1/* 2Copyright 2015 The Kubernetes Authors. 3 4Licensed under the Apache License, Version 2.0 (the "License"); 5you may not use this file except in compliance with the License. 6You may obtain a copy of the License at 7 8 http://www.apache.org/licenses/LICENSE-2.0 9 10Unless required by applicable law or agreed to in writing, software 11distributed under the License is distributed on an "AS IS" BASIS, 12WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13See the License for the specific language governing permissions and 14limitations under the License. 15*/ 16 17package v1 18 19import ( 20 "k8s.io/apimachinery/pkg/api/resource" 21 metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" 22 "k8s.io/apimachinery/pkg/types" 23 "k8s.io/apimachinery/pkg/util/intstr" 24) 25 26const ( 27 // NamespaceDefault means the object is in the default namespace which is applied when not specified by clients 28 NamespaceDefault string = "default" 29 // NamespaceAll is the default argument to specify on a context when you want to list or filter resources across all namespaces 30 NamespaceAll string = "" 31 // NamespaceNodeLease is the namespace where we place node lease objects (used for node heartbeats) 32 NamespaceNodeLease string = "kube-node-lease" 33 // TopologyKeyAny is the service topology key that matches any node 34 TopologyKeyAny string = "*" 35) 36 37// Volume represents a named volume in a pod that may be accessed by any container in the pod. 38type Volume struct { 39 // Volume's name. 40 // Must be a DNS_LABEL and unique within the pod. 41 // More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 42 Name string `json:"name" protobuf:"bytes,1,opt,name=name"` 43 // VolumeSource represents the location and type of the mounted volume. 44 // If not specified, the Volume is implied to be an EmptyDir. 45 // This implied behavior is deprecated and will be removed in a future version. 46 VolumeSource `json:",inline" protobuf:"bytes,2,opt,name=volumeSource"` 47} 48 49// Represents the source of a volume to mount. 50// Only one of its members may be specified. 51type VolumeSource struct { 52 // HostPath represents a pre-existing file or directory on the host 53 // machine that is directly exposed to the container. This is generally 54 // used for system agents or other privileged things that are allowed 55 // to see the host machine. Most containers will NOT need this. 56 // More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath 57 // --- 58 // TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not 59 // mount host directories as read/write. 60 // +optional 61 HostPath *HostPathVolumeSource `json:"hostPath,omitempty" protobuf:"bytes,1,opt,name=hostPath"` 62 // EmptyDir represents a temporary directory that shares a pod's lifetime. 63 // More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir 64 // +optional 65 EmptyDir *EmptyDirVolumeSource `json:"emptyDir,omitempty" protobuf:"bytes,2,opt,name=emptyDir"` 66 // GCEPersistentDisk represents a GCE Disk resource that is attached to a 67 // kubelet's host machine and then exposed to the pod. 68 // More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk 69 // +optional 70 GCEPersistentDisk *GCEPersistentDiskVolumeSource `json:"gcePersistentDisk,omitempty" protobuf:"bytes,3,opt,name=gcePersistentDisk"` 71 // AWSElasticBlockStore represents an AWS Disk resource that is attached to a 72 // kubelet's host machine and then exposed to the pod. 73 // More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore 74 // +optional 75 AWSElasticBlockStore *AWSElasticBlockStoreVolumeSource `json:"awsElasticBlockStore,omitempty" protobuf:"bytes,4,opt,name=awsElasticBlockStore"` 76 // GitRepo represents a git repository at a particular revision. 77 // DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an 78 // EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir 79 // into the Pod's container. 80 // +optional 81 GitRepo *GitRepoVolumeSource `json:"gitRepo,omitempty" protobuf:"bytes,5,opt,name=gitRepo"` 82 // Secret represents a secret that should populate this volume. 83 // More info: https://kubernetes.io/docs/concepts/storage/volumes#secret 84 // +optional 85 Secret *SecretVolumeSource `json:"secret,omitempty" protobuf:"bytes,6,opt,name=secret"` 86 // NFS represents an NFS mount on the host that shares a pod's lifetime 87 // More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs 88 // +optional 89 NFS *NFSVolumeSource `json:"nfs,omitempty" protobuf:"bytes,7,opt,name=nfs"` 90 // ISCSI represents an ISCSI Disk resource that is attached to a 91 // kubelet's host machine and then exposed to the pod. 92 // More info: https://examples.k8s.io/volumes/iscsi/README.md 93 // +optional 94 ISCSI *ISCSIVolumeSource `json:"iscsi,omitempty" protobuf:"bytes,8,opt,name=iscsi"` 95 // Glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. 96 // More info: https://examples.k8s.io/volumes/glusterfs/README.md 97 // +optional 98 Glusterfs *GlusterfsVolumeSource `json:"glusterfs,omitempty" protobuf:"bytes,9,opt,name=glusterfs"` 99 // PersistentVolumeClaimVolumeSource represents a reference to a 100 // PersistentVolumeClaim in the same namespace. 101 // More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims 102 // +optional 103 PersistentVolumeClaim *PersistentVolumeClaimVolumeSource `json:"persistentVolumeClaim,omitempty" protobuf:"bytes,10,opt,name=persistentVolumeClaim"` 104 // RBD represents a Rados Block Device mount on the host that shares a pod's lifetime. 105 // More info: https://examples.k8s.io/volumes/rbd/README.md 106 // +optional 107 RBD *RBDVolumeSource `json:"rbd,omitempty" protobuf:"bytes,11,opt,name=rbd"` 108 // FlexVolume represents a generic volume resource that is 109 // provisioned/attached using an exec based plugin. 110 // +optional 111 FlexVolume *FlexVolumeSource `json:"flexVolume,omitempty" protobuf:"bytes,12,opt,name=flexVolume"` 112 // Cinder represents a cinder volume attached and mounted on kubelets host machine. 113 // More info: https://examples.k8s.io/mysql-cinder-pd/README.md 114 // +optional 115 Cinder *CinderVolumeSource `json:"cinder,omitempty" protobuf:"bytes,13,opt,name=cinder"` 116 // CephFS represents a Ceph FS mount on the host that shares a pod's lifetime 117 // +optional 118 CephFS *CephFSVolumeSource `json:"cephfs,omitempty" protobuf:"bytes,14,opt,name=cephfs"` 119 // Flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running 120 // +optional 121 Flocker *FlockerVolumeSource `json:"flocker,omitempty" protobuf:"bytes,15,opt,name=flocker"` 122 // DownwardAPI represents downward API about the pod that should populate this volume 123 // +optional 124 DownwardAPI *DownwardAPIVolumeSource `json:"downwardAPI,omitempty" protobuf:"bytes,16,opt,name=downwardAPI"` 125 // FC represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. 126 // +optional 127 FC *FCVolumeSource `json:"fc,omitempty" protobuf:"bytes,17,opt,name=fc"` 128 // AzureFile represents an Azure File Service mount on the host and bind mount to the pod. 129 // +optional 130 AzureFile *AzureFileVolumeSource `json:"azureFile,omitempty" protobuf:"bytes,18,opt,name=azureFile"` 131 // ConfigMap represents a configMap that should populate this volume 132 // +optional 133 ConfigMap *ConfigMapVolumeSource `json:"configMap,omitempty" protobuf:"bytes,19,opt,name=configMap"` 134 // VsphereVolume represents a vSphere volume attached and mounted on kubelets host machine 135 // +optional 136 VsphereVolume *VsphereVirtualDiskVolumeSource `json:"vsphereVolume,omitempty" protobuf:"bytes,20,opt,name=vsphereVolume"` 137 // Quobyte represents a Quobyte mount on the host that shares a pod's lifetime 138 // +optional 139 Quobyte *QuobyteVolumeSource `json:"quobyte,omitempty" protobuf:"bytes,21,opt,name=quobyte"` 140 // AzureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. 141 // +optional 142 AzureDisk *AzureDiskVolumeSource `json:"azureDisk,omitempty" protobuf:"bytes,22,opt,name=azureDisk"` 143 // PhotonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine 144 PhotonPersistentDisk *PhotonPersistentDiskVolumeSource `json:"photonPersistentDisk,omitempty" protobuf:"bytes,23,opt,name=photonPersistentDisk"` 145 // Items for all in one resources secrets, configmaps, and downward API 146 Projected *ProjectedVolumeSource `json:"projected,omitempty" protobuf:"bytes,26,opt,name=projected"` 147 // PortworxVolume represents a portworx volume attached and mounted on kubelets host machine 148 // +optional 149 PortworxVolume *PortworxVolumeSource `json:"portworxVolume,omitempty" protobuf:"bytes,24,opt,name=portworxVolume"` 150 // ScaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. 151 // +optional 152 ScaleIO *ScaleIOVolumeSource `json:"scaleIO,omitempty" protobuf:"bytes,25,opt,name=scaleIO"` 153 // StorageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. 154 // +optional 155 StorageOS *StorageOSVolumeSource `json:"storageos,omitempty" protobuf:"bytes,27,opt,name=storageos"` 156 // CSI (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). 157 // +optional 158 CSI *CSIVolumeSource `json:"csi,omitempty" protobuf:"bytes,28,opt,name=csi"` 159 // Ephemeral represents a volume that is handled by a cluster storage driver. 160 // The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, 161 // and deleted when the pod is removed. 162 // 163 // Use this if: 164 // a) the volume is only needed while the pod runs, 165 // b) features of normal volumes like restoring from snapshot or capacity 166 // tracking are needed, 167 // c) the storage driver is specified through a storage class, and 168 // d) the storage driver supports dynamic volume provisioning through 169 // a PersistentVolumeClaim (see EphemeralVolumeSource for more 170 // information on the connection between this volume type 171 // and PersistentVolumeClaim). 172 // 173 // Use PersistentVolumeClaim or one of the vendor-specific 174 // APIs for volumes that persist for longer than the lifecycle 175 // of an individual pod. 176 // 177 // Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to 178 // be used that way - see the documentation of the driver for 179 // more information. 180 // 181 // A pod can use both types of ephemeral volumes and 182 // persistent volumes at the same time. 183 // 184 // This is a beta feature and only available when the GenericEphemeralVolume 185 // feature gate is enabled. 186 // 187 // +optional 188 Ephemeral *EphemeralVolumeSource `json:"ephemeral,omitempty" protobuf:"bytes,29,opt,name=ephemeral"` 189} 190 191// PersistentVolumeClaimVolumeSource references the user's PVC in the same namespace. 192// This volume finds the bound PV and mounts that volume for the pod. A 193// PersistentVolumeClaimVolumeSource is, essentially, a wrapper around another 194// type of volume that is owned by someone else (the system). 195type PersistentVolumeClaimVolumeSource struct { 196 // ClaimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. 197 // More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims 198 ClaimName string `json:"claimName" protobuf:"bytes,1,opt,name=claimName"` 199 // Will force the ReadOnly setting in VolumeMounts. 200 // Default false. 201 // +optional 202 ReadOnly bool `json:"readOnly,omitempty" protobuf:"varint,2,opt,name=readOnly"` 203} 204 205// PersistentVolumeSource is similar to VolumeSource but meant for the 206// administrator who creates PVs. Exactly one of its members must be set. 207type PersistentVolumeSource struct { 208 // GCEPersistentDisk represents a GCE Disk resource that is attached to a 209 // kubelet's host machine and then exposed to the pod. Provisioned by an admin. 210 // More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk 211 // +optional 212 GCEPersistentDisk *GCEPersistentDiskVolumeSource `json:"gcePersistentDisk,omitempty" protobuf:"bytes,1,opt,name=gcePersistentDisk"` 213 // AWSElasticBlockStore represents an AWS Disk resource that is attached to a 214 // kubelet's host machine and then exposed to the pod. 215 // More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore 216 // +optional 217 AWSElasticBlockStore *AWSElasticBlockStoreVolumeSource `json:"awsElasticBlockStore,omitempty" protobuf:"bytes,2,opt,name=awsElasticBlockStore"` 218 // HostPath represents a directory on the host. 219 // Provisioned by a developer or tester. 220 // This is useful for single-node development and testing only! 221 // On-host storage is not supported in any way and WILL NOT WORK in a multi-node cluster. 222 // More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath 223 // +optional 224 HostPath *HostPathVolumeSource `json:"hostPath,omitempty" protobuf:"bytes,3,opt,name=hostPath"` 225 // Glusterfs represents a Glusterfs volume that is attached to a host and 226 // exposed to the pod. Provisioned by an admin. 227 // More info: https://examples.k8s.io/volumes/glusterfs/README.md 228 // +optional 229 Glusterfs *GlusterfsPersistentVolumeSource `json:"glusterfs,omitempty" protobuf:"bytes,4,opt,name=glusterfs"` 230 // NFS represents an NFS mount on the host. Provisioned by an admin. 231 // More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs 232 // +optional 233 NFS *NFSVolumeSource `json:"nfs,omitempty" protobuf:"bytes,5,opt,name=nfs"` 234 // RBD represents a Rados Block Device mount on the host that shares a pod's lifetime. 235 // More info: https://examples.k8s.io/volumes/rbd/README.md 236 // +optional 237 RBD *RBDPersistentVolumeSource `json:"rbd,omitempty" protobuf:"bytes,6,opt,name=rbd"` 238 // ISCSI represents an ISCSI Disk resource that is attached to a 239 // kubelet's host machine and then exposed to the pod. Provisioned by an admin. 240 // +optional 241 ISCSI *ISCSIPersistentVolumeSource `json:"iscsi,omitempty" protobuf:"bytes,7,opt,name=iscsi"` 242 // Cinder represents a cinder volume attached and mounted on kubelets host machine. 243 // More info: https://examples.k8s.io/mysql-cinder-pd/README.md 244 // +optional 245 Cinder *CinderPersistentVolumeSource `json:"cinder,omitempty" protobuf:"bytes,8,opt,name=cinder"` 246 // CephFS represents a Ceph FS mount on the host that shares a pod's lifetime 247 // +optional 248 CephFS *CephFSPersistentVolumeSource `json:"cephfs,omitempty" protobuf:"bytes,9,opt,name=cephfs"` 249 // FC represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. 250 // +optional 251 FC *FCVolumeSource `json:"fc,omitempty" protobuf:"bytes,10,opt,name=fc"` 252 // Flocker represents a Flocker volume attached to a kubelet's host machine and exposed to the pod for its usage. This depends on the Flocker control service being running 253 // +optional 254 Flocker *FlockerVolumeSource `json:"flocker,omitempty" protobuf:"bytes,11,opt,name=flocker"` 255 // FlexVolume represents a generic volume resource that is 256 // provisioned/attached using an exec based plugin. 257 // +optional 258 FlexVolume *FlexPersistentVolumeSource `json:"flexVolume,omitempty" protobuf:"bytes,12,opt,name=flexVolume"` 259 // AzureFile represents an Azure File Service mount on the host and bind mount to the pod. 260 // +optional 261 AzureFile *AzureFilePersistentVolumeSource `json:"azureFile,omitempty" protobuf:"bytes,13,opt,name=azureFile"` 262 // VsphereVolume represents a vSphere volume attached and mounted on kubelets host machine 263 // +optional 264 VsphereVolume *VsphereVirtualDiskVolumeSource `json:"vsphereVolume,omitempty" protobuf:"bytes,14,opt,name=vsphereVolume"` 265 // Quobyte represents a Quobyte mount on the host that shares a pod's lifetime 266 // +optional 267 Quobyte *QuobyteVolumeSource `json:"quobyte,omitempty" protobuf:"bytes,15,opt,name=quobyte"` 268 // AzureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. 269 // +optional 270 AzureDisk *AzureDiskVolumeSource `json:"azureDisk,omitempty" protobuf:"bytes,16,opt,name=azureDisk"` 271 // PhotonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine 272 PhotonPersistentDisk *PhotonPersistentDiskVolumeSource `json:"photonPersistentDisk,omitempty" protobuf:"bytes,17,opt,name=photonPersistentDisk"` 273 // PortworxVolume represents a portworx volume attached and mounted on kubelets host machine 274 // +optional 275 PortworxVolume *PortworxVolumeSource `json:"portworxVolume,omitempty" protobuf:"bytes,18,opt,name=portworxVolume"` 276 // ScaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. 277 // +optional 278 ScaleIO *ScaleIOPersistentVolumeSource `json:"scaleIO,omitempty" protobuf:"bytes,19,opt,name=scaleIO"` 279 // Local represents directly-attached storage with node affinity 280 // +optional 281 Local *LocalVolumeSource `json:"local,omitempty" protobuf:"bytes,20,opt,name=local"` 282 // StorageOS represents a StorageOS volume that is attached to the kubelet's host machine and mounted into the pod 283 // More info: https://examples.k8s.io/volumes/storageos/README.md 284 // +optional 285 StorageOS *StorageOSPersistentVolumeSource `json:"storageos,omitempty" protobuf:"bytes,21,opt,name=storageos"` 286 // CSI represents storage that is handled by an external CSI driver (Beta feature). 287 // +optional 288 CSI *CSIPersistentVolumeSource `json:"csi,omitempty" protobuf:"bytes,22,opt,name=csi"` 289} 290 291const ( 292 // BetaStorageClassAnnotation represents the beta/previous StorageClass annotation. 293 // It's currently still used and will be held for backwards compatibility 294 BetaStorageClassAnnotation = "volume.beta.kubernetes.io/storage-class" 295 296 // MountOptionAnnotation defines mount option annotation used in PVs 297 MountOptionAnnotation = "volume.beta.kubernetes.io/mount-options" 298) 299 300// +genclient 301// +genclient:nonNamespaced 302// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 303 304// PersistentVolume (PV) is a storage resource provisioned by an administrator. 305// It is analogous to a node. 306// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes 307type PersistentVolume struct { 308 metav1.TypeMeta `json:",inline"` 309 // Standard object's metadata. 310 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata 311 // +optional 312 metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 313 314 // Spec defines a specification of a persistent volume owned by the cluster. 315 // Provisioned by an administrator. 316 // More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistent-volumes 317 // +optional 318 Spec PersistentVolumeSpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"` 319 320 // Status represents the current information/status for the persistent volume. 321 // Populated by the system. 322 // Read-only. 323 // More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistent-volumes 324 // +optional 325 Status PersistentVolumeStatus `json:"status,omitempty" protobuf:"bytes,3,opt,name=status"` 326} 327 328// PersistentVolumeSpec is the specification of a persistent volume. 329type PersistentVolumeSpec struct { 330 // A description of the persistent volume's resources and capacity. 331 // More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#capacity 332 // +optional 333 Capacity ResourceList `json:"capacity,omitempty" protobuf:"bytes,1,rep,name=capacity,casttype=ResourceList,castkey=ResourceName"` 334 // The actual volume backing the persistent volume. 335 PersistentVolumeSource `json:",inline" protobuf:"bytes,2,opt,name=persistentVolumeSource"` 336 // AccessModes contains all ways the volume can be mounted. 337 // More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes 338 // +optional 339 AccessModes []PersistentVolumeAccessMode `json:"accessModes,omitempty" protobuf:"bytes,3,rep,name=accessModes,casttype=PersistentVolumeAccessMode"` 340 // ClaimRef is part of a bi-directional binding between PersistentVolume and PersistentVolumeClaim. 341 // Expected to be non-nil when bound. 342 // claim.VolumeName is the authoritative bind between PV and PVC. 343 // More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#binding 344 // +optional 345 ClaimRef *ObjectReference `json:"claimRef,omitempty" protobuf:"bytes,4,opt,name=claimRef"` 346 // What happens to a persistent volume when released from its claim. 347 // Valid options are Retain (default for manually created PersistentVolumes), Delete (default 348 // for dynamically provisioned PersistentVolumes), and Recycle (deprecated). 349 // Recycle must be supported by the volume plugin underlying this PersistentVolume. 350 // More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#reclaiming 351 // +optional 352 PersistentVolumeReclaimPolicy PersistentVolumeReclaimPolicy `json:"persistentVolumeReclaimPolicy,omitempty" protobuf:"bytes,5,opt,name=persistentVolumeReclaimPolicy,casttype=PersistentVolumeReclaimPolicy"` 353 // Name of StorageClass to which this persistent volume belongs. Empty value 354 // means that this volume does not belong to any StorageClass. 355 // +optional 356 StorageClassName string `json:"storageClassName,omitempty" protobuf:"bytes,6,opt,name=storageClassName"` 357 // A list of mount options, e.g. ["ro", "soft"]. Not validated - mount will 358 // simply fail if one is invalid. 359 // More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes/#mount-options 360 // +optional 361 MountOptions []string `json:"mountOptions,omitempty" protobuf:"bytes,7,opt,name=mountOptions"` 362 // volumeMode defines if a volume is intended to be used with a formatted filesystem 363 // or to remain in raw block state. Value of Filesystem is implied when not included in spec. 364 // +optional 365 VolumeMode *PersistentVolumeMode `json:"volumeMode,omitempty" protobuf:"bytes,8,opt,name=volumeMode,casttype=PersistentVolumeMode"` 366 // NodeAffinity defines constraints that limit what nodes this volume can be accessed from. 367 // This field influences the scheduling of pods that use this volume. 368 // +optional 369 NodeAffinity *VolumeNodeAffinity `json:"nodeAffinity,omitempty" protobuf:"bytes,9,opt,name=nodeAffinity"` 370} 371 372// VolumeNodeAffinity defines constraints that limit what nodes this volume can be accessed from. 373type VolumeNodeAffinity struct { 374 // Required specifies hard node constraints that must be met. 375 Required *NodeSelector `json:"required,omitempty" protobuf:"bytes,1,opt,name=required"` 376} 377 378// PersistentVolumeReclaimPolicy describes a policy for end-of-life maintenance of persistent volumes. 379type PersistentVolumeReclaimPolicy string 380 381const ( 382 // PersistentVolumeReclaimRecycle means the volume will be recycled back into the pool of unbound persistent volumes on release from its claim. 383 // The volume plugin must support Recycling. 384 PersistentVolumeReclaimRecycle PersistentVolumeReclaimPolicy = "Recycle" 385 // PersistentVolumeReclaimDelete means the volume will be deleted from Kubernetes on release from its claim. 386 // The volume plugin must support Deletion. 387 PersistentVolumeReclaimDelete PersistentVolumeReclaimPolicy = "Delete" 388 // PersistentVolumeReclaimRetain means the volume will be left in its current phase (Released) for manual reclamation by the administrator. 389 // The default policy is Retain. 390 PersistentVolumeReclaimRetain PersistentVolumeReclaimPolicy = "Retain" 391) 392 393// PersistentVolumeMode describes how a volume is intended to be consumed, either Block or Filesystem. 394type PersistentVolumeMode string 395 396const ( 397 // PersistentVolumeBlock means the volume will not be formatted with a filesystem and will remain a raw block device. 398 PersistentVolumeBlock PersistentVolumeMode = "Block" 399 // PersistentVolumeFilesystem means the volume will be or is formatted with a filesystem. 400 PersistentVolumeFilesystem PersistentVolumeMode = "Filesystem" 401) 402 403// PersistentVolumeStatus is the current status of a persistent volume. 404type PersistentVolumeStatus struct { 405 // Phase indicates if a volume is available, bound to a claim, or released by a claim. 406 // More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#phase 407 // +optional 408 Phase PersistentVolumePhase `json:"phase,omitempty" protobuf:"bytes,1,opt,name=phase,casttype=PersistentVolumePhase"` 409 // A human-readable message indicating details about why the volume is in this state. 410 // +optional 411 Message string `json:"message,omitempty" protobuf:"bytes,2,opt,name=message"` 412 // Reason is a brief CamelCase string that describes any failure and is meant 413 // for machine parsing and tidy display in the CLI. 414 // +optional 415 Reason string `json:"reason,omitempty" protobuf:"bytes,3,opt,name=reason"` 416} 417 418// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 419 420// PersistentVolumeList is a list of PersistentVolume items. 421type PersistentVolumeList struct { 422 metav1.TypeMeta `json:",inline"` 423 // Standard list metadata. 424 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 425 // +optional 426 metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 427 // List of persistent volumes. 428 // More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes 429 Items []PersistentVolume `json:"items" protobuf:"bytes,2,rep,name=items"` 430} 431 432// +genclient 433// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 434 435// PersistentVolumeClaim is a user's request for and claim to a persistent volume 436type PersistentVolumeClaim struct { 437 metav1.TypeMeta `json:",inline"` 438 // Standard object's metadata. 439 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata 440 // +optional 441 metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 442 443 // Spec defines the desired characteristics of a volume requested by a pod author. 444 // More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims 445 // +optional 446 Spec PersistentVolumeClaimSpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"` 447 448 // Status represents the current information/status of a persistent volume claim. 449 // Read-only. 450 // More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims 451 // +optional 452 Status PersistentVolumeClaimStatus `json:"status,omitempty" protobuf:"bytes,3,opt,name=status"` 453} 454 455// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 456 457// PersistentVolumeClaimList is a list of PersistentVolumeClaim items. 458type PersistentVolumeClaimList struct { 459 metav1.TypeMeta `json:",inline"` 460 // Standard list metadata. 461 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 462 // +optional 463 metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 464 // A list of persistent volume claims. 465 // More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims 466 Items []PersistentVolumeClaim `json:"items" protobuf:"bytes,2,rep,name=items"` 467} 468 469// PersistentVolumeClaimSpec describes the common attributes of storage devices 470// and allows a Source for provider-specific attributes 471type PersistentVolumeClaimSpec struct { 472 // AccessModes contains the desired access modes the volume should have. 473 // More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 474 // +optional 475 AccessModes []PersistentVolumeAccessMode `json:"accessModes,omitempty" protobuf:"bytes,1,rep,name=accessModes,casttype=PersistentVolumeAccessMode"` 476 // A label query over volumes to consider for binding. 477 // +optional 478 Selector *metav1.LabelSelector `json:"selector,omitempty" protobuf:"bytes,4,opt,name=selector"` 479 // Resources represents the minimum resources the volume should have. 480 // More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources 481 // +optional 482 Resources ResourceRequirements `json:"resources,omitempty" protobuf:"bytes,2,opt,name=resources"` 483 // VolumeName is the binding reference to the PersistentVolume backing this claim. 484 // +optional 485 VolumeName string `json:"volumeName,omitempty" protobuf:"bytes,3,opt,name=volumeName"` 486 // Name of the StorageClass required by the claim. 487 // More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 488 // +optional 489 StorageClassName *string `json:"storageClassName,omitempty" protobuf:"bytes,5,opt,name=storageClassName"` 490 // volumeMode defines what type of volume is required by the claim. 491 // Value of Filesystem is implied when not included in claim spec. 492 // +optional 493 VolumeMode *PersistentVolumeMode `json:"volumeMode,omitempty" protobuf:"bytes,6,opt,name=volumeMode,casttype=PersistentVolumeMode"` 494 // This field can be used to specify either: 495 // * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) 496 // * An existing PVC (PersistentVolumeClaim) 497 // * An existing custom resource that implements data population (Alpha) 498 // In order to use custom resource types that implement data population, 499 // the AnyVolumeDataSource feature gate must be enabled. 500 // If the provisioner or an external controller can support the specified data source, 501 // it will create a new volume based on the contents of the specified data source. 502 // +optional 503 DataSource *TypedLocalObjectReference `json:"dataSource,omitempty" protobuf:"bytes,7,opt,name=dataSource"` 504} 505 506// PersistentVolumeClaimConditionType is a valid value of PersistentVolumeClaimCondition.Type 507type PersistentVolumeClaimConditionType string 508 509const ( 510 // PersistentVolumeClaimResizing - a user trigger resize of pvc has been started 511 PersistentVolumeClaimResizing PersistentVolumeClaimConditionType = "Resizing" 512 // PersistentVolumeClaimFileSystemResizePending - controller resize is finished and a file system resize is pending on node 513 PersistentVolumeClaimFileSystemResizePending PersistentVolumeClaimConditionType = "FileSystemResizePending" 514) 515 516// PersistentVolumeClaimCondition contails details about state of pvc 517type PersistentVolumeClaimCondition struct { 518 Type PersistentVolumeClaimConditionType `json:"type" protobuf:"bytes,1,opt,name=type,casttype=PersistentVolumeClaimConditionType"` 519 Status ConditionStatus `json:"status" protobuf:"bytes,2,opt,name=status,casttype=ConditionStatus"` 520 // Last time we probed the condition. 521 // +optional 522 LastProbeTime metav1.Time `json:"lastProbeTime,omitempty" protobuf:"bytes,3,opt,name=lastProbeTime"` 523 // Last time the condition transitioned from one status to another. 524 // +optional 525 LastTransitionTime metav1.Time `json:"lastTransitionTime,omitempty" protobuf:"bytes,4,opt,name=lastTransitionTime"` 526 // Unique, this should be a short, machine understandable string that gives the reason 527 // for condition's last transition. If it reports "ResizeStarted" that means the underlying 528 // persistent volume is being resized. 529 // +optional 530 Reason string `json:"reason,omitempty" protobuf:"bytes,5,opt,name=reason"` 531 // Human-readable message indicating details about last transition. 532 // +optional 533 Message string `json:"message,omitempty" protobuf:"bytes,6,opt,name=message"` 534} 535 536// PersistentVolumeClaimStatus is the current status of a persistent volume claim. 537type PersistentVolumeClaimStatus struct { 538 // Phase represents the current phase of PersistentVolumeClaim. 539 // +optional 540 Phase PersistentVolumeClaimPhase `json:"phase,omitempty" protobuf:"bytes,1,opt,name=phase,casttype=PersistentVolumeClaimPhase"` 541 // AccessModes contains the actual access modes the volume backing the PVC has. 542 // More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 543 // +optional 544 AccessModes []PersistentVolumeAccessMode `json:"accessModes,omitempty" protobuf:"bytes,2,rep,name=accessModes,casttype=PersistentVolumeAccessMode"` 545 // Represents the actual resources of the underlying volume. 546 // +optional 547 Capacity ResourceList `json:"capacity,omitempty" protobuf:"bytes,3,rep,name=capacity,casttype=ResourceList,castkey=ResourceName"` 548 // Current Condition of persistent volume claim. If underlying persistent volume is being 549 // resized then the Condition will be set to 'ResizeStarted'. 550 // +optional 551 // +patchMergeKey=type 552 // +patchStrategy=merge 553 Conditions []PersistentVolumeClaimCondition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,4,rep,name=conditions"` 554} 555 556type PersistentVolumeAccessMode string 557 558const ( 559 // can be mounted in read/write mode to exactly 1 host 560 ReadWriteOnce PersistentVolumeAccessMode = "ReadWriteOnce" 561 // can be mounted in read-only mode to many hosts 562 ReadOnlyMany PersistentVolumeAccessMode = "ReadOnlyMany" 563 // can be mounted in read/write mode to many hosts 564 ReadWriteMany PersistentVolumeAccessMode = "ReadWriteMany" 565) 566 567type PersistentVolumePhase string 568 569const ( 570 // used for PersistentVolumes that are not available 571 VolumePending PersistentVolumePhase = "Pending" 572 // used for PersistentVolumes that are not yet bound 573 // Available volumes are held by the binder and matched to PersistentVolumeClaims 574 VolumeAvailable PersistentVolumePhase = "Available" 575 // used for PersistentVolumes that are bound 576 VolumeBound PersistentVolumePhase = "Bound" 577 // used for PersistentVolumes where the bound PersistentVolumeClaim was deleted 578 // released volumes must be recycled before becoming available again 579 // this phase is used by the persistent volume claim binder to signal to another process to reclaim the resource 580 VolumeReleased PersistentVolumePhase = "Released" 581 // used for PersistentVolumes that failed to be correctly recycled or deleted after being released from a claim 582 VolumeFailed PersistentVolumePhase = "Failed" 583) 584 585type PersistentVolumeClaimPhase string 586 587const ( 588 // used for PersistentVolumeClaims that are not yet bound 589 ClaimPending PersistentVolumeClaimPhase = "Pending" 590 // used for PersistentVolumeClaims that are bound 591 ClaimBound PersistentVolumeClaimPhase = "Bound" 592 // used for PersistentVolumeClaims that lost their underlying 593 // PersistentVolume. The claim was bound to a PersistentVolume and this 594 // volume does not exist any longer and all data on it was lost. 595 ClaimLost PersistentVolumeClaimPhase = "Lost" 596) 597 598type HostPathType string 599 600const ( 601 // For backwards compatible, leave it empty if unset 602 HostPathUnset HostPathType = "" 603 // If nothing exists at the given path, an empty directory will be created there 604 // as needed with file mode 0755, having the same group and ownership with Kubelet. 