162type Endpoints struct { 4163 metav1.TypeMeta `json:",inline"` 4164 // Standard object's metadata. 4165 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata 4166 // +optional 4167 metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 4168 4169 // The set of all endpoints is the union of all subsets. Addresses are placed into 4170 // subsets according to the IPs they share. A single address with multiple ports, 4171 // some of which are ready and some of which are not (because they come from 4172 // different containers) will result in the address being displayed in different 4173 // subsets for the different ports. No address will appear in both Addresses and 4174 // NotReadyAddresses in the same subset. 4175 // Sets of addresses and ports that comprise a service. 4176 // +optional 4177 Subsets []EndpointSubset `json:"subsets,omitempty" protobuf:"bytes,2,rep,name=subsets"` 4178} 4179 4180// EndpointSubset is a group of addresses with a common set of ports. The 4181// expanded set of endpoints is the Cartesian product of Addresses x Ports. 4182// For example, given: 4183// { 4184// Addresses: [{"ip": "10.10.1.1"}, {"ip": "10.10.2.2"}], 4185// Ports: [{"name": "a", "port": 8675}, {"name": "b", "port": 309}] 4186// } 4187// The resulting set of endpoints can be viewed as: 4188// a: [ 10.10.1.1:8675, 10.10.2.2:8675 ], 4189// b: [ 10.10.1.1:309, 10.10.2.2:309 ] 4190type EndpointSubset struct { 4191 // IP addresses which offer the related ports that are marked as ready. These endpoints 4192 // should be considered safe for load balancers and clients to utilize. 4193 // +optional 4194 Addresses []EndpointAddress `json:"addresses,omitempty" protobuf:"bytes,1,rep,name=addresses"` 4195 // IP addresses which offer the related ports but are not currently marked as ready 4196 // because they have not yet finished starting, have recently failed a readiness check, 4197 // or have recently failed a liveness check. 4198 // +optional 4199 NotReadyAddresses []EndpointAddress `json:"notReadyAddresses,omitempty" protobuf:"bytes,2,rep,name=notReadyAddresses"` 4200 // Port numbers available on the related IP addresses. 4201 // +optional 4202 Ports []EndpointPort `json:"ports,omitempty" protobuf:"bytes,3,rep,name=ports"` 4203} 4204 4205// EndpointAddress is a tuple that describes single IP address. 4206type EndpointAddress struct { 4207 // The IP of this endpoint. 4208 // May not be loopback (127.0.0.0/8), link-local (169.254.0.0/16), 4209 // or link-local multicast ((224.0.0.0/24). 4210 // IPv6 is also accepted but not fully supported on all platforms. Also, certain 4211 // kubernetes components, like kube-proxy, are not IPv6 ready. 4212 // TODO: This should allow hostname or IP, See #4447. 4213 IP string `json:"ip" protobuf:"bytes,1,opt,name=ip"` 4214 // The Hostname of this endpoint 4215 // +optional 4216 Hostname string `json:"hostname,omitempty" protobuf:"bytes,3,opt,name=hostname"` 4217 // Optional: Node hosting this endpoint. This can be used to determine endpoints local to a node. 4218 // +optional 4219 NodeName *string `json:"nodeName,omitempty" protobuf:"bytes,4,opt,name=nodeName"` 4220 // Reference to object providing the endpoint. 4221 // +optional 4222 TargetRef *ObjectReference `json:"targetRef,omitempty" protobuf:"bytes,2,opt,name=targetRef"` 4223} 4224 4225// EndpointPort is a tuple that describes a single port. 4226type EndpointPort struct { 4227 // The name of this port. This must match the 'name' field in the 4228 // corresponding ServicePort. 4229 // Must be a DNS_LABEL. 4230 // Optional only if one port is defined. 4231 // +optional 4232 Name string `json:"name,omitempty" protobuf:"bytes,1,opt,name=name"` 4233 4234 // The port number of the endpoint. 4235 Port int32 `json:"port" protobuf:"varint,2,opt,name=port"` 4236 4237 // The IP protocol for this port. 4238 // Must be UDP, TCP, or SCTP. 4239 // Default is TCP. 4240 // +optional 4241 Protocol Protocol `json:"protocol,omitempty" protobuf:"bytes,3,opt,name=protocol,casttype=Protocol"` 4242 4243 // The application protocol for this port. 4244 // This field follows standard Kubernetes label syntax. 4245 // Un-prefixed names are reserved for IANA standard service names (as per 4246 // RFC-6335 and http://www.iana.org/assignments/service-names). 4247 // Non-standard protocols should use prefixed names such as 4248 // mycompany.com/my-custom-protocol. 4249 // Field can be enabled with ServiceAppProtocol feature gate. 4250 // +optional 4251 AppProtocol *string `json:"appProtocol,omitempty" protobuf:"bytes,4,opt,name=appProtocol"` 4252} 4253 4254// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 4255 4256// EndpointsList is a list of endpoints. 4257type EndpointsList struct { 4258 metav1.TypeMeta `json:",inline"` 4259 // Standard list metadata. 4260 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 4261 // +optional 4262 metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 4263 4264 // List of endpoints. 4265 Items []Endpoints `json:"items" protobuf:"bytes,2,rep,name=items"` 4266} 4267 4268// NodeSpec describes the attributes that a node is created with. 4269type NodeSpec struct { 4270 // PodCIDR represents the pod IP range assigned to the node. 4271 // +optional 4272 PodCIDR string `json:"podCIDR,omitempty" protobuf:"bytes,1,opt,name=podCIDR"` 4273 4274 // podCIDRs represents the IP ranges assigned to the node for usage by Pods on that node. If this 4275 // field is specified, the 0th entry must match the podCIDR field. It may contain at most 1 value for 4276 // each of IPv4 and IPv6. 4277 // +optional 4278 // +patchStrategy=merge 4279 PodCIDRs []string `json:"podCIDRs,omitempty" protobuf:"bytes,7,opt,name=podCIDRs" patchStrategy:"merge"` 4280 4281 // ID of the node assigned by the cloud provider in the format: <ProviderName>://<ProviderSpecificNodeID> 4282 // +optional 4283 ProviderID string `json:"providerID,omitempty" protobuf:"bytes,3,opt,name=providerID"` 4284 // Unschedulable controls node schedulability of new pods. By default, node is schedulable. 4285 // More info: https://kubernetes.io/docs/concepts/nodes/node/#manual-node-administration 4286 // +optional 4287 Unschedulable bool `json:"unschedulable,omitempty" protobuf:"varint,4,opt,name=unschedulable"` 4288 // If specified, the node's taints. 4289 // +optional 4290 Taints []Taint `json:"taints,omitempty" protobuf:"bytes,5,opt,name=taints"` 4291 // If specified, the source to get node configuration from 4292 // The DynamicKubeletConfig feature gate must be enabled for the Kubelet to use this field 4293 // +optional 4294 ConfigSource *NodeConfigSource `json:"configSource,omitempty" protobuf:"bytes,6,opt,name=configSource"` 4295 4296 // Deprecated. Not all kubelets will set this field. Remove field after 1.13. 4297 // see: https://issues.k8s.io/61966 4298 // +optional 4299 DoNotUseExternalID string `json:"externalID,omitempty" protobuf:"bytes,2,opt,name=externalID"` 4300} 4301 4302// NodeConfigSource specifies a source of node configuration. Exactly one subfield (excluding metadata) must be non-nil. 4303type NodeConfigSource struct { 4304 // For historical context, regarding the below kind, apiVersion, and configMapRef deprecation tags: 4305 // 1. kind/apiVersion were used by the kubelet to persist this struct to disk (they had no protobuf tags) 4306 // 2. configMapRef and proto tag 1 were used by the API to refer to a configmap, 4307 // but used a generic ObjectReference type that didn't really have the fields we needed 4308 // All uses/persistence of the NodeConfigSource struct prior to 1.11 were gated by alpha feature flags, 4309 // so there was no persisted data for these fields that needed to be migrated/handled. 4310 4311 // +k8s:deprecated=kind 4312 // +k8s:deprecated=apiVersion 4313 // +k8s:deprecated=configMapRef,protobuf=1 4314 4315 // ConfigMap is a reference to a Node's ConfigMap 4316 ConfigMap *ConfigMapNodeConfigSource `json:"configMap,omitempty" protobuf:"bytes,2,opt,name=configMap"` 4317} 4318 4319// ConfigMapNodeConfigSource contains the information to reference a ConfigMap as a config source for the Node. 4320type ConfigMapNodeConfigSource struct { 4321 // Namespace is the metadata.namespace of the referenced ConfigMap. 4322 // This field is required in all cases. 4323 Namespace string `json:"namespace" protobuf:"bytes,1,opt,name=namespace"` 4324 4325 // Name is the metadata.name of the referenced ConfigMap. 4326 // This field is required in all cases. 4327 Name string `json:"name" protobuf:"bytes,2,opt,name=name"` 4328 4329 // UID is the metadata.UID of the referenced ConfigMap. 4330 // This field is forbidden in Node.Spec, and required in Node.Status. 4331 // +optional 4332 UID types.UID `json:"uid,omitempty" protobuf:"bytes,3,opt,name=uid"` 4333 4334 // ResourceVersion is the metadata.ResourceVersion of the referenced ConfigMap. 4335 // This field is forbidden in Node.Spec, and required in Node.Status. 4336 // +optional 4337 ResourceVersion string `json:"resourceVersion,omitempty" protobuf:"bytes,4,opt,name=resourceVersion"` 4338 4339 // KubeletConfigKey declares which key of the referenced ConfigMap corresponds to the KubeletConfiguration structure 4340 // This field is required in all cases. 4341 KubeletConfigKey string `json:"kubeletConfigKey" protobuf:"bytes,5,opt,name=kubeletConfigKey"` 4342} 4343 4344// DaemonEndpoint contains information about a single Daemon endpoint. 4345type DaemonEndpoint struct { 4346 /* 4347 The port tag was not properly in quotes in earlier releases, so it must be 4348 uppercased for backwards compat (since it was falling back to var name of 4349 'Port'). 4350 */ 4351 4352 // Port number of the given endpoint. 4353 Port int32 `json:"Port" protobuf:"varint,1,opt,name=Port"` 4354} 4355 4356// NodeDaemonEndpoints lists ports opened by daemons running on the Node. 4357type NodeDaemonEndpoints struct { 4358 // Endpoint on which Kubelet is listening. 4359 // +optional 4360 KubeletEndpoint DaemonEndpoint `json:"kubeletEndpoint,omitempty" protobuf:"bytes,1,opt,name=kubeletEndpoint"` 4361} 4362 4363// NodeSystemInfo is a set of ids/uuids to uniquely identify the node. 4364type NodeSystemInfo struct { 4365 // MachineID reported by the node. For unique machine identification 4366 // in the cluster this field is preferred. Learn more from man(5) 4367 // machine-id: http://man7.org/linux/man-pages/man5/machine-id.5.html 4368 MachineID string `json:"machineID" protobuf:"bytes,1,opt,name=machineID"` 4369 // SystemUUID reported by the node. For unique machine identification 4370 // MachineID is preferred. This field is specific to Red Hat hosts 4371 // https://access.redhat.com/documentation/en-US/Red_Hat_Subscription_Management/1/html/RHSM/getting-system-uuid.html 4372 SystemUUID string `json:"systemUUID" protobuf:"bytes,2,opt,name=systemUUID"` 4373 // Boot ID reported by the node. 4374 BootID string `json:"bootID" protobuf:"bytes,3,opt,name=bootID"` 4375 // Kernel Version reported by the node from 'uname -r' (e.g. 3.16.0-0.bpo.4-amd64). 4376 KernelVersion string `json:"kernelVersion" protobuf:"bytes,4,opt,name=kernelVersion"` 4377 // OS Image reported by the node from /etc/os-release (e.g. Debian GNU/Linux 7 (wheezy)). 4378 OSImage string `json:"osImage" protobuf:"bytes,5,opt,name=osImage"` 4379 // ContainerRuntime Version reported by the node through runtime remote API (e.g. docker://1.5.0). 