605 HostPathDirectoryOrCreate HostPathType = "DirectoryOrCreate" 606 // A directory must exist at the given path 607 HostPathDirectory HostPathType = "Directory" 608 // If nothing exists at the given path, an empty file will be created there 609 // as needed with file mode 0644, having the same group and ownership with Kubelet. 610 HostPathFileOrCreate HostPathType = "FileOrCreate" 611 // A file must exist at the given path 612 HostPathFile HostPathType = "File" 613 // A UNIX socket must exist at the given path 614 HostPathSocket HostPathType = "Socket" 615 // A character device must exist at the given path 616 HostPathCharDev HostPathType = "CharDevice" 617 // A block device must exist at the given path 618 HostPathBlockDev HostPathType = "BlockDevice" 619) 620 621// Represents a host path mapped into a pod. 622// Host path volumes do not support ownership management or SELinux relabeling. 623type HostPathVolumeSource struct { 624 // Path of the directory on the host. 625 // If the path is a symlink, it will follow the link to the real path. 626 // More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath 627 Path string `json:"path" protobuf:"bytes,1,opt,name=path"` 628 // Type for HostPath Volume 629 // Defaults to "" 630 // More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath 631 // +optional 632 Type *HostPathType `json:"type,omitempty" protobuf:"bytes,2,opt,name=type"` 633} 634 635// Represents an empty directory for a pod. 636// Empty directory volumes support ownership management and SELinux relabeling. 637type EmptyDirVolumeSource struct { 638 // What type of storage medium should back this directory. 639 // The default is "" which means to use the node's default medium. 640 // Must be an empty string (default) or Memory. 641 // More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir 642 // +optional 643 Medium StorageMedium `json:"medium,omitempty" protobuf:"bytes,1,opt,name=medium,casttype=StorageMedium"` 644 // Total amount of local storage required for this EmptyDir volume. 645 // The size limit is also applicable for memory medium. 646 // The maximum usage on memory medium EmptyDir would be the minimum value between 647 // the SizeLimit specified here and the sum of memory limits of all containers in a pod. 648 // The default is nil which means that the limit is undefined. 649 // More info: http://kubernetes.io/docs/user-guide/volumes#emptydir 650 // +optional 651 SizeLimit *resource.Quantity `json:"sizeLimit,omitempty" protobuf:"bytes,2,opt,name=sizeLimit"` 652} 653 654// Represents a Glusterfs mount that lasts the lifetime of a pod. 655// Glusterfs volumes do not support ownership management or SELinux relabeling. 656type GlusterfsVolumeSource struct { 657 // EndpointsName is the endpoint name that details Glusterfs topology. 658 // More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod 659 EndpointsName string `json:"endpoints" protobuf:"bytes,1,opt,name=endpoints"` 660 661 // Path is the Glusterfs volume path. 662 // More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod 663 Path string `json:"path" protobuf:"bytes,2,opt,name=path"` 664 665 // ReadOnly here will force the Glusterfs volume to be mounted with read-only permissions. 666 // Defaults to false. 667 // More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod 668 // +optional 669 ReadOnly bool `json:"readOnly,omitempty" protobuf:"varint,3,opt,name=readOnly"` 670} 671 672// Represents a Glusterfs mount that lasts the lifetime of a pod. 673// Glusterfs volumes do not support ownership management or SELinux relabeling. 674type GlusterfsPersistentVolumeSource struct { 675 // EndpointsName is the endpoint name that details Glusterfs topology. 676 // More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod 677 EndpointsName string `json:"endpoints" protobuf:"bytes,1,opt,name=endpoints"` 678 679 // Path is the Glusterfs volume path. 680 // More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod 681 Path string `json:"path" protobuf:"bytes,2,opt,name=path"` 682 683 // ReadOnly here will force the Glusterfs volume to be mounted with read-only permissions. 684 // Defaults to false. 685 // More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod 686 // +optional 687 ReadOnly bool `json:"readOnly,omitempty" protobuf:"varint,3,opt,name=readOnly"` 688 689 // EndpointsNamespace is the namespace that contains Glusterfs endpoint. 690 // If this field is empty, the EndpointNamespace defaults to the same namespace as the bound PVC. 691 // More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod 692 // +optional 693 EndpointsNamespace *string `json:"endpointsNamespace,omitempty" protobuf:"bytes,4,opt,name=endpointsNamespace"` 694} 695 696// Represents a Rados Block Device mount that lasts the lifetime of a pod. 697// RBD volumes support ownership management and SELinux relabeling. 698type RBDVolumeSource struct { 699 // A collection of Ceph monitors. 700 // More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it 701 CephMonitors []string `json:"monitors" protobuf:"bytes,1,rep,name=monitors"` 702 // The rados image name. 703 // More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it 704 RBDImage string `json:"image" protobuf:"bytes,2,opt,name=image"` 705 // Filesystem type of the volume that you want to mount. 706 // Tip: Ensure that the filesystem type is supported by the host operating system. 707 // Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 708 // More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd 709 // TODO: how do we prevent errors in the filesystem from compromising the machine 710 // +optional 711 FSType string `json:"fsType,omitempty" protobuf:"bytes,3,opt,name=fsType"` 712 // The rados pool name. 713 // Default is rbd. 714 // More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it 715 // +optional 716 RBDPool string `json:"pool,omitempty" protobuf:"bytes,4,opt,name=pool"` 717 // The rados user name. 718 // Default is admin. 719 // More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it 720 // +optional 721 RadosUser string `json:"user,omitempty" protobuf:"bytes,5,opt,name=user"` 722 // Keyring is the path to key ring for RBDUser. 723 // Default is /etc/ceph/keyring. 724 // More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it 725 // +optional 726 Keyring string `json:"keyring,omitempty" protobuf:"bytes,6,opt,name=keyring"` 727 // SecretRef is name of the authentication secret for RBDUser. If provided 728 // overrides keyring. 729 // Default is nil. 730 // More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it 731 // +optional 732 SecretRef *LocalObjectReference `json:"secretRef,omitempty" protobuf:"bytes,7,opt,name=secretRef"` 733 // ReadOnly here will force the ReadOnly setting in VolumeMounts. 734 // Defaults to false. 735 // More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it 736 // +optional 737 ReadOnly bool `json:"readOnly,omitempty" protobuf:"varint,8,opt,name=readOnly"` 738} 739 740// Represents a Rados Block Device mount that lasts the lifetime of a pod. 741// RBD volumes support ownership management and SELinux relabeling. 742type RBDPersistentVolumeSource struct { 743 // A collection of Ceph monitors. 744 // More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it 745 CephMonitors []string `json:"monitors" protobuf:"bytes,1,rep,name=monitors"` 746 // The rados image name. 747 // More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it 748 RBDImage string `json:"image" protobuf:"bytes,2,opt,name=image"` 749 // Filesystem type of the volume that you want to mount. 750 // Tip: Ensure that the filesystem type is supported by the host operating system. 751 // Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 752 // More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd 753 // TODO: how do we prevent errors in the filesystem from compromising the machine 754 // +optional 755 FSType string `json:"fsType,omitempty" protobuf:"bytes,3,opt,name=fsType"` 756 // The rados pool name. 757 // Default is rbd. 758 // More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it 759 // +optional 760 RBDPool string `json:"pool,omitempty" protobuf:"bytes,4,opt,name=pool"` 761 // The rados user name. 762 // Default is admin. 763 // More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it 764 // +optional 765 RadosUser string `json:"user,omitempty" protobuf:"bytes,5,opt,name=user"` 766 // Keyring is the path to key ring for RBDUser. 767 // Default is /etc/ceph/keyring. 768 // More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it 769 // +optional 770 Keyring string `json:"keyring,omitempty" protobuf:"bytes,6,opt,name=keyring"` 771 // SecretRef is name of the authentication secret for RBDUser. If provided 772 // overrides keyring. 773 // Default is nil. 774 // More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it 775 // +optional 776 SecretRef *SecretReference `json:"secretRef,omitempty" protobuf:"bytes,7,opt,name=secretRef"` 777 // ReadOnly here will force the ReadOnly setting in VolumeMounts. 778 // Defaults to false. 779 // More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it 780 // +optional 781 ReadOnly bool `json:"readOnly,omitempty" protobuf:"varint,8,opt,name=readOnly"` 782} 783 784// Represents a cinder volume resource in Openstack. 785// A Cinder volume must exist before mounting to a container. 786// The volume must also be in the same region as the kubelet. 787// Cinder volumes support ownership management and SELinux relabeling. 788type CinderVolumeSource struct { 789 // volume id used to identify the volume in cinder. 790 // More info: https://examples.k8s.io/mysql-cinder-pd/README.md 791 VolumeID string `json:"volumeID" protobuf:"bytes,1,opt,name=volumeID"` 792 // Filesystem type to mount. 793 // Must be a filesystem type supported by the host operating system. 794 // Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 795 // More info: https://examples.k8s.io/mysql-cinder-pd/README.md 796 // +optional 797 FSType string `json:"fsType,omitempty" protobuf:"bytes,2,opt,name=fsType"` 798 // Optional: Defaults to false (read/write). ReadOnly here will force 799 // the ReadOnly setting in VolumeMounts. 800 // More info: https://examples.k8s.io/mysql-cinder-pd/README.md 801 // +optional 802 ReadOnly bool `json:"readOnly,omitempty" protobuf:"varint,3,opt,name=readOnly"` 803 // Optional: points to a secret object containing parameters used to connect 804 // to OpenStack. 805 // +optional 806 SecretRef *LocalObjectReference `json:"secretRef,omitempty" protobuf:"bytes,4,opt,name=secretRef"` 807} 808 809// Represents a cinder volume resource in Openstack. 810// A Cinder volume must exist before mounting to a container. 811// The volume must also be in the same region as the kubelet. 812// Cinder volumes support ownership management and SELinux relabeling. 813type CinderPersistentVolumeSource struct { 814 // volume id used to identify the volume in cinder. 815 // More info: https://examples.k8s.io/mysql-cinder-pd/README.md 816 VolumeID string `json:"volumeID" protobuf:"bytes,1,opt,name=volumeID"` 817 // Filesystem type to mount. 818 // Must be a filesystem type supported by the host operating system. 819 // Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 820 // More info: https://examples.k8s.io/mysql-cinder-pd/README.md 821 // +optional 822 FSType string `json:"fsType,omitempty" protobuf:"bytes,2,opt,name=fsType"` 823 // Optional: Defaults to false (read/write). ReadOnly here will force 824 // the ReadOnly setting in VolumeMounts. 825 // More info: https://examples.k8s.io/mysql-cinder-pd/README.md 826 // +optional 827 ReadOnly bool `json:"readOnly,omitempty" protobuf:"varint,3,opt,name=readOnly"` 828 // Optional: points to a secret object containing parameters used to connect 829 // to OpenStack. 830 // +optional 831 SecretRef *SecretReference `json:"secretRef,omitempty" protobuf:"bytes,4,opt,name=secretRef"` 832} 833 834// Represents a Ceph Filesystem mount that lasts the lifetime of a pod 835// Cephfs volumes do not support ownership management or SELinux relabeling. 836type CephFSVolumeSource struct { 837 // Required: Monitors is a collection of Ceph monitors 838 // More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it 839 Monitors []string `json:"monitors" protobuf:"bytes,1,rep,name=monitors"` 840 // Optional: Used as the mounted root, rather than the full Ceph tree, default is / 841 // +optional 842 Path string `json:"path,omitempty" protobuf:"bytes,2,opt,name=path"` 843 // Optional: User is the rados user name, default is admin 844 // More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it 845 // +optional 846 User string `json:"user,omitempty" protobuf:"bytes,3,opt,name=user"` 847 // Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret 848 // More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it 849 // +optional 850 SecretFile string `json:"secretFile,omitempty" protobuf:"bytes,4,opt,name=secretFile"` 851 // Optional: SecretRef is reference to the authentication secret for User, default is empty. 852 // More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it 853 // +optional 854 SecretRef *LocalObjectReference `json:"secretRef,omitempty" protobuf:"bytes,5,opt,name=secretRef"` 855 // Optional: Defaults to false (read/write). ReadOnly here will force 856 // the ReadOnly setting in VolumeMounts. 857 // More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it 858 // +optional 859 ReadOnly bool `json:"readOnly,omitempty" protobuf:"varint,6,opt,name=readOnly"` 860} 861 862// SecretReference represents a Secret Reference. It has enough information to retrieve secret 863// in any namespace 864type SecretReference struct { 865 // Name is unique within a namespace to reference a secret resource. 866 // +optional 867 Name string `json:"name,omitempty" protobuf:"bytes,1,opt,name=name"` 868 // Namespace defines the space within which the secret name must be unique. 869 // +optional 870 Namespace string `json:"namespace,omitempty" protobuf:"bytes,2,opt,name=namespace"` 871} 872 873// Represents a Ceph Filesystem mount that lasts the lifetime of a pod 874// Cephfs volumes do not support ownership management or SELinux relabeling. 875type CephFSPersistentVolumeSource struct { 876 // Required: Monitors is a collection of Ceph monitors 877 // More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it 878 Monitors []string `json:"monitors" protobuf:"bytes,1,rep,name=monitors"` 879 // Optional: Used as the mounted root, rather than the full Ceph tree, default is / 880 // +optional 881 Path string `json:"path,omitempty" protobuf:"bytes,2,opt,name=path"` 882 // Optional: User is the rados user name, default is admin 883 // More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it 884 // +optional 885 User string `json:"user,omitempty" protobuf:"bytes,3,opt,name=user"` 886 // Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret 887 // More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it 888 // +optional 889 SecretFile string `json:"secretFile,omitempty" protobuf:"bytes,4,opt,name=secretFile"` 890 // Optional: SecretRef is reference to the authentication secret for User, default is empty. 891 // More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it 892 // +optional 893 SecretRef *SecretReference `json:"secretRef,omitempty" protobuf:"bytes,5,opt,name=secretRef"` 894 // Optional: Defaults to false (read/write). ReadOnly here will force 895 // the ReadOnly setting in VolumeMounts. 896 // More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it 897 // +optional 898 ReadOnly bool `json:"readOnly,omitempty" protobuf:"varint,6,opt,name=readOnly"` 899} 900 901// Represents a Flocker volume mounted by the Flocker agent. 902// One and only one of datasetName and datasetUUID should be set. 903// Flocker volumes do not support ownership management or SELinux relabeling. 904type FlockerVolumeSource struct { 905 // Name of the dataset stored as metadata -> name on the dataset for Flocker 906 // should be considered as deprecated 907 // +optional 908 DatasetName string `json:"datasetName,omitempty" protobuf:"bytes,1,opt,name=datasetName"` 909 // UUID of the dataset. This is unique identifier of a Flocker dataset 910 // +optional 911 DatasetUUID string `json:"datasetUUID,omitempty" protobuf:"bytes,2,opt,name=datasetUUID"` 912} 913 914// StorageMedium defines ways that storage can be allocated to a volume. 915type StorageMedium string 916 917const ( 918 StorageMediumDefault StorageMedium = "" // use whatever the default is for the node, assume anything we don't explicitly handle is this 919 StorageMediumMemory StorageMedium = "Memory" // use memory (e.g. tmpfs on linux) 920 StorageMediumHugePages StorageMedium = "HugePages" // use hugepages 921 StorageMediumHugePagesPrefix StorageMedium = "HugePages-" // prefix for full medium notation HugePages-<size> 922) 923 924// Protocol defines network protocols supported for things like container ports. 925type Protocol string 926 927const ( 928 // ProtocolTCP is the TCP protocol. 929 ProtocolTCP Protocol = "TCP" 930 // ProtocolUDP is the UDP protocol. 931 ProtocolUDP Protocol = "UDP" 932 // ProtocolSCTP is the SCTP protocol. 933 ProtocolSCTP Protocol = "SCTP" 934) 935 936// Represents a Persistent Disk resource in Google Compute Engine. 937// 938// A GCE PD must exist before mounting to a container. The disk must 939// also be in the same GCE project and zone as the kubelet. A GCE PD 940// can only be mounted as read/write once or read-only many times. GCE 941// PDs support ownership management and SELinux relabeling. 942type GCEPersistentDiskVolumeSource struct { 943 // Unique name of the PD resource in GCE. Used to identify the disk in GCE. 944 // More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk 945 PDName string `json:"pdName" protobuf:"bytes,1,opt,name=pdName"` 946 // Filesystem type of the volume that you want to mount. 947 // Tip: Ensure that the filesystem type is supported by the host operating system. 948 // Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 949 // More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk 950 // TODO: how do we prevent errors in the filesystem from compromising the machine 951 // +optional 952 FSType string `json:"fsType,omitempty" protobuf:"bytes,2,opt,name=fsType"` 953 // The partition in the volume that you want to mount. 954 // If omitted, the default is to mount by volume name. 955 // Examples: For volume /dev/sda1, you specify the partition as "1". 956 // Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). 957 // More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk 958 // +optional 959 Partition int32 `json:"partition,omitempty" protobuf:"varint,3,opt,name=partition"` 960 // ReadOnly here will force the ReadOnly setting in VolumeMounts. 961 // Defaults to false. 962 // More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk 963 // +optional 964 ReadOnly bool `json:"readOnly,omitempty" protobuf:"varint,4,opt,name=readOnly"` 965} 966 967// Represents a Quobyte mount that lasts the lifetime of a pod. 968// Quobyte volumes do not support ownership management or SELinux relabeling. 969type QuobyteVolumeSource struct { 970 // Registry represents a single or multiple Quobyte Registry services 971 // specified as a string as host:port pair (multiple entries are separated with commas) 972 // which acts as the central registry for volumes 973 Registry string `json:"registry" protobuf:"bytes,1,opt,name=registry"` 974 975 // Volume is a string that references an already created Quobyte volume by name. 976 Volume string `json:"volume" protobuf:"bytes,2,opt,name=volume"` 977 978 // ReadOnly here will force the Quobyte volume to be mounted with read-only permissions. 979 // Defaults to false. 980 // +optional 981 ReadOnly bool `json:"readOnly,omitempty" protobuf:"varint,3,opt,name=readOnly"` 982 983 // User to map volume access to 984 // Defaults to serivceaccount user 985 // +optional 986 User string `json:"user,omitempty" protobuf:"bytes,4,opt,name=user"` 987 988 // Group to map volume access to 989 // Default is no group 990 // +optional 991 Group string `json:"group,omitempty" protobuf:"bytes,5,opt,name=group"` 992 993 // Tenant owning the given Quobyte volume in the Backend 994 // Used with dynamically provisioned Quobyte volumes, value is set by the plugin 995 // +optional 996 Tenant string `json:"tenant,omitempty" protobuf:"bytes,6,opt,name=tenant"` 997} 998 999// FlexPersistentVolumeSource represents a generic persistent volume resource that is 1000// provisioned/attached using an exec based plugin. 1001type FlexPersistentVolumeSource struct { 1002 // Driver is the name of the driver to use for this volume. 1003 Driver string `json:"driver" protobuf:"bytes,1,opt,name=driver"` 1004 // Filesystem type to mount. 1005 // Must be a filesystem type supported by the host operating system. 1006 // Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script. 1007 // +optional 1008 FSType string `json:"fsType,omitempty" protobuf:"bytes,2,opt,name=fsType"` 1009 // Optional: SecretRef is reference to the secret object containing 1010 // sensitive information to pass to the plugin scripts. This may be 1011 // empty if no secret object is specified. If the secret object 1012 // contains more than one secret, all secrets are passed to the plugin 1013 // scripts. 1014 // +optional 1015 SecretRef *SecretReference `json:"secretRef,omitempty" protobuf:"bytes,3,opt,name=secretRef"` 1016 // Optional: Defaults to false (read/write). ReadOnly here will force 1017 // the ReadOnly setting in VolumeMounts. 1018 // +optional 1019 ReadOnly bool `json:"readOnly,omitempty" protobuf:"varint,4,opt,name=readOnly"` 1020 // Optional: Extra command options if any. 1021 // +optional 1022 Options map[string]string `json:"options,omitempty" protobuf:"bytes,5,rep,name=options"` 1023} 1024 1025// FlexVolume represents a generic volume resource that is 1026// provisioned/attached using an exec based plugin. 1027type FlexVolumeSource struct { 1028 // Driver is the name of the driver to use for this volume. 1029 Driver string `json:"driver" protobuf:"bytes,1,opt,name=driver"` 1030 // Filesystem type to mount. 1031 // Must be a filesystem type supported by the host operating system. 1032 // Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script. 1033 // +optional 1034 FSType string `json:"fsType,omitempty" protobuf:"bytes,2,opt,name=fsType"` 1035 // Optional: SecretRef is reference to the secret object containing 1036 // sensitive information to pass to the plugin scripts. This may be 1037 // empty if no secret object is specified. If the secret object 1038 // contains more than one secret, all secrets are passed to the plugin 1039 // scripts. 1040 // +optional 1041 SecretRef *LocalObjectReference `json:"secretRef,omitempty" protobuf:"bytes,3,opt,name=secretRef"` 1042 // Optional: Defaults to false (read/write). ReadOnly here will force 1043 // the ReadOnly setting in VolumeMounts. 1044 // +optional 1045 ReadOnly bool `json:"readOnly,omitempty" protobuf:"varint,4,opt,name=readOnly"` 1046 // Optional: Extra command options if any. 1047 // +optional 1048 Options map[string]string `json:"options,omitempty" protobuf:"bytes,5,rep,name=options"` 1049} 1050 1051// Represents a Persistent Disk resource in AWS. 1052// 1053// An AWS EBS disk must exist before mounting to a container. The disk 1054// must also be in the same AWS zone as the kubelet. An AWS EBS disk 1055// can only be mounted as read/write once. AWS EBS volumes support 1056// ownership management and SELinux relabeling. 1057type AWSElasticBlockStoreVolumeSource struct { 1058 // Unique ID of the persistent disk resource in AWS (Amazon EBS volume). 1059 // More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore 1060 VolumeID string `json:"volumeID" protobuf:"bytes,1,opt,name=volumeID"` 1061 // Filesystem type of the volume that you want to mount. 1062 // Tip: Ensure that the filesystem type is supported by the host operating system. 1063 // Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 1064 // More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore 1065 // TODO: how do we prevent errors in the filesystem from compromising the machine 1066 // +optional 1067 FSType string `json:"fsType,omitempty" protobuf:"bytes,2,opt,name=fsType"` 1068 // The partition in the volume that you want to mount. 1069 // If omitted, the default is to mount by volume name. 1070 // Examples: For volume /dev/sda1, you specify the partition as "1". 1071 // Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). 1072 // +optional 1073 Partition int32 `json:"partition,omitempty" protobuf:"varint,3,opt,name=partition"` 1074 // Specify "true" to force and set the ReadOnly property in VolumeMounts to "true". 1075 // If omitted, the default is "false". 1076 // More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore 1077 // +optional 1078 ReadOnly bool `json:"readOnly,omitempty" protobuf:"varint,4,opt,name=readOnly"` 1079} 1080 1081// Represents a volume that is populated with the contents of a git repository. 1082// Git repo volumes do not support ownership management. 1083// Git repo volumes support SELinux relabeling. 1084// 1085// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an 1086// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir 1087// into the Pod's container. 1088type GitRepoVolumeSource struct { 1089 // Repository URL 1090 Repository string `json:"repository" protobuf:"bytes,1,opt,name=repository"` 1091 // Commit hash for the specified revision. 1092 // +optional 1093 Revision string `json:"revision,omitempty" protobuf:"bytes,2,opt,name=revision"` 1094 // Target directory name. 1095 // Must not contain or start with '..'. If '.' is supplied, the volume directory will be the 1096 // git repository. Otherwise, if specified, the volume will contain the git repository in 1097 // the subdirectory with the given name. 1098 // +optional 1099 Directory string `json:"directory,omitempty" protobuf:"bytes,3,opt,name=directory"` 1100} 1101 1102// Adapts a Secret into a volume. 1103// 1104// The contents of the target Secret's Data field will be presented in a volume 1105// as files using the keys in the Data field as the file names. 1106// Secret volumes support ownership management and SELinux relabeling. 1107type SecretVolumeSource struct { 1108 // Name of the secret in the pod's namespace to use. 1109 // More info: https://kubernetes.io/docs/concepts/storage/volumes#secret 1110 // +optional 1111 SecretName string `json:"secretName,omitempty" protobuf:"bytes,1,opt,name=secretName"` 1112 // If unspecified, each key-value pair in the Data field of the referenced 1113 // Secret will be projected into the volume as a file whose name is the 1114 // key and content is the value. If specified, the listed keys will be 1115 // projected into the specified paths, and unlisted keys will not be 1116 // present. If a key is specified which is not present in the Secret, 1117 // the volume setup will error unless it is marked optional. Paths must be 1118 // relative and may not contain the '..' path or start with '..'. 1119 // +optional 1120 Items []KeyToPath `json:"items,omitempty" protobuf:"bytes,2,rep,name=items"` 1121 // Optional: mode bits used to set permissions on created files by default. 1122 // Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. 1123 // YAML accepts both octal and decimal values, JSON requires decimal values 1124 // for mode bits. Defaults to 0644. 1125 // Directories within the path are not affected by this setting. 1126 // This might be in conflict with other options that affect the file 1127 // mode, like fsGroup, and the result can be other mode bits set. 1128 // +optional 1129 DefaultMode *int32 `json:"defaultMode,omitempty" protobuf:"bytes,3,opt,name=defaultMode"` 1130 // Specify whether the Secret or its keys must be defined 1131 // +optional 1132 Optional *bool `json:"optional,omitempty" protobuf:"varint,4,opt,name=optional"` 1133} 1134 1135const ( 1136 SecretVolumeSourceDefaultMode int32 = 0644 1137) 1138 1139// Adapts a secret into a projected volume. 1140// 1141// The contents of the target Secret's Data field will be presented in a 1142// projected volume as files using the keys in the Data field as the file names. 1143// Note that this is identical to a secret volume source without the default 1144// mode. 1145type SecretProjection struct { 1146 LocalObjectReference `json:",inline" protobuf:"bytes,1,opt,name=localObjectReference"` 1147 // If unspecified, each key-value pair in the Data field of the referenced 1148 // Secret will be projected into the volume as a file whose name is the 1149 // key and content is the value. If specified, the listed keys will be 1150 // projected into the specified paths, and unlisted keys will not be 1151 // present. If a key is specified which is not present in the Secret, 1152 // the volume setup will error unless it is marked optional. Paths must be 1153 // relative and may not contain the '..' path or start with '..'. 1154 // +optional 1155 Items []KeyToPath `json:"items,omitempty" protobuf:"bytes,2,rep,name=items"` 1156 // Specify whether the Secret or its key must be defined 1157 // +optional 1158 Optional *bool `json:"optional,omitempty" protobuf:"varint,4,opt,name=optional"` 1159} 1160 1161// Represents an NFS mount that lasts the lifetime of a pod. 1162// NFS volumes do not support ownership management or SELinux relabeling. 1163type NFSVolumeSource struct { 1164 // Server is the hostname or IP address of the NFS server. 1165 // More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs 1166 Server string `json:"server" protobuf:"bytes,1,opt,name=server"` 1167 1168 // Path that is exported by the NFS server. 1169 // More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs 1170 Path string `json:"path" protobuf:"bytes,2,opt,name=path"` 1171 1172 // ReadOnly here will force 1173 // the NFS export to be mounted with read-only permissions. 1174 // Defaults to false. 1175 // More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs 1176 // +optional 1177 ReadOnly bool `json:"readOnly,omitempty" protobuf:"varint,3,opt,name=readOnly"` 1178} 1179 1180// Represents an ISCSI disk. 1181// ISCSI volumes can only be mounted as read/write once. 1182// ISCSI volumes support ownership management and SELinux relabeling. 1183type ISCSIVolumeSource struct { 1184 // iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port 1185 // is other than default (typically TCP ports 860 and 3260). 1186 TargetPortal string `json:"targetPortal" protobuf:"bytes,1,opt,name=targetPortal"` 1187 // Target iSCSI Qualified Name. 1188 IQN string `json:"iqn" protobuf:"bytes,2,opt,name=iqn"` 1189 // iSCSI Target Lun number. 1190 Lun int32 `json:"lun" protobuf:"varint,3,opt,name=lun"` 1191 // iSCSI Interface Name that uses an iSCSI transport. 1192 // Defaults to 'default' (tcp). 1193 // +optional 1194 ISCSIInterface string `json:"iscsiInterface,omitempty" protobuf:"bytes,4,opt,name=iscsiInterface"` 1195 // Filesystem type of the volume that you want to mount. 1196 // Tip: Ensure that the filesystem type is supported by the host operating system. 1197 // Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 1198 // More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi 1199 // TODO: how do we prevent errors in the filesystem from compromising the machine 1200 // +optional 1201 FSType string `json:"fsType,omitempty" protobuf:"bytes,5,opt,name=fsType"` 1202 // ReadOnly here will force the ReadOnly setting in VolumeMounts. 1203 // Defaults to false. 1204 // +optional 1205 ReadOnly bool `json:"readOnly,omitempty" protobuf:"varint,6,opt,name=readOnly"` 1206 // iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port 1207 // is other than default (typically TCP ports 860 and 3260). 1208 // +optional 1209 Portals []string `json:"portals,omitempty" protobuf:"bytes,7,opt,name=portals"` 1210 // whether support iSCSI Discovery CHAP authentication 1211 // +optional 1212 DiscoveryCHAPAuth bool `json:"chapAuthDiscovery,omitempty" protobuf:"varint,8,opt,name=chapAuthDiscovery"` 1213 // whether support iSCSI Session CHAP authentication 1214 // +optional 1215 SessionCHAPAuth bool `json:"chapAuthSession,omitempty" protobuf:"varint,11,opt,name=chapAuthSession"` 1216 // CHAP Secret for iSCSI target and initiator authentication 1217 // +optional 1218 SecretRef *LocalObjectReference `json:"secretRef,omitempty" protobuf:"bytes,10,opt,name=secretRef"` 1219 // Custom iSCSI Initiator Name. 1220 // If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface 1221 // <target portal>:<volume name> will be created for the connection. 