4380 ContainerRuntimeVersion string `json:"containerRuntimeVersion" protobuf:"bytes,6,opt,name=containerRuntimeVersion"` 4381 // Kubelet Version reported by the node. 4382 KubeletVersion string `json:"kubeletVersion" protobuf:"bytes,7,opt,name=kubeletVersion"` 4383 // KubeProxy Version reported by the node. 4384 KubeProxyVersion string `json:"kubeProxyVersion" protobuf:"bytes,8,opt,name=kubeProxyVersion"` 4385 // The Operating System reported by the node 4386 OperatingSystem string `json:"operatingSystem" protobuf:"bytes,9,opt,name=operatingSystem"` 4387 // The Architecture reported by the node 4388 Architecture string `json:"architecture" protobuf:"bytes,10,opt,name=architecture"` 4389} 4390 4391// NodeConfigStatus describes the status of the config assigned by Node.Spec.ConfigSource. 4392type NodeConfigStatus struct { 4393 // Assigned reports the checkpointed config the node will try to use. 4394 // When Node.Spec.ConfigSource is updated, the node checkpoints the associated 4395 // config payload to local disk, along with a record indicating intended 4396 // config. The node refers to this record to choose its config checkpoint, and 4397 // reports this record in Assigned. Assigned only updates in the status after 4398 // the record has been checkpointed to disk. When the Kubelet is restarted, 4399 // it tries to make the Assigned config the Active config by loading and 4400 // validating the checkpointed payload identified by Assigned. 4401 // +optional 4402 Assigned *NodeConfigSource `json:"assigned,omitempty" protobuf:"bytes,1,opt,name=assigned"` 4403 // Active reports the checkpointed config the node is actively using. 4404 // Active will represent either the current version of the Assigned config, 4405 // or the current LastKnownGood config, depending on whether attempting to use the 4406 // Assigned config results in an error. 4407 // +optional 4408 Active *NodeConfigSource `json:"active,omitempty" protobuf:"bytes,2,opt,name=active"` 4409 // LastKnownGood reports the checkpointed config the node will fall back to 4410 // when it encounters an error attempting to use the Assigned config. 4411 // The Assigned config becomes the LastKnownGood config when the node determines 4412 // that the Assigned config is stable and correct. 4413 // This is currently implemented as a 10-minute soak period starting when the local 4414 // record of Assigned config is updated. If the Assigned config is Active at the end 4415 // of this period, it becomes the LastKnownGood. Note that if Spec.ConfigSource is 4416 // reset to nil (use local defaults), the LastKnownGood is also immediately reset to nil, 4417 // because the local default config is always assumed good. 4418 // You should not make assumptions about the node's method of determining config stability 4419 // and correctness, as this may change or become configurable in the future. 4420 // +optional 4421 LastKnownGood *NodeConfigSource `json:"lastKnownGood,omitempty" protobuf:"bytes,3,opt,name=lastKnownGood"` 4422 // Error describes any problems reconciling the Spec.ConfigSource to the Active config. 4423 // Errors may occur, for example, attempting to checkpoint Spec.ConfigSource to the local Assigned 4424 // record, attempting to checkpoint the payload associated with Spec.ConfigSource, attempting 4425 // to load or validate the Assigned config, etc. 4426 // Errors may occur at different points while syncing config. Earlier errors (e.g. download or 4427 // checkpointing errors) will not result in a rollback to LastKnownGood, and may resolve across 4428 // Kubelet retries. Later errors (e.g. loading or validating a checkpointed config) will result in 4429 // a rollback to LastKnownGood. In the latter case, it is usually possible to resolve the error 4430 // by fixing the config assigned in Spec.ConfigSource. 4431 // You can find additional information for debugging by searching the error message in the Kubelet log. 4432 // Error is a human-readable description of the error state; machines can check whether or not Error 4433 // is empty, but should not rely on the stability of the Error text across Kubelet versions. 4434 // +optional 4435 Error string `json:"error,omitempty" protobuf:"bytes,4,opt,name=error"` 4436} 4437 4438// NodeStatus is information about the current status of a node. 4439type NodeStatus struct { 4440 // Capacity represents the total resources of a node. 4441 // More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#capacity 4442 // +optional 4443 Capacity ResourceList `json:"capacity,omitempty" protobuf:"bytes,1,rep,name=capacity,casttype=ResourceList,castkey=ResourceName"` 4444 // Allocatable represents the resources of a node that are available for scheduling. 4445 // Defaults to Capacity. 4446 // +optional 4447 Allocatable ResourceList `json:"allocatable,omitempty" protobuf:"bytes,2,rep,name=allocatable,casttype=ResourceList,castkey=ResourceName"` 4448 // NodePhase is the recently observed lifecycle phase of the node. 4449 // More info: https://kubernetes.io/docs/concepts/nodes/node/#phase 4450 // The field is never populated, and now is deprecated. 4451 // +optional 4452 Phase NodePhase `json:"phase,omitempty" protobuf:"bytes,3,opt,name=phase,casttype=NodePhase"` 4453 // Conditions is an array of current observed node conditions. 4454 // More info: https://kubernetes.io/docs/concepts/nodes/node/#condition 4455 // +optional 4456 // +patchMergeKey=type 4457 // +patchStrategy=merge 4458 Conditions []NodeCondition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,4,rep,name=conditions"` 4459 // List of addresses reachable to the node. 4460 // Queried from cloud provider, if available. 4461 // More info: https://kubernetes.io/docs/concepts/nodes/node/#addresses 4462 // Note: This field is declared as mergeable, but the merge key is not sufficiently 4463 // unique, which can cause data corruption when it is merged. Callers should instead 4464 // use a full-replacement patch. See http://pr.k8s.io/79391 for an example. 4465 // +optional 4466 // +patchMergeKey=type 4467 // +patchStrategy=merge 4468 Addresses []NodeAddress `json:"addresses,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,5,rep,name=addresses"` 4469 // Endpoints of daemons running on the Node. 4470 // +optional 4471 DaemonEndpoints NodeDaemonEndpoints `json:"daemonEndpoints,omitempty" protobuf:"bytes,6,opt,name=daemonEndpoints"` 4472 // Set of ids/uuids to uniquely identify the node. 4473 // More info: https://kubernetes.io/docs/concepts/nodes/node/#info 4474 // +optional 4475 NodeInfo NodeSystemInfo `json:"nodeInfo,omitempty" protobuf:"bytes,7,opt,name=nodeInfo"` 4476 // List of container images on this node 4477 // +optional 4478 Images []ContainerImage `json:"images,omitempty" protobuf:"bytes,8,rep,name=images"` 4479 // List of attachable volumes in use (mounted) by the node. 4480 // +optional 4481 VolumesInUse []UniqueVolumeName `json:"volumesInUse,omitempty" protobuf:"bytes,9,rep,name=volumesInUse"` 4482 // List of volumes that are attached to the node. 4483 // +optional 4484 VolumesAttached []AttachedVolume `json:"volumesAttached,omitempty" protobuf:"bytes,10,rep,name=volumesAttached"` 4485 // Status of the config assigned to the node via the dynamic Kubelet config feature. 4486 // +optional 4487 Config *NodeConfigStatus `json:"config,omitempty" protobuf:"bytes,11,opt,name=config"` 4488} 4489 4490type UniqueVolumeName string 4491 4492// AttachedVolume describes a volume attached to a node 4493type AttachedVolume struct { 4494 // Name of the attached volume 4495 Name UniqueVolumeName `json:"name" protobuf:"bytes,1,rep,name=name"` 4496 4497 // DevicePath represents the device path where the volume should be available 4498 DevicePath string `json:"devicePath" protobuf:"bytes,2,rep,name=devicePath"` 4499} 4500 4501// AvoidPods describes pods that should avoid this node. This is the value for a 4502// Node annotation with key scheduler.alpha.kubernetes.io/preferAvoidPods and 4503// will eventually become a field of NodeStatus. 4504type AvoidPods struct { 4505 // Bounded-sized list of signatures of pods that should avoid this node, sorted 4506 // in timestamp order from oldest to newest. Size of the slice is unspecified. 4507 // +optional 4508 PreferAvoidPods []PreferAvoidPodsEntry `json:"preferAvoidPods,omitempty" protobuf:"bytes,1,rep,name=preferAvoidPods"` 4509} 4510 4511// Describes a class of pods that should avoid this node. 4512type PreferAvoidPodsEntry struct { 4513 // The class of pods. 4514 PodSignature PodSignature `json:"podSignature" protobuf:"bytes,1,opt,name=podSignature"` 4515 // Time at which this entry was added to the list. 4516 // +optional 4517 EvictionTime metav1.Time `json:"evictionTime,omitempty" protobuf:"bytes,2,opt,name=evictionTime"` 4518 // (brief) reason why this entry was added to the list. 4519 // +optional 4520 Reason string `json:"reason,omitempty" protobuf:"bytes,3,opt,name=reason"` 4521 // Human readable message indicating why this entry was added to the list. 4522 // +optional 4523 Message string `json:"message,omitempty" protobuf:"bytes,4,opt,name=message"` 4524} 4525 4526// Describes the class of pods that should avoid this node. 4527// Exactly one field should be set. 4528type PodSignature struct { 4529 // Reference to controller whose pods should avoid this node. 4530 // +optional 4531 PodController *metav1.OwnerReference `json:"podController,omitempty" protobuf:"bytes,1,opt,name=podController"` 4532} 4533 4534// Describe a container image 4535type ContainerImage struct { 4536 // Names by which this image is known. 4537 // e.g. ["k8s.gcr.io/hyperkube:v1.0.7", "dockerhub.io/google_containers/hyperkube:v1.0.7"] 4538 Names []string `json:"names" protobuf:"bytes,1,rep,name=names"` 4539 // The size of the image in bytes. 4540 // +optional 4541 SizeBytes int64 `json:"sizeBytes,omitempty" protobuf:"varint,2,opt,name=sizeBytes"` 4542} 4543 4544type NodePhase string 4545 4546// These are the valid phases of node. 4547const ( 4548 // NodePending means the node has been created/added by the system, but not configured. 4549 NodePending NodePhase = "Pending" 4550 // NodeRunning means the node has been configured and has Kubernetes components running. 4551 NodeRunning NodePhase = "Running" 4552 // NodeTerminated means the node has been removed from the cluster. 4553 NodeTerminated NodePhase = "Terminated" 4554) 4555 4556type NodeConditionType string 4557 4558// These are valid conditions of node. Currently, we don't have enough information to decide 4559// node condition. In the future, we will add more. The proposed set of conditions are: 4560// NodeReachable, NodeLive, NodeReady, NodeSchedulable, NodeRunnable. 4561const ( 4562 // NodeReady means kubelet is healthy and ready to accept pods. 4563 NodeReady NodeConditionType = "Ready" 4564 // NodeMemoryPressure means the kubelet is under pressure due to insufficient available memory. 4565 NodeMemoryPressure NodeConditionType = "MemoryPressure" 4566 // NodeDiskPressure means the kubelet is under pressure due to insufficient available disk. 4567 NodeDiskPressure NodeConditionType = "DiskPressure" 4568 // NodePIDPressure means the kubelet is under pressure due to insufficient available PID. 4569 NodePIDPressure NodeConditionType = "PIDPressure" 4570 // NodeNetworkUnavailable means that network for the node is not correctly configured. 