1222 // +optional 1223 InitiatorName *string `json:"initiatorName,omitempty" protobuf:"bytes,12,opt,name=initiatorName"` 1224} 1225 1226// ISCSIPersistentVolumeSource represents an ISCSI disk. 1227// ISCSI volumes can only be mounted as read/write once. 1228// ISCSI volumes support ownership management and SELinux relabeling. 1229type ISCSIPersistentVolumeSource struct { 1230 // iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port 1231 // is other than default (typically TCP ports 860 and 3260). 1232 TargetPortal string `json:"targetPortal" protobuf:"bytes,1,opt,name=targetPortal"` 1233 // Target iSCSI Qualified Name. 1234 IQN string `json:"iqn" protobuf:"bytes,2,opt,name=iqn"` 1235 // iSCSI Target Lun number. 1236 Lun int32 `json:"lun" protobuf:"varint,3,opt,name=lun"` 1237 // iSCSI Interface Name that uses an iSCSI transport. 1238 // Defaults to 'default' (tcp). 1239 // +optional 1240 ISCSIInterface string `json:"iscsiInterface,omitempty" protobuf:"bytes,4,opt,name=iscsiInterface"` 1241 // Filesystem type of the volume that you want to mount. 1242 // Tip: Ensure that the filesystem type is supported by the host operating system. 1243 // Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 1244 // More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi 1245 // TODO: how do we prevent errors in the filesystem from compromising the machine 1246 // +optional 1247 FSType string `json:"fsType,omitempty" protobuf:"bytes,5,opt,name=fsType"` 1248 // ReadOnly here will force the ReadOnly setting in VolumeMounts. 1249 // Defaults to false. 1250 // +optional 1251 ReadOnly bool `json:"readOnly,omitempty" protobuf:"varint,6,opt,name=readOnly"` 1252 // iSCSI Target Portal List. The Portal is either an IP or ip_addr:port if the port 1253 // is other than default (typically TCP ports 860 and 3260). 1254 // +optional 1255 Portals []string `json:"portals,omitempty" protobuf:"bytes,7,opt,name=portals"` 1256 // whether support iSCSI Discovery CHAP authentication 1257 // +optional 1258 DiscoveryCHAPAuth bool `json:"chapAuthDiscovery,omitempty" protobuf:"varint,8,opt,name=chapAuthDiscovery"` 1259 // whether support iSCSI Session CHAP authentication 1260 // +optional 1261 SessionCHAPAuth bool `json:"chapAuthSession,omitempty" protobuf:"varint,11,opt,name=chapAuthSession"` 1262 // CHAP Secret for iSCSI target and initiator authentication 1263 // +optional 1264 SecretRef *SecretReference `json:"secretRef,omitempty" protobuf:"bytes,10,opt,name=secretRef"` 1265 // Custom iSCSI Initiator Name. 1266 // If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface 1267 // <target portal>:<volume name> will be created for the connection. 1268 // +optional 1269 InitiatorName *string `json:"initiatorName,omitempty" protobuf:"bytes,12,opt,name=initiatorName"` 1270} 1271 1272// Represents a Fibre Channel volume. 1273// Fibre Channel volumes can only be mounted as read/write once. 1274// Fibre Channel volumes support ownership management and SELinux relabeling. 1275type FCVolumeSource struct { 1276 // Optional: FC target worldwide names (WWNs) 1277 // +optional 1278 TargetWWNs []string `json:"targetWWNs,omitempty" protobuf:"bytes,1,rep,name=targetWWNs"` 1279 // Optional: FC target lun number 1280 // +optional 1281 Lun *int32 `json:"lun,omitempty" protobuf:"varint,2,opt,name=lun"` 1282 // Filesystem type to mount. 1283 // Must be a filesystem type supported by the host operating system. 1284 // Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 1285 // TODO: how do we prevent errors in the filesystem from compromising the machine 1286 // +optional 1287 FSType string `json:"fsType,omitempty" protobuf:"bytes,3,opt,name=fsType"` 1288 // Optional: Defaults to false (read/write). ReadOnly here will force 1289 // the ReadOnly setting in VolumeMounts. 1290 // +optional 1291 ReadOnly bool `json:"readOnly,omitempty" protobuf:"varint,4,opt,name=readOnly"` 1292 // Optional: FC volume world wide identifiers (wwids) 1293 // Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously. 1294 // +optional 1295 WWIDs []string `json:"wwids,omitempty" protobuf:"bytes,5,rep,name=wwids"` 1296} 1297 1298// AzureFile represents an Azure File Service mount on the host and bind mount to the pod. 1299type AzureFileVolumeSource struct { 1300 // the name of secret that contains Azure Storage Account Name and Key 1301 SecretName string `json:"secretName" protobuf:"bytes,1,opt,name=secretName"` 1302 // Share Name 1303 ShareName string `json:"shareName" protobuf:"bytes,2,opt,name=shareName"` 1304 // Defaults to false (read/write). ReadOnly here will force 1305 // the ReadOnly setting in VolumeMounts. 1306 // +optional 1307 ReadOnly bool `json:"readOnly,omitempty" protobuf:"varint,3,opt,name=readOnly"` 1308} 1309 1310// AzureFile represents an Azure File Service mount on the host and bind mount to the pod. 1311type AzureFilePersistentVolumeSource struct { 1312 // the name of secret that contains Azure Storage Account Name and Key 1313 SecretName string `json:"secretName" protobuf:"bytes,1,opt,name=secretName"` 1314 // Share Name 1315 ShareName string `json:"shareName" protobuf:"bytes,2,opt,name=shareName"` 1316 // Defaults to false (read/write). ReadOnly here will force 1317 // the ReadOnly setting in VolumeMounts. 1318 // +optional 1319 ReadOnly bool `json:"readOnly,omitempty" protobuf:"varint,3,opt,name=readOnly"` 1320 // the namespace of the secret that contains Azure Storage Account Name and Key 1321 // default is the same as the Pod 1322 // +optional 1323 SecretNamespace *string `json:"secretNamespace" protobuf:"bytes,4,opt,name=secretNamespace"` 1324} 1325 1326// Represents a vSphere volume resource. 1327type VsphereVirtualDiskVolumeSource struct { 1328 // Path that identifies vSphere volume vmdk 1329 VolumePath string `json:"volumePath" protobuf:"bytes,1,opt,name=volumePath"` 1330 // Filesystem type to mount. 1331 // Must be a filesystem type supported by the host operating system. 1332 // Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 1333 // +optional 1334 FSType string `json:"fsType,omitempty" protobuf:"bytes,2,opt,name=fsType"` 1335 // Storage Policy Based Management (SPBM) profile name. 1336 // +optional 1337 StoragePolicyName string `json:"storagePolicyName,omitempty" protobuf:"bytes,3,opt,name=storagePolicyName"` 1338 // Storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName. 1339 // +optional 1340 StoragePolicyID string `json:"storagePolicyID,omitempty" protobuf:"bytes,4,opt,name=storagePolicyID"` 1341} 1342 1343// Represents a Photon Controller persistent disk resource. 1344type PhotonPersistentDiskVolumeSource struct { 1345 // ID that identifies Photon Controller persistent disk 1346 PdID string `json:"pdID" protobuf:"bytes,1,opt,name=pdID"` 1347 // Filesystem type to mount. 1348 // Must be a filesystem type supported by the host operating system. 1349 // Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 1350 FSType string `json:"fsType,omitempty" protobuf:"bytes,2,opt,name=fsType"` 1351} 1352 1353type AzureDataDiskCachingMode string 1354type AzureDataDiskKind string 1355 1356const ( 1357 AzureDataDiskCachingNone AzureDataDiskCachingMode = "None" 1358 AzureDataDiskCachingReadOnly AzureDataDiskCachingMode = "ReadOnly" 1359 AzureDataDiskCachingReadWrite AzureDataDiskCachingMode = "ReadWrite" 1360 1361 AzureSharedBlobDisk AzureDataDiskKind = "Shared" 1362 AzureDedicatedBlobDisk AzureDataDiskKind = "Dedicated" 1363 AzureManagedDisk AzureDataDiskKind = "Managed" 1364) 1365 1366// AzureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. 1367type AzureDiskVolumeSource struct { 1368 // The Name of the data disk in the blob storage 1369 DiskName string `json:"diskName" protobuf:"bytes,1,opt,name=diskName"` 1370 // The URI the data disk in the blob storage 1371 DataDiskURI string `json:"diskURI" protobuf:"bytes,2,opt,name=diskURI"` 1372 // Host Caching mode: None, Read Only, Read Write. 1373 // +optional 1374 CachingMode *AzureDataDiskCachingMode `json:"cachingMode,omitempty" protobuf:"bytes,3,opt,name=cachingMode,casttype=AzureDataDiskCachingMode"` 1375 // Filesystem type to mount. 1376 // Must be a filesystem type supported by the host operating system. 1377 // Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 1378 // +optional 1379 FSType *string `json:"fsType,omitempty" protobuf:"bytes,4,opt,name=fsType"` 1380 // Defaults to false (read/write). ReadOnly here will force 1381 // the ReadOnly setting in VolumeMounts. 1382 // +optional 1383 ReadOnly *bool `json:"readOnly,omitempty" protobuf:"varint,5,opt,name=readOnly"` 1384 // Expected values Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared 1385 Kind *AzureDataDiskKind `json:"kind,omitempty" protobuf:"bytes,6,opt,name=kind,casttype=AzureDataDiskKind"` 1386} 1387 1388// PortworxVolumeSource represents a Portworx volume resource. 1389type PortworxVolumeSource struct { 1390 // VolumeID uniquely identifies a Portworx volume 1391 VolumeID string `json:"volumeID" protobuf:"bytes,1,opt,name=volumeID"` 1392 // FSType represents the filesystem type to mount 1393 // Must be a filesystem type supported by the host operating system. 1394 // Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified. 1395 FSType string `json:"fsType,omitempty" protobuf:"bytes,2,opt,name=fsType"` 1396 // Defaults to false (read/write). ReadOnly here will force 1397 // the ReadOnly setting in VolumeMounts. 1398 // +optional 1399 ReadOnly bool `json:"readOnly,omitempty" protobuf:"varint,3,opt,name=readOnly"` 1400} 1401 1402// ScaleIOVolumeSource represents a persistent ScaleIO volume 1403type ScaleIOVolumeSource struct { 1404 // The host address of the ScaleIO API Gateway. 1405 Gateway string `json:"gateway" protobuf:"bytes,1,opt,name=gateway"` 1406 // The name of the storage system as configured in ScaleIO. 1407 System string `json:"system" protobuf:"bytes,2,opt,name=system"` 1408 // SecretRef references to the secret for ScaleIO user and other 1409 // sensitive information. If this is not provided, Login operation will fail. 1410 SecretRef *LocalObjectReference `json:"secretRef" protobuf:"bytes,3,opt,name=secretRef"` 1411 // Flag to enable/disable SSL communication with Gateway, default false 1412 // +optional 1413 SSLEnabled bool `json:"sslEnabled,omitempty" protobuf:"varint,4,opt,name=sslEnabled"` 1414 // The name of the ScaleIO Protection Domain for the configured storage. 1415 // +optional 1416 ProtectionDomain string `json:"protectionDomain,omitempty" protobuf:"bytes,5,opt,name=protectionDomain"` 1417 // The ScaleIO Storage Pool associated with the protection domain. 1418 // +optional 1419 StoragePool string `json:"storagePool,omitempty" protobuf:"bytes,6,opt,name=storagePool"` 1420 // Indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. 1421 // Default is ThinProvisioned. 1422 // +optional 1423 StorageMode string `json:"storageMode,omitempty" protobuf:"bytes,7,opt,name=storageMode"` 1424 // The name of a volume already created in the ScaleIO system 1425 // that is associated with this volume source. 1426 VolumeName string `json:"volumeName,omitempty" protobuf:"bytes,8,opt,name=volumeName"` 1427 // Filesystem type to mount. 1428 // Must be a filesystem type supported by the host operating system. 1429 // Ex. "ext4", "xfs", "ntfs". 1430 // Default is "xfs". 1431 // +optional 1432 FSType string `json:"fsType,omitempty" protobuf:"bytes,9,opt,name=fsType"` 1433 // Defaults to false (read/write). ReadOnly here will force 1434 // the ReadOnly setting in VolumeMounts. 1435 // +optional 1436 ReadOnly bool `json:"readOnly,omitempty" protobuf:"varint,10,opt,name=readOnly"` 1437} 1438 1439// ScaleIOPersistentVolumeSource represents a persistent ScaleIO volume 1440type ScaleIOPersistentVolumeSource struct { 1441 // The host address of the ScaleIO API Gateway. 1442 Gateway string `json:"gateway" protobuf:"bytes,1,opt,name=gateway"` 1443 // The name of the storage system as configured in ScaleIO. 1444 System string `json:"system" protobuf:"bytes,2,opt,name=system"` 1445 // SecretRef references to the secret for ScaleIO user and other 1446 // sensitive information. If this is not provided, Login operation will fail. 1447 SecretRef *SecretReference `json:"secretRef" protobuf:"bytes,3,opt,name=secretRef"` 1448 // Flag to enable/disable SSL communication with Gateway, default false 1449 // +optional 1450 SSLEnabled bool `json:"sslEnabled,omitempty" protobuf:"varint,4,opt,name=sslEnabled"` 1451 // The name of the ScaleIO Protection Domain for the configured storage. 1452 // +optional 1453 ProtectionDomain string `json:"protectionDomain,omitempty" protobuf:"bytes,5,opt,name=protectionDomain"` 1454 // The ScaleIO Storage Pool associated with the protection domain. 1455 // +optional 1456 StoragePool string `json:"storagePool,omitempty" protobuf:"bytes,6,opt,name=storagePool"` 1457 // Indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. 1458 // Default is ThinProvisioned. 1459 // +optional 1460 StorageMode string `json:"storageMode,omitempty" protobuf:"bytes,7,opt,name=storageMode"` 1461 // The name of a volume already created in the ScaleIO system 1462 // that is associated with this volume source. 1463 VolumeName string `json:"volumeName,omitempty" protobuf:"bytes,8,opt,name=volumeName"` 1464 // Filesystem type to mount. 1465 // Must be a filesystem type supported by the host operating system. 1466 // Ex. "ext4", "xfs", "ntfs". 1467 // Default is "xfs" 1468 // +optional 1469 FSType string `json:"fsType,omitempty" protobuf:"bytes,9,opt,name=fsType"` 1470 // Defaults to false (read/write). ReadOnly here will force 1471 // the ReadOnly setting in VolumeMounts. 1472 // +optional 1473 ReadOnly bool `json:"readOnly,omitempty" protobuf:"varint,10,opt,name=readOnly"` 1474} 1475 1476// Represents a StorageOS persistent volume resource. 1477type StorageOSVolumeSource struct { 1478 // VolumeName is the human-readable name of the StorageOS volume. Volume 1479 // names are only unique within a namespace. 1480 VolumeName string `json:"volumeName,omitempty" protobuf:"bytes,1,opt,name=volumeName"` 1481 // VolumeNamespace specifies the scope of the volume within StorageOS. If no 1482 // namespace is specified then the Pod's namespace will be used. This allows the 1483 // Kubernetes name scoping to be mirrored within StorageOS for tighter integration. 1484 // Set VolumeName to any name to override the default behaviour. 1485 // Set to "default" if you are not using namespaces within StorageOS. 1486 // Namespaces that do not pre-exist within StorageOS will be created. 1487 // +optional 1488 VolumeNamespace string `json:"volumeNamespace,omitempty" protobuf:"bytes,2,opt,name=volumeNamespace"` 1489 // Filesystem type to mount. 1490 // Must be a filesystem type supported by the host operating system. 1491 // Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 1492 // +optional 1493 FSType string `json:"fsType,omitempty" protobuf:"bytes,3,opt,name=fsType"` 1494 // Defaults to false (read/write). ReadOnly here will force 1495 // the ReadOnly setting in VolumeMounts. 1496 // +optional 1497 ReadOnly bool `json:"readOnly,omitempty" protobuf:"varint,4,opt,name=readOnly"` 1498 // SecretRef specifies the secret to use for obtaining the StorageOS API 1499 // credentials. If not specified, default values will be attempted. 1500 // +optional 1501 SecretRef *LocalObjectReference `json:"secretRef,omitempty" protobuf:"bytes,5,opt,name=secretRef"` 1502} 1503 1504// Represents a StorageOS persistent volume resource. 1505type StorageOSPersistentVolumeSource struct { 1506 // VolumeName is the human-readable name of the StorageOS volume. Volume 1507 // names are only unique within a namespace. 1508 VolumeName string `json:"volumeName,omitempty" protobuf:"bytes,1,opt,name=volumeName"` 1509 // VolumeNamespace specifies the scope of the volume within StorageOS. If no 1510 // namespace is specified then the Pod's namespace will be used. This allows the 1511 // Kubernetes name scoping to be mirrored within StorageOS for tighter integration. 1512 // Set VolumeName to any name to override the default behaviour. 1513 // Set to "default" if you are not using namespaces within StorageOS. 1514 // Namespaces that do not pre-exist within StorageOS will be created. 1515 // +optional 1516 VolumeNamespace string `json:"volumeNamespace,omitempty" protobuf:"bytes,2,opt,name=volumeNamespace"` 1517 // Filesystem type to mount. 1518 // Must be a filesystem type supported by the host operating system. 1519 // Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 1520 // +optional 1521 FSType string `json:"fsType,omitempty" protobuf:"bytes,3,opt,name=fsType"` 1522 // Defaults to false (read/write). ReadOnly here will force 1523 // the ReadOnly setting in VolumeMounts. 1524 // +optional 1525 ReadOnly bool `json:"readOnly,omitempty" protobuf:"varint,4,opt,name=readOnly"` 1526 // SecretRef specifies the secret to use for obtaining the StorageOS API 1527 // credentials. If not specified, default values will be attempted. 1528 // +optional 1529 SecretRef *ObjectReference `json:"secretRef,omitempty" protobuf:"bytes,5,opt,name=secretRef"` 1530} 1531 1532// Adapts a ConfigMap into a volume. 1533// 1534// The contents of the target ConfigMap's Data field will be presented in a 1535// volume as files using the keys in the Data field as the file names, unless 1536// the items element is populated with specific mappings of keys to paths. 1537// ConfigMap volumes support ownership management and SELinux relabeling. 1538type ConfigMapVolumeSource struct { 1539 LocalObjectReference `json:",inline" protobuf:"bytes,1,opt,name=localObjectReference"` 1540 // If unspecified, each key-value pair in the Data field of the referenced 1541 // ConfigMap will be projected into the volume as a file whose name is the 1542 // key and content is the value. If specified, the listed keys will be 1543 // projected into the specified paths, and unlisted keys will not be 1544 // present. If a key is specified which is not present in the ConfigMap, 1545 // the volume setup will error unless it is marked optional. Paths must be 1546 // relative and may not contain the '..' path or start with '..'. 1547 // +optional 1548 Items []KeyToPath `json:"items,omitempty" protobuf:"bytes,2,rep,name=items"` 1549 // Optional: mode bits used to set permissions on created files by default. 1550 // Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. 1551 // YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. 1552 // Defaults to 0644. 1553 // Directories within the path are not affected by this setting. 1554 // This might be in conflict with other options that affect the file 1555 // mode, like fsGroup, and the result can be other mode bits set. 1556 // +optional 1557 DefaultMode *int32 `json:"defaultMode,omitempty" protobuf:"varint,3,opt,name=defaultMode"` 1558 // Specify whether the ConfigMap or its keys must be defined 1559 // +optional 1560 Optional *bool `json:"optional,omitempty" protobuf:"varint,4,opt,name=optional"` 1561} 1562 1563const ( 1564 ConfigMapVolumeSourceDefaultMode int32 = 0644 1565) 1566 1567// Adapts a ConfigMap into a projected volume. 1568// 1569// The contents of the target ConfigMap's Data field will be presented in a 1570// projected volume as files using the keys in the Data field as the file names, 1571// unless the items element is populated with specific mappings of keys to paths. 1572// Note that this is identical to a configmap volume source without the default 1573// mode. 1574type ConfigMapProjection struct { 1575 LocalObjectReference `json:",inline" protobuf:"bytes,1,opt,name=localObjectReference"` 1576 // If unspecified, each key-value pair in the Data field of the referenced 1577 // ConfigMap will be projected into the volume as a file whose name is the 1578 // key and content is the value. If specified, the listed keys will be 1579 // projected into the specified paths, and unlisted keys will not be 1580 // present. If a key is specified which is not present in the ConfigMap, 1581 // the volume setup will error unless it is marked optional. Paths must be 1582 // relative and may not contain the '..' path or start with '..'. 1583 // +optional 1584 Items []KeyToPath `json:"items,omitempty" protobuf:"bytes,2,rep,name=items"` 1585 // Specify whether the ConfigMap or its keys must be defined 1586 // +optional 1587 Optional *bool `json:"optional,omitempty" protobuf:"varint,4,opt,name=optional"` 1588} 1589 1590// ServiceAccountTokenProjection represents a projected service account token 1591// volume. This projection can be used to insert a service account token into 1592// the pods runtime filesystem for use against APIs (Kubernetes API Server or 1593// otherwise). 1594type ServiceAccountTokenProjection struct { 1595 // Audience is the intended audience of the token. A recipient of a token 1596 // must identify itself with an identifier specified in the audience of the 1597 // token, and otherwise should reject the token. The audience defaults to the 1598 // identifier of the apiserver. 1599 //+optional 1600 Audience string `json:"audience,omitempty" protobuf:"bytes,1,rep,name=audience"` 1601 // ExpirationSeconds is the requested duration of validity of the service 1602 // account token. As the token approaches expiration, the kubelet volume 1603 // plugin will proactively rotate the service account token. The kubelet will 1604 // start trying to rotate the token if the token is older than 80 percent of 1605 // its time to live or if the token is older than 24 hours.Defaults to 1 hour 1606 // and must be at least 10 minutes. 1607 //+optional 1608 ExpirationSeconds *int64 `json:"expirationSeconds,omitempty" protobuf:"varint,2,opt,name=expirationSeconds"` 1609 // Path is the path relative to the mount point of the file to project the 1610 // token into. 1611 Path string `json:"path" protobuf:"bytes,3,opt,name=path"` 1612} 1613 1614// Represents a projected volume source 1615type ProjectedVolumeSource struct { 1616 // list of volume projections 1617 // +optional 1618 Sources []VolumeProjection `json:"sources" protobuf:"bytes,1,rep,name=sources"` 1619 // Mode bits used to set permissions on created files by default. 1620 // Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. 1621 // YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. 1622 // Directories within the path are not affected by this setting. 1623 // This might be in conflict with other options that affect the file 1624 // mode, like fsGroup, and the result can be other mode bits set. 1625 // +optional 1626 DefaultMode *int32 `json:"defaultMode,omitempty" protobuf:"varint,2,opt,name=defaultMode"` 1627} 1628 1629// Projection that may be projected along with other supported volume types 1630type VolumeProjection struct { 1631 // all types below are the supported types for projection into the same volume 1632 1633 // information about the secret data to project 1634 // +optional 1635 Secret *SecretProjection `json:"secret,omitempty" protobuf:"bytes,1,opt,name=secret"` 1636 // information about the downwardAPI data to project 1637 // +optional 1638 DownwardAPI *DownwardAPIProjection `json:"downwardAPI,omitempty" protobuf:"bytes,2,opt,name=downwardAPI"` 1639 // information about the configMap data to project 1640 // +optional 1641 ConfigMap *ConfigMapProjection `json:"configMap,omitempty" protobuf:"bytes,3,opt,name=configMap"` 1642 // information about the serviceAccountToken data to project 1643 // +optional 1644 ServiceAccountToken *ServiceAccountTokenProjection `json:"serviceAccountToken,omitempty" protobuf:"bytes,4,opt,name=serviceAccountToken"` 1645} 1646 1647const ( 1648 ProjectedVolumeSourceDefaultMode int32 = 0644 1649) 1650 1651// Maps a string key to a path within a volume. 1652type KeyToPath struct { 1653 // The key to project. 1654 Key string `json:"key" protobuf:"bytes,1,opt,name=key"` 1655 1656 // The relative path of the file to map the key to. 1657 // May not be an absolute path. 1658 // May not contain the path element '..'. 1659 // May not start with the string '..'. 1660 Path string `json:"path" protobuf:"bytes,2,opt,name=path"` 1661 // Optional: mode bits used to set permissions on this file. 1662 // Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. 1663 // YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. 1664 // If not specified, the volume defaultMode will be used. 1665 // This might be in conflict with other options that affect the file 1666 // mode, like fsGroup, and the result can be other mode bits set. 1667 // +optional 1668 Mode *int32 `json:"mode,omitempty" protobuf:"varint,3,opt,name=mode"` 1669} 1670 1671// Local represents directly-attached storage with node affinity (Beta feature) 1672type LocalVolumeSource struct { 1673 // The full path to the volume on the node. 1674 // It can be either a directory or block device (disk, partition, ...). 1675 Path string `json:"path" protobuf:"bytes,1,opt,name=path"` 1676 1677 // Filesystem type to mount. 1678 // It applies only when the Path is a block device. 1679 // Must be a filesystem type supported by the host operating system. 1680 // Ex. "ext4", "xfs", "ntfs". The default value is to auto-select a fileystem if unspecified. 1681 // +optional 1682 FSType *string `json:"fsType,omitempty" protobuf:"bytes,2,opt,name=fsType"` 1683} 1684 1685// Represents storage that is managed by an external CSI volume driver (Beta feature) 1686type CSIPersistentVolumeSource struct { 1687 // Driver is the name of the driver to use for this volume. 1688 // Required. 1689 Driver string `json:"driver" protobuf:"bytes,1,opt,name=driver"` 1690 1691 // VolumeHandle is the unique volume name returned by the CSI volume 1692 // plugin’s CreateVolume to refer to the volume on all subsequent calls. 1693 // Required. 1694 VolumeHandle string `json:"volumeHandle" protobuf:"bytes,2,opt,name=volumeHandle"` 1695 1696 // Optional: The value to pass to ControllerPublishVolumeRequest. 1697 // Defaults to false (read/write). 1698 // +optional 1699 ReadOnly bool `json:"readOnly,omitempty" protobuf:"varint,3,opt,name=readOnly"` 1700 1701 // Filesystem type to mount. 1702 // Must be a filesystem type supported by the host operating system. 1703 // Ex. "ext4", "xfs", "ntfs". 1704 // +optional 1705 FSType string `json:"fsType,omitempty" protobuf:"bytes,4,opt,name=fsType"` 1706 1707 // Attributes of the volume to publish. 1708 // +optional 1709 VolumeAttributes map[string]string `json:"volumeAttributes,omitempty" protobuf:"bytes,5,rep,name=volumeAttributes"` 1710 1711 // ControllerPublishSecretRef is a reference to the secret object containing 1712 // sensitive information to pass to the CSI driver to complete the CSI 1713 // ControllerPublishVolume and ControllerUnpublishVolume calls. 1714 // This field is optional, and may be empty if no secret is required. If the 1715 // secret object contains more than one secret, all secrets are passed. 1716 // +optional 1717 ControllerPublishSecretRef *SecretReference `json:"controllerPublishSecretRef,omitempty" protobuf:"bytes,6,opt,name=controllerPublishSecretRef"` 1718 1719 // NodeStageSecretRef is a reference to the secret object containing sensitive 1720 // information to pass to the CSI driver to complete the CSI NodeStageVolume 1721 // and NodeStageVolume and NodeUnstageVolume calls. 1722 // This field is optional, and may be empty if no secret is required. If the 1723 // secret object contains more than one secret, all secrets are passed. 1724 // +optional 1725 NodeStageSecretRef *SecretReference `json:"nodeStageSecretRef,omitempty" protobuf:"bytes,7,opt,name=nodeStageSecretRef"` 1726 1727 // NodePublishSecretRef is a reference to the secret object containing 1728 // sensitive information to pass to the CSI driver to complete the CSI 1729 // NodePublishVolume and NodeUnpublishVolume calls. 1730 // This field is optional, and may be empty if no secret is required. If the 1731 // secret object contains more than one secret, all secrets are passed. 1732 // +optional 1733 NodePublishSecretRef *SecretReference `json:"nodePublishSecretRef,omitempty" protobuf:"bytes,8,opt,name=nodePublishSecretRef"` 1734 1735 // ControllerExpandSecretRef is a reference to the secret object containing 1736 // sensitive information to pass to the CSI driver to complete the CSI 1737 // ControllerExpandVolume call. 1738 // This is an alpha field and requires enabling ExpandCSIVolumes feature gate. 1739 // This field is optional, and may be empty if no secret is required. If the 1740 // secret object contains more than one secret, all secrets are passed. 1741 // +optional 1742 ControllerExpandSecretRef *SecretReference `json:"controllerExpandSecretRef,omitempty" protobuf:"bytes,9,opt,name=controllerExpandSecretRef"` 1743} 1744 1745// Represents a source location of a volume to mount, managed by an external CSI driver 1746type CSIVolumeSource struct { 1747 // Driver is the name of the CSI driver that handles this volume. 1748 // Consult with your admin for the correct name as registered in the cluster. 1749 Driver string `json:"driver" protobuf:"bytes,1,opt,name=driver"` 1750 1751 // Specifies a read-only configuration for the volume. 1752 // Defaults to false (read/write). 1753 // +optional 1754 ReadOnly *bool `json:"readOnly,omitempty" protobuf:"varint,2,opt,name=readOnly"` 1755 1756 // Filesystem type to mount. Ex. "ext4", "xfs", "ntfs". 1757 // If not provided, the empty value is passed to the associated CSI driver 1758 // which will determine the default filesystem to apply. 1759 // +optional 1760 FSType *string `json:"fsType,omitempty" protobuf:"bytes,3,opt,name=fsType"` 1761 1762 // VolumeAttributes stores driver-specific properties that are passed to the CSI 1763 // driver. Consult your driver's documentation for supported values. 1764 // +optional 1765 VolumeAttributes map[string]string `json:"volumeAttributes,omitempty" protobuf:"bytes,4,rep,name=volumeAttributes"` 1766 1767 // NodePublishSecretRef is a reference to the secret object containing 1768 // sensitive information to pass to the CSI driver to complete the CSI 1769 // NodePublishVolume and NodeUnpublishVolume calls. 1770 // This field is optional, and may be empty if no secret is required. If the 1771 // secret object contains more than one secret, all secret references are passed. 1772 // +optional 1773 NodePublishSecretRef *LocalObjectReference `json:"nodePublishSecretRef,omitempty" protobuf:"bytes,5,opt,name=nodePublishSecretRef"` 1774} 1775 1776// Represents an ephemeral volume that is handled by a normal storage driver. 1777type EphemeralVolumeSource struct { 1778 // Will be used to create a stand-alone PVC to provision the volume. 1779 // The pod in which this EphemeralVolumeSource is embedded will be the 1780 // owner of the PVC, i.e. the PVC will be deleted together with the 1781 // pod. The name of the PVC will be `<pod name>-<volume name>` where 1782 // `<volume name>` is the name from the `PodSpec.Volumes` array 1783 // entry. Pod validation will reject the pod if the concatenated name 1784 // is not valid for a PVC (for example, too long). 1785 // 1786 // An existing PVC with that name that is not owned by the pod 1787 // will *not* be used for the pod to avoid using an unrelated 1788 // volume by mistake. Starting the pod is then blocked until 1789 // the unrelated PVC is removed. If such a pre-created PVC is 1790 // meant to be used by the pod, the PVC has to updated with an 1791 // owner reference to the pod once the pod exists. Normally 1792 // this should not be necessary, but it may be useful when 1793 // manually reconstructing a broken cluster. 1794 // 1795 // This field is read-only and no changes will be made by Kubernetes 1796 // to the PVC after it has been created. 1797 // 1798 // Required, must not be nil. 1799 VolumeClaimTemplate *PersistentVolumeClaimTemplate `json:"volumeClaimTemplate,omitempty" protobuf:"bytes,1,opt,name=volumeClaimTemplate"` 1800 1801 // ReadOnly is tombstoned to show why 2 is a reserved protobuf tag. 1802 // ReadOnly bool `json:"readOnly,omitempty" protobuf:"varint,2,opt,name=readOnly"` 1803} 1804 1805// PersistentVolumeClaimTemplate is used to produce 1806// PersistentVolumeClaim objects as part of an EphemeralVolumeSource. 1807type PersistentVolumeClaimTemplate struct { 1808 // May contain labels and annotations that will be copied into the PVC 1809 // when creating it. No other fields are allowed and will be rejected during 1810 // validation. 1811 // 1812 // +optional 1813 metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 1814 1815 // The specification for the PersistentVolumeClaim. The entire content is 1816 // copied unchanged into the PVC that gets created from this 1817 // template. The same fields as in a PersistentVolumeClaim 1818 // are also valid here. 1819 Spec PersistentVolumeClaimSpec `json:"spec" protobuf:"bytes,2,name=spec"` 1820} 1821 1822// ContainerPort represents a network port in a single container. 