4571 NodeNetworkUnavailable NodeConditionType = "NetworkUnavailable" 4572) 4573 4574// NodeCondition contains condition information for a node. 4575type NodeCondition struct { 4576 // Type of node condition. 4577 Type NodeConditionType `json:"type" protobuf:"bytes,1,opt,name=type,casttype=NodeConditionType"` 4578 // Status of the condition, one of True, False, Unknown. 4579 Status ConditionStatus `json:"status" protobuf:"bytes,2,opt,name=status,casttype=ConditionStatus"` 4580 // Last time we got an update on a given condition. 4581 // +optional 4582 LastHeartbeatTime metav1.Time `json:"lastHeartbeatTime,omitempty" protobuf:"bytes,3,opt,name=lastHeartbeatTime"` 4583 // Last time the condition transit from one status to another. 4584 // +optional 4585 LastTransitionTime metav1.Time `json:"lastTransitionTime,omitempty" protobuf:"bytes,4,opt,name=lastTransitionTime"` 4586 // (brief) reason for the condition's last transition. 4587 // +optional 4588 Reason string `json:"reason,omitempty" protobuf:"bytes,5,opt,name=reason"` 4589 // Human readable message indicating details about last transition. 4590 // +optional 4591 Message string `json:"message,omitempty" protobuf:"bytes,6,opt,name=message"` 4592} 4593 4594type NodeAddressType string 4595 4596// These are valid address type of node. 4597const ( 4598 NodeHostName NodeAddressType = "Hostname" 4599 NodeExternalIP NodeAddressType = "ExternalIP" 4600 NodeInternalIP NodeAddressType = "InternalIP" 4601 NodeExternalDNS NodeAddressType = "ExternalDNS" 4602 NodeInternalDNS NodeAddressType = "InternalDNS" 4603) 4604 4605// NodeAddress contains information for the node's address. 4606type NodeAddress struct { 4607 // Node address type, one of Hostname, ExternalIP or InternalIP. 4608 Type NodeAddressType `json:"type" protobuf:"bytes,1,opt,name=type,casttype=NodeAddressType"` 4609 // The node address. 4610 Address string `json:"address" protobuf:"bytes,2,opt,name=address"` 4611} 4612 4613// ResourceName is the name identifying various resources in a ResourceList. 4614type ResourceName string 4615 4616// Resource names must be not more than 63 characters, consisting of upper- or lower-case alphanumeric characters, 4617// with the -, _, and . characters allowed anywhere, except the first or last character. 4618// The default convention, matching that for annotations, is to use lower-case names, with dashes, rather than 4619// camel case, separating compound words. 4620// Fully-qualified resource typenames are constructed from a DNS-style subdomain, followed by a slash `/` and a name. 4621const ( 4622 // CPU, in cores. (500m = .5 cores) 4623 ResourceCPU ResourceName = "cpu" 4624 // Memory, in bytes. (500Gi = 500GiB = 500 * 1024 * 1024 * 1024) 4625 ResourceMemory ResourceName = "memory" 4626 // Volume size, in bytes (e,g. 5Gi = 5GiB = 5 * 1024 * 1024 * 1024) 4627 ResourceStorage ResourceName = "storage" 4628 // Local ephemeral storage, in bytes. (500Gi = 500GiB = 500 * 1024 * 1024 * 1024) 4629 // The resource name for ResourceEphemeralStorage is alpha and it can change across releases. 4630 ResourceEphemeralStorage ResourceName = "ephemeral-storage" 4631) 4632 4633const ( 4634 // Default namespace prefix. 4635 ResourceDefaultNamespacePrefix = "kubernetes.io/" 4636 // Name prefix for huge page resources (alpha). 4637 ResourceHugePagesPrefix = "hugepages-" 4638 // Name prefix for storage resource limits 4639 ResourceAttachableVolumesPrefix = "attachable-volumes-" 4640) 4641 4642// ResourceList is a set of (resource name, quantity) pairs. 4643type ResourceList map[ResourceName]resource.Quantity 4644 4645// +genclient 4646// +genclient:nonNamespaced 4647// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 4648 4649// Node is a worker node in Kubernetes. 4650// Each node will have a unique identifier in the cache (i.e. in etcd). 4651type Node struct { 4652 metav1.TypeMeta `json:",inline"` 4653 // Standard object's metadata. 4654 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata 4655 // +optional 4656 metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 4657 4658 // Spec defines the behavior of a node. 4659 // https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status 4660 // +optional 4661 Spec NodeSpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"` 4662 4663 // Most recently observed status of the node. 4664 // Populated by the system. 4665 // Read-only. 4666 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status 4667 // +optional 4668 Status NodeStatus `json:"status,omitempty" protobuf:"bytes,3,opt,name=status"` 4669} 4670 4671// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 4672 4673// NodeList is the whole list of all Nodes which have been registered with master. 4674type NodeList struct { 4675 metav1.TypeMeta `json:",inline"` 4676 // Standard list metadata. 4677 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 4678 // +optional 4679 metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 4680 4681 // List of nodes 4682 Items []Node `json:"items" protobuf:"bytes,2,rep,name=items"` 4683} 4684 4685// FinalizerName is the name identifying a finalizer during namespace lifecycle. 4686type FinalizerName string 4687 4688// These are internal finalizer values to Kubernetes, must be qualified name unless defined here or 4689// in metav1. 4690const ( 4691 FinalizerKubernetes FinalizerName = "kubernetes" 4692) 4693 4694// NamespaceSpec describes the attributes on a Namespace. 4695type NamespaceSpec struct { 4696 // Finalizers is an opaque list of values that must be empty to permanently remove object from storage. 4697 // More info: https://kubernetes.io/docs/tasks/administer-cluster/namespaces/ 4698 // +optional 4699 Finalizers []FinalizerName `json:"finalizers,omitempty" protobuf:"bytes,1,rep,name=finalizers,casttype=FinalizerName"` 4700} 4701 4702// NamespaceStatus is information about the current status of a Namespace. 4703type NamespaceStatus struct { 4704 // Phase is the current lifecycle phase of the namespace. 4705 // More info: https://kubernetes.io/docs/tasks/administer-cluster/namespaces/ 4706 // +optional 4707 Phase NamespacePhase `json:"phase,omitempty" protobuf:"bytes,1,opt,name=phase,casttype=NamespacePhase"` 4708 4709 // Represents the latest available observations of a namespace's current state. 4710 // +optional 4711 // +patchMergeKey=type 4712 // +patchStrategy=merge 4713 Conditions []NamespaceCondition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,2,rep,name=conditions"` 4714} 4715 4716type NamespacePhase string 4717 4718// These are the valid phases of a namespace. 4719const ( 4720 // NamespaceActive means the namespace is available for use in the system 4721 NamespaceActive NamespacePhase = "Active" 4722 // NamespaceTerminating means the namespace is undergoing graceful termination 4723 NamespaceTerminating NamespacePhase = "Terminating" 4724) 4725 4726const ( 4727 // NamespaceTerminatingCause is returned as a defaults.cause item when a change is 4728 // forbidden due to the namespace being terminated. 4729 NamespaceTerminatingCause metav1.CauseType = "NamespaceTerminating" 4730) 4731 4732type NamespaceConditionType string 4733 4734// These are valid conditions of a namespace. 4735const ( 4736 // NamespaceDeletionDiscoveryFailure contains information about namespace deleter errors during resource discovery. 4737 NamespaceDeletionDiscoveryFailure NamespaceConditionType = "NamespaceDeletionDiscoveryFailure" 4738 // NamespaceDeletionContentFailure contains information about namespace deleter errors during deletion of resources. 4739 NamespaceDeletionContentFailure NamespaceConditionType = "NamespaceDeletionContentFailure" 4740 // NamespaceDeletionGVParsingFailure contains information about namespace deleter errors parsing GV for legacy types. 4741 NamespaceDeletionGVParsingFailure NamespaceConditionType = "NamespaceDeletionGroupVersionParsingFailure" 4742 // NamespaceContentRemaining contains information about resources remaining in a namespace. 4743 NamespaceContentRemaining NamespaceConditionType = "NamespaceContentRemaining" 4744 // NamespaceFinalizersRemaining contains information about which finalizers are on resources remaining in a namespace. 4745 NamespaceFinalizersRemaining NamespaceConditionType = "NamespaceFinalizersRemaining" 4746) 4747 4748// NamespaceCondition contains details about state of namespace. 4749type NamespaceCondition struct { 4750 // Type of namespace controller condition. 4751 Type NamespaceConditionType `json:"type" protobuf:"bytes,1,opt,name=type,casttype=NamespaceConditionType"` 4752 // Status of the condition, one of True, False, Unknown. 4753 Status ConditionStatus `json:"status" protobuf:"bytes,2,opt,name=status,casttype=ConditionStatus"` 4754 // +optional 4755 LastTransitionTime metav1.Time `json:"lastTransitionTime,omitempty" protobuf:"bytes,4,opt,name=lastTransitionTime"` 4756 // +optional 4757 Reason string `json:"reason,omitempty" protobuf:"bytes,5,opt,name=reason"` 4758 // +optional 4759 Message string `json:"message,omitempty" protobuf:"bytes,6,opt,name=message"` 4760} 4761 4762// +genclient 4763// +genclient:nonNamespaced 4764// +genclient:skipVerbs=deleteCollection 4765// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 4766 4767// Namespace provides a scope for Names. 4768// Use of multiple namespaces is optional. 4769type Namespace struct { 4770 metav1.TypeMeta `json:",inline"` 4771 // Standard object's metadata. 4772 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata 4773 // +optional 4774 metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 4775 4776 // Spec defines the behavior of the Namespace. 4777 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status 4778 // +optional 4779 Spec NamespaceSpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"` 4780 4781 // Status describes the current status of a Namespace. 4782 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status 4783 // +optional 4784 Status NamespaceStatus `json:"status,omitempty" protobuf:"bytes,3,opt,name=status"` 4785} 4786 4787// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 4788 4789// NamespaceList is a list of Namespaces. 4790type NamespaceList struct { 4791 metav1.TypeMeta `json:",inline"` 4792 // Standard list metadata. 4793 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 4794 // +optional 4795 metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 4796 4797 // Items is the list of Namespace objects in the list. 4798 // More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ 4799 Items []Namespace `json:"items" protobuf:"bytes,2,rep,name=items"` 4800} 4801 4802// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 4803 4804// Binding ties one object to another; for example, a pod is bound to a node by a scheduler. 4805// Deprecated in 1.7, please use the bindings subresource of pods instead. 4806type Binding struct { 4807 metav1.TypeMeta `json:",inline"` 4808 // Standard object's metadata. 4809 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata 4810 // +optional 4811 metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 4812 4813 // The target object that you want to bind to the standard object. 4814 Target ObjectReference `json:"target" protobuf:"bytes,2,opt,name=target"` 4815} 4816 4817// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 4818 4819// A list of ephemeral containers used with the Pod ephemeralcontainers subresource. 