1823type ContainerPort struct { 1824 // If specified, this must be an IANA_SVC_NAME and unique within the pod. Each 1825 // named port in a pod must have a unique name. Name for the port that can be 1826 // referred to by services. 1827 // +optional 1828 Name string `json:"name,omitempty" protobuf:"bytes,1,opt,name=name"` 1829 // Number of port to expose on the host. 1830 // If specified, this must be a valid port number, 0 < x < 65536. 1831 // If HostNetwork is specified, this must match ContainerPort. 1832 // Most containers do not need this. 1833 // +optional 1834 HostPort int32 `json:"hostPort,omitempty" protobuf:"varint,2,opt,name=hostPort"` 1835 // Number of port to expose on the pod's IP address. 1836 // This must be a valid port number, 0 < x < 65536. 1837 ContainerPort int32 `json:"containerPort" protobuf:"varint,3,opt,name=containerPort"` 1838 // Protocol for port. Must be UDP, TCP, or SCTP. 1839 // Defaults to "TCP". 1840 // +optional 1841 // +default="TCP" 1842 Protocol Protocol `json:"protocol,omitempty" protobuf:"bytes,4,opt,name=protocol,casttype=Protocol"` 1843 // What host IP to bind the external port to. 1844 // +optional 1845 HostIP string `json:"hostIP,omitempty" protobuf:"bytes,5,opt,name=hostIP"` 1846} 1847 1848// VolumeMount describes a mounting of a Volume within a container. 1849type VolumeMount struct { 1850 // This must match the Name of a Volume. 1851 Name string `json:"name" protobuf:"bytes,1,opt,name=name"` 1852 // Mounted read-only if true, read-write otherwise (false or unspecified). 1853 // Defaults to false. 1854 // +optional 1855 ReadOnly bool `json:"readOnly,omitempty" protobuf:"varint,2,opt,name=readOnly"` 1856 // Path within the container at which the volume should be mounted. Must 1857 // not contain ':'. 1858 MountPath string `json:"mountPath" protobuf:"bytes,3,opt,name=mountPath"` 1859 // Path within the volume from which the container's volume should be mounted. 1860 // Defaults to "" (volume's root). 1861 // +optional 1862 SubPath string `json:"subPath,omitempty" protobuf:"bytes,4,opt,name=subPath"` 1863 // mountPropagation determines how mounts are propagated from the host 1864 // to container and the other way around. 1865 // When not set, MountPropagationNone is used. 1866 // This field is beta in 1.10. 1867 // +optional 1868 MountPropagation *MountPropagationMode `json:"mountPropagation,omitempty" protobuf:"bytes,5,opt,name=mountPropagation,casttype=MountPropagationMode"` 1869 // Expanded path within the volume from which the container's volume should be mounted. 1870 // Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. 1871 // Defaults to "" (volume's root). 1872 // SubPathExpr and SubPath are mutually exclusive. 1873 // +optional 1874 SubPathExpr string `json:"subPathExpr,omitempty" protobuf:"bytes,6,opt,name=subPathExpr"` 1875} 1876 1877// MountPropagationMode describes mount propagation. 1878type MountPropagationMode string 1879 1880const ( 1881 // MountPropagationNone means that the volume in a container will 1882 // not receive new mounts from the host or other containers, and filesystems 1883 // mounted inside the container won't be propagated to the host or other 1884 // containers. 1885 // Note that this mode corresponds to "private" in Linux terminology. 1886 MountPropagationNone MountPropagationMode = "None" 1887 // MountPropagationHostToContainer means that the volume in a container will 1888 // receive new mounts from the host or other containers, but filesystems 1889 // mounted inside the container won't be propagated to the host or other 1890 // containers. 1891 // Note that this mode is recursively applied to all mounts in the volume 1892 // ("rslave" in Linux terminology). 1893 MountPropagationHostToContainer MountPropagationMode = "HostToContainer" 1894 // MountPropagationBidirectional means that the volume in a container will 1895 // receive new mounts from the host or other containers, and its own mounts 1896 // will be propagated from the container to the host or other containers. 1897 // Note that this mode is recursively applied to all mounts in the volume 1898 // ("rshared" in Linux terminology). 1899 MountPropagationBidirectional MountPropagationMode = "Bidirectional" 1900) 1901 1902// volumeDevice describes a mapping of a raw block device within a container. 1903type VolumeDevice struct { 1904 // name must match the name of a persistentVolumeClaim in the pod 1905 Name string `json:"name" protobuf:"bytes,1,opt,name=name"` 1906 // devicePath is the path inside of the container that the device will be mapped to. 1907 DevicePath string `json:"devicePath" protobuf:"bytes,2,opt,name=devicePath"` 1908} 1909 1910// EnvVar represents an environment variable present in a Container. 1911type EnvVar struct { 1912 // Name of the environment variable. Must be a C_IDENTIFIER. 1913 Name string `json:"name" protobuf:"bytes,1,opt,name=name"` 1914 1915 // Optional: no more than one of the following may be specified. 1916 1917 // Variable references $(VAR_NAME) are expanded 1918 // using the previous defined environment variables in the container and 1919 // any service environment variables. If a variable cannot be resolved, 1920 // the reference in the input string will be unchanged. The $(VAR_NAME) 1921 // syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped 1922 // references will never be expanded, regardless of whether the variable 1923 // exists or not. 1924 // Defaults to "". 1925 // +optional 1926 Value string `json:"value,omitempty" protobuf:"bytes,2,opt,name=value"` 1927 // Source for the environment variable's value. Cannot be used if value is not empty. 1928 // +optional 1929 ValueFrom *EnvVarSource `json:"valueFrom,omitempty" protobuf:"bytes,3,opt,name=valueFrom"` 1930} 1931 1932// EnvVarSource represents a source for the value of an EnvVar. 1933type EnvVarSource struct { 1934 // Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['<KEY>']`, `metadata.annotations['<KEY>']`, 1935 // spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. 1936 // +optional 1937 FieldRef *ObjectFieldSelector `json:"fieldRef,omitempty" protobuf:"bytes,1,opt,name=fieldRef"` 1938 // Selects a resource of the container: only resources limits and requests 1939 // (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. 1940 // +optional 1941 ResourceFieldRef *ResourceFieldSelector `json:"resourceFieldRef,omitempty" protobuf:"bytes,2,opt,name=resourceFieldRef"` 1942 // Selects a key of a ConfigMap. 1943 // +optional 1944 ConfigMapKeyRef *ConfigMapKeySelector `json:"configMapKeyRef,omitempty" protobuf:"bytes,3,opt,name=configMapKeyRef"` 1945 // Selects a key of a secret in the pod's namespace 1946 // +optional 1947 SecretKeyRef *SecretKeySelector `json:"secretKeyRef,omitempty" protobuf:"bytes,4,opt,name=secretKeyRef"` 1948} 1949 1950// ObjectFieldSelector selects an APIVersioned field of an object. 1951type ObjectFieldSelector struct { 1952 // Version of the schema the FieldPath is written in terms of, defaults to "v1". 1953 // +optional 1954 APIVersion string `json:"apiVersion,omitempty" protobuf:"bytes,1,opt,name=apiVersion"` 1955 // Path of the field to select in the specified API version. 1956 FieldPath string `json:"fieldPath" protobuf:"bytes,2,opt,name=fieldPath"` 1957} 1958 1959// ResourceFieldSelector represents container resources (cpu, memory) and their output format 1960type ResourceFieldSelector struct { 1961 // Container name: required for volumes, optional for env vars 1962 // +optional 1963 ContainerName string `json:"containerName,omitempty" protobuf:"bytes,1,opt,name=containerName"` 1964 // Required: resource to select 1965 Resource string `json:"resource" protobuf:"bytes,2,opt,name=resource"` 1966 // Specifies the output format of the exposed resources, defaults to "1" 1967 // +optional 1968 Divisor resource.Quantity `json:"divisor,omitempty" protobuf:"bytes,3,opt,name=divisor"` 1969} 1970 1971// Selects a key from a ConfigMap. 1972type ConfigMapKeySelector struct { 1973 // The ConfigMap to select from. 1974 LocalObjectReference `json:",inline" protobuf:"bytes,1,opt,name=localObjectReference"` 1975 // The key to select. 1976 Key string `json:"key" protobuf:"bytes,2,opt,name=key"` 1977 // Specify whether the ConfigMap or its key must be defined 1978 // +optional 1979 Optional *bool `json:"optional,omitempty" protobuf:"varint,3,opt,name=optional"` 1980} 1981 1982// SecretKeySelector selects a key of a Secret. 1983type SecretKeySelector struct { 1984 // The name of the secret in the pod's namespace to select from. 1985 LocalObjectReference `json:",inline" protobuf:"bytes,1,opt,name=localObjectReference"` 1986 // The key of the secret to select from. Must be a valid secret key. 1987 Key string `json:"key" protobuf:"bytes,2,opt,name=key"` 1988 // Specify whether the Secret or its key must be defined 1989 // +optional 1990 Optional *bool `json:"optional,omitempty" protobuf:"varint,3,opt,name=optional"` 1991} 1992 1993// EnvFromSource represents the source of a set of ConfigMaps 1994type EnvFromSource struct { 1995 // An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. 1996 // +optional 1997 Prefix string `json:"prefix,omitempty" protobuf:"bytes,1,opt,name=prefix"` 1998 // The ConfigMap to select from 1999 // +optional 2000 ConfigMapRef *ConfigMapEnvSource `json:"configMapRef,omitempty" protobuf:"bytes,2,opt,name=configMapRef"` 2001 // The Secret to select from 2002 // +optional 2003 SecretRef *SecretEnvSource `json:"secretRef,omitempty" protobuf:"bytes,3,opt,name=secretRef"` 2004} 2005 2006// ConfigMapEnvSource selects a ConfigMap to populate the environment 2007// variables with. 2008// 2009// The contents of the target ConfigMap's Data field will represent the 2010// key-value pairs as environment variables. 2011type ConfigMapEnvSource struct { 2012 // The ConfigMap to select from. 2013 LocalObjectReference `json:",inline" protobuf:"bytes,1,opt,name=localObjectReference"` 2014 // Specify whether the ConfigMap must be defined 2015 // +optional 2016 Optional *bool `json:"optional,omitempty" protobuf:"varint,2,opt,name=optional"` 2017} 2018 2019// SecretEnvSource selects a Secret to populate the environment 2020// variables with. 2021// 2022// The contents of the target Secret's Data field will represent the 2023// key-value pairs as environment variables. 2024type SecretEnvSource struct { 2025 // The Secret to select from. 2026 LocalObjectReference `json:",inline" protobuf:"bytes,1,opt,name=localObjectReference"` 2027 // Specify whether the Secret must be defined 2028 // +optional 2029 Optional *bool `json:"optional,omitempty" protobuf:"varint,2,opt,name=optional"` 2030} 2031 2032// HTTPHeader describes a custom header to be used in HTTP probes 2033type HTTPHeader struct { 2034 // The header field name 2035 Name string `json:"name" protobuf:"bytes,1,opt,name=name"` 2036 // The header field value 2037 Value string `json:"value" protobuf:"bytes,2,opt,name=value"` 2038} 2039 2040// HTTPGetAction describes an action based on HTTP Get requests. 2041type HTTPGetAction struct { 2042 // Path to access on the HTTP server. 2043 // +optional 2044 Path string `json:"path,omitempty" protobuf:"bytes,1,opt,name=path"` 2045 // Name or number of the port to access on the container. 2046 // Number must be in the range 1 to 65535. 2047 // Name must be an IANA_SVC_NAME. 2048 Port intstr.IntOrString `json:"port" protobuf:"bytes,2,opt,name=port"` 2049 // Host name to connect to, defaults to the pod IP. You probably want to set 2050 // "Host" in httpHeaders instead. 2051 // +optional 2052 Host string `json:"host,omitempty" protobuf:"bytes,3,opt,name=host"` 2053 // Scheme to use for connecting to the host. 2054 // Defaults to HTTP. 2055 // +optional 2056 Scheme URIScheme `json:"scheme,omitempty" protobuf:"bytes,4,opt,name=scheme,casttype=URIScheme"` 2057 // Custom headers to set in the request. HTTP allows repeated headers. 2058 // +optional 2059 HTTPHeaders []HTTPHeader `json:"httpHeaders,omitempty" protobuf:"bytes,5,rep,name=httpHeaders"` 2060} 2061 2062// URIScheme identifies the scheme used for connection to a host for Get actions 2063type URIScheme string 2064 2065const ( 2066 // URISchemeHTTP means that the scheme used will be http:// 2067 URISchemeHTTP URIScheme = "HTTP" 2068 // URISchemeHTTPS means that the scheme used will be https:// 2069 URISchemeHTTPS URIScheme = "HTTPS" 2070) 2071 2072// TCPSocketAction describes an action based on opening a socket 2073type TCPSocketAction struct { 2074 // Number or name of the port to access on the container. 2075 // Number must be in the range 1 to 65535. 2076 // Name must be an IANA_SVC_NAME. 2077 Port intstr.IntOrString `json:"port" protobuf:"bytes,1,opt,name=port"` 2078 // Optional: Host name to connect to, defaults to the pod IP. 2079 // +optional 2080 Host string `json:"host,omitempty" protobuf:"bytes,2,opt,name=host"` 2081} 2082 2083// ExecAction describes a "run in container" action. 2084type ExecAction struct { 2085 // Command is the command line to execute inside the container, the working directory for the 2086 // command is root ('/') in the container's filesystem. The command is simply exec'd, it is 2087 // not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use 2088 // a shell, you need to explicitly call out to that shell. 2089 // Exit status of 0 is treated as live/healthy and non-zero is unhealthy. 2090 // +optional 2091 Command []string `json:"command,omitempty" protobuf:"bytes,1,rep,name=command"` 2092} 2093 2094// Probe describes a health check to be performed against a container to determine whether it is 2095// alive or ready to receive traffic. 2096type Probe struct { 2097 // The action taken to determine the health of a container 2098 Handler `json:",inline" protobuf:"bytes,1,opt,name=handler"` 2099 // Number of seconds after the container has started before liveness probes are initiated. 2100 // More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes 2101 // +optional 2102 InitialDelaySeconds int32 `json:"initialDelaySeconds,omitempty" protobuf:"varint,2,opt,name=initialDelaySeconds"` 2103 // Number of seconds after which the probe times out. 2104 // Defaults to 1 second. Minimum value is 1. 2105 // More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes 2106 // +optional 2107 TimeoutSeconds int32 `json:"timeoutSeconds,omitempty" protobuf:"varint,3,opt,name=timeoutSeconds"` 2108 // How often (in seconds) to perform the probe. 2109 // Default to 10 seconds. Minimum value is 1. 2110 // +optional 2111 PeriodSeconds int32 `json:"periodSeconds,omitempty" protobuf:"varint,4,opt,name=periodSeconds"` 2112 // Minimum consecutive successes for the probe to be considered successful after having failed. 2113 // Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. 2114 // +optional 2115 SuccessThreshold int32 `json:"successThreshold,omitempty" protobuf:"varint,5,opt,name=successThreshold"` 2116 // Minimum consecutive failures for the probe to be considered failed after having succeeded. 2117 // Defaults to 3. Minimum value is 1. 2118 // +optional 2119 FailureThreshold int32 `json:"failureThreshold,omitempty" protobuf:"varint,6,opt,name=failureThreshold"` 2120 // Optional duration in seconds the pod needs to terminate gracefully upon probe failure. 2121 // The grace period is the duration in seconds after the processes running in the pod are sent 2122 // a termination signal and the time when the processes are forcibly halted with a kill signal. 2123 // Set this value longer than the expected cleanup time for your process. 2124 // If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this 2125 // value overrides the value provided by the pod spec. 2126 // Value must be non-negative integer. The value zero indicates stop immediately via 2127 // the kill signal (no opportunity to shut down). 2128 // This is an alpha field and requires enabling ProbeTerminationGracePeriod feature gate. 2129 // +optional 2130 TerminationGracePeriodSeconds *int64 `json:"terminationGracePeriodSeconds,omitempty" protobuf:"varint,7,opt,name=terminationGracePeriodSeconds"` 2131} 2132 2133// PullPolicy describes a policy for if/when to pull a container image 2134type PullPolicy string 2135 2136const ( 2137 // PullAlways means that kubelet always attempts to pull the latest image. Container will fail If the pull fails. 2138 PullAlways PullPolicy = "Always" 2139 // PullNever means that kubelet never pulls an image, but only uses a local image. Container will fail if the image isn't present 2140 PullNever PullPolicy = "Never" 2141 // PullIfNotPresent means that kubelet pulls if the image isn't present on disk. Container will fail if the image isn't present and the pull fails. 2142 PullIfNotPresent PullPolicy = "IfNotPresent" 2143) 2144 2145// PreemptionPolicy describes a policy for if/when to preempt a pod. 2146type PreemptionPolicy string 2147 2148const ( 2149 // PreemptLowerPriority means that pod can preempt other pods with lower priority. 2150 PreemptLowerPriority PreemptionPolicy = "PreemptLowerPriority" 2151 // PreemptNever means that pod never preempts other pods with lower priority. 2152 PreemptNever PreemptionPolicy = "Never" 2153) 2154 2155// TerminationMessagePolicy describes how termination messages are retrieved from a container. 2156type TerminationMessagePolicy string 2157 2158const ( 2159 // TerminationMessageReadFile is the default behavior and will set the container status message to 2160 // the contents of the container's terminationMessagePath when the container exits. 2161 TerminationMessageReadFile TerminationMessagePolicy = "File" 2162 // TerminationMessageFallbackToLogsOnError will read the most recent contents of the container logs 2163 // for the container status message when the container exits with an error and the 2164 // terminationMessagePath has no contents. 2165 TerminationMessageFallbackToLogsOnError TerminationMessagePolicy = "FallbackToLogsOnError" 2166) 2167 2168// Capability represent POSIX capabilities type 2169type Capability string 2170 2171// Adds and removes POSIX capabilities from running containers. 2172type Capabilities struct { 2173 // Added capabilities 2174 // +optional 2175 Add []Capability `json:"add,omitempty" protobuf:"bytes,1,rep,name=add,casttype=Capability"` 2176 // Removed capabilities 2177 // +optional 2178 Drop []Capability `json:"drop,omitempty" protobuf:"bytes,2,rep,name=drop,casttype=Capability"` 2179} 2180 2181// ResourceRequirements describes the compute resource requirements. 2182type ResourceRequirements struct { 2183 // Limits describes the maximum amount of compute resources allowed. 2184 // More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ 2185 // +optional 2186 Limits ResourceList `json:"limits,omitempty" protobuf:"bytes,1,rep,name=limits,casttype=ResourceList,castkey=ResourceName"` 2187 // Requests describes the minimum amount of compute resources required. 2188 // If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, 2189 // otherwise to an implementation-defined value. 2190 // More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ 2191 // +optional 2192 Requests ResourceList `json:"requests,omitempty" protobuf:"bytes,2,rep,name=requests,casttype=ResourceList,castkey=ResourceName"` 2193} 2194 2195const ( 2196 // TerminationMessagePathDefault means the default path to capture the application termination message running in a container 2197 TerminationMessagePathDefault string = "/dev/termination-log" 2198) 2199 2200// A single application container that you want to run within a pod. 2201type Container struct { 2202 // Name of the container specified as a DNS_LABEL. 2203 // Each container in a pod must have a unique name (DNS_LABEL). 2204 // Cannot be updated. 2205 Name string `json:"name" protobuf:"bytes,1,opt,name=name"` 2206 // Docker image name. 2207 // More info: https://kubernetes.io/docs/concepts/containers/images 2208 // This field is optional to allow higher level config management to default or override 2209 // container images in workload controllers like Deployments and StatefulSets. 2210 // +optional 2211 Image string `json:"image,omitempty" protobuf:"bytes,2,opt,name=image"` 2212 // Entrypoint array. Not executed within a shell. 2213 // The docker image's ENTRYPOINT is used if this is not provided. 2214 // Variable references $(VAR_NAME) are expanded using the container's environment. If a variable 2215 // cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax 2216 // can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, 2217 // regardless of whether the variable exists or not. 2218 // Cannot be updated. 2219 // More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell 2220 // +optional 2221 Command []string `json:"command,omitempty" protobuf:"bytes,3,rep,name=command"` 2222 // Arguments to the entrypoint. 2223 // The docker image's CMD is used if this is not provided. 2224 // Variable references $(VAR_NAME) are expanded using the container's environment. If a variable 2225 // cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax 2226 // can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, 2227 // regardless of whether the variable exists or not. 2228 // Cannot be updated. 2229 // More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell 2230 // +optional 2231 Args []string `json:"args,omitempty" protobuf:"bytes,4,rep,name=args"` 2232 // Container's working directory. 2233 // If not specified, the container runtime's default will be used, which 2234 // might be configured in the container image. 2235 // Cannot be updated. 2236 // +optional 2237 WorkingDir string `json:"workingDir,omitempty" protobuf:"bytes,5,opt,name=workingDir"` 2238 // List of ports to expose from the container. Exposing a port here gives 2239 // the system additional information about the network connections a 2240 // container uses, but is primarily informational. Not specifying a port here 2241 // DOES NOT prevent that port from being exposed. Any port which is 2242 // listening on the default "0.0.0.0" address inside a container will be 2243 // accessible from the network. 2244 // Cannot be updated. 2245 // +optional 2246 // +patchMergeKey=containerPort 2247 // +patchStrategy=merge 2248 // +listType=map 2249 // +listMapKey=containerPort 2250 // +listMapKey=protocol 2251 Ports []ContainerPort `json:"ports,omitempty" patchStrategy:"merge" patchMergeKey:"containerPort" protobuf:"bytes,6,rep,name=ports"` 2252 // List of sources to populate environment variables in the container. 2253 // The keys defined within a source must be a C_IDENTIFIER. All invalid keys 2254 // will be reported as an event when the container is starting. When a key exists in multiple 2255 // sources, the value associated with the last source will take precedence. 2256 // Values defined by an Env with a duplicate key will take precedence. 2257 // Cannot be updated. 2258 // +optional 2259 EnvFrom []EnvFromSource `json:"envFrom,omitempty" protobuf:"bytes,19,rep,name=envFrom"` 2260 // List of environment variables to set in the container. 2261 // Cannot be updated. 2262 // +optional 2263 // +patchMergeKey=name 2264 // +patchStrategy=merge 2265 Env []EnvVar `json:"env,omitempty" patchStrategy:"merge" patchMergeKey:"name" protobuf:"bytes,7,rep,name=env"` 2266 // Compute Resources required by this container. 2267 // Cannot be updated. 2268 // More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ 2269 // +optional 2270 Resources ResourceRequirements `json:"resources,omitempty" protobuf:"bytes,8,opt,name=resources"` 2271 // Pod volumes to mount into the container's filesystem. 2272 // Cannot be updated. 2273 // +optional 2274 // +patchMergeKey=mountPath 2275 // +patchStrategy=merge 2276 VolumeMounts []VolumeMount `json:"volumeMounts,omitempty" patchStrategy:"merge" patchMergeKey:"mountPath" protobuf:"bytes,9,rep,name=volumeMounts"` 2277 // volumeDevices is the list of block devices to be used by the container. 2278 // +patchMergeKey=devicePath 2279 // +patchStrategy=merge 2280 // +optional 2281 VolumeDevices []VolumeDevice `json:"volumeDevices,omitempty" patchStrategy:"merge" patchMergeKey:"devicePath" protobuf:"bytes,21,rep,name=volumeDevices"` 2282 // Periodic probe of container liveness. 2283 // Container will be restarted if the probe fails. 2284 // Cannot be updated. 2285 // More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes 2286 // +optional 2287 LivenessProbe *Probe `json:"livenessProbe,omitempty" protobuf:"bytes,10,opt,name=livenessProbe"` 2288 // Periodic probe of container service readiness. 2289 // Container will be removed from service endpoints if the probe fails. 2290 // Cannot be updated. 2291 // More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes 2292 // +optional 2293 ReadinessProbe *Probe `json:"readinessProbe,omitempty" protobuf:"bytes,11,opt,name=readinessProbe"` 2294 // StartupProbe indicates that the Pod has successfully initialized. 2295 // If specified, no other probes are executed until this completes successfully. 2296 // If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. 2297 // This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, 2298 // when it might take a long time to load data or warm a cache, than during steady-state operation. 2299 // This cannot be updated. 2300 // More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes 2301 // +optional 2302 StartupProbe *Probe `json:"startupProbe,omitempty" protobuf:"bytes,22,opt,name=startupProbe"` 2303 // Actions that the management system should take in response to container lifecycle events. 2304 // Cannot be updated. 2305 // +optional 2306 Lifecycle *Lifecycle `json:"lifecycle,omitempty" protobuf:"bytes,12,opt,name=lifecycle"` 2307 // Optional: Path at which the file to which the container's termination message 2308 // will be written is mounted into the container's filesystem. 2309 // Message written is intended to be brief final status, such as an assertion failure message. 2310 // Will be truncated by the node if greater than 4096 bytes. The total message length across 2311 // all containers will be limited to 12kb. 2312 // Defaults to /dev/termination-log. 2313 // Cannot be updated. 2314 // +optional 2315 TerminationMessagePath string `json:"terminationMessagePath,omitempty" protobuf:"bytes,13,opt,name=terminationMessagePath"` 2316 // Indicate how the termination message should be populated. File will use the contents of 2317 // terminationMessagePath to populate the container status message on both success and failure. 2318 // FallbackToLogsOnError will use the last chunk of container log output if the termination 2319 // message file is empty and the container exited with an error. 2320 // The log output is limited to 2048 bytes or 80 lines, whichever is smaller. 2321 // Defaults to File. 2322 // Cannot be updated. 2323 // +optional 2324 TerminationMessagePolicy TerminationMessagePolicy `json:"terminationMessagePolicy,omitempty" protobuf:"bytes,20,opt,name=terminationMessagePolicy,casttype=TerminationMessagePolicy"` 2325 // Image pull policy. 2326 // One of Always, Never, IfNotPresent. 2327 // Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. 2328 // Cannot be updated. 2329 // More info: https://kubernetes.io/docs/concepts/containers/images#updating-images 2330 // +optional 2331 ImagePullPolicy PullPolicy `json:"imagePullPolicy,omitempty" protobuf:"bytes,14,opt,name=imagePullPolicy,casttype=PullPolicy"` 2332 // Security options the pod should run with. 2333 // More info: https://kubernetes.io/docs/concepts/policy/security-context/ 2334 // More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ 2335 // +optional 2336 SecurityContext *SecurityContext `json:"securityContext,omitempty" protobuf:"bytes,15,opt,name=securityContext"` 2337 2338 // Variables for interactive containers, these have very specialized use-cases (e.g. debugging) 2339 // and shouldn't be used for general purpose containers. 2340 2341 // Whether this container should allocate a buffer for stdin in the container runtime. If this 2342 // is not set, reads from stdin in the container will always result in EOF. 2343 // Default is false. 2344 // +optional 2345 Stdin bool `json:"stdin,omitempty" protobuf:"varint,16,opt,name=stdin"` 2346 // Whether the container runtime should close the stdin channel after it has been opened by 2347 // a single attach. When stdin is true the stdin stream will remain open across multiple attach 2348 // sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the 2349 // first client attaches to stdin, and then remains open and accepts data until the client disconnects, 2350 // at which time stdin is closed and remains closed until the container is restarted. If this 2351 // flag is false, a container processes that reads from stdin will never receive an EOF. 2352 // Default is false 2353 // +optional 2354 StdinOnce bool `json:"stdinOnce,omitempty" protobuf:"varint,17,opt,name=stdinOnce"` 2355 // Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. 2356 // Default is false. 2357 // +optional 2358 TTY bool `json:"tty,omitempty" protobuf:"varint,18,opt,name=tty"` 2359} 2360 2361// Handler defines a specific action that should be taken 2362// TODO: pass structured data to these actions, and document that data here. 2363type Handler struct { 2364 // One and only one of the following should be specified. 2365 // Exec specifies the action to take. 2366 // +optional 2367 Exec *ExecAction `json:"exec,omitempty" protobuf:"bytes,1,opt,name=exec"` 2368 // HTTPGet specifies the http request to perform. 2369 // +optional 2370 HTTPGet *HTTPGetAction `json:"httpGet,omitempty" protobuf:"bytes,2,opt,name=httpGet"` 2371 // TCPSocket specifies an action involving a TCP port. 2372 // TCP hooks not yet supported 2373 // TODO: implement a realistic TCP lifecycle hook 2374 // +optional 2375 TCPSocket *TCPSocketAction `json:"tcpSocket,omitempty" protobuf:"bytes,3,opt,name=tcpSocket"` 2376} 2377 2378// Lifecycle describes actions that the management system should take in response to container lifecycle 2379// events. For the PostStart and PreStop lifecycle handlers, management of the container blocks 2380// until the action is complete, unless the container process fails, in which case the handler is aborted. 2381type Lifecycle struct { 2382 // PostStart is called immediately after a container is created. If the handler fails, 2383 // the container is terminated and restarted according to its restart policy. 2384 // Other management of the container blocks until the hook completes. 2385 // More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks 2386 // +optional 2387 PostStart *Handler `json:"postStart,omitempty" protobuf:"bytes,1,opt,name=postStart"` 2388 // PreStop is called immediately before a container is terminated due to an 2389 // API request or management event such as liveness/startup probe failure, 2390 // preemption, resource contention, etc. The handler is not called if the 2391 // container crashes or exits. The reason for termination is passed to the 2392 // handler. The Pod's termination grace period countdown begins before the 2393 // PreStop hooked is executed. Regardless of the outcome of the handler, the 2394 // container will eventually terminate within the Pod's termination grace 2395 // period. Other management of the container blocks until the hook completes 2396 // or until the termination grace period is reached. 2397 // More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks 2398 // +optional 2399 PreStop *Handler `json:"preStop,omitempty" protobuf:"bytes,2,opt,name=preStop"` 2400} 2401 2402type ConditionStatus string 2403 2404// These are valid condition statuses. "ConditionTrue" means a resource is in the condition. 2405// "ConditionFalse" means a resource is not in the condition. "ConditionUnknown" means kubernetes 2406// can't decide if a resource is in the condition or not. In the future, we could add other 2407// intermediate conditions, e.g. ConditionDegraded. 2408const ( 2409 ConditionTrue ConditionStatus = "True" 2410 ConditionFalse ConditionStatus = "False" 2411 ConditionUnknown ConditionStatus = "Unknown" 2412) 2413 2414// ContainerStateWaiting is a waiting state of a container. 2415type ContainerStateWaiting struct { 2416 // (brief) reason the container is not yet running. 2417 // +optional 2418 Reason string `json:"reason,omitempty" protobuf:"bytes,1,opt,name=reason"` 2419 // Message regarding why the container is not yet running. 2420 // +optional 2421 Message string `json:"message,omitempty" protobuf:"bytes,2,opt,name=message"` 2422} 2423 2424// ContainerStateRunning is a running state of a container. 2425type ContainerStateRunning struct { 2426 // Time at which the container was last (re-)started 2427 // +optional 2428 StartedAt metav1.Time `json:"startedAt,omitempty" protobuf:"bytes,1,opt,name=startedAt"` 2429} 2430 2431// ContainerStateTerminated is a terminated state of a container. 2432type ContainerStateTerminated struct { 2433 // Exit status from the last termination of the container 2434 ExitCode int32 `json:"exitCode" protobuf:"varint,1,opt,name=exitCode"` 2435 // Signal from the last termination of the container 2436 // +optional 2437 Signal int32 `json:"signal,omitempty" protobuf:"varint,2,opt,name=signal"` 2438 // (brief) reason from the last termination of the container 2439 // +optional 2440 Reason string `json:"reason,omitempty" protobuf:"bytes,3,opt,name=reason"` 2441 // Message regarding the last termination of the container 2442 // +optional 2443 Message string `json:"message,omitempty" protobuf:"bytes,4,opt,name=message"` 2444 // Time at which previous execution of the container started 2445 // +optional 2446 StartedAt metav1.Time `json:"startedAt,omitempty" protobuf:"bytes,5,opt,name=startedAt"` 2447 // Time at which the container last terminated 2448 // +optional 2449 FinishedAt metav1.Time `json:"finishedAt,omitempty" protobuf:"bytes,6,opt,name=finishedAt"` 2450 // Container's ID in the format 'docker://<container_id>' 2451 // +optional 2452 ContainerID string `json:"containerID,omitempty" protobuf:"bytes,7,opt,name=containerID"` 2453} 2454 2455// ContainerState holds a possible state of container. 2456// Only one of its members may be specified. 2457// If none of them is specified, the default one is ContainerStateWaiting. 2458type ContainerState struct { 2459 // Details about a waiting container 2460 // +optional 2461 Waiting *ContainerStateWaiting `json:"waiting,omitempty" protobuf:"bytes,1,opt,name=waiting"` 2462 // Details about a running container 2463 // +optional 2464 Running *ContainerStateRunning `json:"running,omitempty" protobuf:"bytes,2,opt,name=running"` 2465 // Details about a terminated container 2466 // +optional 2467 Terminated *ContainerStateTerminated `json:"terminated,omitempty" protobuf:"bytes,3,opt,name=terminated"` 2468} 2469 2470// ContainerStatus contains details for the current status of this container. 2471type ContainerStatus struct { 2472 // This must be a DNS_LABEL. Each container in a pod must have a unique name. 2473 // Cannot be updated. 2474 Name string `json:"name" protobuf:"bytes,1,opt,name=name"` 2475 // Details about the container's current condition. 2476 // +optional 2477 State ContainerState `json:"state,omitempty" protobuf:"bytes,2,opt,name=state"` 2478 // Details about the container's last termination condition. 2479 // +optional 2480 LastTerminationState ContainerState `json:"lastState,omitempty" protobuf:"bytes,3,opt,name=lastState"` 2481 // Specifies whether the container has passed its readiness probe. 2482 Ready bool `json:"ready" protobuf:"varint,4,opt,name=ready"` 2483 // The number of times the container has been restarted, currently based on 2484 // the number of dead containers that have not yet been removed. 2485 // Note that this is calculated from dead containers. But those containers are subject to 2486 // garbage collection. This value will get capped at 5 by GC. 2487 RestartCount int32 `json:"restartCount" protobuf:"varint,5,opt,name=restartCount"` 2488 // The image the container is running. 2489 // More info: https://kubernetes.io/docs/concepts/containers/images 2490 // TODO(dchen1107): Which image the container is running with? 2491 Image string `json:"image" protobuf:"bytes,6,opt,name=image"` 2492 // ImageID of the container's image. 2493 ImageID string `json:"imageID" protobuf:"bytes,7,opt,name=imageID"` 2494 // Container's ID in the format 'docker://<container_id>'. 2495 // +optional 2496 ContainerID string `json:"containerID,omitempty" protobuf:"bytes,8,opt,name=containerID"` 2497 // Specifies whether the container has passed its startup probe. 2498 // Initialized as false, becomes true after startupProbe is considered successful. 2499 // Resets to false when the container is restarted, or if kubelet loses state temporarily. 2500 // Is always true when no startupProbe is defined. 2501 // +optional 2502 Started *bool `json:"started,omitempty" protobuf:"varint,9,opt,name=started"` 2503} 2504 2505// PodPhase is a label for the condition of a pod at the current time. 2506type PodPhase string 2507 2508// These are the valid statuses of pods. 2509const ( 2510 // PodPending means the pod has been accepted by the system, but one or more of the containers 2511 // has not been started. This includes time before being bound to a node, as well as time spent 2512 // pulling images onto the host. 2513 PodPending PodPhase = "Pending" 2514 // PodRunning means the pod has been bound to a node and all of the containers have been started. 2515 // At least one container is still running or is in the process of being restarted. 2516 PodRunning PodPhase = "Running" 2517 // PodSucceeded means that all containers in the pod have voluntarily terminated 2518 // with a container exit code of 0, and the system is not going to restart any of these containers. 2519 PodSucceeded PodPhase = "Succeeded" 2520 // PodFailed means that all containers in the pod have terminated, and at least one container has 2521 // terminated in a failure (exited with a non-zero exit code or was stopped by the system). 2522 PodFailed PodPhase = "Failed" 2523 // PodUnknown means that for some reason the state of the pod could not be obtained, typically due 2524 // to an error in communicating with the host of the pod. 2525 PodUnknown PodPhase = "Unknown" 2526) 2527 2528// PodConditionType is a valid value for PodCondition.Type 2529type PodConditionType string 2530 2531// These are valid conditions of pod. 2532const ( 2533 // ContainersReady indicates whether all containers in the pod are ready. 2534 ContainersReady PodConditionType = "ContainersReady" 2535 // PodInitialized means that all init containers in the pod have started successfully. 2536 PodInitialized PodConditionType = "Initialized" 2537 // PodReady means the pod is able to service requests and should be added to the 2538 // load balancing pools of all matching services. 2539 PodReady PodConditionType = "Ready" 2540 // PodScheduled represents status of the scheduling process for this pod. 2541 PodScheduled PodConditionType = "PodScheduled" 2542) 2543 2544// These are reasons for a pod's transition to a condition. 2545const ( 2546 // PodReasonUnschedulable reason in PodScheduled PodCondition means that the scheduler 2547 // can't schedule the pod right now, for example due to insufficient resources in the cluster. 2548 PodReasonUnschedulable = "Unschedulable" 2549) 2550 2551// PodCondition contains details for the current condition of this pod. 2552type PodCondition struct { 2553 // Type is the type of the condition. 2554 // More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions 2555 Type PodConditionType `json:"type" protobuf:"bytes,1,opt,name=type,casttype=PodConditionType"` 2556 // Status is the status of the condition. 2557 // Can be True, False, Unknown. 2558 // More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions 2559 Status ConditionStatus `json:"status" protobuf:"bytes,2,opt,name=status,casttype=ConditionStatus"` 2560 // Last time we probed the condition. 2561 // +optional 2562 LastProbeTime metav1.Time `json:"lastProbeTime,omitempty" protobuf:"bytes,3,opt,name=lastProbeTime"` 2563 // Last time the condition transitioned from one status to another. 2564 // +optional 2565 LastTransitionTime metav1.Time `json:"lastTransitionTime,omitempty" protobuf:"bytes,4,opt,name=lastTransitionTime"` 2566 // Unique, one-word, CamelCase reason for the condition's last transition. 2567 // +optional 2568 Reason string `json:"reason,omitempty" protobuf:"bytes,5,opt,name=reason"` 2569 // Human-readable message indicating details about last transition. 2570 // +optional 2571 Message string `json:"message,omitempty" protobuf:"bytes,6,opt,name=message"` 2572} 2573 2574// RestartPolicy describes how the container should be restarted. 2575// Only one of the following restart policies may be specified. 2576// If none of the following policies is specified, the default one 2577// is RestartPolicyAlways. 2578type RestartPolicy string 2579 2580const ( 2581 RestartPolicyAlways RestartPolicy = "Always" 2582 RestartPolicyOnFailure RestartPolicy = "OnFailure" 2583 RestartPolicyNever RestartPolicy = "Never" 2584) 2585 2586// DNSPolicy defines how a pod's DNS will be configured. 2587type DNSPolicy string 2588 2589const ( 2590 // DNSClusterFirstWithHostNet indicates that the pod should use cluster DNS 2591 // first, if it is available, then fall back on the default 2592 // (as determined by kubelet) DNS settings. 2593 DNSClusterFirstWithHostNet DNSPolicy = "ClusterFirstWithHostNet" 2594 2595 // DNSClusterFirst indicates that the pod should use cluster DNS 2596 // first unless hostNetwork is true, if it is available, then 2597 // fall back on the default (as determined by kubelet) DNS settings. 2598 DNSClusterFirst DNSPolicy = "ClusterFirst" 2599 2600 // DNSDefault indicates that the pod should use the default (as 2601 // determined by kubelet) DNS settings. 2602 DNSDefault DNSPolicy = "Default" 2603 2604 // DNSNone indicates that the pod should use empty DNS settings. DNS 2605 // parameters such as nameservers and search paths should be defined via 2606 // DNSConfig. 2607 DNSNone DNSPolicy = "None" 2608) 2609 2610const ( 2611 // DefaultTerminationGracePeriodSeconds indicates the default duration in 2612 // seconds a pod needs to terminate gracefully. 2613 DefaultTerminationGracePeriodSeconds = 30 2614) 2615 2616// A node selector represents the union of the results of one or more label queries 2617// over a set of nodes; that is, it represents the OR of the selectors represented 2618// by the node selector terms. 2619type NodeSelector struct { 2620 //Required. A list of node selector terms. The terms are ORed. 2621 NodeSelectorTerms []NodeSelectorTerm `json:"nodeSelectorTerms" protobuf:"bytes,1,rep,name=nodeSelectorTerms"` 2622} 2623 2624// A null or empty node selector term matches no objects. The requirements of 2625// them are ANDed. 2626// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. 2627type NodeSelectorTerm struct { 2628 // A list of node selector requirements by node's labels. 2629 // +optional 2630 MatchExpressions []NodeSelectorRequirement `json:"matchExpressions,omitempty" protobuf:"bytes,1,rep,name=matchExpressions"` 2631 // A list of node selector requirements by node's fields. 2632 // +optional 2633 MatchFields []NodeSelectorRequirement `json:"matchFields,omitempty" protobuf:"bytes,2,rep,name=matchFields"` 2634} 2635 2636// A node selector requirement is a selector that contains values, a key, and an operator 2637// that relates the key and values. 2638type NodeSelectorRequirement struct { 2639 // The label key that the selector applies to. 2640 Key string `json:"key" protobuf:"bytes,1,opt,name=key"` 2641 // Represents a key's relationship to a set of values. 2642 // Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. 2643 Operator NodeSelectorOperator `json:"operator" protobuf:"bytes,2,opt,name=operator,casttype=NodeSelectorOperator"` 2644 // An array of string values. If the operator is In or NotIn, 2645 // the values array must be non-empty. If the operator is Exists or DoesNotExist, 2646 // the values array must be empty. If the operator is Gt or Lt, the values 2647 // array must have a single element, which will be interpreted as an integer. 2648 // This array is replaced during a strategic merge patch. 2649 // +optional 2650 Values []string `json:"values,omitempty" protobuf:"bytes,3,rep,name=values"` 2651} 2652 2653// A node selector operator is the set of operators that can be used in 2654// a node selector requirement. 2655type NodeSelectorOperator string 2656 2657const ( 2658 NodeSelectorOpIn NodeSelectorOperator = "In" 2659 NodeSelectorOpNotIn NodeSelectorOperator = "NotIn" 2660 NodeSelectorOpExists NodeSelectorOperator = "Exists" 2661 NodeSelectorOpDoesNotExist NodeSelectorOperator = "DoesNotExist" 2662 NodeSelectorOpGt NodeSelectorOperator = "Gt" 2663 NodeSelectorOpLt NodeSelectorOperator = "Lt" 2664) 2665 2666// A topology selector term represents the result of label queries. 2667// A null or empty topology selector term matches no objects. 2668// The requirements of them are ANDed. 2669// It provides a subset of functionality as NodeSelectorTerm. 2670// This is an alpha feature and may change in the future. 2671type TopologySelectorTerm struct { 2672 // A list of topology selector requirements by labels. 2673 // +optional 2674 MatchLabelExpressions []TopologySelectorLabelRequirement `json:"matchLabelExpressions,omitempty" protobuf:"bytes,1,rep,name=matchLabelExpressions"` 2675} 2676 2677// A topology selector requirement is a selector that matches given label. 2678// This is an alpha feature and may change in the future. 2679type TopologySelectorLabelRequirement struct { 2680 // The label key that the selector applies to. 2681 Key string `json:"key" protobuf:"bytes,1,opt,name=key"` 2682 // An array of string values. One value must match the label to be selected. 2683 // Each entry in Values is ORed. 2684 Values []string `json:"values" protobuf:"bytes,2,rep,name=values"` 2685} 2686 2687// Affinity is a group of affinity scheduling rules. 2688type Affinity struct { 2689 // Describes node affinity scheduling rules for the pod. 2690 // +optional 2691 NodeAffinity *NodeAffinity `json:"nodeAffinity,omitempty" protobuf:"bytes,1,opt,name=nodeAffinity"` 2692 // Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). 2693 // +optional 2694 PodAffinity *PodAffinity `json:"podAffinity,omitempty" protobuf:"bytes,2,opt,name=podAffinity"` 2695 // Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). 2696 // +optional 2697 PodAntiAffinity *PodAntiAffinity `json:"podAntiAffinity,omitempty" protobuf:"bytes,3,opt,name=podAntiAffinity"` 2698} 2699 2700// Pod affinity is a group of inter pod affinity scheduling rules. 2701type PodAffinity struct { 2702 // NOT YET IMPLEMENTED. TODO: Uncomment field once it is implemented. 2703 // If the affinity requirements specified by this field are not met at 2704 // scheduling time, the pod will not be scheduled onto the node. 2705 // If the affinity requirements specified by this field cease to be met 2706 // at some point during pod execution (e.g. due to a pod label update), the 2707 // system will try to eventually evict the pod from its node. 2708 // When there are multiple elements, the lists of nodes corresponding to each 2709 // podAffinityTerm are intersected, i.e. all terms must be satisfied. 2710 // +optional 2711 // RequiredDuringSchedulingRequiredDuringExecution []PodAffinityTerm `json:"requiredDuringSchedulingRequiredDuringExecution,omitempty"` 2712 2713 // If the affinity requirements specified by this field are not met at 2714 // scheduling time, the pod will not be scheduled onto the node. 2715 // If the affinity requirements specified by this field cease to be met 2716 // at some point during pod execution (e.g. due to a pod label update), the 2717 // system may or may not try to eventually evict the pod from its node. 2718 // When there are multiple elements, the lists of nodes corresponding to each 2719 // podAffinityTerm are intersected, i.e. all terms must be satisfied. 2720 // +optional 2721 RequiredDuringSchedulingIgnoredDuringExecution []PodAffinityTerm `json:"requiredDuringSchedulingIgnoredDuringExecution,omitempty" protobuf:"bytes,1,rep,name=requiredDuringSchedulingIgnoredDuringExecution"` 2722 // The scheduler will prefer to schedule pods to nodes that satisfy 2723 // the affinity expressions specified by this field, but it may choose 2724 // a node that violates one or more of the expressions. The node that is 2725 // most preferred is the one with the greatest sum of weights, i.e. 2726 // for each node that meets all of the scheduling requirements (resource 2727 // request, requiredDuringScheduling affinity expressions, etc.), 2728 // compute a sum by iterating through the elements of this field and adding 2729 // "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the 2730 // node(s) with the highest sum are the most preferred. 2731 // +optional 2732 PreferredDuringSchedulingIgnoredDuringExecution []WeightedPodAffinityTerm `json:"preferredDuringSchedulingIgnoredDuringExecution,omitempty" protobuf:"bytes,2,rep,name=preferredDuringSchedulingIgnoredDuringExecution"` 2733} 2734 2735// Pod anti affinity is a group of inter pod anti affinity scheduling rules. 2736type PodAntiAffinity struct { 2737 // NOT YET IMPLEMENTED. TODO: Uncomment field once it is implemented. 2738 // If the anti-affinity requirements specified by this field are not met at 2739 // scheduling time, the pod will not be scheduled onto the node. 2740 // If the anti-affinity requirements specified by this field cease to be met 2741 // at some point during pod execution (e.g. due to a pod label update), the 2742 // system will try to eventually evict the pod from its node. 2743 // When there are multiple elements, the lists of nodes corresponding to each 2744 // podAffinityTerm are intersected, i.e. all terms must be satisfied. 2745 // +optional 2746 // RequiredDuringSchedulingRequiredDuringExecution []PodAffinityTerm `json:"requiredDuringSchedulingRequiredDuringExecution,omitempty"` 2747 2748 // If the anti-affinity requirements specified by this field are not met at 2749 // scheduling time, the pod will not be scheduled onto the node. 2750 // If the anti-affinity requirements specified by this field cease to be met 2751 // at some point during pod execution (e.g. due to a pod label update), the 2752 // system may or may not try to eventually evict the pod from its node. 2753 // When there are multiple elements, the lists of nodes corresponding to each 2754 // podAffinityTerm are intersected, i.e. all terms must be satisfied. 2755 // +optional 2756 RequiredDuringSchedulingIgnoredDuringExecution []PodAffinityTerm `json:"requiredDuringSchedulingIgnoredDuringExecution,omitempty" protobuf:"bytes,1,rep,name=requiredDuringSchedulingIgnoredDuringExecution"` 2757 // The scheduler will prefer to schedule pods to nodes that satisfy 2758 // the anti-affinity expressions specified by this field, but it may choose 2759 // a node that violates one or more of the expressions. The node that is 2760 // most preferred is the one with the greatest sum of weights, i.e. 2761 // for each node that meets all of the scheduling requirements (resource 2762 // request, requiredDuringScheduling anti-affinity expressions, etc.), 2763 // compute a sum by iterating through the elements of this field and adding 2764 // "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the 2765 // node(s) with the highest sum are the most preferred. 2766 // +optional 2767 PreferredDuringSchedulingIgnoredDuringExecution []WeightedPodAffinityTerm `json:"preferredDuringSchedulingIgnoredDuringExecution,omitempty" protobuf:"bytes,2,rep,name=preferredDuringSchedulingIgnoredDuringExecution"` 2768} 2769 2770// The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) 2771type WeightedPodAffinityTerm struct { 2772 // weight associated with matching the corresponding podAffinityTerm, 2773 // in the range 1-100. 2774 Weight int32 `json:"weight" protobuf:"varint,1,opt,name=weight"` 2775 // Required. A pod affinity term, associated with the corresponding weight. 2776 PodAffinityTerm PodAffinityTerm `json:"podAffinityTerm" protobuf:"bytes,2,opt,name=podAffinityTerm"` 2777} 2778 2779// Defines a set of pods (namely those matching the labelSelector 2780// relative to the given namespace(s)) that this pod should be 2781// co-located (affinity) or not co-located (anti-affinity) with, 2782// where co-located is defined as running on a node whose value of 2783// the label with key <topologyKey> matches that of any node on which 2784// a pod of the set of pods is running 2785type PodAffinityTerm struct { 2786 // A label query over a set of resources, in this case pods. 2787 // +optional 2788 LabelSelector *metav1.LabelSelector `json:"labelSelector,omitempty" protobuf:"bytes,1,opt,name=labelSelector"` 2789 // namespaces specifies a static list of namespace names that the term applies to. 2790 // The term is applied to the union of the namespaces listed in this field 2791 // and the ones selected by namespaceSelector. 2792 // null or empty namespaces list and null namespaceSelector means "this pod's namespace" 2793 // +optional 2794 Namespaces []string `json:"namespaces,omitempty" protobuf:"bytes,2,rep,name=namespaces"` 2795 // This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching 2796 // the labelSelector in the specified namespaces, where co-located is defined as running on a node 2797 // whose value of the label with key topologyKey matches that of any node on which any of the 2798 // selected pods is running. 2799 // Empty topologyKey is not allowed. 2800 TopologyKey string `json:"topologyKey" protobuf:"bytes,3,opt,name=topologyKey"` 2801 // A label query over the set of namespaces that the term applies to. 2802 // The term is applied to the union of the namespaces selected by this field 2803 // and the ones listed in the namespaces field. 2804 // null selector and null or empty namespaces list means "this pod's namespace". 2805 // An empty selector ({}) matches all namespaces. 2806 // This field is alpha-level and is only honored when PodAffinityNamespaceSelector feature is enabled. 2807 // +optional 2808 NamespaceSelector *metav1.LabelSelector `json:"namespaceSelector,omitempty" protobuf:"bytes,4,opt,name=namespaceSelector"` 2809} 2810 2811// Node affinity is a group of node affinity scheduling rules. 2812type NodeAffinity struct { 2813 // NOT YET IMPLEMENTED. TODO: Uncomment field once it is implemented. 2814 // If the affinity requirements specified by this field are not met at 2815 // scheduling time, the pod will not be scheduled onto the node. 2816 // If the affinity requirements specified by this field cease to be met 2817 // at some point during pod execution (e.g. due to an update), the system 2818 // will try to eventually evict the pod from its node. 2819 // +optional 2820 // RequiredDuringSchedulingRequiredDuringExecution *NodeSelector `json:"requiredDuringSchedulingRequiredDuringExecution,omitempty"` 2821 2822 // If the affinity requirements specified by this field are not met at 2823 // scheduling time, the pod will not be scheduled onto the node. 2824 // If the affinity requirements specified by this field cease to be met 2825 // at some point during pod execution (e.g. due to an update), the system 2826 // may or may not try to eventually evict the pod from its node. 2827 // +optional 2828 RequiredDuringSchedulingIgnoredDuringExecution *NodeSelector `json:"requiredDuringSchedulingIgnoredDuringExecution,omitempty" protobuf:"bytes,1,opt,name=requiredDuringSchedulingIgnoredDuringExecution"` 2829 // The scheduler will prefer to schedule pods to nodes that satisfy 2830 // the affinity expressions specified by this field, but it may choose 2831 // a node that violates one or more of the expressions. The node that is 2832 // most preferred is the one with the greatest sum of weights, i.e. 2833 // for each node that meets all of the scheduling requirements (resource 2834 // request, requiredDuringScheduling affinity expressions, etc.), 2835 // compute a sum by iterating through the elements of this field and adding 2836 // "weight" to the sum if the node matches the corresponding matchExpressions; the 2837 // node(s) with the highest sum are the most preferred. 2838 // +optional 2839 PreferredDuringSchedulingIgnoredDuringExecution []PreferredSchedulingTerm `json:"preferredDuringSchedulingIgnoredDuringExecution,omitempty" protobuf:"bytes,2,rep,name=preferredDuringSchedulingIgnoredDuringExecution"` 2840} 2841 2842// An empty preferred scheduling term matches all objects with implicit weight 0 2843// (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). 2844type PreferredSchedulingTerm struct { 2845 // Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. 2846 Weight int32 `json:"weight" protobuf:"varint,1,opt,name=weight"` 2847 // A node selector term, associated with the corresponding weight. 2848 Preference NodeSelectorTerm `json:"preference" protobuf:"bytes,2,opt,name=preference"` 2849} 2850 2851// The node this Taint is attached to has the "effect" on 2852// any pod that does not tolerate the Taint. 2853type Taint struct { 2854 // Required. The taint key to be applied to a node. 2855 Key string `json:"key" protobuf:"bytes,1,opt,name=key"` 2856 // The taint value corresponding to the taint key. 2857 // +optional 2858 Value string `json:"value,omitempty" protobuf:"bytes,2,opt,name=value"` 2859 // Required. The effect of the taint on pods 2860 // that do not tolerate the taint. 2861 // Valid effects are NoSchedule, PreferNoSchedule and NoExecute. 2862 Effect TaintEffect `json:"effect" protobuf:"bytes,3,opt,name=effect,casttype=TaintEffect"` 2863 // TimeAdded represents the time at which the taint was added. 2864 // It is only written for NoExecute taints. 2865 // +optional 2866 TimeAdded *metav1.Time `json:"timeAdded,omitempty" protobuf:"bytes,4,opt,name=timeAdded"` 2867} 2868 2869type TaintEffect string 2870 2871const ( 2872 // Do not allow new pods to schedule onto the node unless they tolerate the taint, 2873 // but allow all pods submitted to Kubelet without going through the scheduler 2874 // to start, and allow all already-running pods to continue running. 2875 // Enforced by the scheduler. 2876 TaintEffectNoSchedule TaintEffect = "NoSchedule" 2877 // Like TaintEffectNoSchedule, but the scheduler tries not to schedule 2878 // new pods onto the node, rather than prohibiting new pods from scheduling 2879 // onto the node entirely. Enforced by the scheduler. 2880 TaintEffectPreferNoSchedule TaintEffect = "PreferNoSchedule" 2881 // NOT YET IMPLEMENTED. TODO: Uncomment field once it is implemented. 2882 // Like TaintEffectNoSchedule, but additionally do not allow pods submitted to 2883 // Kubelet without going through the scheduler to start. 2884 // Enforced by Kubelet and the scheduler. 2885 // TaintEffectNoScheduleNoAdmit TaintEffect = "NoScheduleNoAdmit" 2886 2887 // Evict any already-running pods that do not tolerate the taint. 2888 // Currently enforced by NodeController. 2889 TaintEffectNoExecute TaintEffect = "NoExecute" 2890) 2891 2892// The pod this Toleration is attached to tolerates any taint that matches 2893// the triple <key,value,effect> using the matching operator <operator>. 2894type Toleration struct { 2895 // Key is the taint key that the toleration applies to. Empty means match all taint keys. 2896 // If the key is empty, operator must be Exists; this combination means to match all values and all keys. 2897 // +optional 2898 Key string `json:"key,omitempty" protobuf:"bytes,1,opt,name=key"` 2899 // Operator represents a key's relationship to the value. 2900 // Valid operators are Exists and Equal. Defaults to Equal. 2901 // Exists is equivalent to wildcard for value, so that a pod can 2902 // tolerate all taints of a particular category. 2903 // +optional 2904 Operator TolerationOperator `json:"operator,omitempty" protobuf:"bytes,2,opt,name=operator,casttype=TolerationOperator"` 2905 // Value is the taint value the toleration matches to. 2906 // If the operator is Exists, the value should be empty, otherwise just a regular string. 2907 // +optional 2908 Value string `json:"value,omitempty" protobuf:"bytes,3,opt,name=value"` 2909 // Effect indicates the taint effect to match. Empty means match all taint effects. 2910 // When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. 2911 // +optional 2912 Effect TaintEffect `json:"effect,omitempty" protobuf:"bytes,4,opt,name=effect,casttype=TaintEffect"` 2913 // TolerationSeconds represents the period of time the toleration (which must be 2914 // of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, 2915 // it is not set, which means tolerate the taint forever (do not evict). Zero and 2916 // negative values will be treated as 0 (evict immediately) by the system. 2917 // +optional 2918 TolerationSeconds *int64 `json:"tolerationSeconds,omitempty" protobuf:"varint,5,opt,name=tolerationSeconds"` 2919} 2920 2921// A toleration operator is the set of operators that can be used in a toleration. 2922type TolerationOperator string 2923 2924const ( 2925 TolerationOpExists TolerationOperator = "Exists" 2926 TolerationOpEqual TolerationOperator = "Equal" 2927) 2928 2929// PodReadinessGate contains the reference to a pod condition 2930type PodReadinessGate struct { 2931 // ConditionType refers to a condition in the pod's condition list with matching type. 2932 ConditionType PodConditionType `json:"conditionType" protobuf:"bytes,1,opt,name=conditionType,casttype=PodConditionType"` 2933} 2934 2935// PodSpec is a description of a pod. 2936type PodSpec struct { 2937 // List of volumes that can be mounted by containers belonging to the pod. 2938 // More info: https://kubernetes.io/docs/concepts/storage/volumes 2939 // +optional 2940 // +patchMergeKey=name 2941 // +patchStrategy=merge,retainKeys 2942 Volumes []Volume `json:"volumes,omitempty" patchStrategy:"merge,retainKeys" patchMergeKey:"name" protobuf:"bytes,1,rep,name=volumes"` 2943 // List of initialization containers belonging to the pod. 2944 // Init containers are executed in order prior to containers being started. If any 2945 // init container fails, the pod is considered to have failed and is handled according 2946 // to its restartPolicy. The name for an init container or normal container must be 2947 // unique among all containers. 2948 // Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. 2949 // The resourceRequirements of an init container are taken into account during scheduling 2950 // by finding the highest request/limit for each resource type, and then using the max of 2951 // of that value or the sum of the normal containers. Limits are applied to init containers 2952 // in a similar fashion. 2953 // Init containers cannot currently be added or removed. 2954 // Cannot be updated. 2955 // More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ 2956 // +patchMergeKey=name 2957 // +patchStrategy=merge 2958 InitContainers []Container `json:"initContainers,omitempty" patchStrategy:"merge" patchMergeKey:"name" protobuf:"bytes,20,rep,name=initContainers"` 2959 // List of containers belonging to the pod. 2960 // Containers cannot currently be added or removed. 2961 // There must be at least one container in a Pod. 2962 // Cannot be updated. 2963 // +patchMergeKey=name 2964 // +patchStrategy=merge 2965 Containers []Container `json:"containers" patchStrategy:"merge" patchMergeKey:"name" protobuf:"bytes,2,rep,name=containers"` 2966 // List of ephemeral containers run in this pod. Ephemeral containers may be run in an existing 2967 // pod to perform user-initiated actions such as debugging. This list cannot be specified when 2968 // creating a pod, and it cannot be modified by updating the pod spec. In order to add an 2969 // ephemeral container to an existing pod, use the pod's ephemeralcontainers subresource. 2970 // This field is alpha-level and is only honored by servers that enable the EphemeralContainers feature. 2971 // +optional 2972 // +patchMergeKey=name 2973 // +patchStrategy=merge 2974 EphemeralContainers []EphemeralContainer `json:"ephemeralContainers,omitempty" patchStrategy:"merge" patchMergeKey:"name" protobuf:"bytes,34,rep,name=ephemeralContainers"` 2975 // Restart policy for all containers within the pod. 2976 // One of Always, OnFailure, Never. 2977 // Default to Always. 2978 // More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy 2979 // +optional 2980 RestartPolicy RestartPolicy `json:"restartPolicy,omitempty" protobuf:"bytes,3,opt,name=restartPolicy,casttype=RestartPolicy"` 2981 // Optional duration in seconds the pod needs to terminate gracefully. May be decreased in delete request. 2982 // Value must be non-negative integer. The value zero indicates stop immediately via 2983 // the kill signal (no opportunity to shut down). 2984 // If this value is nil, the default grace period will be used instead. 2985 // The grace period is the duration in seconds after the processes running in the pod are sent 2986 // a termination signal and the time when the processes are forcibly halted with a kill signal. 2987 // Set this value longer than the expected cleanup time for your process. 2988 // Defaults to 30 seconds. 2989 // +optional 2990 TerminationGracePeriodSeconds *int64 `json:"terminationGracePeriodSeconds,omitempty" protobuf:"varint,4,opt,name=terminationGracePeriodSeconds"` 2991 // Optional duration in seconds the pod may be active on the node relative to 2992 // StartTime before the system will actively try to mark it failed and kill associated containers. 2993 // Value must be a positive integer. 2994 // +optional 2995 ActiveDeadlineSeconds *int64 `json:"activeDeadlineSeconds,omitempty" protobuf:"varint,5,opt,name=activeDeadlineSeconds"` 2996 // Set DNS policy for the pod. 2997 // Defaults to "ClusterFirst". 2998 // Valid values are 'ClusterFirstWithHostNet', 'ClusterFirst', 'Default' or 'None'. 2999 // DNS parameters given in DNSConfig will be merged with the policy selected with DNSPolicy. 3000 // To have DNS options set along with hostNetwork, you have to specify DNS policy 3001 // explicitly to 'ClusterFirstWithHostNet'. 