4820type EphemeralContainers struct { 4821 metav1.TypeMeta `json:",inline"` 4822 // +optional 4823 metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 4824 4825 // A list of ephemeral containers associated with this pod. New ephemeral containers 4826 // may be appended to this list, but existing ephemeral containers may not be removed 4827 // or modified. 4828 // +patchMergeKey=name 4829 // +patchStrategy=merge 4830 EphemeralContainers []EphemeralContainer `json:"ephemeralContainers" patchStrategy:"merge" patchMergeKey:"name" protobuf:"bytes,2,rep,name=ephemeralContainers"` 4831} 4832 4833// Preconditions must be fulfilled before an operation (update, delete, etc.) is carried out. 4834// +k8s:openapi-gen=false 4835type Preconditions struct { 4836 // Specifies the target UID. 4837 // +optional 4838 UID *types.UID `json:"uid,omitempty" protobuf:"bytes,1,opt,name=uid,casttype=k8s.io/apimachinery/pkg/types.UID"` 4839} 4840 4841// +k8s:conversion-gen:explicit-from=net/url.Values 4842// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 4843 4844// PodLogOptions is the query options for a Pod's logs REST call. 4845type PodLogOptions struct { 4846 metav1.TypeMeta `json:",inline"` 4847 4848 // The container for which to stream logs. Defaults to only container if there is one container in the pod. 4849 // +optional 4850 Container string `json:"container,omitempty" protobuf:"bytes,1,opt,name=container"` 4851 // Follow the log stream of the pod. Defaults to false. 4852 // +optional 4853 Follow bool `json:"follow,omitempty" protobuf:"varint,2,opt,name=follow"` 4854 // Return previous terminated container logs. Defaults to false. 4855 // +optional 4856 Previous bool `json:"previous,omitempty" protobuf:"varint,3,opt,name=previous"` 4857 // A relative time in seconds before the current time from which to show logs. If this value 4858 // precedes the time a pod was started, only logs since the pod start will be returned. 4859 // If this value is in the future, no logs will be returned. 4860 // Only one of sinceSeconds or sinceTime may be specified. 4861 // +optional 4862 SinceSeconds *int64 `json:"sinceSeconds,omitempty" protobuf:"varint,4,opt,name=sinceSeconds"` 4863 // An RFC3339 timestamp from which to show logs. If this value 4864 // precedes the time a pod was started, only logs since the pod start will be returned. 4865 // If this value is in the future, no logs will be returned. 4866 // Only one of sinceSeconds or sinceTime may be specified. 4867 // +optional 4868 SinceTime *metav1.Time `json:"sinceTime,omitempty" protobuf:"bytes,5,opt,name=sinceTime"` 4869 // If true, add an RFC3339 or RFC3339Nano timestamp at the beginning of every line 4870 // of log output. Defaults to false. 4871 // +optional 4872 Timestamps bool `json:"timestamps,omitempty" protobuf:"varint,6,opt,name=timestamps"` 4873 // If set, the number of lines from the end of the logs to show. If not specified, 4874 // logs are shown from the creation of the container or sinceSeconds or sinceTime 4875 // +optional 4876 TailLines *int64 `json:"tailLines,omitempty" protobuf:"varint,7,opt,name=tailLines"` 4877 // If set, the number of bytes to read from the server before terminating the 4878 // log output. This may not display a complete final line of logging, and may return 4879 // slightly more or slightly less than the specified limit. 4880 // +optional 4881 LimitBytes *int64 `json:"limitBytes,omitempty" protobuf:"varint,8,opt,name=limitBytes"` 4882 4883 // insecureSkipTLSVerifyBackend indicates that the apiserver should not confirm the validity of the 4884 // serving certificate of the backend it is connecting to. This will make the HTTPS connection between the apiserver 4885 // and the backend insecure. This means the apiserver cannot verify the log data it is receiving came from the real 4886 // kubelet. If the kubelet is configured to verify the apiserver's TLS credentials, it does not mean the 4887 // connection to the real kubelet is vulnerable to a man in the middle attack (e.g. an attacker could not intercept 4888 // the actual log data coming from the real kubelet). 4889 // +optional 4890 InsecureSkipTLSVerifyBackend bool `json:"insecureSkipTLSVerifyBackend,omitempty" protobuf:"varint,9,opt,name=insecureSkipTLSVerifyBackend"` 4891} 4892 4893// +k8s:conversion-gen:explicit-from=net/url.Values 4894// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 4895 4896// PodAttachOptions is the query options to a Pod's remote attach call. 4897// --- 4898// TODO: merge w/ PodExecOptions below for stdin, stdout, etc 4899// and also when we cut V2, we should export a "StreamOptions" or somesuch that contains Stdin, Stdout, Stder and TTY 4900type PodAttachOptions struct { 4901 metav1.TypeMeta `json:",inline"` 4902 4903 // Stdin if true, redirects the standard input stream of the pod for this call. 4904 // Defaults to false. 4905 // +optional 4906 Stdin bool `json:"stdin,omitempty" protobuf:"varint,1,opt,name=stdin"` 4907 4908 // Stdout if true indicates that stdout is to be redirected for the attach call. 4909 // Defaults to true. 4910 // +optional 4911 Stdout bool `json:"stdout,omitempty" protobuf:"varint,2,opt,name=stdout"` 4912 4913 // Stderr if true indicates that stderr is to be redirected for the attach call. 4914 // Defaults to true. 4915 // +optional 4916 Stderr bool `json:"stderr,omitempty" protobuf:"varint,3,opt,name=stderr"` 4917 4918 // TTY if true indicates that a tty will be allocated for the attach call. 4919 // This is passed through the container runtime so the tty 4920 // is allocated on the worker node by the container runtime. 4921 // Defaults to false. 4922 // +optional 4923 TTY bool `json:"tty,omitempty" protobuf:"varint,4,opt,name=tty"` 4924 4925 // The container in which to execute the command. 4926 // Defaults to only container if there is only one container in the pod. 4927 // +optional 4928 Container string `json:"container,omitempty" protobuf:"bytes,5,opt,name=container"` 4929} 4930 4931// +k8s:conversion-gen:explicit-from=net/url.Values 4932// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 4933 4934// PodExecOptions is the query options to a Pod's remote exec call. 4935// --- 4936// TODO: This is largely identical to PodAttachOptions above, make sure they stay in sync and see about merging 4937// and also when we cut V2, we should export a "StreamOptions" or somesuch that contains Stdin, Stdout, Stder and TTY 4938type PodExecOptions struct { 4939 metav1.TypeMeta `json:",inline"` 4940 4941 // Redirect the standard input stream of the pod for this call. 4942 // Defaults to false. 4943 // +optional 4944 Stdin bool `json:"stdin,omitempty" protobuf:"varint,1,opt,name=stdin"` 4945 4946 // Redirect the standard output stream of the pod for this call. 4947 // Defaults to true. 4948 // +optional 4949 Stdout bool `json:"stdout,omitempty" protobuf:"varint,2,opt,name=stdout"` 4950 4951 // Redirect the standard error stream of the pod for this call. 4952 // Defaults to true. 4953 // +optional 4954 Stderr bool `json:"stderr,omitempty" protobuf:"varint,3,opt,name=stderr"` 4955 4956 // TTY if true indicates that a tty will be allocated for the exec call. 4957 // Defaults to false. 4958 // +optional 4959 TTY bool `json:"tty,omitempty" protobuf:"varint,4,opt,name=tty"` 4960 4961 // Container in which to execute the command. 4962 // Defaults to only container if there is only one container in the pod. 4963 // +optional 4964 Container string `json:"container,omitempty" protobuf:"bytes,5,opt,name=container"` 4965 4966 // Command is the remote command to execute. argv array. Not executed within a shell. 4967 Command []string `json:"command" protobuf:"bytes,6,rep,name=command"` 4968} 4969 4970// +k8s:conversion-gen:explicit-from=net/url.Values 4971// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 4972 4973// PodPortForwardOptions is the query options to a Pod's port forward call 4974// when using WebSockets. 4975// The `port` query parameter must specify the port or 4976// ports (comma separated) to forward over. 4977// Port forwarding over SPDY does not use these options. It requires the port 4978// to be passed in the `port` header as part of request. 4979type PodPortForwardOptions struct { 4980 metav1.TypeMeta `json:",inline"` 4981 4982 // List of ports to forward 4983 // Required when using WebSockets 4984 // +optional 4985 Ports []int32 `json:"ports,omitempty" protobuf:"varint,1,rep,name=ports"` 4986} 4987 4988// +k8s:conversion-gen:explicit-from=net/url.Values 4989// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 4990 4991// PodProxyOptions is the query options to a Pod's proxy call. 4992type PodProxyOptions struct { 4993 metav1.TypeMeta `json:",inline"` 4994 4995 // Path is the URL path to use for the current proxy request to pod. 4996 // +optional 4997 Path string `json:"path,omitempty" protobuf:"bytes,1,opt,name=path"` 4998} 4999 5000// +k8s:conversion-gen:explicit-from=net/url.Values 5001// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 5002 5003// NodeProxyOptions is the query options to a Node's proxy call. 5004type NodeProxyOptions struct { 5005 metav1.TypeMeta `json:",inline"` 5006 5007 // Path is the URL path to use for the current proxy request to node. 5008 // +optional 5009 Path string `json:"path,omitempty" protobuf:"bytes,1,opt,name=path"` 5010} 5011 5012// +k8s:conversion-gen:explicit-from=net/url.Values 5013// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 5014 5015// ServiceProxyOptions is the query options to a Service's proxy call. 5016type ServiceProxyOptions struct { 5017 metav1.TypeMeta `json:",inline"` 5018 5019 // Path is the part of URLs that include service endpoints, suffixes, 5020 // and parameters to use for the current proxy request to service. 5021 // For example, the whole request URL is 5022 // http://localhost/api/v1/namespaces/kube-system/services/elasticsearch-logging/_search?q=user:kimchy. 5023 // Path is _search?q=user:kimchy. 5024 // +optional 5025 Path string `json:"path,omitempty" protobuf:"bytes,1,opt,name=path"` 5026} 5027 5028// ObjectReference contains enough information to let you inspect or modify the referred object. 5029// --- 5030// New uses of this type are discouraged because of difficulty describing its usage when embedded in APIs. 5031// 1. Ignored fields. It includes many fields which are not generally honored. For instance, ResourceVersion and FieldPath are both very rarely valid in actual usage. 5032// 2. Invalid usage help. It is impossible to add specific help for individual usage. In most embedded usages, there are particular 5033// restrictions like, "must refer only to types A and B" or "UID not honored" or "name must be restricted". 5034// Those cannot be well described when embedded. 5035// 3. Inconsistent validation. Because the usages are different, the validation rules are different by usage, which makes it hard for users to predict what will happen. 5036// 4. The fields are both imprecise and overly precise. Kind is not a precise mapping to a URL. This can produce ambiguity 5037// during interpretation and require a REST mapping. In most cases, the dependency is on the group,resource tuple 5038// and the version of the actual struct is irrelevant. 