3002 // +optional 3003 DNSPolicy DNSPolicy `json:"dnsPolicy,omitempty" protobuf:"bytes,6,opt,name=dnsPolicy,casttype=DNSPolicy"` 3004 // NodeSelector is a selector which must be true for the pod to fit on a node. 3005 // Selector which must match a node's labels for the pod to be scheduled on that node. 3006 // More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ 3007 // +optional 3008 NodeSelector map[string]string `json:"nodeSelector,omitempty" protobuf:"bytes,7,rep,name=nodeSelector"` 3009 3010 // ServiceAccountName is the name of the ServiceAccount to use to run this pod. 3011 // More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ 3012 // +optional 3013 ServiceAccountName string `json:"serviceAccountName,omitempty" protobuf:"bytes,8,opt,name=serviceAccountName"` 3014 // DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. 3015 // Deprecated: Use serviceAccountName instead. 3016 // +k8s:conversion-gen=false 3017 // +optional 3018 DeprecatedServiceAccount string `json:"serviceAccount,omitempty" protobuf:"bytes,9,opt,name=serviceAccount"` 3019 // AutomountServiceAccountToken indicates whether a service account token should be automatically mounted. 3020 // +optional 3021 AutomountServiceAccountToken *bool `json:"automountServiceAccountToken,omitempty" protobuf:"varint,21,opt,name=automountServiceAccountToken"` 3022 3023 // NodeName is a request to schedule this pod onto a specific node. If it is non-empty, 3024 // the scheduler simply schedules this pod onto that node, assuming that it fits resource 3025 // requirements. 3026 // +optional 3027 NodeName string `json:"nodeName,omitempty" protobuf:"bytes,10,opt,name=nodeName"` 3028 // Host networking requested for this pod. Use the host's network namespace. 3029 // If this option is set, the ports that will be used must be specified. 3030 // Default to false. 3031 // +k8s:conversion-gen=false 3032 // +optional 3033 HostNetwork bool `json:"hostNetwork,omitempty" protobuf:"varint,11,opt,name=hostNetwork"` 3034 // Use the host's pid namespace. 3035 // Optional: Default to false. 3036 // +k8s:conversion-gen=false 3037 // +optional 3038 HostPID bool `json:"hostPID,omitempty" protobuf:"varint,12,opt,name=hostPID"` 3039 // Use the host's ipc namespace. 3040 // Optional: Default to false. 3041 // +k8s:conversion-gen=false 3042 // +optional 3043 HostIPC bool `json:"hostIPC,omitempty" protobuf:"varint,13,opt,name=hostIPC"` 3044 // Share a single process namespace between all of the containers in a pod. 3045 // When this is set containers will be able to view and signal processes from other containers 3046 // in the same pod, and the first process in each container will not be assigned PID 1. 3047 // HostPID and ShareProcessNamespace cannot both be set. 3048 // Optional: Default to false. 3049 // +k8s:conversion-gen=false 3050 // +optional 3051 ShareProcessNamespace *bool `json:"shareProcessNamespace,omitempty" protobuf:"varint,27,opt,name=shareProcessNamespace"` 3052 // SecurityContext holds pod-level security attributes and common container settings. 3053 // Optional: Defaults to empty. See type description for default values of each field. 3054 // +optional 3055 SecurityContext *PodSecurityContext `json:"securityContext,omitempty" protobuf:"bytes,14,opt,name=securityContext"` 3056 // ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. 3057 // If specified, these secrets will be passed to individual puller implementations for them to use. For example, 3058 // in the case of docker, only DockerConfig type secrets are honored. 3059 // More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod 3060 // +optional 3061 // +patchMergeKey=name 3062 // +patchStrategy=merge 3063 ImagePullSecrets []LocalObjectReference `json:"imagePullSecrets,omitempty" patchStrategy:"merge" patchMergeKey:"name" protobuf:"bytes,15,rep,name=imagePullSecrets"` 3064 // Specifies the hostname of the Pod 3065 // If not specified, the pod's hostname will be set to a system-defined value. 3066 // +optional 3067 Hostname string `json:"hostname,omitempty" protobuf:"bytes,16,opt,name=hostname"` 3068 // If specified, the fully qualified Pod hostname will be "<hostname>.<subdomain>.<pod namespace>.svc.<cluster domain>". 3069 // If not specified, the pod will not have a domainname at all. 3070 // +optional 3071 Subdomain string `json:"subdomain,omitempty" protobuf:"bytes,17,opt,name=subdomain"` 3072 // If specified, the pod's scheduling constraints 3073 // +optional 3074 Affinity *Affinity `json:"affinity,omitempty" protobuf:"bytes,18,opt,name=affinity"` 3075 // If specified, the pod will be dispatched by specified scheduler. 3076 // If not specified, the pod will be dispatched by default scheduler. 3077 // +optional 3078 SchedulerName string `json:"schedulerName,omitempty" protobuf:"bytes,19,opt,name=schedulerName"` 3079 // If specified, the pod's tolerations. 3080 // +optional 3081 Tolerations []Toleration `json:"tolerations,omitempty" protobuf:"bytes,22,opt,name=tolerations"` 3082 // HostAliases is an optional list of hosts and IPs that will be injected into the pod's hosts 3083 // file if specified. This is only valid for non-hostNetwork pods. 3084 // +optional 3085 // +patchMergeKey=ip 3086 // +patchStrategy=merge 3087 HostAliases []HostAlias `json:"hostAliases,omitempty" patchStrategy:"merge" patchMergeKey:"ip" protobuf:"bytes,23,rep,name=hostAliases"` 3088 // If specified, indicates the pod's priority. "system-node-critical" and 3089 // "system-cluster-critical" are two special keywords which indicate the 3090 // highest priorities with the former being the highest priority. Any other 3091 // name must be defined by creating a PriorityClass object with that name. 3092 // If not specified, the pod priority will be default or zero if there is no 3093 // default. 3094 // +optional 3095 PriorityClassName string `json:"priorityClassName,omitempty" protobuf:"bytes,24,opt,name=priorityClassName"` 3096 // The priority value. Various system components use this field to find the 3097 // priority of the pod. When Priority Admission Controller is enabled, it 3098 // prevents users from setting this field. The admission controller populates 3099 // this field from PriorityClassName. 3100 // The higher the value, the higher the priority. 3101 // +optional 3102 Priority *int32 `json:"priority,omitempty" protobuf:"bytes,25,opt,name=priority"` 3103 // Specifies the DNS parameters of a pod. 3104 // Parameters specified here will be merged to the generated DNS 3105 // configuration based on DNSPolicy. 3106 // +optional 3107 DNSConfig *PodDNSConfig `json:"dnsConfig,omitempty" protobuf:"bytes,26,opt,name=dnsConfig"` 3108 // If specified, all readiness gates will be evaluated for pod readiness. 3109 // A pod is ready when all its containers are ready AND 3110 // all conditions specified in the readiness gates have status equal to "True" 3111 // More info: https://git.k8s.io/enhancements/keps/sig-network/0007-pod-ready%2B%2B.md 3112 // +optional 3113 ReadinessGates []PodReadinessGate `json:"readinessGates,omitempty" protobuf:"bytes,28,opt,name=readinessGates"` 3114 // RuntimeClassName refers to a RuntimeClass object in the node.k8s.io group, which should be used 3115 // to run this pod. If no RuntimeClass resource matches the named class, the pod will not be run. 3116 // If unset or empty, the "legacy" RuntimeClass will be used, which is an implicit class with an 3117 // empty definition that uses the default runtime handler. 3118 // More info: https://git.k8s.io/enhancements/keps/sig-node/runtime-class.md 3119 // This is a beta feature as of Kubernetes v1.14. 3120 // +optional 3121 RuntimeClassName *string `json:"runtimeClassName,omitempty" protobuf:"bytes,29,opt,name=runtimeClassName"` 3122 // EnableServiceLinks indicates whether information about services should be injected into pod's 3123 // environment variables, matching the syntax of Docker links. 3124 // Optional: Defaults to true. 3125 // +optional 3126 EnableServiceLinks *bool `json:"enableServiceLinks,omitempty" protobuf:"varint,30,opt,name=enableServiceLinks"` 3127 // PreemptionPolicy is the Policy for preempting pods with lower priority. 3128 // One of Never, PreemptLowerPriority. 3129 // Defaults to PreemptLowerPriority if unset. 3130 // This field is beta-level, gated by the NonPreemptingPriority feature-gate. 3131 // +optional 3132 PreemptionPolicy *PreemptionPolicy `json:"preemptionPolicy,omitempty" protobuf:"bytes,31,opt,name=preemptionPolicy"` 3133 // Overhead represents the resource overhead associated with running a pod for a given RuntimeClass. 3134 // This field will be autopopulated at admission time by the RuntimeClass admission controller. If 3135 // the RuntimeClass admission controller is enabled, overhead must not be set in Pod create requests. 3136 // The RuntimeClass admission controller will reject Pod create requests which have the overhead already 3137 // set. If RuntimeClass is configured and selected in the PodSpec, Overhead will be set to the value 3138 // defined in the corresponding RuntimeClass, otherwise it will remain unset and treated as zero. 3139 // More info: https://git.k8s.io/enhancements/keps/sig-node/20190226-pod-overhead.md 3140 // This field is alpha-level as of Kubernetes v1.16, and is only honored by servers that enable the PodOverhead feature. 3141 // +optional 3142 Overhead ResourceList `json:"overhead,omitempty" protobuf:"bytes,32,opt,name=overhead"` 3143 // TopologySpreadConstraints describes how a group of pods ought to spread across topology 3144 // domains. Scheduler will schedule pods in a way which abides by the constraints. 3145 // All topologySpreadConstraints are ANDed. 3146 // +optional 3147 // +patchMergeKey=topologyKey 3148 // +patchStrategy=merge 3149 // +listType=map 3150 // +listMapKey=topologyKey 3151 // +listMapKey=whenUnsatisfiable 3152 TopologySpreadConstraints []TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty" patchStrategy:"merge" patchMergeKey:"topologyKey" protobuf:"bytes,33,opt,name=topologySpreadConstraints"` 3153 // If true the pod's hostname will be configured as the pod's FQDN, rather than the leaf name (the default). 3154 // In Linux containers, this means setting the FQDN in the hostname field of the kernel (the nodename field of struct utsname). 3155 // In Windows containers, this means setting the registry value of hostname for the registry key HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\Tcpip\\Parameters to FQDN. 3156 // If a pod does not have FQDN, this has no effect. 3157 // Default to false. 3158 // +optional 3159 SetHostnameAsFQDN *bool `json:"setHostnameAsFQDN,omitempty" protobuf:"varint,35,opt,name=setHostnameAsFQDN"` 3160} 3161 3162type UnsatisfiableConstraintAction string 3163 3164const ( 3165 // DoNotSchedule instructs the scheduler not to schedule the pod 3166 // when constraints are not satisfied. 3167 DoNotSchedule UnsatisfiableConstraintAction = "DoNotSchedule" 3168 // ScheduleAnyway instructs the scheduler to schedule the pod 3169 // even if constraints are not satisfied. 3170 ScheduleAnyway UnsatisfiableConstraintAction = "ScheduleAnyway" 3171) 3172 3173// TopologySpreadConstraint specifies how to spread matching pods among the given topology. 3174type TopologySpreadConstraint struct { 3175 // MaxSkew describes the degree to which pods may be unevenly distributed. 3176 // When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference 3177 // between the number of matching pods in the target topology and the global minimum. 3178 // For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same 3179 // labelSelector spread as 1/1/0: 3180 // +-------+-------+-------+ 3181 // | zone1 | zone2 | zone3 | 3182 // +-------+-------+-------+ 3183 // | P | P | | 3184 // +-------+-------+-------+ 3185 // - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 1/1/1; 3186 // scheduling it onto zone1(zone2) would make the ActualSkew(2-0) on zone1(zone2) 3187 // violate MaxSkew(1). 3188 // - if MaxSkew is 2, incoming pod can be scheduled onto any zone. 3189 // When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence 3190 // to topologies that satisfy it. 3191 // It's a required field. Default value is 1 and 0 is not allowed. 3192 MaxSkew int32 `json:"maxSkew" protobuf:"varint,1,opt,name=maxSkew"` 3193 // TopologyKey is the key of node labels. Nodes that have a label with this key 3194 // and identical values are considered to be in the same topology. 3195 // We consider each <key, value> as a "bucket", and try to put balanced number 3196 // of pods into each bucket. 3197 // It's a required field. 3198 TopologyKey string `json:"topologyKey" protobuf:"bytes,2,opt,name=topologyKey"` 3199 // WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy 3200 // the spread constraint. 3201 // - DoNotSchedule (default) tells the scheduler not to schedule it. 3202 // - ScheduleAnyway tells the scheduler to schedule the pod in any location, 3203 // but giving higher precedence to topologies that would help reduce the 3204 // skew. 3205 // A constraint is considered "Unsatisfiable" for an incoming pod 3206 // if and only if every possible node assigment for that pod would violate 3207 // "MaxSkew" on some topology. 3208 // For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same 3209 // labelSelector spread as 3/1/1: 3210 // +-------+-------+-------+ 3211 // | zone1 | zone2 | zone3 | 3212 // +-------+-------+-------+ 3213 // | P P P | P | P | 3214 // +-------+-------+-------+ 3215 // If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled 3216 // to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies 3217 // MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler 3218 // won't make it *more* imbalanced. 3219 // It's a required field. 3220 WhenUnsatisfiable UnsatisfiableConstraintAction `json:"whenUnsatisfiable" protobuf:"bytes,3,opt,name=whenUnsatisfiable,casttype=UnsatisfiableConstraintAction"` 3221 // LabelSelector is used to find matching pods. 3222 // Pods that match this label selector are counted to determine the number of pods 3223 // in their corresponding topology domain. 3224 // +optional 3225 LabelSelector *metav1.LabelSelector `json:"labelSelector,omitempty" protobuf:"bytes,4,opt,name=labelSelector"` 3226} 3227 3228const ( 3229 // The default value for enableServiceLinks attribute. 3230 DefaultEnableServiceLinks = true 3231) 3232 3233// HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the 3234// pod's hosts file. 3235type HostAlias struct { 3236 // IP address of the host file entry. 3237 IP string `json:"ip,omitempty" protobuf:"bytes,1,opt,name=ip"` 3238 // Hostnames for the above IP address. 3239 Hostnames []string `json:"hostnames,omitempty" protobuf:"bytes,2,rep,name=hostnames"` 3240} 3241 3242// PodFSGroupChangePolicy holds policies that will be used for applying fsGroup to a volume 3243// when volume is mounted. 3244type PodFSGroupChangePolicy string 3245 3246const ( 3247 // FSGroupChangeOnRootMismatch indicates that volume's ownership and permissions will be changed 3248 // only when permission and ownership of root directory does not match with expected 3249 // permissions on the volume. This can help shorten the time it takes to change 3250 // ownership and permissions of a volume. 3251 FSGroupChangeOnRootMismatch PodFSGroupChangePolicy = "OnRootMismatch" 3252 // FSGroupChangeAlways indicates that volume's ownership and permissions 3253 // should always be changed whenever volume is mounted inside a Pod. This the default 3254 // behavior. 3255 FSGroupChangeAlways PodFSGroupChangePolicy = "Always" 3256) 3257 3258// PodSecurityContext holds pod-level security attributes and common container settings. 3259// Some fields are also present in container.securityContext. Field values of 3260// container.securityContext take precedence over field values of PodSecurityContext. 3261type PodSecurityContext struct { 3262 // The SELinux context to be applied to all containers. 3263 // If unspecified, the container runtime will allocate a random SELinux context for each 3264 // container. May also be set in SecurityContext. If set in 3265 // both SecurityContext and PodSecurityContext, the value specified in SecurityContext 3266 // takes precedence for that container. 3267 // +optional 3268 SELinuxOptions *SELinuxOptions `json:"seLinuxOptions,omitempty" protobuf:"bytes,1,opt,name=seLinuxOptions"` 3269 // The Windows specific settings applied to all containers. 3270 // If unspecified, the options within a container's SecurityContext will be used. 3271 // If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. 3272 // +optional 3273 WindowsOptions *WindowsSecurityContextOptions `json:"windowsOptions,omitempty" protobuf:"bytes,8,opt,name=windowsOptions"` 3274 // The UID to run the entrypoint of the container process. 3275 // Defaults to user specified in image metadata if unspecified. 3276 // May also be set in SecurityContext. If set in both SecurityContext and 3277 // PodSecurityContext, the value specified in SecurityContext takes precedence 3278 // for that container. 3279 // +optional 3280 RunAsUser *int64 `json:"runAsUser,omitempty" protobuf:"varint,2,opt,name=runAsUser"` 3281 // The GID to run the entrypoint of the container process. 3282 // Uses runtime default if unset. 3283 // May also be set in SecurityContext. If set in both SecurityContext and 3284 // PodSecurityContext, the value specified in SecurityContext takes precedence 3285 // for that container. 3286 // +optional 3287 RunAsGroup *int64 `json:"runAsGroup,omitempty" protobuf:"varint,6,opt,name=runAsGroup"` 3288 // Indicates that the container must run as a non-root user. 3289 // If true, the Kubelet will validate the image at runtime to ensure that it 3290 // does not run as UID 0 (root) and fail to start the container if it does. 3291 // If unset or false, no such validation will be performed. 3292 // May also be set in SecurityContext. If set in both SecurityContext and 3293 // PodSecurityContext, the value specified in SecurityContext takes precedence. 3294 // +optional 3295 RunAsNonRoot *bool `json:"runAsNonRoot,omitempty" protobuf:"varint,3,opt,name=runAsNonRoot"` 3296 // A list of groups applied to the first process run in each container, in addition 3297 // to the container's primary GID. If unspecified, no groups will be added to 3298 // any container. 3299 // +optional 3300 SupplementalGroups []int64 `json:"supplementalGroups,omitempty" protobuf:"varint,4,rep,name=supplementalGroups"` 3301 // A special supplemental group that applies to all containers in a pod. 3302 // Some volume types allow the Kubelet to change the ownership of that volume 3303 // to be owned by the pod: 3304 // 3305 // 1. The owning GID will be the FSGroup 3306 // 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3307 // 3. The permission bits are OR'd with rw-rw---- 3308 // 3309 // If unset, the Kubelet will not modify the ownership and permissions of any volume. 3310 // +optional 3311 FSGroup *int64 `json:"fsGroup,omitempty" protobuf:"varint,5,opt,name=fsGroup"` 3312 // Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported 3313 // sysctls (by the container runtime) might fail to launch. 3314 // +optional 3315 Sysctls []Sysctl `json:"sysctls,omitempty" protobuf:"bytes,7,rep,name=sysctls"` 3316 // fsGroupChangePolicy defines behavior of changing ownership and permission of the volume 3317 // before being exposed inside Pod. This field will only apply to 3318 // volume types which support fsGroup based ownership(and permissions). 3319 // It will have no effect on ephemeral volume types such as: secret, configmaps 3320 // and emptydir. 3321 // Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used. 3322 // +optional 3323 FSGroupChangePolicy *PodFSGroupChangePolicy `json:"fsGroupChangePolicy,omitempty" protobuf:"bytes,9,opt,name=fsGroupChangePolicy"` 3324 // The seccomp options to use by the containers in this pod. 3325 // +optional 3326 SeccompProfile *SeccompProfile `json:"seccompProfile,omitempty" protobuf:"bytes,10,opt,name=seccompProfile"` 3327} 3328 3329// SeccompProfile defines a pod/container's seccomp profile settings. 3330// Only one profile source may be set. 3331// +union 3332type SeccompProfile struct { 3333 // type indicates which kind of seccomp profile will be applied. 3334 // Valid options are: 3335 // 3336 // Localhost - a profile defined in a file on the node should be used. 3337 // RuntimeDefault - the container runtime default profile should be used. 3338 // Unconfined - no profile should be applied. 3339 // +unionDiscriminator 3340 Type SeccompProfileType `json:"type" protobuf:"bytes,1,opt,name=type,casttype=SeccompProfileType"` 3341 // localhostProfile indicates a profile defined in a file on the node should be used. 3342 // The profile must be preconfigured on the node to work. 3343 // Must be a descending path, relative to the kubelet's configured seccomp profile location. 3344 // Must only be set if type is "Localhost". 3345 // +optional 3346 LocalhostProfile *string `json:"localhostProfile,omitempty" protobuf:"bytes,2,opt,name=localhostProfile"` 3347} 3348 3349// SeccompProfileType defines the supported seccomp profile types. 3350type SeccompProfileType string 3351 3352const ( 3353 // SeccompProfileTypeUnconfined indicates no seccomp profile is applied (A.K.A. unconfined). 3354 SeccompProfileTypeUnconfined SeccompProfileType = "Unconfined" 3355 // SeccompProfileTypeRuntimeDefault represents the default container runtime seccomp profile. 3356 SeccompProfileTypeRuntimeDefault SeccompProfileType = "RuntimeDefault" 3357 // SeccompProfileTypeLocalhost indicates a profile defined in a file on the node should be used. 3358 // The file's location is based off the kubelet's deprecated flag --seccomp-profile-root. 3359 // Once the flag support is removed the location will be <kubelet-root-dir>/seccomp. 3360 SeccompProfileTypeLocalhost SeccompProfileType = "Localhost" 3361) 3362 3363// PodQOSClass defines the supported qos classes of Pods. 3364type PodQOSClass string 3365 3366const ( 3367 // PodQOSGuaranteed is the Guaranteed qos class. 3368 PodQOSGuaranteed PodQOSClass = "Guaranteed" 3369 // PodQOSBurstable is the Burstable qos class. 3370 PodQOSBurstable PodQOSClass = "Burstable" 3371 // PodQOSBestEffort is the BestEffort qos class. 3372 PodQOSBestEffort PodQOSClass = "BestEffort" 3373) 3374 3375// PodDNSConfig defines the DNS parameters of a pod in addition to 3376// those generated from DNSPolicy. 3377type PodDNSConfig struct { 3378 // A list of DNS name server IP addresses. 3379 // This will be appended to the base nameservers generated from DNSPolicy. 3380 // Duplicated nameservers will be removed. 3381 // +optional 3382 Nameservers []string `json:"nameservers,omitempty" protobuf:"bytes,1,rep,name=nameservers"` 3383 // A list of DNS search domains for host-name lookup. 3384 // This will be appended to the base search paths generated from DNSPolicy. 3385 // Duplicated search paths will be removed. 3386 // +optional 3387 Searches []string `json:"searches,omitempty" protobuf:"bytes,2,rep,name=searches"` 3388 // A list of DNS resolver options. 3389 // This will be merged with the base options generated from DNSPolicy. 3390 // Duplicated entries will be removed. Resolution options given in Options 3391 // will override those that appear in the base DNSPolicy. 3392 // +optional 3393 Options []PodDNSConfigOption `json:"options,omitempty" protobuf:"bytes,3,rep,name=options"` 3394} 3395 3396// PodDNSConfigOption defines DNS resolver options of a pod. 3397type PodDNSConfigOption struct { 3398 // Required. 3399 Name string `json:"name,omitempty" protobuf:"bytes,1,opt,name=name"` 3400 // +optional 3401 Value *string `json:"value,omitempty" protobuf:"bytes,2,opt,name=value"` 3402} 3403 3404// IP address information for entries in the (plural) PodIPs field. 3405// Each entry includes: 3406// IP: An IP address allocated to the pod. Routable at least within the cluster. 3407type PodIP struct { 3408 // ip is an IP address (IPv4 or IPv6) assigned to the pod 3409 IP string `json:"ip,omitempty" protobuf:"bytes,1,opt,name=ip"` 3410} 3411 3412// EphemeralContainerCommon is a copy of all fields in Container to be inlined in 3413// EphemeralContainer. This separate type allows easy conversion from EphemeralContainer 3414// to Container and allows separate documentation for the fields of EphemeralContainer. 3415// When a new field is added to Container it must be added here as well. 3416type EphemeralContainerCommon struct { 3417 // Name of the ephemeral container specified as a DNS_LABEL. 3418 // This name must be unique among all containers, init containers and ephemeral containers. 3419 Name string `json:"name" protobuf:"bytes,1,opt,name=name"` 3420 // Docker image name. 3421 // More info: https://kubernetes.io/docs/concepts/containers/images 3422 Image string `json:"image,omitempty" protobuf:"bytes,2,opt,name=image"` 3423 // Entrypoint array. Not executed within a shell. 3424 // The docker image's ENTRYPOINT is used if this is not provided. 3425 // Variable references $(VAR_NAME) are expanded using the container's environment. If a variable 3426 // cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax 3427 // can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, 3428 // regardless of whether the variable exists or not. 3429 // Cannot be updated. 3430 // More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell 3431 // +optional 3432 Command []string `json:"command,omitempty" protobuf:"bytes,3,rep,name=command"` 3433 // Arguments to the entrypoint. 3434 // The docker image's CMD is used if this is not provided. 3435 // Variable references $(VAR_NAME) are expanded using the container's environment. If a variable 3436 // cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax 3437 // can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, 3438 // regardless of whether the variable exists or not. 3439 // Cannot be updated. 3440 // More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell 3441 // +optional 3442 Args []string `json:"args,omitempty" protobuf:"bytes,4,rep,name=args"` 3443 // Container's working directory. 3444 // If not specified, the container runtime's default will be used, which 3445 // might be configured in the container image. 3446 // Cannot be updated. 3447 // +optional 3448 WorkingDir string `json:"workingDir,omitempty" protobuf:"bytes,5,opt,name=workingDir"` 3449 // Ports are not allowed for ephemeral containers. 3450 Ports []ContainerPort `json:"ports,omitempty" protobuf:"bytes,6,rep,name=ports"` 3451 // List of sources to populate environment variables in the container. 3452 // The keys defined within a source must be a C_IDENTIFIER. All invalid keys 3453 // will be reported as an event when the container is starting. When a key exists in multiple 3454 // sources, the value associated with the last source will take precedence. 3455 // Values defined by an Env with a duplicate key will take precedence. 3456 // Cannot be updated. 3457 // +optional 3458 EnvFrom []EnvFromSource `json:"envFrom,omitempty" protobuf:"bytes,19,rep,name=envFrom"` 3459 // List of environment variables to set in the container. 3460 // Cannot be updated. 3461 // +optional 3462 // +patchMergeKey=name 3463 // +patchStrategy=merge 3464 Env []EnvVar `json:"env,omitempty" patchStrategy:"merge" patchMergeKey:"name" protobuf:"bytes,7,rep,name=env"` 3465 // Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources 3466 // already allocated to the pod. 3467 // +optional 3468 Resources ResourceRequirements `json:"resources,omitempty" protobuf:"bytes,8,opt,name=resources"` 3469 // Pod volumes to mount into the container's filesystem. 3470 // Cannot be updated. 3471 // +optional 3472 // +patchMergeKey=mountPath 3473 // +patchStrategy=merge 3474 VolumeMounts []VolumeMount `json:"volumeMounts,omitempty" patchStrategy:"merge" patchMergeKey:"mountPath" protobuf:"bytes,9,rep,name=volumeMounts"` 3475 // volumeDevices is the list of block devices to be used by the container. 3476 // +patchMergeKey=devicePath 3477 // +patchStrategy=merge 3478 // +optional 3479 VolumeDevices []VolumeDevice `json:"volumeDevices,omitempty" patchStrategy:"merge" patchMergeKey:"devicePath" protobuf:"bytes,21,rep,name=volumeDevices"` 3480 // Probes are not allowed for ephemeral containers. 3481 // +optional 3482 LivenessProbe *Probe `json:"livenessProbe,omitempty" protobuf:"bytes,10,opt,name=livenessProbe"` 3483 // Probes are not allowed for ephemeral containers. 3484 // +optional 3485 ReadinessProbe *Probe `json:"readinessProbe,omitempty" protobuf:"bytes,11,opt,name=readinessProbe"` 3486 // Probes are not allowed for ephemeral containers. 3487 // +optional 3488 StartupProbe *Probe `json:"startupProbe,omitempty" protobuf:"bytes,22,opt,name=startupProbe"` 3489 // Lifecycle is not allowed for ephemeral containers. 3490 // +optional 3491 Lifecycle *Lifecycle `json:"lifecycle,omitempty" protobuf:"bytes,12,opt,name=lifecycle"` 3492 // Optional: Path at which the file to which the container's termination message 3493 // will be written is mounted into the container's filesystem. 3494 // Message written is intended to be brief final status, such as an assertion failure message. 3495 // Will be truncated by the node if greater than 4096 bytes. The total message length across 3496 // all containers will be limited to 12kb. 3497 // Defaults to /dev/termination-log. 3498 // Cannot be updated. 3499 // +optional 3500 TerminationMessagePath string `json:"terminationMessagePath,omitempty" protobuf:"bytes,13,opt,name=terminationMessagePath"` 3501 // Indicate how the termination message should be populated. File will use the contents of 3502 // terminationMessagePath to populate the container status message on both success and failure. 3503 // FallbackToLogsOnError will use the last chunk of container log output if the termination 3504 // message file is empty and the container exited with an error. 3505 // The log output is limited to 2048 bytes or 80 lines, whichever is smaller. 3506 // Defaults to File. 3507 // Cannot be updated. 3508 // +optional 3509 TerminationMessagePolicy TerminationMessagePolicy `json:"terminationMessagePolicy,omitempty" protobuf:"bytes,20,opt,name=terminationMessagePolicy,casttype=TerminationMessagePolicy"` 3510 // Image pull policy. 3511 // One of Always, Never, IfNotPresent. 3512 // Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. 3513 // Cannot be updated. 3514 // More info: https://kubernetes.io/docs/concepts/containers/images#updating-images 3515 // +optional 3516 ImagePullPolicy PullPolicy `json:"imagePullPolicy,omitempty" protobuf:"bytes,14,opt,name=imagePullPolicy,casttype=PullPolicy"` 3517 // SecurityContext is not allowed for ephemeral containers. 3518 // +optional 3519 SecurityContext *SecurityContext `json:"securityContext,omitempty" protobuf:"bytes,15,opt,name=securityContext"` 3520 3521 // Variables for interactive containers, these have very specialized use-cases (e.g. debugging) 3522 // and shouldn't be used for general purpose containers. 3523 3524 // Whether this container should allocate a buffer for stdin in the container runtime. If this 3525 // is not set, reads from stdin in the container will always result in EOF. 3526 // Default is false. 3527 // +optional 3528 Stdin bool `json:"stdin,omitempty" protobuf:"varint,16,opt,name=stdin"` 3529 // Whether the container runtime should close the stdin channel after it has been opened by 3530 // a single attach. When stdin is true the stdin stream will remain open across multiple attach 3531 // sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the 3532 // first client attaches to stdin, and then remains open and accepts data until the client disconnects, 3533 // at which time stdin is closed and remains closed until the container is restarted. If this 3534 // flag is false, a container processes that reads from stdin will never receive an EOF. 3535 // Default is false 3536 // +optional 3537 StdinOnce bool `json:"stdinOnce,omitempty" protobuf:"varint,17,opt,name=stdinOnce"` 3538 // Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. 3539 // Default is false. 3540 // +optional 3541 TTY bool `json:"tty,omitempty" protobuf:"varint,18,opt,name=tty"` 3542} 3543 3544// EphemeralContainerCommon converts to Container. All fields must be kept in sync between 3545// these two types. 3546var _ = Container(EphemeralContainerCommon{}) 3547 3548// An EphemeralContainer is a container that may be added temporarily to an existing pod for 3549// user-initiated activities such as debugging. Ephemeral containers have no resource or 3550// scheduling guarantees, and they will not be restarted when they exit or when a pod is 3551// removed or restarted. If an ephemeral container causes a pod to exceed its resource 3552// allocation, the pod may be evicted. 3553// Ephemeral containers may not be added by directly updating the pod spec. They must be added 3554// via the pod's ephemeralcontainers subresource, and they will appear in the pod spec 3555// once added. 3556// This is an alpha feature enabled by the EphemeralContainers feature flag. 3557type EphemeralContainer struct { 3558 // Ephemeral containers have all of the fields of Container, plus additional fields 3559 // specific to ephemeral containers. Fields in common with Container are in the 3560 // following inlined struct so than an EphemeralContainer may easily be converted 3561 // to a Container. 3562 EphemeralContainerCommon `json:",inline" protobuf:"bytes,1,req"` 3563 3564 // If set, the name of the container from PodSpec that this ephemeral container targets. 3565 // The ephemeral container will be run in the namespaces (IPC, PID, etc) of this container. 3566 // If not set then the ephemeral container is run in whatever namespaces are shared 3567 // for the pod. Note that the container runtime must support this feature. 3568 // +optional 3569 TargetContainerName string `json:"targetContainerName,omitempty" protobuf:"bytes,2,opt,name=targetContainerName"` 3570} 3571 3572// PodStatus represents information about the status of a pod. Status may trail the actual 3573// state of a system, especially if the node that hosts the pod cannot contact the control 3574// plane. 3575type PodStatus struct { 3576 // The phase of a Pod is a simple, high-level summary of where the Pod is in its lifecycle. 3577 // The conditions array, the reason and message fields, and the individual container status 3578 // arrays contain more detail about the pod's status. 3579 // There are five possible phase values: 3580 // 3581 // Pending: The pod has been accepted by the Kubernetes system, but one or more of the 3582 // container images has not been created. This includes time before being scheduled as 3583 // well as time spent downloading images over the network, which could take a while. 3584 // Running: The pod has been bound to a node, and all of the containers have been created. 3585 // At least one container is still running, or is in the process of starting or restarting. 3586 // Succeeded: All containers in the pod have terminated in success, and will not be restarted. 3587 // Failed: All containers in the pod have terminated, and at least one container has 3588 // terminated in failure. The container either exited with non-zero status or was terminated 3589 // by the system. 3590 // Unknown: For some reason the state of the pod could not be obtained, typically due to an 3591 // error in communicating with the host of the pod. 3592 // 3593 // More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-phase 3594 // +optional 3595 Phase PodPhase `json:"phase,omitempty" protobuf:"bytes,1,opt,name=phase,casttype=PodPhase"` 3596 // Current service state of pod. 3597 // More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions 3598 // +optional 3599 // +patchMergeKey=type 3600 // +patchStrategy=merge 3601 Conditions []PodCondition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,2,rep,name=conditions"` 3602 // A human readable message indicating details about why the pod is in this condition. 3603 // +optional 3604 Message string `json:"message,omitempty" protobuf:"bytes,3,opt,name=message"` 3605 // A brief CamelCase message indicating details about why the pod is in this state. 3606 // e.g. 'Evicted' 3607 // +optional 3608 Reason string `json:"reason,omitempty" protobuf:"bytes,4,opt,name=reason"` 3609 // nominatedNodeName is set only when this pod preempts other pods on the node, but it cannot be 3610 // scheduled right away as preemption victims receive their graceful termination periods. 3611 // This field does not guarantee that the pod will be scheduled on this node. Scheduler may decide 3612 // to place the pod elsewhere if other nodes become available sooner. Scheduler may also decide to 3613 // give the resources on this node to a higher priority pod that is created after preemption. 3614 // As a result, this field may be different than PodSpec.nodeName when the pod is 3615 // scheduled. 3616 // +optional 3617 NominatedNodeName string `json:"nominatedNodeName,omitempty" protobuf:"bytes,11,opt,name=nominatedNodeName"` 3618 3619 // IP address of the host to which the pod is assigned. Empty if not yet scheduled. 3620 // +optional 3621 HostIP string `json:"hostIP,omitempty" protobuf:"bytes,5,opt,name=hostIP"` 3622 // IP address allocated to the pod. Routable at least within the cluster. 3623 // Empty if not yet allocated. 3624 // +optional 3625 PodIP string `json:"podIP,omitempty" protobuf:"bytes,6,opt,name=podIP"` 3626 3627 // podIPs holds the IP addresses allocated to the pod. If this field is specified, the 0th entry must 3628 // match the podIP field. Pods may be allocated at most 1 value for each of IPv4 and IPv6. This list 3629 // is empty if no IPs have been allocated yet. 3630 // +optional 3631 // +patchStrategy=merge 3632 // +patchMergeKey=ip 3633 PodIPs []PodIP `json:"podIPs,omitempty" protobuf:"bytes,12,rep,name=podIPs" patchStrategy:"merge" patchMergeKey:"ip"` 3634 3635 // RFC 3339 date and time at which the object was acknowledged by the Kubelet. 3636 // This is before the Kubelet pulled the container image(s) for the pod. 3637 // +optional 3638 StartTime *metav1.Time `json:"startTime,omitempty" protobuf:"bytes,7,opt,name=startTime"` 3639 3640 // The list has one entry per init container in the manifest. The most recent successful 3641 // init container will have ready = true, the most recently started container will have 3642 // startTime set. 3643 // More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status 3644 InitContainerStatuses []ContainerStatus `json:"initContainerStatuses,omitempty" protobuf:"bytes,10,rep,name=initContainerStatuses"` 3645 3646 // The list has one entry per container in the manifest. Each entry is currently the output 3647 // of `docker inspect`. 3648 // More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status 3649 // +optional 3650 ContainerStatuses []ContainerStatus `json:"containerStatuses,omitempty" protobuf:"bytes,8,rep,name=containerStatuses"` 3651 // The Quality of Service (QOS) classification assigned to the pod based on resource requirements 3652 // See PodQOSClass type for available QOS classes 3653 // More info: https://git.k8s.io/community/contributors/design-proposals/node/resource-qos.md 3654 // +optional 3655 QOSClass PodQOSClass `json:"qosClass,omitempty" protobuf:"bytes,9,rep,name=qosClass"` 3656 // Status for any ephemeral containers that have run in this pod. 3657 // This field is alpha-level and is only populated by servers that enable the EphemeralContainers feature. 3658 // +optional 3659 EphemeralContainerStatuses []ContainerStatus `json:"ephemeralContainerStatuses,omitempty" protobuf:"bytes,13,rep,name=ephemeralContainerStatuses"` 3660} 3661 3662// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 3663 3664// PodStatusResult is a wrapper for PodStatus returned by kubelet that can be encode/decoded 3665type PodStatusResult struct { 3666 metav1.TypeMeta `json:",inline"` 3667 // Standard object's metadata. 3668 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata 3669 // +optional 3670 metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 3671 // Most recently observed status of the pod. 3672 // This data may not be up to date. 3673 // Populated by the system. 3674 // Read-only. 3675 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status 3676 // +optional 3677 Status PodStatus `json:"status,omitempty" protobuf:"bytes,2,opt,name=status"` 3678} 3679 3680// +genclient 3681// +genclient:method=GetEphemeralContainers,verb=get,subresource=ephemeralcontainers,result=EphemeralContainers 3682// +genclient:method=UpdateEphemeralContainers,verb=update,subresource=ephemeralcontainers,input=EphemeralContainers,result=EphemeralContainers 3683// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 3684 3685// Pod is a collection of containers that can run on a host. This resource is created 3686// by clients and scheduled onto hosts. 3687type Pod struct { 3688 metav1.TypeMeta `json:",inline"` 3689 // Standard object's metadata. 3690 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata 3691 // +optional 3692 metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 3693 3694 // Specification of the desired behavior of the pod. 3695 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status 3696 // +optional 3697 Spec PodSpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"` 3698 3699 // Most recently observed status of the pod. 3700 // This data may not be up to date. 3701 // Populated by the system. 3702 // Read-only. 3703 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status 3704 // +optional 3705 Status PodStatus `json:"status,omitempty" protobuf:"bytes,3,opt,name=status"` 3706} 3707 3708// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 3709 3710// PodList is a list of Pods. 3711type PodList struct { 3712 metav1.TypeMeta `json:",inline"` 3713 // Standard list metadata. 3714 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 3715 // +optional 3716 metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 3717 3718 // List of pods. 3719 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md 3720 Items []Pod `json:"items" protobuf:"bytes,2,rep,name=items"` 3721} 3722 3723// PodTemplateSpec describes the data a pod should have when created from a template 3724type PodTemplateSpec struct { 3725 // Standard object's metadata. 3726 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata 3727 // +optional 3728 metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 3729 3730 // Specification of the desired behavior of the pod. 3731 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status 3732 // +optional 3733 Spec PodSpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"` 3734} 3735 3736// +genclient 3737// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 3738 3739// PodTemplate describes a template for creating copies of a predefined pod. 3740type PodTemplate struct { 3741 metav1.TypeMeta `json:",inline"` 3742 // Standard object's metadata. 3743 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata 3744 // +optional 3745 metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 3746 3747 // Template defines the pods that will be created from this pod template. 3748 // https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status 3749 // +optional 3750 Template PodTemplateSpec `json:"template,omitempty" protobuf:"bytes,2,opt,name=template"` 3751} 3752 3753// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 3754 3755// PodTemplateList is a list of PodTemplates. 3756type PodTemplateList struct { 3757 metav1.TypeMeta `json:",inline"` 3758 // Standard list metadata. 3759 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 3760 // +optional 3761 metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 3762 3763 // List of pod templates 3764 Items []PodTemplate `json:"items" protobuf:"bytes,2,rep,name=items"` 3765} 3766 3767// ReplicationControllerSpec is the specification of a replication controller. 3768type ReplicationControllerSpec struct { 3769 // Replicas is the number of desired replicas. 3770 // This is a pointer to distinguish between explicit zero and unspecified. 3771 // Defaults to 1. 3772 // More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller 3773 // +optional 3774 Replicas *int32 `json:"replicas,omitempty" protobuf:"varint,1,opt,name=replicas"` 3775 3776 // Minimum number of seconds for which a newly created pod should be ready 3777 // without any of its container crashing, for it to be considered available. 3778 // Defaults to 0 (pod will be considered available as soon as it is ready) 3779 // +optional 3780 MinReadySeconds int32 `json:"minReadySeconds,omitempty" protobuf:"varint,4,opt,name=minReadySeconds"` 3781 3782 // Selector is a label query over pods that should match the Replicas count. 3783 // If Selector is empty, it is defaulted to the labels present on the Pod template. 3784 // Label keys and values that must match in order to be controlled by this replication 3785 // controller, if empty defaulted to labels on Pod template. 3786 // More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors 3787 // +optional 3788 Selector map[string]string `json:"selector,omitempty" protobuf:"bytes,2,rep,name=selector"` 3789 3790 // TemplateRef is a reference to an object that describes the pod that will be created if 3791 // insufficient replicas are detected. 3792 // Reference to an object that describes the pod that will be created if insufficient replicas are detected. 3793 // +optional 3794 // TemplateRef *ObjectReference `json:"templateRef,omitempty"` 3795 3796 // Template is the object that describes the pod that will be created if 3797 // insufficient replicas are detected. This takes precedence over a TemplateRef. 3798 // More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template 3799 // +optional 3800 Template *PodTemplateSpec `json:"template,omitempty" protobuf:"bytes,3,opt,name=template"` 3801} 3802 3803// ReplicationControllerStatus represents the current status of a replication 3804// controller. 3805type ReplicationControllerStatus struct { 3806 // Replicas is the most recently oberved number of replicas. 3807 // More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller 3808 Replicas int32 `json:"replicas" protobuf:"varint,1,opt,name=replicas"` 3809 3810 // The number of pods that have labels matching the labels of the pod template of the replication controller. 3811 // +optional 3812 FullyLabeledReplicas int32 `json:"fullyLabeledReplicas,omitempty" protobuf:"varint,2,opt,name=fullyLabeledReplicas"` 3813 3814 // The number of ready replicas for this replication controller. 3815 // +optional 3816 ReadyReplicas int32 `json:"readyReplicas,omitempty" protobuf:"varint,4,opt,name=readyReplicas"` 3817 3818 // The number of available replicas (ready for at least minReadySeconds) for this replication controller. 3819 // +optional 3820 AvailableReplicas int32 `json:"availableReplicas,omitempty" protobuf:"varint,5,opt,name=availableReplicas"` 3821 3822 // ObservedGeneration reflects the generation of the most recently observed replication controller. 3823 // +optional 3824 ObservedGeneration int64 `json:"observedGeneration,omitempty" protobuf:"varint,3,opt,name=observedGeneration"` 3825 3826 // Represents the latest available observations of a replication controller's current state. 3827 // +optional 3828 // +patchMergeKey=type 3829 // +patchStrategy=merge 3830 Conditions []ReplicationControllerCondition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,6,rep,name=conditions"` 3831} 3832 3833type ReplicationControllerConditionType string 3834 3835// These are valid conditions of a replication controller. 3836const ( 3837 // ReplicationControllerReplicaFailure is added in a replication controller when one of its pods 3838 // fails to be created due to insufficient quota, limit ranges, pod security policy, node selectors, 3839 // etc. or deleted due to kubelet being down or finalizers are failing. 3840 ReplicationControllerReplicaFailure ReplicationControllerConditionType = "ReplicaFailure" 3841) 3842 3843// ReplicationControllerCondition describes the state of a replication controller at a certain point. 3844type ReplicationControllerCondition struct { 3845 // Type of replication controller condition. 3846 Type ReplicationControllerConditionType `json:"type" protobuf:"bytes,1,opt,name=type,casttype=ReplicationControllerConditionType"` 3847 // Status of the condition, one of True, False, Unknown. 3848 Status ConditionStatus `json:"status" protobuf:"bytes,2,opt,name=status,casttype=ConditionStatus"` 3849 // The last time the condition transitioned from one status to another. 3850 // +optional 3851 LastTransitionTime metav1.Time `json:"lastTransitionTime,omitempty" protobuf:"bytes,3,opt,name=lastTransitionTime"` 3852 // The reason for the condition's last transition. 3853 // +optional 3854 Reason string `json:"reason,omitempty" protobuf:"bytes,4,opt,name=reason"` 3855 // A human readable message indicating details about the transition. 3856 // +optional 3857 Message string `json:"message,omitempty" protobuf:"bytes,5,opt,name=message"` 3858} 3859 3860// +genclient 3861// +genclient:method=GetScale,verb=get,subresource=scale,result=k8s.io/api/autoscaling/v1.Scale 3862// +genclient:method=UpdateScale,verb=update,subresource=scale,input=k8s.io/api/autoscaling/v1.Scale,result=k8s.io/api/autoscaling/v1.Scale 3863// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 3864 3865// ReplicationController represents the configuration of a replication controller. 3866type ReplicationController struct { 3867 metav1.TypeMeta `json:",inline"` 3868 3869 // If the Labels of a ReplicationController are empty, they are defaulted to 3870 // be the same as the Pod(s) that the replication controller manages. 3871 // Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata 3872 // +optional 3873 metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 3874 3875 // Spec defines the specification of the desired behavior of the replication controller. 3876 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status 3877 // +optional 3878 Spec ReplicationControllerSpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"` 3879 3880 // Status is the most recently observed status of the replication controller. 3881 // This data may be out of date by some window of time. 3882 // Populated by the system. 3883 // Read-only. 3884 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status 3885 // +optional 3886 Status ReplicationControllerStatus `json:"status,omitempty" protobuf:"bytes,3,opt,name=status"` 3887} 3888 3889// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 3890 3891// ReplicationControllerList is a collection of replication controllers. 3892type ReplicationControllerList struct { 3893 metav1.TypeMeta `json:",inline"` 3894 // Standard list metadata. 3895 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 3896 // +optional 3897 metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 3898 3899 // List of replication controllers. 3900 // More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller 3901 Items []ReplicationController `json:"items" protobuf:"bytes,2,rep,name=items"` 3902} 3903 3904// Session Affinity Type string 3905type ServiceAffinity string 3906 3907const ( 3908 // ServiceAffinityClientIP is the Client IP based. 3909 ServiceAffinityClientIP ServiceAffinity = "ClientIP" 3910 3911 // ServiceAffinityNone - no session affinity. 3912 ServiceAffinityNone ServiceAffinity = "None" 3913) 3914 3915const DefaultClientIPServiceAffinitySeconds int32 = 10800 3916 3917// SessionAffinityConfig represents the configurations of session affinity. 3918type SessionAffinityConfig struct { 3919 // clientIP contains the configurations of Client IP based session affinity. 3920 // +optional 3921 ClientIP *ClientIPConfig `json:"clientIP,omitempty" protobuf:"bytes,1,opt,name=clientIP"` 3922} 3923 3924// ClientIPConfig represents the configurations of Client IP based session affinity. 3925type ClientIPConfig struct { 3926 // timeoutSeconds specifies the seconds of ClientIP type session sticky time. 3927 // The value must be >0 && <=86400(for 1 day) if ServiceAffinity == "ClientIP". 3928 // Default value is 10800(for 3 hours). 3929 // +optional 3930 TimeoutSeconds *int32 `json:"timeoutSeconds,omitempty" protobuf:"varint,1,opt,name=timeoutSeconds"` 3931} 3932 3933// Service Type string describes ingress methods for a service 3934type ServiceType string 3935 3936const ( 3937 // ServiceTypeClusterIP means a service will only be accessible inside the 3938 // cluster, via the cluster IP. 3939 ServiceTypeClusterIP ServiceType = "ClusterIP" 3940 3941 // ServiceTypeNodePort means a service will be exposed on one port of 3942 // every node, in addition to 'ClusterIP' type. 3943 ServiceTypeNodePort ServiceType = "NodePort" 3944 3945 // ServiceTypeLoadBalancer means a service will be exposed via an 3946 // external load balancer (if the cloud provider supports it), in addition 3947 // to 'NodePort' type. 3948 ServiceTypeLoadBalancer ServiceType = "LoadBalancer" 3949 3950 // ServiceTypeExternalName means a service consists of only a reference to 3951 // an external name that kubedns or equivalent will return as a CNAME 3952 // record, with no exposing or proxying of any pods involved. 3953 ServiceTypeExternalName ServiceType = "ExternalName" 3954) 3955 3956// ServiceInternalTrafficPolicyType describes the type of traffic routing for 3957// internal traffic 3958type ServiceInternalTrafficPolicyType string 3959 3960const ( 3961 // ServiceInternalTrafficPolicyCluster routes traffic to all endpoints 3962 ServiceInternalTrafficPolicyCluster ServiceInternalTrafficPolicyType = "Cluster" 3963 3964 // ServiceInternalTrafficPolicyLocal only routes to node-local 3965 // endpoints, otherwise drops the traffic 3966 ServiceInternalTrafficPolicyLocal ServiceInternalTrafficPolicyType = "Local" 3967) 3968 3969// Service External Traffic Policy Type string 3970type ServiceExternalTrafficPolicyType string 3971 3972const ( 3973 // ServiceExternalTrafficPolicyTypeLocal specifies node-local endpoints behavior. 3974 ServiceExternalTrafficPolicyTypeLocal ServiceExternalTrafficPolicyType = "Local" 3975 // ServiceExternalTrafficPolicyTypeCluster specifies node-global (legacy) behavior. 3976 ServiceExternalTrafficPolicyTypeCluster ServiceExternalTrafficPolicyType = "Cluster" 3977) 3978 3979// These are the valid conditions of a service. 3980const ( 3981 // LoadBalancerPortsError represents the condition of the requested ports 3982 // on the cloud load balancer instance. 3983 LoadBalancerPortsError = "LoadBalancerPortsError" 3984) 3985 3986// ServiceStatus represents the current status of a service. 3987type ServiceStatus struct { 3988 // LoadBalancer contains the current status of the load-balancer, 3989 // if one is present. 3990 // +optional 3991 LoadBalancer LoadBalancerStatus `json:"loadBalancer,omitempty" protobuf:"bytes,1,opt,name=loadBalancer"` 3992 // Current service state 3993 // +optional 3994 // +patchMergeKey=type 3995 // +patchStrategy=merge 3996 // +listType=map 3997 // +listMapKey=type 3998 Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,2,rep,name=conditions"` 3999} 4000 4001// LoadBalancerStatus represents the status of a load-balancer. 4002type LoadBalancerStatus struct { 4003 // Ingress is a list containing ingress points for the load-balancer. 4004 // Traffic intended for the service should be sent to these ingress points. 4005 // +optional 4006 Ingress []LoadBalancerIngress `json:"ingress,omitempty" protobuf:"bytes,1,rep,name=ingress"` 4007} 4008 4009// LoadBalancerIngress represents the status of a load-balancer ingress point: 4010// traffic intended for the service should be sent to an ingress point. 4011type LoadBalancerIngress struct { 4012 // IP is set for load-balancer ingress points that are IP based 4013 // (typically GCE or OpenStack load-balancers) 4014 // +optional 4015 IP string `json:"ip,omitempty" protobuf:"bytes,1,opt,name=ip"` 4016 4017 // Hostname is set for load-balancer ingress points that are DNS based 4018 // (typically AWS load-balancers) 4019 // +optional 4020 Hostname string `json:"hostname,omitempty" protobuf:"bytes,2,opt,name=hostname"` 4021 4022 // Ports is a list of records of service ports 4023 // If used, every port defined in the service should have an entry in it 4024 // +listType=atomic 4025 // +optional 4026 Ports []PortStatus `json:"ports,omitempty" protobuf:"bytes,4,rep,name=ports"` 4027} 4028 4029const ( 4030 // MaxServiceTopologyKeys is the largest number of topology keys allowed on a service 4031 MaxServiceTopologyKeys = 16 4032) 4033 4034// IPFamily represents the IP Family (IPv4 or IPv6). This type is used 4035// to express the family of an IP expressed by a type (e.g. service.spec.ipFamilies). 4036type IPFamily string 4037 4038const ( 4039 // IPv4Protocol indicates that this IP is IPv4 protocol 4040 IPv4Protocol IPFamily = "IPv4" 4041 // IPv6Protocol indicates that this IP is IPv6 protocol 4042 IPv6Protocol IPFamily = "IPv6" 4043) 4044 4045// IPFamilyPolicyType represents the dual-stack-ness requested or required by a Service 4046type IPFamilyPolicyType string 4047 4048const ( 4049 // IPFamilyPolicySingleStack indicates that this service is required to have a single IPFamily. 4050 // The IPFamily assigned is based on the default IPFamily used by the cluster 4051 // or as identified by service.spec.ipFamilies field 4052 IPFamilyPolicySingleStack IPFamilyPolicyType = "SingleStack" 4053 // IPFamilyPolicyPreferDualStack indicates that this service prefers dual-stack when 4054 // the cluster is configured for dual-stack. If the cluster is not configured 4055 // for dual-stack the service will be assigned a single IPFamily. If the IPFamily is not 4056 // set in service.spec.ipFamilies then the service will be assigned the default IPFamily 4057 // configured on the cluster 4058 IPFamilyPolicyPreferDualStack IPFamilyPolicyType = "PreferDualStack" 4059 // IPFamilyPolicyRequireDualStack indicates that this service requires dual-stack. Using 4060 // IPFamilyPolicyRequireDualStack on a single stack cluster will result in validation errors. The 4061 // IPFamilies (and their order) assigned to this service is based on service.spec.ipFamilies. If 4062 // service.spec.ipFamilies was not provided then it will be assigned according to how they are 4063 // configured on the cluster. If service.spec.ipFamilies has only one entry then the alternative 4064 // IPFamily will be added by apiserver 4065 IPFamilyPolicyRequireDualStack IPFamilyPolicyType = "RequireDualStack" 4066) 4067 4068// ServiceSpec describes the attributes that a user creates on a service. 4069type ServiceSpec struct { 4070 // The list of ports that are exposed by this service. 4071 // More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies 4072 // +patchMergeKey=port 4073 // +patchStrategy=merge 4074 // +listType=map 4075 // +listMapKey=port 4076 // +listMapKey=protocol 4077 Ports []ServicePort `json:"ports,omitempty" patchStrategy:"merge" patchMergeKey:"port" protobuf:"bytes,1,rep,name=ports"` 4078 4079 // Route service traffic to pods with label keys and values matching this 4080 // selector. If empty or not present, the service is assumed to have an 4081 // external process managing its endpoints, which Kubernetes will not 4082 // modify. Only applies to types ClusterIP, NodePort, and LoadBalancer. 4083 // Ignored if type is ExternalName. 4084 // More info: https://kubernetes.io/docs/concepts/services-networking/service/ 4085 // +optional 4086 Selector map[string]string `json:"selector,omitempty" protobuf:"bytes,2,rep,name=selector"` 4087 4088 // clusterIP is the IP address of the service and is usually assigned 4089 // randomly. If an address is specified manually, is in-range (as per 4090 // system configuration), and is not in use, it will be allocated to the 4091 // service; otherwise creation of the service will fail. This field may not 4092 // be changed through updates unless the type field is also being changed 4093 // to ExternalName (which requires this field to be blank) or the type 4094 // field is being changed from ExternalName (in which case this field may 4095 // optionally be specified, as describe above). Valid values are "None", 4096 // empty string (""), or a valid IP address. Setting this to "None" makes a 4097 // "headless service" (no virtual IP), which is useful when direct endpoint 4098 // connections are preferred and proxying is not required. Only applies to 4099 // types ClusterIP, NodePort, and LoadBalancer. If this field is specified 4100 // when creating a Service of type ExternalName, creation will fail. This 4101 // field will be wiped when updating a Service to type ExternalName. 4102 // More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies 4103 // +optional 4104 ClusterIP string `json:"clusterIP,omitempty" protobuf:"bytes,3,opt,name=clusterIP"` 4105 4106 // ClusterIPs is a list of IP addresses assigned to this service, and are 4107 // usually assigned randomly. If an address is specified manually, is 4108 // in-range (as per system configuration), and is not in use, it will be 4109 // allocated to the service; otherwise creation of the service will fail. 4110 // This field may not be changed through updates unless the type field is 4111 // also being changed to ExternalName (which requires this field to be 4112 // empty) or the type field is being changed from ExternalName (in which 4113 // case this field may optionally be specified, as describe above). Valid 4114 // values are "None", empty string (""), or a valid IP address. Setting 4115 // this to "None" makes a "headless service" (no virtual IP), which is 4116 // useful when direct endpoint connections are preferred and proxying is 4117 // not required. Only applies to types ClusterIP, NodePort, and 4118 // LoadBalancer. If this field is specified when creating a Service of type 4119 // ExternalName, creation will fail. This field will be wiped when updating 4120 // a Service to type ExternalName. If this field is not specified, it will 4121 // be initialized from the clusterIP field. If this field is specified, 4122 // clients must ensure that clusterIPs[0] and clusterIP have the same 4123 // value. 4124 // 4125 // Unless the "IPv6DualStack" feature gate is enabled, this field is 4126 // limited to one value, which must be the same as the clusterIP field. If 4127 // the feature gate is enabled, this field may hold a maximum of two 4128 // entries (dual-stack IPs, in either order). These IPs must correspond to 4129 // the values of the ipFamilies field. Both clusterIPs and ipFamilies are 4130 // governed by the ipFamilyPolicy field. 4131 // More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies 4132 // +listType=atomic 4133 // +optional 4134 ClusterIPs []string `json:"clusterIPs,omitempty" protobuf:"bytes,18,opt,name=clusterIPs"` 4135 4136 // type determines how the Service is exposed. Defaults to ClusterIP. Valid 4137 // options are ExternalName, ClusterIP, NodePort, and LoadBalancer. 4138 // "ClusterIP" allocates a cluster-internal IP address for load-balancing 4139 // to endpoints. Endpoints are determined by the selector or if that is not 4140 // specified, by manual construction of an Endpoints object or 4141 // EndpointSlice objects. If clusterIP is "None", no virtual IP is 4142 // allocated and the endpoints are published as a set of endpoints rather 4143 // than a virtual IP. 4144 // "NodePort" builds on ClusterIP and allocates a port on every node which 4145 // routes to the same endpoints as the clusterIP. 4146 // "LoadBalancer" builds on NodePort and creates an external load-balancer 4147 // (if supported in the current cloud) which routes to the same endpoints 4148 // as the clusterIP. 4149 // "ExternalName" aliases this service to the specified externalName. 4150 // Several other fields do not apply to ExternalName services. 4151 // More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types 4152 // +optional 4153 Type ServiceType `json:"type,omitempty" protobuf:"bytes,4,opt,name=type,casttype=ServiceType"` 4154 4155 // externalIPs is a list of IP addresses for which nodes in the cluster 4156 // will also accept traffic for this service. These IPs are not managed by 4157 // Kubernetes. The user is responsible for ensuring that traffic arrives 4158 // at a node with this IP. A common example is external load-balancers 4159 // that are not part of the Kubernetes system. 4160 // +optional 4161 ExternalIPs []string `json:"externalIPs,omitempty" protobuf:"bytes,5,rep,name=externalIPs"` 4162 4163 // Supports "ClientIP" and "None". Used to maintain session affinity. 4164 // Enable client IP based session affinity. 4165 // Must be ClientIP or None. 4166 // Defaults to None. 4167 // More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies 4168 // +optional 4169 SessionAffinity ServiceAffinity `json:"sessionAffinity,omitempty" protobuf:"bytes,7,opt,name=sessionAffinity,casttype=ServiceAffinity"` 4170 4171 // Only applies to Service Type: LoadBalancer 4172 // LoadBalancer will get created with the IP specified in this field. 4173 // This feature depends on whether the underlying cloud-provider supports specifying 4174 // the loadBalancerIP when a load balancer is created. 4175 // This field will be ignored if the cloud-provider does not support the feature. 4176 // +optional 4177 LoadBalancerIP string `json:"loadBalancerIP,omitempty" protobuf:"bytes,8,opt,name=loadBalancerIP"` 4178 4179 // If specified and supported by the platform, this will restrict traffic through the cloud-provider 4180 // load-balancer will be restricted to the specified client IPs. This field will be ignored if the 4181 // cloud-provider does not support the feature." 4182 // More info: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/ 4183 // +optional 4184 LoadBalancerSourceRanges []string `json:"loadBalancerSourceRanges,omitempty" protobuf:"bytes,9,opt,name=loadBalancerSourceRanges"` 4185 4186 // externalName is the external reference that discovery mechanisms will 4187 // return as an alias for this service (e.g. a DNS CNAME record). No 4188 // proxying will be involved. Must be a lowercase RFC-1123 hostname 4189 // (https://tools.ietf.org/html/rfc1123) and requires `type` to be "ExternalName". 4190 // +optional 4191 ExternalName string `json:"externalName,omitempty" protobuf:"bytes,10,opt,name=externalName"` 4192 4193 // externalTrafficPolicy denotes if this Service desires to route external 4194 // traffic to node-local or cluster-wide endpoints. "Local" preserves the 4195 // client source IP and avoids a second hop for LoadBalancer and Nodeport 4196 // type services, but risks potentially imbalanced traffic spreading. 4197 // "Cluster" obscures the client source IP and may cause a second hop to 4198 // another node, but should have good overall load-spreading. 