5039// 5. We cannot easily change it. Because this type is embedded in many locations, updates to this type 5040// will affect numerous schemas. Don't make new APIs embed an underspecified API type they do not control. 5041// Instead of using this type, create a locally provided and used type that is well-focused on your reference. 5042// For example, ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 . 5043// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 5044type ObjectReference struct { 5045 // Kind of the referent. 5046 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 5047 // +optional 5048 Kind string `json:"kind,omitempty" protobuf:"bytes,1,opt,name=kind"` 5049 // Namespace of the referent. 5050 // More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ 5051 // +optional 5052 Namespace string `json:"namespace,omitempty" protobuf:"bytes,2,opt,name=namespace"` 5053 // Name of the referent. 5054 // More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5055 // +optional 5056 Name string `json:"name,omitempty" protobuf:"bytes,3,opt,name=name"` 5057 // UID of the referent. 5058 // More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids 5059 // +optional 5060 UID types.UID `json:"uid,omitempty" protobuf:"bytes,4,opt,name=uid,casttype=k8s.io/apimachinery/pkg/types.UID"` 5061 // API version of the referent. 5062 // +optional 5063 APIVersion string `json:"apiVersion,omitempty" protobuf:"bytes,5,opt,name=apiVersion"` 5064 // Specific resourceVersion to which this reference is made, if any. 5065 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency 5066 // +optional 5067 ResourceVersion string `json:"resourceVersion,omitempty" protobuf:"bytes,6,opt,name=resourceVersion"` 5068 5069 // If referring to a piece of an object instead of an entire object, this string 5070 // should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. 5071 // For example, if the object reference is to a container within a pod, this would take on a value like: 5072 // "spec.containers{name}" (where "name" refers to the name of the container that triggered 5073 // the event) or if no container name is specified "spec.containers[2]" (container with 5074 // index 2 in this pod). This syntax is chosen only to have some well-defined way of 5075 // referencing a part of an object. 5076 // TODO: this design is not final and this field is subject to change in the future. 5077 // +optional 5078 FieldPath string `json:"fieldPath,omitempty" protobuf:"bytes,7,opt,name=fieldPath"` 5079} 5080 5081// LocalObjectReference contains enough information to let you locate the 5082// referenced object inside the same namespace. 5083type LocalObjectReference struct { 5084 // Name of the referent. 5085 // More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5086 // TODO: Add other useful fields. apiVersion, kind, uid? 5087 // +optional 5088 Name string `json:"name,omitempty" protobuf:"bytes,1,opt,name=name"` 5089} 5090 5091// TypedLocalObjectReference contains enough information to let you locate the 5092// typed referenced object inside the same namespace. 5093type TypedLocalObjectReference struct { 5094 // APIGroup is the group for the resource being referenced. 5095 // If APIGroup is not specified, the specified Kind must be in the core API group. 5096 // For any other third-party types, APIGroup is required. 5097 // +optional 5098 APIGroup *string `json:"apiGroup" protobuf:"bytes,1,opt,name=apiGroup"` 5099 // Kind is the type of resource being referenced 5100 Kind string `json:"kind" protobuf:"bytes,2,opt,name=kind"` 5101 // Name is the name of resource being referenced 5102 Name string `json:"name" protobuf:"bytes,3,opt,name=name"` 5103} 5104 5105// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 5106 5107// SerializedReference is a reference to serialized object. 5108type SerializedReference struct { 5109 metav1.TypeMeta `json:",inline"` 5110 // The reference to an object in the system. 5111 // +optional 5112 Reference ObjectReference `json:"reference,omitempty" protobuf:"bytes,1,opt,name=reference"` 5113} 5114 5115// EventSource contains information for an event. 5116type EventSource struct { 5117 // Component from which the event is generated. 5118 // +optional 5119 Component string `json:"component,omitempty" protobuf:"bytes,1,opt,name=component"` 5120 // Node name on which the event is generated. 5121 // +optional 5122 Host string `json:"host,omitempty" protobuf:"bytes,2,opt,name=host"` 5123} 5124 5125// Valid values for event types (new types could be added in future) 5126const ( 5127 // Information only and will not cause any problems 5128 EventTypeNormal string = "Normal" 5129 // These events are to warn that something might go wrong 5130 EventTypeWarning string = "Warning" 5131) 5132 5133// +genclient 5134// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 5135 5136// Event is a report of an event somewhere in the cluster. 5137type Event struct { 5138 metav1.TypeMeta `json:",inline"` 5139 // Standard object's metadata. 5140 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata 5141 metav1.ObjectMeta `json:"metadata" protobuf:"bytes,1,opt,name=metadata"` 5142 5143 // The object that this event is about. 5144 InvolvedObject ObjectReference `json:"involvedObject" protobuf:"bytes,2,opt,name=involvedObject"` 5145 5146 // This should be a short, machine understandable string that gives the reason 5147 // for the transition into the object's current status. 5148 // TODO: provide exact specification for format. 5149 // +optional 5150 Reason string `json:"reason,omitempty" protobuf:"bytes,3,opt,name=reason"` 5151 5152 // A human-readable description of the status of this operation. 5153 // TODO: decide on maximum length. 5154 // +optional 5155 Message string `json:"message,omitempty" protobuf:"bytes,4,opt,name=message"` 5156 5157 // The component reporting this event. Should be a short machine understandable string. 5158 // +optional 5159 Source EventSource `json:"source,omitempty" protobuf:"bytes,5,opt,name=source"` 5160 5161 // The time at which the event was first recorded. (Time of server receipt is in TypeMeta.) 5162 // +optional 5163 FirstTimestamp metav1.Time `json:"firstTimestamp,omitempty" protobuf:"bytes,6,opt,name=firstTimestamp"` 5164 5165 // The time at which the most recent occurrence of this event was recorded. 5166 // +optional 5167 LastTimestamp metav1.Time `json:"lastTimestamp,omitempty" protobuf:"bytes,7,opt,name=lastTimestamp"` 5168 5169 // The number of times this event has occurred. 5170 // +optional 5171 Count int32 `json:"count,omitempty" protobuf:"varint,8,opt,name=count"` 5172 5173 // Type of this event (Normal, Warning), new types could be added in the future 5174 // +optional 5175 Type string `json:"type,omitempty" protobuf:"bytes,9,opt,name=type"` 5176 5177 // Time when this Event was first observed. 5178 // +optional 5179 EventTime metav1.MicroTime `json:"eventTime,omitempty" protobuf:"bytes,10,opt,name=eventTime"` 5180 5181 // Data about the Event series this event represents or nil if it's a singleton Event. 5182 // +optional 5183 Series *EventSeries `json:"series,omitempty" protobuf:"bytes,11,opt,name=series"` 5184 5185 // What action was taken/failed regarding to the Regarding object. 5186 // +optional 5187 Action string `json:"action,omitempty" protobuf:"bytes,12,opt,name=action"` 5188 5189 // Optional secondary object for more complex actions. 5190 // +optional 5191 Related *ObjectReference `json:"related,omitempty" protobuf:"bytes,13,opt,name=related"` 5192 5193 // Name of the controller that emitted this Event, e.g. `kubernetes.io/kubelet`. 5194 // +optional 5195 ReportingController string `json:"reportingComponent" protobuf:"bytes,14,opt,name=reportingComponent"` 5196 5197 // ID of the controller instance, e.g. `kubelet-xyzf`. 5198 // +optional 5199 ReportingInstance string `json:"reportingInstance" protobuf:"bytes,15,opt,name=reportingInstance"` 5200} 5201 5202// EventSeries contain information on series of events, i.e. thing that was/is happening 5203// continuously for some time. 5204type EventSeries struct { 5205 // Number of occurrences in this series up to the last heartbeat time 5206 Count int32 `json:"count,omitempty" protobuf:"varint,1,name=count"` 5207 // Time of the last occurrence observed 5208 LastObservedTime metav1.MicroTime `json:"lastObservedTime,omitempty" protobuf:"bytes,2,name=lastObservedTime"` 5209 // State of this Series: Ongoing or Finished 5210 // Deprecated. Planned removal for 1.18 5211 State EventSeriesState `json:"state,omitempty" protobuf:"bytes,3,name=state"` 5212} 5213 5214type EventSeriesState string 5215 5216const ( 5217 EventSeriesStateOngoing EventSeriesState = "Ongoing" 5218 EventSeriesStateFinished EventSeriesState = "Finished" 5219 EventSeriesStateUnknown EventSeriesState = "Unknown" 5220) 5221 5222// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 5223 5224// EventList is a list of events. 5225type EventList struct { 5226 metav1.TypeMeta `json:",inline"` 5227 // Standard list metadata. 5228 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 5229 // +optional 5230 metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 5231 5232 // List of events 5233 Items []Event `json:"items" protobuf:"bytes,2,rep,name=items"` 5234} 5235 5236// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 5237 5238// List holds a list of objects, which may not be known by the server. 5239type List metav1.List 5240 5241// LimitType is a type of object that is limited 5242type LimitType string 5243 5244const ( 5245 // Limit that applies to all pods in a namespace 5246 LimitTypePod LimitType = "Pod" 5247 // Limit that applies to all containers in a namespace 5248 LimitTypeContainer LimitType = "Container" 5249 // Limit that applies to all persistent volume claims in a namespace 5250 LimitTypePersistentVolumeClaim LimitType = "PersistentVolumeClaim" 5251) 5252 5253// LimitRangeItem defines a min/max usage limit for any resource that matches on kind. 5254type LimitRangeItem struct { 5255 // Type of resource that this limit applies to. 5256 Type LimitType `json:"type" protobuf:"bytes,1,opt,name=type,casttype=LimitType"` 5257 // Max usage constraints on this kind by resource name. 5258 // +optional 5259 Max ResourceList `json:"max,omitempty" protobuf:"bytes,2,rep,name=max,casttype=ResourceList,castkey=ResourceName"` 5260 // Min usage constraints on this kind by resource name. 5261 // +optional 5262 Min ResourceList `json:"min,omitempty" protobuf:"bytes,3,rep,name=min,casttype=ResourceList,castkey=ResourceName"` 5263 // Default resource requirement limit value by resource name if resource limit is omitted. 5264 // +optional 5265 Default ResourceList `json:"default,omitempty" protobuf:"bytes,4,rep,name=default,casttype=ResourceList,castkey=ResourceName"` 5266 // DefaultRequest is the default resource requirement request value by resource name if resource request is omitted. 5267 // +optional 5268 DefaultRequest ResourceList `json:"defaultRequest,omitempty" protobuf:"bytes,5,rep,name=defaultRequest,casttype=ResourceList,castkey=ResourceName"` 5269 // MaxLimitRequestRatio if specified, the named resource must have a request and limit that are both non-zero where limit divided by request is less than or equal to the enumerated value; this represents the max burst for the named resource. 5270 // +optional 5271 MaxLimitRequestRatio ResourceList `json:"maxLimitRequestRatio,omitempty" protobuf:"bytes,6,rep,name=maxLimitRequestRatio,casttype=ResourceList,castkey=ResourceName"` 5272} 5273 5274// LimitRangeSpec defines a min/max usage limit for resources that match on kind. 5275type LimitRangeSpec struct { 5276 // Limits is the list of LimitRangeItem objects that are enforced. 5277 Limits []LimitRangeItem `json:"limits" protobuf:"bytes,1,rep,name=limits"` 5278} 5279 5280// +genclient 5281// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 5282 5283// LimitRange sets resource usage limits for each kind of resource in a Namespace. 5284type LimitRange struct { 5285 metav1.TypeMeta `json:",inline"` 5286 // Standard object's metadata. 5287 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata 5288 // +optional 5289 metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 5290 5291 // Spec defines the limits enforced. 5292 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status 5293 // +optional 5294 Spec LimitRangeSpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"` 5295} 5296 5297// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 5298 5299// LimitRangeList is a list of LimitRange items. 5300type LimitRangeList struct { 5301 metav1.TypeMeta `json:",inline"` 5302 // Standard list metadata. 5303 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 5304 // +optional 5305 metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 5306 5307 // Items is a list of LimitRange objects. 5308 // More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ 5309 Items []LimitRange `json:"items" protobuf:"bytes,2,rep,name=items"` 5310} 5311 5312// The following identify resource constants for Kubernetes object types 5313const ( 5314 // Pods, number 5315 ResourcePods ResourceName = "pods" 5316 // Services, number 5317 ResourceServices ResourceName = "services" 5318 // ReplicationControllers, number 5319 ResourceReplicationControllers ResourceName = "replicationcontrollers" 5320 // ResourceQuotas, number 5321 ResourceQuotas ResourceName = "resourcequotas" 5322 // ResourceSecrets, number 5323 ResourceSecrets ResourceName = "secrets" 5324 // ResourceConfigMaps, number 5325 ResourceConfigMaps ResourceName = "configmaps" 5326 // ResourcePersistentVolumeClaims, number 5327 ResourcePersistentVolumeClaims ResourceName = "persistentvolumeclaims" 5328 // ResourceServicesNodePorts, number 5329 ResourceServicesNodePorts ResourceName = "services.nodeports" 5330 // ResourceServicesLoadBalancers, number 5331 ResourceServicesLoadBalancers ResourceName = "services.loadbalancers" 5332 // CPU request, in cores. (500m = .5 cores) 5333 ResourceRequestsCPU ResourceName = "requests.cpu" 5334 // Memory request, in bytes. (500Gi = 500GiB = 500 * 1024 * 1024 * 1024) 5335 ResourceRequestsMemory ResourceName = "requests.memory" 5336 // Storage request, in bytes 5337 ResourceRequestsStorage ResourceName = "requests.storage" 5338 // Local ephemeral storage request, in bytes. (500Gi = 500GiB = 500 * 1024 * 1024 * 1024) 5339 ResourceRequestsEphemeralStorage ResourceName = "requests.ephemeral-storage" 5340 // CPU limit, in cores. (500m = .5 cores) 5341 ResourceLimitsCPU ResourceName = "limits.cpu" 5342 // Memory limit, in bytes. (500Gi = 500GiB = 500 * 1024 * 1024 * 1024) 5343 ResourceLimitsMemory ResourceName = "limits.memory" 5344 // Local ephemeral storage limit, in bytes. (500Gi = 500GiB = 500 * 1024 * 1024 * 1024) 5345 ResourceLimitsEphemeralStorage ResourceName = "limits.ephemeral-storage" 5346) 5347 5348// The following identify resource prefix for Kubernetes object types 5349const ( 5350 // HugePages request, in bytes. (500Gi = 500GiB = 500 * 1024 * 1024 * 1024) 5351 // As burst is not supported for HugePages, we would only quota its request, and ignore the limit. 5352 ResourceRequestsHugePagesPrefix = "requests.hugepages-" 5353 // Default resource requests prefix 5354 DefaultResourceRequestsPrefix = "requests." 5355) 5356 5357// A ResourceQuotaScope defines a filter that must match each object tracked by a quota 5358type ResourceQuotaScope string 5359 5360const ( 5361 // Match all pod objects where spec.activeDeadlineSeconds 5362 ResourceQuotaScopeTerminating ResourceQuotaScope = "Terminating" 5363 // Match all pod objects where !spec.activeDeadlineSeconds 5364 ResourceQuotaScopeNotTerminating ResourceQuotaScope = "NotTerminating" 5365 // Match all pod objects that have best effort quality of service 5366 ResourceQuotaScopeBestEffort ResourceQuotaScope = "BestEffort" 5367 // Match all pod objects that do not have best effort quality of service 5368 ResourceQuotaScopeNotBestEffort ResourceQuotaScope = "NotBestEffort" 5369 // Match all pod objects that have priority class mentioned 5370 ResourceQuotaScopePriorityClass ResourceQuotaScope = "PriorityClass" 5371) 5372 5373// ResourceQuotaSpec defines the desired hard limits to enforce for Quota. 5374type ResourceQuotaSpec struct { 5375 // hard is the set of desired hard limits for each named resource. 5376 // More info: https://kubernetes.io/docs/concepts/policy/resource-quotas/ 5377 // +optional 5378 Hard ResourceList `json:"hard,omitempty" protobuf:"bytes,1,rep,name=hard,casttype=ResourceList,castkey=ResourceName"` 5379 // A collection of filters that must match each object tracked by a quota. 5380 // If not specified, the quota matches all objects. 5381 // +optional 5382 Scopes []ResourceQuotaScope `json:"scopes,omitempty" protobuf:"bytes,2,rep,name=scopes,casttype=ResourceQuotaScope"` 5383 // scopeSelector is also a collection of filters like scopes that must match each object tracked by a quota 5384 // but expressed using ScopeSelectorOperator in combination with possible values. 5385 // For a resource to match, both scopes AND scopeSelector (if specified in spec), must be matched. 5386 // +optional 5387 ScopeSelector *ScopeSelector `json:"scopeSelector,omitempty" protobuf:"bytes,3,opt,name=scopeSelector"` 5388} 5389 5390// A scope selector represents the AND of the selectors represented 5391// by the scoped-resource selector requirements. 5392type ScopeSelector struct { 5393 // A list of scope selector requirements by scope of the resources. 5394 // +optional 5395 MatchExpressions []ScopedResourceSelectorRequirement `json:"matchExpressions,omitempty" protobuf:"bytes,1,rep,name=matchExpressions"` 5396} 5397 5398// A scoped-resource selector requirement is a selector that contains values, a scope name, and an operator 5399// that relates the scope name and values. 5400type ScopedResourceSelectorRequirement struct { 5401 // The name of the scope that the selector applies to. 5402 ScopeName ResourceQuotaScope `json:"scopeName" protobuf:"bytes,1,opt,name=scopeName"` 5403 // Represents a scope's relationship to a set of values. 5404 // Valid operators are In, NotIn, Exists, DoesNotExist. 5405 Operator ScopeSelectorOperator `json:"operator" protobuf:"bytes,2,opt,name=operator,casttype=ScopedResourceSelectorOperator"` 5406 // An array of string values. If the operator is In or NotIn, 5407 // the values array must be non-empty. If the operator is Exists or DoesNotExist, 5408 // the values array must be empty. 5409 // This array is replaced during a strategic merge patch. 5410 // +optional 5411 Values []string `json:"values,omitempty" protobuf:"bytes,3,rep,name=values"` 5412} 5413 5414// A scope selector operator is the set of operators that can be used in 5415// a scope selector requirement. 5416type ScopeSelectorOperator string 5417 5418const ( 5419 ScopeSelectorOpIn ScopeSelectorOperator = "In" 5420 ScopeSelectorOpNotIn ScopeSelectorOperator = "NotIn" 5421 ScopeSelectorOpExists ScopeSelectorOperator = "Exists" 5422 ScopeSelectorOpDoesNotExist ScopeSelectorOperator = "DoesNotExist" 5423) 5424 5425// ResourceQuotaStatus defines the enforced hard limits and observed use. 5426type ResourceQuotaStatus struct { 5427 // Hard is the set of enforced hard limits for each named resource. 5428 // More info: https://kubernetes.io/docs/concepts/policy/resource-quotas/ 5429 // +optional 5430 Hard ResourceList `json:"hard,omitempty" protobuf:"bytes,1,rep,name=hard,casttype=ResourceList,castkey=ResourceName"` 5431 // Used is the current observed total usage of the resource in the namespace. 5432 // +optional 5433 Used ResourceList `json:"used,omitempty" protobuf:"bytes,2,rep,name=used,casttype=ResourceList,castkey=ResourceName"` 5434} 5435 5436// +genclient 5437// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 5438 5439// ResourceQuota sets aggregate quota restrictions enforced per namespace 5440type ResourceQuota struct { 5441 metav1.TypeMeta `json:",inline"` 5442 // Standard object's metadata. 5443 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata 5444 // +optional 5445 metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 5446 5447 // Spec defines the desired quota. 5448 // https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status 5449 // +optional 5450 Spec ResourceQuotaSpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"` 5451 5452 // Status defines the actual enforced quota and its current usage. 5453 // https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status 5454 // +optional 5455 Status ResourceQuotaStatus `json:"status,omitempty" protobuf:"bytes,3,opt,name=status"` 5456} 5457 5458// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 5459 5460// ResourceQuotaList is a list of ResourceQuota items. 5461type ResourceQuotaList struct { 5462 metav1.TypeMeta `json:",inline"` 5463 // Standard list metadata. 5464 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 5465 // +optional 5466 metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 5467 5468 // Items is a list of ResourceQuota objects. 5469 // More info: https://kubernetes.io/docs/concepts/policy/resource-quotas/ 5470 Items []ResourceQuota `json:"items" protobuf:"bytes,2,rep,name=items"` 5471} 5472 5473// +genclient 5474// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 5475 5476// Secret holds secret data of a certain type. The total bytes of the values in 5477// the Data field must be less than MaxSecretSize bytes. 5478type Secret struct { 5479 metav1.TypeMeta `json:",inline"` 5480 // Standard object's metadata. 5481 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata 5482 // +optional 5483 metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 5484 5485 // Immutable, if set to true, ensures that data stored in the Secret cannot 5486 // be updated (only object metadata can be modified). 5487 // If not set to true, the field can be modified at any time. 5488 // Defaulted to nil. 5489 // This is an alpha field enabled by ImmutableEphemeralVolumes feature gate. 5490 // +optional 5491 Immutable *bool `json:"immutable,omitempty" protobuf:"varint,5,opt,name=immutable"` 5492 5493 // Data contains the secret data. Each key must consist of alphanumeric 5494 // characters, '-', '_' or '.'. The serialized form of the secret data is a 5495 // base64 encoded string, representing the arbitrary (possibly non-string) 5496 // data value here. Described in https://tools.ietf.org/html/rfc4648#section-4 5497 // +optional 5498 Data map[string][]byte `json:"data,omitempty" protobuf:"bytes,2,rep,name=data"` 5499 5500 // stringData allows specifying non-binary secret data in string form. 5501 // It is provided as a write-only convenience method. 5502 // All keys and values are merged into the data field on write, overwriting any existing values. 5503 // It is never output when reading from the API. 5504 // +k8s:conversion-gen=false 5505 // +optional 5506 StringData map[string]string `json:"stringData,omitempty" protobuf:"bytes,4,rep,name=stringData"` 5507 5508 // Used to facilitate programmatic handling of secret data. 5509 // +optional 5510 Type SecretType `json:"type,omitempty" protobuf:"bytes,3,opt,name=type,casttype=SecretType"` 5511} 5512 5513const MaxSecretSize = 1 * 1024 * 1024 5514 5515type SecretType string 5516 5517const ( 5518 // SecretTypeOpaque is the default. Arbitrary user-defined data 5519 SecretTypeOpaque SecretType = "Opaque" 5520 5521 // SecretTypeServiceAccountToken contains a token that identifies a service account to the API 5522 // 5523 // Required fields: 5524 // - Secret.Annotations["kubernetes.io/service-account.name"] - the name of the ServiceAccount the token identifies 5525 // - Secret.Annotations["kubernetes.io/service-account.uid"] - the UID of the ServiceAccount the token identifies 5526 // - Secret.Data["token"] - a token that identifies the service account to the API 5527 SecretTypeServiceAccountToken SecretType = "kubernetes.io/service-account-token" 5528 5529 // ServiceAccountNameKey is the key of the required annotation for SecretTypeServiceAccountToken secrets 5530 ServiceAccountNameKey = "kubernetes.io/service-account.name" 5531 // ServiceAccountUIDKey is the key of the required annotation for SecretTypeServiceAccountToken secrets 5532 ServiceAccountUIDKey = "kubernetes.io/service-account.uid" 5533 // ServiceAccountTokenKey is the key of the required data for SecretTypeServiceAccountToken secrets 5534 ServiceAccountTokenKey = "token" 5535 // ServiceAccountKubeconfigKey is the key of the optional kubeconfig data for SecretTypeServiceAccountToken secrets 5536 ServiceAccountKubeconfigKey = "kubernetes.kubeconfig" 5537 // ServiceAccountRootCAKey is the key of the optional root certificate authority for SecretTypeServiceAccountToken secrets 5538 ServiceAccountRootCAKey = "ca.crt" 5539 // ServiceAccountNamespaceKey is the key of the optional namespace to use as the default for namespaced API calls 5540 ServiceAccountNamespaceKey = "namespace" 5541 5542 // SecretTypeDockercfg contains a dockercfg file that follows the same format rules as ~/.dockercfg 5543 // 5544 // Required fields: 5545 // - Secret.Data[".dockercfg"] - a serialized ~/.dockercfg file 5546 SecretTypeDockercfg SecretType = "kubernetes.io/dockercfg" 5547 5548 // DockerConfigKey is the key of the required data for SecretTypeDockercfg secrets 5549 DockerConfigKey = ".dockercfg" 5550 5551 // SecretTypeDockerConfigJson contains a dockercfg file that follows the same format rules as ~/.docker/config.json 5552 // 5553 // Required fields: 5554 // - Secret.Data[".dockerconfigjson"] - a serialized ~/.docker/config.json file 5555 SecretTypeDockerConfigJson SecretType = "kubernetes.io/dockerconfigjson" 5556 5557 // DockerConfigJsonKey is the key of the required data for SecretTypeDockerConfigJson secrets 5558 DockerConfigJsonKey = ".dockerconfigjson" 5559 5560 // SecretTypeBasicAuth contains data needed for basic authentication. 5561 // 5562 // Required at least one of fields: 5563 // - Secret.Data["username"] - username used for authentication 5564 // - Secret.Data["password"] - password or token needed for authentication 5565 SecretTypeBasicAuth SecretType = "kubernetes.io/basic-auth" 5566 5567 // BasicAuthUsernameKey is the key of the username for SecretTypeBasicAuth secrets 5568 BasicAuthUsernameKey = "username" 5569 // BasicAuthPasswordKey is the key of the password or token for SecretTypeBasicAuth secrets 5570 BasicAuthPasswordKey = "password" 5571 5572 // SecretTypeSSHAuth contains data needed for SSH authetication. 5573 // 5574 // Required field: 5575 // - Secret.Data["ssh-privatekey"] - private SSH key needed for authentication 5576 SecretTypeSSHAuth SecretType = "kubernetes.io/ssh-auth" 5577 5578 // SSHAuthPrivateKey is the key of the required SSH private key for SecretTypeSSHAuth secrets 5579 SSHAuthPrivateKey = "ssh-privatekey" 5580 // SecretTypeTLS contains information about a TLS client or server secret. It 5581 // is primarily used with TLS termination of the Ingress resource, but may be 5582 // used in other types. 5583 // 5584 // Required fields: 5585 // - Secret.Data["tls.key"] - TLS private key. 5586 // Secret.Data["tls.crt"] - TLS certificate. 5587 // TODO: Consider supporting different formats, specifying CA/destinationCA. 5588 SecretTypeTLS SecretType = "kubernetes.io/tls" 5589 5590 // TLSCertKey is the key for tls certificates in a TLS secert. 5591 TLSCertKey = "tls.crt" 5592 // TLSPrivateKeyKey is the key for the private key field in a TLS secret. 5593 TLSPrivateKeyKey = "tls.key" 5594 // SecretTypeBootstrapToken is used during the automated bootstrap process (first 5595 // implemented by kubeadm). It stores tokens that are used to sign well known 5596 // ConfigMaps. They are used for authn. 5597 SecretTypeBootstrapToken SecretType = "bootstrap.kubernetes.io/token" 5598) 5599 5600// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 5601 5602// SecretList is a list of Secret. 5603type SecretList struct { 5604 metav1.TypeMeta `json:",inline"` 5605 // Standard list metadata. 5606 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 5607 // +optional 5608 metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 5609 5610 // Items is a list of secret objects. 5611 // More info: https://kubernetes.io/docs/concepts/configuration/secret 5612 Items []Secret `json:"items" protobuf:"bytes,2,rep,name=items"` 5613} 5614 5615// +genclient 5616// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 5617 5618// ConfigMap holds configuration data for pods to consume. 5619type ConfigMap struct { 5620 metav1.TypeMeta `json:",inline"` 5621 // Standard object's metadata. 5622 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata 5623 // +optional 5624 metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 5625 5626 // Immutable, if set to true, ensures that data stored in the ConfigMap cannot 5627 // be updated (only object metadata can be modified). 5628 // If not set to true, the field can be modified at any time. 5629 // Defaulted to nil. 5630 // This is an alpha field enabled by ImmutableEphemeralVolumes feature gate. 5631 // +optional 5632 Immutable *bool `json:"immutable,omitempty" protobuf:"varint,4,opt,name=immutable"` 5633 5634 // Data contains the configuration data. 5635 // Each key must consist of alphanumeric characters, '-', '_' or '.'. 5636 // Values with non-UTF-8 byte sequences must use the BinaryData field. 5637 // The keys stored in Data must not overlap with the keys in 5638 // the BinaryData field, this is enforced during validation process. 5639 // +optional 5640 Data map[string]string `json:"data,omitempty" protobuf:"bytes,2,rep,name=data"` 5641 5642 // BinaryData contains the binary data. 5643 // Each key must consist of alphanumeric characters, '-', '_' or '.'. 5644 // BinaryData can contain byte sequences that are not in the UTF-8 range. 5645 // The keys stored in BinaryData must not overlap with the ones in 5646 // the Data field, this is enforced during validation process. 5647 // Using this field will require 1.10+ apiserver and 5648 // kubelet. 5649 // +optional 5650 BinaryData map[string][]byte `json:"binaryData,omitempty" protobuf:"bytes,3,rep,name=binaryData"` 5651} 5652 5653// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 5654 5655// ConfigMapList is a resource containing a list of ConfigMap objects. 5656type ConfigMapList struct { 5657 metav1.TypeMeta `json:",inline"` 5658 5659 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata 5660 // +optional 5661 metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 5662 5663 // Items is the list of ConfigMaps. 5664 Items []ConfigMap `json:"items" protobuf:"bytes,2,rep,name=items"` 5665} 5666 5667// Type and constants for component health validation. 5668type ComponentConditionType string 5669 5670// These are the valid conditions for the component. 5671const ( 5672 ComponentHealthy ComponentConditionType = "Healthy" 5673) 5674 5675// Information about the condition of a component. 5676type ComponentCondition struct { 5677 // Type of condition for a component. 5678 // Valid value: "Healthy" 5679 Type ComponentConditionType `json:"type" protobuf:"bytes,1,opt,name=type,casttype=ComponentConditionType"` 5680 // Status of the condition for a component. 5681 // Valid values for "Healthy": "True", "False", or "Unknown". 5682 Status ConditionStatus `json:"status" protobuf:"bytes,2,opt,name=status,casttype=ConditionStatus"` 5683 // Message about the condition for a component. 5684 // For example, information about a health check. 5685 // +optional 5686 Message string `json:"message,omitempty" protobuf:"bytes,3,opt,name=message"` 5687 // Condition error code for a component. 5688 // For example, a health check error code. 5689 // +optional 5690 Error string `json:"error,omitempty" protobuf:"bytes,4,opt,name=error"` 5691} 5692 5693// +genclient 5694// +genclient:nonNamespaced 5695// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 5696 5697// ComponentStatus (and ComponentStatusList) holds the cluster validation info. 5698type ComponentStatus struct { 5699 metav1.TypeMeta `json:",inline"` 5700 // Standard object's metadata. 5701 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata 5702 // +optional 5703 metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 5704 5705 // List of component conditions observed 5706 // +optional 5707 // +patchMergeKey=type 5708 // +patchStrategy=merge 5709 Conditions []ComponentCondition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,2,rep,name=conditions"` 5710} 5711 5712// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 5713 5714// Status of all the conditions for the component as a list of ComponentStatus objects. 5715type ComponentStatusList struct { 5716 metav1.TypeMeta `json:",inline"` 5717 // Standard list metadata. 5718 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 5719 // +optional 5720 metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 5721 5722 // List of ComponentStatus objects. 5723 Items []ComponentStatus `json:"items" protobuf:"bytes,2,rep,name=items"` 5724} 5725 5726// DownwardAPIVolumeSource represents a volume containing downward API info. 5727// Downward API volumes support ownership management and SELinux relabeling. 5728type DownwardAPIVolumeSource struct { 5729 // Items is a list of downward API volume file 5730 // +optional 5731 Items []DownwardAPIVolumeFile `json:"items,omitempty" protobuf:"bytes,1,rep,name=items"` 5732 // Optional: mode bits to use on created files by default. Must be a 5733 // value between 0 and 0777. Defaults to 0644. 5734 // Directories within the path are not affected by this setting. 5735 // This might be in conflict with other options that affect the file 5736 // mode, like fsGroup, and the result can be other mode bits set. 5737 // +optional 5738 DefaultMode *int32 `json:"defaultMode,omitempty" protobuf:"varint,2,opt,name=defaultMode"` 5739} 5740 5741const ( 5742 DownwardAPIVolumeSourceDefaultMode int32 = 0644 5743) 5744 5745// DownwardAPIVolumeFile represents information to create the file containing the pod field 5746type DownwardAPIVolumeFile struct { 5747 // Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..' 5748 Path string `json:"path" protobuf:"bytes,1,opt,name=path"` 5749 // Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. 5750 // +optional 5751 FieldRef *ObjectFieldSelector `json:"fieldRef,omitempty" protobuf:"bytes,2,opt,name=fieldRef"` 5752 // Selects a resource of the container: only resources limits and requests 5753 // (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. 5754 // +optional 5755 ResourceFieldRef *ResourceFieldSelector `json:"resourceFieldRef,omitempty" protobuf:"bytes,3,opt,name=resourceFieldRef"` 5756 // Optional: mode bits to use on this file, must be a value between 0 5757 // and 0777. If not specified, the volume defaultMode will be used. 5758 // This might be in conflict with other options that affect the file 5759 // mode, like fsGroup, and the result can be other mode bits set. 5760 // +optional 5761 Mode *int32 `json:"mode,omitempty" protobuf:"varint,4,opt,name=mode"` 5762} 5763 5764// Represents downward API info for projecting into a projected volume. 5765// Note that this is identical to a downwardAPI volume source without the default 5766// mode. 5767type DownwardAPIProjection struct { 5768 // Items is a list of DownwardAPIVolume file 5769 // +optional 5770 Items []DownwardAPIVolumeFile `json:"items,omitempty" protobuf:"bytes,1,rep,name=items"` 5771} 5772 5773// SecurityContext holds security configuration that will be applied to a container. 5774// Some fields are present in both SecurityContext and PodSecurityContext. When both 5775// are set, the values in SecurityContext take precedence. 5776type SecurityContext struct { 5777 // The capabilities to add/drop when running containers. 5778 // Defaults to the default set of capabilities granted by the container runtime. 5779 // +optional 5780 Capabilities *Capabilities `json:"capabilities,omitempty" protobuf:"bytes,1,opt,name=capabilities"` 5781 // Run container in privileged mode. 5782 // Processes in privileged containers are essentially equivalent to root on the host. 5783 // Defaults to false. 5784 // +optional 5785 Privileged *bool `json:"privileged,omitempty" protobuf:"varint,2,opt,name=privileged"` 5786 // The SELinux context to be applied to the container. 5787 // If unspecified, the container runtime will allocate a random SELinux context for each 5788 // container. May also be set in PodSecurityContext. If set in both SecurityContext and 5789 // PodSecurityContext, the value specified in SecurityContext takes precedence. 5790 // +optional 5791 SELinuxOptions *SELinuxOptions `json:"seLinuxOptions,omitempty" protobuf:"bytes,3,opt,name=seLinuxOptions"` 5792 // The Windows specific settings applied to all containers. 5793 // If unspecified, the options from the PodSecurityContext will be used. 5794 // If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. 5795 // +optional 5796 WindowsOptions *WindowsSecurityContextOptions `json:"windowsOptions,omitempty" protobuf:"bytes,10,opt,name=windowsOptions"` 5797 // The UID to run the entrypoint of the container process. 5798 // Defaults to user specified in image metadata if unspecified. 5799 // May also be set in PodSecurityContext. If set in both SecurityContext and 5800 // PodSecurityContext, the value specified in SecurityContext takes precedence. 5801 // +optional 5802 RunAsUser *int64 `json:"runAsUser,omitempty" protobuf:"varint,4,opt,name=runAsUser"` 5803 // The GID to run the entrypoint of the container process. 5804 // Uses runtime default if unset. 5805 // May also be set in PodSecurityContext. If set in both SecurityContext and 5806 // PodSecurityContext, the value specified in SecurityContext takes precedence. 5807 // +optional 5808 RunAsGroup *int64 `json:"runAsGroup,omitempty" protobuf:"varint,8,opt,name=runAsGroup"` 5809 // Indicates that the container must run as a non-root user. 5810 // If true, the Kubelet will validate the image at runtime to ensure that it 5811 // does not run as UID 0 (root) and fail to start the container if it does. 5812 // If unset or false, no such validation will be performed. 5813 // May also be set in PodSecurityContext. If set in both SecurityContext and 5814 // PodSecurityContext, the value specified in SecurityContext takes precedence. 5815 // +optional 5816 RunAsNonRoot *bool `json:"runAsNonRoot,omitempty" protobuf:"varint,5,opt,name=runAsNonRoot"` 5817 // Whether this container has a read-only root filesystem. 5818 // Default is false. 5819 // +optional 5820 ReadOnlyRootFilesystem *bool `json:"readOnlyRootFilesystem,omitempty" protobuf:"varint,6,opt,name=readOnlyRootFilesystem"` 5821 // AllowPrivilegeEscalation controls whether a process can gain more 5822 // privileges than its parent process. This bool directly controls if 5823 // the no_new_privs flag will be set on the container process. 5824 // AllowPrivilegeEscalation is true always when the container is: 5825 // 1) run as Privileged 5826 // 2) has CAP_SYS_ADMIN 5827 // +optional 5828 AllowPrivilegeEscalation *bool `json:"allowPrivilegeEscalation,omitempty" protobuf:"varint,7,opt,name=allowPrivilegeEscalation"` 5829 // procMount denotes the type of proc mount to use for the containers. 5830 // The default is DefaultProcMount which uses the container runtime defaults for 5831 // readonly paths and masked paths. 5832 // This requires the ProcMountType feature flag to be enabled. 5833 // +optional 5834 ProcMount *ProcMountType `json:"procMount,omitempty" protobuf:"bytes,9,opt,name=procMount"` 5835} 5836 5837type ProcMountType string 5838 5839const ( 5840 // DefaultProcMount uses the container runtime defaults for readonly and masked 5841 // paths for /proc. Most container runtimes mask certain paths in /proc to avoid 5842 // accidental security exposure of special devices or information. 5843 DefaultProcMount ProcMountType = "Default" 5844 5845 // UnmaskedProcMount bypasses the default masking behavior of the container 5846 // runtime and ensures the newly created /proc the container stays in tact with 5847 // no modifications. 5848 UnmaskedProcMount ProcMountType = "Unmasked" 5849) 5850 5851// SELinuxOptions are the labels to be applied to the container 5852type SELinuxOptions struct { 5853 // User is a SELinux user label that applies to the container. 5854 // +optional 5855 User string `json:"user,omitempty" protobuf:"bytes,1,opt,name=user"` 5856 // Role is a SELinux role label that applies to the container. 5857 // +optional 5858 Role string `json:"role,omitempty" protobuf:"bytes,2,opt,name=role"` 5859 // Type is a SELinux type label that applies to the container. 5860 // +optional 5861 Type string `json:"type,omitempty" protobuf:"bytes,3,opt,name=type"` 5862 // Level is SELinux level label that applies to the container. 5863 // +optional 5864 Level string `json:"level,omitempty" protobuf:"bytes,4,opt,name=level"` 5865} 5866 5867// WindowsSecurityContextOptions contain Windows-specific options and credentials. 5868type WindowsSecurityContextOptions struct { 5869 // GMSACredentialSpecName is the name of the GMSA credential spec to use. 5870 // +optional 5871 GMSACredentialSpecName *string `json:"gmsaCredentialSpecName,omitempty" protobuf:"bytes,1,opt,name=gmsaCredentialSpecName"` 5872 5873 // GMSACredentialSpec is where the GMSA admission webhook 5874 // (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the 5875 // GMSA credential spec named by the GMSACredentialSpecName field. 5876 // +optional 5877 GMSACredentialSpec *string `json:"gmsaCredentialSpec,omitempty" protobuf:"bytes,2,opt,name=gmsaCredentialSpec"` 5878 5879 // The UserName in Windows to run the entrypoint of the container process. 5880 // Defaults to the user specified in image metadata if unspecified. 5881 // May also be set in PodSecurityContext. If set in both SecurityContext and 5882 // PodSecurityContext, the value specified in SecurityContext takes precedence. 5883 // +optional 5884 RunAsUserName *string `json:"runAsUserName,omitempty" protobuf:"bytes,3,opt,name=runAsUserName"` 5885} 5886 5887// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 5888 5889// RangeAllocation is not a public type. 5890type RangeAllocation struct { 5891 metav1.TypeMeta `json:",inline"` 5892 // Standard object's metadata. 5893 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata 5894 // +optional 5895 metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 5896 5897 // Range is string that identifies the range represented by 'data'. 5898 Range string `json:"range" protobuf:"bytes,2,opt,name=range"` 5899 // Data is a bit array containing all allocated addresses in the previous segment. 5900 Data []byte `json:"data" protobuf:"bytes,3,opt,name=data"` 5901} 5902 5903const ( 5904 // "default-scheduler" is the name of default scheduler. 5905 DefaultSchedulerName = "default-scheduler" 5906 5907 // RequiredDuringScheduling affinity is not symmetric, but there is an implicit PreferredDuringScheduling affinity rule 5908 // corresponding to every RequiredDuringScheduling affinity rule. 5909 // When the --hard-pod-affinity-weight scheduler flag is not specified, 5910 // DefaultHardPodAffinityWeight defines the weight of the implicit PreferredDuringScheduling affinity rule. 5911 DefaultHardPodAffinitySymmetricWeight int32 = 1 5912) 5913 5914// Sysctl defines a kernel parameter to be set 5915type Sysctl struct { 5916 // Name of a property to set 5917 Name string `json:"name" protobuf:"bytes,1,opt,name=name"` 5918 // Value of a property to set 5919 Value string `json:"value" protobuf:"bytes,2,opt,name=value"` 5920} 5921 5922// NodeResources is an object for conveying resource information about a node. 5923// see http://releases.k8s.io/HEAD/docs/design/resources.md for more details. 5924type NodeResources struct { 5925 // Capacity represents the available resources of a node 5926 Capacity ResourceList `protobuf:"bytes,1,rep,name=capacity,casttype=ResourceList,castkey=ResourceName"` 5927} 5928 5929const ( 5930 // Enable stdin for remote command execution 5931 ExecStdinParam = "input" 5932 // Enable stdout for remote command execution 5933 ExecStdoutParam = "output" 5934 // Enable stderr for remote command execution 5935 ExecStderrParam = "error" 5936 // Enable TTY for remote command execution 5937 ExecTTYParam = "tty" 5938 // Command to run for remote command execution 5939 ExecCommandParam = "command" 5940 5941 // Name of header that specifies stream type 5942 StreamType = "streamType" 5943 // Value for streamType header for stdin stream 5944 StreamTypeStdin = "stdin" 5945 // Value for streamType header for stdout stream 5946 StreamTypeStdout = "stdout" 5947 // Value for streamType header for stderr stream 5948 StreamTypeStderr = "stderr" 5949 // Value for streamType header for data stream 5950 StreamTypeData = "data" 5951 // Value for streamType header for error stream 5952 StreamTypeError = "error" 5953 // Value for streamType header for terminal resize stream 5954 StreamTypeResize = "resize" 5955 5956 // Name of header that specifies the port being forwarded 5957 PortHeader = "port" 5958 // Name of header that specifies a request ID used to associate the error 5959 // and data streams for a single forwarded connection 5960 PortForwardRequestIDHeader = "requestID" 5961) 5962