4199 // +optional 4200 ExternalTrafficPolicy ServiceExternalTrafficPolicyType `json:"externalTrafficPolicy,omitempty" protobuf:"bytes,11,opt,name=externalTrafficPolicy"` 4201 4202 // healthCheckNodePort specifies the healthcheck nodePort for the service. 4203 // This only applies when type is set to LoadBalancer and 4204 // externalTrafficPolicy is set to Local. If a value is specified, is 4205 // in-range, and is not in use, it will be used. If not specified, a value 4206 // will be automatically allocated. External systems (e.g. load-balancers) 4207 // can use this port to determine if a given node holds endpoints for this 4208 // service or not. If this field is specified when creating a Service 4209 // which does not need it, creation will fail. This field will be wiped 4210 // when updating a Service to no longer need it (e.g. changing type). 4211 // +optional 4212 HealthCheckNodePort int32 `json:"healthCheckNodePort,omitempty" protobuf:"bytes,12,opt,name=healthCheckNodePort"` 4213 4214 // publishNotReadyAddresses indicates that any agent which deals with endpoints for this 4215 // Service should disregard any indications of ready/not-ready. 4216 // The primary use case for setting this field is for a StatefulSet's Headless Service to 4217 // propagate SRV DNS records for its Pods for the purpose of peer discovery. 4218 // The Kubernetes controllers that generate Endpoints and EndpointSlice resources for 4219 // Services interpret this to mean that all endpoints are considered "ready" even if the 4220 // Pods themselves are not. Agents which consume only Kubernetes generated endpoints 4221 // through the Endpoints or EndpointSlice resources can safely assume this behavior. 4222 // +optional 4223 PublishNotReadyAddresses bool `json:"publishNotReadyAddresses,omitempty" protobuf:"varint,13,opt,name=publishNotReadyAddresses"` 4224 4225 // sessionAffinityConfig contains the configurations of session affinity. 4226 // +optional 4227 SessionAffinityConfig *SessionAffinityConfig `json:"sessionAffinityConfig,omitempty" protobuf:"bytes,14,opt,name=sessionAffinityConfig"` 4228 4229 // topologyKeys is a preference-order list of topology keys which 4230 // implementations of services should use to preferentially sort endpoints 4231 // when accessing this Service, it can not be used at the same time as 4232 // externalTrafficPolicy=Local. 4233 // Topology keys must be valid label keys and at most 16 keys may be specified. 4234 // Endpoints are chosen based on the first topology key with available backends. 4235 // If this field is specified and all entries have no backends that match 4236 // the topology of the client, the service has no backends for that client 4237 // and connections should fail. 4238 // The special value "*" may be used to mean "any topology". This catch-all 4239 // value, if used, only makes sense as the last value in the list. 4240 // If this is not specified or empty, no topology constraints will be applied. 4241 // This field is alpha-level and is only honored by servers that enable the ServiceTopology feature. 4242 // This field is deprecated and will be removed in a future version. 4243 // +optional 4244 TopologyKeys []string `json:"topologyKeys,omitempty" protobuf:"bytes,16,opt,name=topologyKeys"` 4245 4246 // IPFamily is tombstoned to show why 15 is a reserved protobuf tag. 4247 // IPFamily *IPFamily `json:"ipFamily,omitempty" protobuf:"bytes,15,opt,name=ipFamily,Configcasttype=IPFamily"` 4248 4249 // IPFamilies is a list of IP families (e.g. IPv4, IPv6) assigned to this 4250 // service, and is gated by the "IPv6DualStack" feature gate. This field 4251 // is usually assigned automatically based on cluster configuration and the 4252 // ipFamilyPolicy field. If this field is specified manually, the requested 4253 // family is available in the cluster, and ipFamilyPolicy allows it, it 4254 // will be used; otherwise creation of the service will fail. This field 4255 // is conditionally mutable: it allows for adding or removing a secondary 4256 // IP family, but it does not allow changing the primary IP family of the 4257 // Service. Valid values are "IPv4" and "IPv6". This field only applies 4258 // to Services of types ClusterIP, NodePort, and LoadBalancer, and does 4259 // apply to "headless" services. This field will be wiped when updating a 4260 // Service to type ExternalName. 4261 // 4262 // This field may hold a maximum of two entries (dual-stack families, in 4263 // either order). These families must correspond to the values of the 4264 // clusterIPs field, if specified. Both clusterIPs and ipFamilies are 4265 // governed by the ipFamilyPolicy field. 4266 // +listType=atomic 4267 // +optional 4268 IPFamilies []IPFamily `json:"ipFamilies,omitempty" protobuf:"bytes,19,opt,name=ipFamilies,casttype=IPFamily"` 4269 4270 // IPFamilyPolicy represents the dual-stack-ness requested or required by 4271 // this Service, and is gated by the "IPv6DualStack" feature gate. If 4272 // there is no value provided, then this field will be set to SingleStack. 4273 // Services can be "SingleStack" (a single IP family), "PreferDualStack" 4274 // (two IP families on dual-stack configured clusters or a single IP family 4275 // on single-stack clusters), or "RequireDualStack" (two IP families on 4276 // dual-stack configured clusters, otherwise fail). The ipFamilies and 4277 // clusterIPs fields depend on the value of this field. This field will be 4278 // wiped when updating a service to type ExternalName. 4279 // +optional 4280 IPFamilyPolicy *IPFamilyPolicyType `json:"ipFamilyPolicy,omitempty" protobuf:"bytes,17,opt,name=ipFamilyPolicy,casttype=IPFamilyPolicyType"` 4281 4282 // allocateLoadBalancerNodePorts defines if NodePorts will be automatically 4283 // allocated for services with type LoadBalancer. Default is "true". It may be 4284 // set to "false" if the cluster load-balancer does not rely on NodePorts. 4285 // allocateLoadBalancerNodePorts may only be set for services with type LoadBalancer 4286 // and will be cleared if the type is changed to any other type. 4287 // This field is alpha-level and is only honored by servers that enable the ServiceLBNodePortControl feature. 4288 // +optional 4289 AllocateLoadBalancerNodePorts *bool `json:"allocateLoadBalancerNodePorts,omitempty" protobuf:"bytes,20,opt,name=allocateLoadBalancerNodePorts"` 4290 4291 // loadBalancerClass is the class of the load balancer implementation this Service belongs to. 4292 // If specified, the value of this field must be a label-style identifier, with an optional prefix, 4293 // e.g. "internal-vip" or "example.com/internal-vip". Unprefixed names are reserved for end-users. 4294 // This field can only be set when the Service type is 'LoadBalancer'. If not set, the default load 4295 // balancer implementation is used, today this is typically done through the cloud provider integration, 4296 // but should apply for any default implementation. If set, it is assumed that a load balancer 4297 // implementation is watching for Services with a matching class. Any default load balancer 4298 // implementation (e.g. cloud providers) should ignore Services that set this field. 4299 // This field can only be set when creating or updating a Service to type 'LoadBalancer'. 4300 // Once set, it can not be changed. This field will be wiped when a service is updated to a non 'LoadBalancer' type. 4301 // +featureGate=LoadBalancerClass 4302 // +optional 4303 LoadBalancerClass *string `json:"loadBalancerClass,omitempty" protobuf:"bytes,21,opt,name=loadBalancerClass"` 4304 4305 // InternalTrafficPolicy specifies if the cluster internal traffic 4306 // should be routed to all endpoints or node-local endpoints only. 4307 // "Cluster" routes internal traffic to a Service to all endpoints. 4308 // "Local" routes traffic to node-local endpoints only, traffic is 4309 // dropped if no node-local endpoints are ready. 4310 // The default value is "Cluster". 4311 // +featureGate=ServiceInternalTrafficPolicy 4312 // +optional 4313 InternalTrafficPolicy *ServiceInternalTrafficPolicyType `json:"internalTrafficPolicy,omitempty" protobuf:"bytes,22,opt,name=internalTrafficPolicy"` 4314} 4315 4316// ServicePort contains information on service's port. 4317type ServicePort struct { 4318 // The name of this port within the service. This must be a DNS_LABEL. 4319 // All ports within a ServiceSpec must have unique names. When considering 4320 // the endpoints for a Service, this must match the 'name' field in the 4321 // EndpointPort. 4322 // Optional if only one ServicePort is defined on this service. 4323 // +optional 4324 Name string `json:"name,omitempty" protobuf:"bytes,1,opt,name=name"` 4325 4326 // The IP protocol for this port. Supports "TCP", "UDP", and "SCTP". 4327 // Default is TCP. 4328 // +default="TCP" 4329 // +optional 4330 Protocol Protocol `json:"protocol,omitempty" protobuf:"bytes,2,opt,name=protocol,casttype=Protocol"` 4331 4332 // The application protocol for this port. 4333 // This field follows standard Kubernetes label syntax. 4334 // Un-prefixed names are reserved for IANA standard service names (as per 4335 // RFC-6335 and http://www.iana.org/assignments/service-names). 4336 // Non-standard protocols should use prefixed names such as 4337 // mycompany.com/my-custom-protocol. 4338 // This is a beta field that is guarded by the ServiceAppProtocol feature 4339 // gate and enabled by default. 4340 // +optional 4341 AppProtocol *string `json:"appProtocol,omitempty" protobuf:"bytes,6,opt,name=appProtocol"` 4342 4343 // The port that will be exposed by this service. 4344 Port int32 `json:"port" protobuf:"varint,3,opt,name=port"` 4345 4346 // Number or name of the port to access on the pods targeted by the service. 4347 // Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 4348 // If this is a string, it will be looked up as a named port in the 4349 // target Pod's container ports. If this is not specified, the value 4350 // of the 'port' field is used (an identity map). 4351 // This field is ignored for services with clusterIP=None, and should be 4352 // omitted or set equal to the 'port' field. 4353 // More info: https://kubernetes.io/docs/concepts/services-networking/service/#defining-a-service 4354 // +optional 4355 TargetPort intstr.IntOrString `json:"targetPort,omitempty" protobuf:"bytes,4,opt,name=targetPort"` 4356 4357 // The port on each node on which this service is exposed when type is 4358 // NodePort or LoadBalancer. Usually assigned by the system. If a value is 4359 // specified, in-range, and not in use it will be used, otherwise the 4360 // operation will fail. If not specified, a port will be allocated if this 4361 // Service requires one. If this field is specified when creating a 4362 // Service which does not need it, creation will fail. This field will be 4363 // wiped when updating a Service to no longer need it (e.g. changing type 4364 // from NodePort to ClusterIP). 4365 // More info: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport 4366 // +optional 4367 NodePort int32 `json:"nodePort,omitempty" protobuf:"varint,5,opt,name=nodePort"` 4368} 4369 4370// +genclient 4371// +genclient:skipVerbs=deleteCollection 4372// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 4373 4374// Service is a named abstraction of software service (for example, mysql) consisting of local port 4375// (for example 3306) that the proxy listens on, and the selector that determines which pods 4376// will answer requests sent through the proxy. 4377type Service struct { 4378 metav1.TypeMeta `json:",inline"` 4379 // Standard object's metadata. 4380 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata 4381 // +optional 4382 metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 4383 4384 // Spec defines the behavior of a service. 4385 // https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status 4386 // +optional 4387 Spec ServiceSpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"` 4388 4389 // Most recently observed status of the service. 4390 // Populated by the system. 4391 // Read-only. 4392 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status 4393 // +optional 4394 Status ServiceStatus `json:"status,omitempty" protobuf:"bytes,3,opt,name=status"` 4395} 4396 4397const ( 4398 // ClusterIPNone - do not assign a cluster IP 4399 // no proxying required and no environment variables should be created for pods 4400 ClusterIPNone = "None" 4401) 4402 4403// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 4404 4405// ServiceList holds a list of services. 4406type ServiceList struct { 4407 metav1.TypeMeta `json:",inline"` 4408 // Standard list metadata. 4409 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 4410 // +optional 4411 metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 4412 4413 // List of services 4414 Items []Service `json:"items" protobuf:"bytes,2,rep,name=items"` 4415} 4416 4417// +genclient 4418// +genclient:method=CreateToken,verb=create,subresource=token,input=k8s.io/api/authentication/v1.TokenRequest,result=k8s.io/api/authentication/v1.TokenRequest 4419// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 4420 4421// ServiceAccount binds together: 4422// * a name, understood by users, and perhaps by peripheral systems, for an identity 4423// * a principal that can be authenticated and authorized 4424// * a set of secrets 4425type ServiceAccount struct { 4426 metav1.TypeMeta `json:",inline"` 4427 // Standard object's metadata. 4428 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata 4429 // +optional 4430 metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 4431 4432 // Secrets is the list of secrets allowed to be used by pods running using this ServiceAccount. 4433 // More info: https://kubernetes.io/docs/concepts/configuration/secret 4434 // +optional 4435 // +patchMergeKey=name 4436 // +patchStrategy=merge 4437 Secrets []ObjectReference `json:"secrets,omitempty" patchStrategy:"merge" patchMergeKey:"name" protobuf:"bytes,2,rep,name=secrets"` 4438 4439 // ImagePullSecrets is a list of references to secrets in the same namespace to use for pulling any images 4440 // in pods that reference this ServiceAccount. ImagePullSecrets are distinct from Secrets because Secrets 4441 // can be mounted in the pod, but ImagePullSecrets are only accessed by the kubelet. 4442 // More info: https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod 4443 // +optional 4444 ImagePullSecrets []LocalObjectReference `json:"imagePullSecrets,omitempty" protobuf:"bytes,3,rep,name=imagePullSecrets"` 4445 4446 // AutomountServiceAccountToken indicates whether pods running as this service account should have an API token automatically mounted. 4447 // Can be overridden at the pod level. 4448 // +optional 4449 AutomountServiceAccountToken *bool `json:"automountServiceAccountToken,omitempty" protobuf:"varint,4,opt,name=automountServiceAccountToken"` 4450} 4451 4452// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 4453 4454// ServiceAccountList is a list of ServiceAccount objects 4455type ServiceAccountList struct { 4456 metav1.TypeMeta `json:",inline"` 4457 // Standard list metadata. 4458 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 4459 // +optional 4460 metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 4461 4462 // List of ServiceAccounts. 4463 // More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ 4464 Items []ServiceAccount `json:"items" protobuf:"bytes,2,rep,name=items"` 4465} 4466 4467// +genclient 4468// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 4469 4470// Endpoints is a collection of endpoints that implement the actual service. Example: 4471// Name: "mysvc", 4472// Subsets: [ 4473// { 4474// Addresses: [{"ip": "10.10.1.1"}, {"ip": "10.10.2.2"}], 4475// Ports: [{"name": "a", "port": 8675}, {"name": "b", "port": 309}] 4476// }, 4477// { 4478// Addresses: [{"ip": "10.10.3.3"}], 4479// Ports: [{"name": "a", "port": 93}, {"name": "b", "port": 76}] 4480// }, 4481// ] 4482type Endpoints struct { 4483 metav1.TypeMeta `json:",inline"` 4484 // Standard object's metadata. 4485 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata 4486 // +optional 4487 metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 4488 4489 // The set of all endpoints is the union of all subsets. Addresses are placed into 4490 // subsets according to the IPs they share. A single address with multiple ports, 4491 // some of which are ready and some of which are not (because they come from 4492 // different containers) will result in the address being displayed in different 4493 // subsets for the different ports. No address will appear in both Addresses and 4494 // NotReadyAddresses in the same subset. 4495 // Sets of addresses and ports that comprise a service. 4496 // +optional 4497 Subsets []EndpointSubset `json:"subsets,omitempty" protobuf:"bytes,2,rep,name=subsets"` 4498} 4499 4500// EndpointSubset is a group of addresses with a common set of ports. The 4501// expanded set of endpoints is the Cartesian product of Addresses x Ports. 4502// For example, given: 4503// { 4504// Addresses: [{"ip": "10.10.1.1"}, {"ip": "10.10.2.2"}], 4505// Ports: [{"name": "a", "port": 8675}, {"name": "b", "port": 309}] 4506// } 4507// The resulting set of endpoints can be viewed as: 4508// a: [ 10.10.1.1:8675, 10.10.2.2:8675 ], 4509// b: [ 10.10.1.1:309, 10.10.2.2:309 ] 4510type EndpointSubset struct { 4511 // IP addresses which offer the related ports that are marked as ready. These endpoints 4512 // should be considered safe for load balancers and clients to utilize. 4513 // +optional 4514 Addresses []EndpointAddress `json:"addresses,omitempty" protobuf:"bytes,1,rep,name=addresses"` 4515 // IP addresses which offer the related ports but are not currently marked as ready 4516 // because they have not yet finished starting, have recently failed a readiness check, 4517 // or have recently failed a liveness check. 4518 // +optional 4519 NotReadyAddresses []EndpointAddress `json:"notReadyAddresses,omitempty" protobuf:"bytes,2,rep,name=notReadyAddresses"` 4520 // Port numbers available on the related IP addresses. 4521 // +optional 4522 Ports []EndpointPort `json:"ports,omitempty" protobuf:"bytes,3,rep,name=ports"` 4523} 4524 4525// EndpointAddress is a tuple that describes single IP address. 4526type EndpointAddress struct { 4527 // The IP of this endpoint. 4528 // May not be loopback (127.0.0.0/8), link-local (169.254.0.0/16), 4529 // or link-local multicast ((224.0.0.0/24). 4530 // IPv6 is also accepted but not fully supported on all platforms. Also, certain 4531 // kubernetes components, like kube-proxy, are not IPv6 ready. 4532 // TODO: This should allow hostname or IP, See #4447. 4533 IP string `json:"ip" protobuf:"bytes,1,opt,name=ip"` 4534 // The Hostname of this endpoint 4535 // +optional 4536 Hostname string `json:"hostname,omitempty" protobuf:"bytes,3,opt,name=hostname"` 4537 // Optional: Node hosting this endpoint. This can be used to determine endpoints local to a node. 4538 // +optional 4539 NodeName *string `json:"nodeName,omitempty" protobuf:"bytes,4,opt,name=nodeName"` 4540 // Reference to object providing the endpoint. 4541 // +optional 4542 TargetRef *ObjectReference `json:"targetRef,omitempty" protobuf:"bytes,2,opt,name=targetRef"` 4543} 4544 4545// EndpointPort is a tuple that describes a single port. 4546type EndpointPort struct { 4547 // The name of this port. This must match the 'name' field in the 4548 // corresponding ServicePort. 4549 // Must be a DNS_LABEL. 4550 // Optional only if one port is defined. 4551 // +optional 4552 Name string `json:"name,omitempty" protobuf:"bytes,1,opt,name=name"` 4553 4554 // The port number of the endpoint. 4555 Port int32 `json:"port" protobuf:"varint,2,opt,name=port"` 4556 4557 // The IP protocol for this port. 4558 // Must be UDP, TCP, or SCTP. 4559 // Default is TCP. 4560 // +optional 4561 Protocol Protocol `json:"protocol,omitempty" protobuf:"bytes,3,opt,name=protocol,casttype=Protocol"` 4562 4563 // The application protocol for this port. 4564 // This field follows standard Kubernetes label syntax. 4565 // Un-prefixed names are reserved for IANA standard service names (as per 4566 // RFC-6335 and http://www.iana.org/assignments/service-names). 4567 // Non-standard protocols should use prefixed names such as 4568 // mycompany.com/my-custom-protocol. 4569 // This is a beta field that is guarded by the ServiceAppProtocol feature 4570 // gate and enabled by default. 4571 // +optional 4572 AppProtocol *string `json:"appProtocol,omitempty" protobuf:"bytes,4,opt,name=appProtocol"` 4573} 4574 4575// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 4576 4577// EndpointsList is a list of endpoints. 4578type EndpointsList struct { 4579 metav1.TypeMeta `json:",inline"` 4580 // Standard list metadata. 4581 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 4582 // +optional 4583 metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 4584 4585 // List of endpoints. 4586 Items []Endpoints `json:"items" protobuf:"bytes,2,rep,name=items"` 4587} 4588 4589// NodeSpec describes the attributes that a node is created with. 4590type NodeSpec struct { 4591 // PodCIDR represents the pod IP range assigned to the node. 4592 // +optional 4593 PodCIDR string `json:"podCIDR,omitempty" protobuf:"bytes,1,opt,name=podCIDR"` 4594 4595 // podCIDRs represents the IP ranges assigned to the node for usage by Pods on that node. If this 4596 // field is specified, the 0th entry must match the podCIDR field. It may contain at most 1 value for 4597 // each of IPv4 and IPv6. 4598 // +optional 4599 // +patchStrategy=merge 4600 PodCIDRs []string `json:"podCIDRs,omitempty" protobuf:"bytes,7,opt,name=podCIDRs" patchStrategy:"merge"` 4601 4602 // ID of the node assigned by the cloud provider in the format: <ProviderName>://<ProviderSpecificNodeID> 4603 // +optional 4604 ProviderID string `json:"providerID,omitempty" protobuf:"bytes,3,opt,name=providerID"` 4605 // Unschedulable controls node schedulability of new pods. By default, node is schedulable. 4606 // More info: https://kubernetes.io/docs/concepts/nodes/node/#manual-node-administration 4607 // +optional 4608 Unschedulable bool `json:"unschedulable,omitempty" protobuf:"varint,4,opt,name=unschedulable"` 4609 // If specified, the node's taints. 4610 // +optional 4611 Taints []Taint `json:"taints,omitempty" protobuf:"bytes,5,opt,name=taints"` 4612 // If specified, the source to get node configuration from 4613 // The DynamicKubeletConfig feature gate must be enabled for the Kubelet to use this field 4614 // +optional 4615 ConfigSource *NodeConfigSource `json:"configSource,omitempty" protobuf:"bytes,6,opt,name=configSource"` 4616 4617 // Deprecated. Not all kubelets will set this field. Remove field after 1.13. 4618 // see: https://issues.k8s.io/61966 4619 // +optional 4620 DoNotUseExternalID string `json:"externalID,omitempty" protobuf:"bytes,2,opt,name=externalID"` 4621} 4622 4623// NodeConfigSource specifies a source of node configuration. Exactly one subfield (excluding metadata) must be non-nil. 4624type NodeConfigSource struct { 4625 // For historical context, regarding the below kind, apiVersion, and configMapRef deprecation tags: 4626 // 1. kind/apiVersion were used by the kubelet to persist this struct to disk (they had no protobuf tags) 4627 // 2. configMapRef and proto tag 1 were used by the API to refer to a configmap, 4628 // but used a generic ObjectReference type that didn't really have the fields we needed 4629 // All uses/persistence of the NodeConfigSource struct prior to 1.11 were gated by alpha feature flags, 4630 // so there was no persisted data for these fields that needed to be migrated/handled. 4631 4632 // +k8s:deprecated=kind 4633 // +k8s:deprecated=apiVersion 4634 // +k8s:deprecated=configMapRef,protobuf=1 4635 4636 // ConfigMap is a reference to a Node's ConfigMap 4637 ConfigMap *ConfigMapNodeConfigSource `json:"configMap,omitempty" protobuf:"bytes,2,opt,name=configMap"` 4638} 4639 4640// ConfigMapNodeConfigSource contains the information to reference a ConfigMap as a config source for the Node. 4641type ConfigMapNodeConfigSource struct { 4642 // Namespace is the metadata.namespace of the referenced ConfigMap. 4643 // This field is required in all cases. 4644 Namespace string `json:"namespace" protobuf:"bytes,1,opt,name=namespace"` 4645 4646 // Name is the metadata.name of the referenced ConfigMap. 4647 // This field is required in all cases. 4648 Name string `json:"name" protobuf:"bytes,2,opt,name=name"` 4649 4650 // UID is the metadata.UID of the referenced ConfigMap. 4651 // This field is forbidden in Node.Spec, and required in Node.Status. 4652 // +optional 4653 UID types.UID `json:"uid,omitempty" protobuf:"bytes,3,opt,name=uid"` 4654 4655 // ResourceVersion is the metadata.ResourceVersion of the referenced ConfigMap. 4656 // This field is forbidden in Node.Spec, and required in Node.Status. 4657 // +optional 4658 ResourceVersion string `json:"resourceVersion,omitempty" protobuf:"bytes,4,opt,name=resourceVersion"` 4659 4660 // KubeletConfigKey declares which key of the referenced ConfigMap corresponds to the KubeletConfiguration structure 4661 // This field is required in all cases. 4662 KubeletConfigKey string `json:"kubeletConfigKey" protobuf:"bytes,5,opt,name=kubeletConfigKey"` 4663} 4664 4665// DaemonEndpoint contains information about a single Daemon endpoint. 4666type DaemonEndpoint struct { 4667 /* 4668 The port tag was not properly in quotes in earlier releases, so it must be 4669 uppercased for backwards compat (since it was falling back to var name of 4670 'Port'). 4671 */ 4672 4673 // Port number of the given endpoint. 4674 Port int32 `json:"Port" protobuf:"varint,1,opt,name=Port"` 4675} 4676 4677// NodeDaemonEndpoints lists ports opened by daemons running on the Node. 4678type NodeDaemonEndpoints struct { 4679 // Endpoint on which Kubelet is listening. 4680 // +optional 4681 KubeletEndpoint DaemonEndpoint `json:"kubeletEndpoint,omitempty" protobuf:"bytes,1,opt,name=kubeletEndpoint"` 4682} 4683 4684// NodeSystemInfo is a set of ids/uuids to uniquely identify the node. 4685type NodeSystemInfo struct { 4686 // MachineID reported by the node. For unique machine identification 4687 // in the cluster this field is preferred. Learn more from man(5) 4688 // machine-id: http://man7.org/linux/man-pages/man5/machine-id.5.html 4689 MachineID string `json:"machineID" protobuf:"bytes,1,opt,name=machineID"` 4690 // SystemUUID reported by the node. For unique machine identification 4691 // MachineID is preferred. This field is specific to Red Hat hosts 4692 // https://access.redhat.com/documentation/en-us/red_hat_subscription_management/1/html/rhsm/uuid 4693 SystemUUID string `json:"systemUUID" protobuf:"bytes,2,opt,name=systemUUID"` 4694 // Boot ID reported by the node. 4695 BootID string `json:"bootID" protobuf:"bytes,3,opt,name=bootID"` 4696 // Kernel Version reported by the node from 'uname -r' (e.g. 3.16.0-0.bpo.4-amd64). 4697 KernelVersion string `json:"kernelVersion" protobuf:"bytes,4,opt,name=kernelVersion"` 4698 // OS Image reported by the node from /etc/os-release (e.g. Debian GNU/Linux 7 (wheezy)). 4699 OSImage string `json:"osImage" protobuf:"bytes,5,opt,name=osImage"` 4700 // ContainerRuntime Version reported by the node through runtime remote API (e.g. docker://1.5.0). 4701 ContainerRuntimeVersion string `json:"containerRuntimeVersion" protobuf:"bytes,6,opt,name=containerRuntimeVersion"` 4702 // Kubelet Version reported by the node. 4703 KubeletVersion string `json:"kubeletVersion" protobuf:"bytes,7,opt,name=kubeletVersion"` 4704 // KubeProxy Version reported by the node. 4705 KubeProxyVersion string `json:"kubeProxyVersion" protobuf:"bytes,8,opt,name=kubeProxyVersion"` 4706 // The Operating System reported by the node 4707 OperatingSystem string `json:"operatingSystem" protobuf:"bytes,9,opt,name=operatingSystem"` 4708 // The Architecture reported by the node 4709 Architecture string `json:"architecture" protobuf:"bytes,10,opt,name=architecture"` 4710} 4711 4712// NodeConfigStatus describes the status of the config assigned by Node.Spec.ConfigSource. 4713type NodeConfigStatus struct { 4714 // Assigned reports the checkpointed config the node will try to use. 4715 // When Node.Spec.ConfigSource is updated, the node checkpoints the associated 4716 // config payload to local disk, along with a record indicating intended 4717 // config. The node refers to this record to choose its config checkpoint, and 4718 // reports this record in Assigned. Assigned only updates in the status after 4719 // the record has been checkpointed to disk. When the Kubelet is restarted, 4720 // it tries to make the Assigned config the Active config by loading and 4721 // validating the checkpointed payload identified by Assigned. 4722 // +optional 4723 Assigned *NodeConfigSource `json:"assigned,omitempty" protobuf:"bytes,1,opt,name=assigned"` 4724 // Active reports the checkpointed config the node is actively using. 4725 // Active will represent either the current version of the Assigned config, 4726 // or the current LastKnownGood config, depending on whether attempting to use the 4727 // Assigned config results in an error. 4728 // +optional 4729 Active *NodeConfigSource `json:"active,omitempty" protobuf:"bytes,2,opt,name=active"` 4730 // LastKnownGood reports the checkpointed config the node will fall back to 4731 // when it encounters an error attempting to use the Assigned config. 4732 // The Assigned config becomes the LastKnownGood config when the node determines 4733 // that the Assigned config is stable and correct. 4734 // This is currently implemented as a 10-minute soak period starting when the local 4735 // record of Assigned config is updated. If the Assigned config is Active at the end 4736 // of this period, it becomes the LastKnownGood. Note that if Spec.ConfigSource is 4737 // reset to nil (use local defaults), the LastKnownGood is also immediately reset to nil, 4738 // because the local default config is always assumed good. 4739 // You should not make assumptions about the node's method of determining config stability 4740 // and correctness, as this may change or become configurable in the future. 4741 // +optional 4742 LastKnownGood *NodeConfigSource `json:"lastKnownGood,omitempty" protobuf:"bytes,3,opt,name=lastKnownGood"` 4743 // Error describes any problems reconciling the Spec.ConfigSource to the Active config. 4744 // Errors may occur, for example, attempting to checkpoint Spec.ConfigSource to the local Assigned 4745 // record, attempting to checkpoint the payload associated with Spec.ConfigSource, attempting 4746 // to load or validate the Assigned config, etc. 4747 // Errors may occur at different points while syncing config. Earlier errors (e.g. download or 4748 // checkpointing errors) will not result in a rollback to LastKnownGood, and may resolve across 4749 // Kubelet retries. Later errors (e.g. loading or validating a checkpointed config) will result in 4750 // a rollback to LastKnownGood. In the latter case, it is usually possible to resolve the error 4751 // by fixing the config assigned in Spec.ConfigSource. 4752 // You can find additional information for debugging by searching the error message in the Kubelet log. 4753 // Error is a human-readable description of the error state; machines can check whether or not Error 4754 // is empty, but should not rely on the stability of the Error text across Kubelet versions. 4755 // +optional 4756 Error string `json:"error,omitempty" protobuf:"bytes,4,opt,name=error"` 4757} 4758 4759// NodeStatus is information about the current status of a node. 4760type NodeStatus struct { 4761 // Capacity represents the total resources of a node. 4762 // More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#capacity 4763 // +optional 4764 Capacity ResourceList `json:"capacity,omitempty" protobuf:"bytes,1,rep,name=capacity,casttype=ResourceList,castkey=ResourceName"` 4765 // Allocatable represents the resources of a node that are available for scheduling. 4766 // Defaults to Capacity. 4767 // +optional 4768 Allocatable ResourceList `json:"allocatable,omitempty" protobuf:"bytes,2,rep,name=allocatable,casttype=ResourceList,castkey=ResourceName"` 4769 // NodePhase is the recently observed lifecycle phase of the node. 4770 // More info: https://kubernetes.io/docs/concepts/nodes/node/#phase 4771 // The field is never populated, and now is deprecated. 4772 // +optional 4773 Phase NodePhase `json:"phase,omitempty" protobuf:"bytes,3,opt,name=phase,casttype=NodePhase"` 4774 // Conditions is an array of current observed node conditions. 4775 // More info: https://kubernetes.io/docs/concepts/nodes/node/#condition 4776 // +optional 4777 // +patchMergeKey=type 4778 // +patchStrategy=merge 4779 Conditions []NodeCondition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,4,rep,name=conditions"` 4780 // List of addresses reachable to the node. 4781 // Queried from cloud provider, if available. 4782 // More info: https://kubernetes.io/docs/concepts/nodes/node/#addresses 4783 // Note: This field is declared as mergeable, but the merge key is not sufficiently 4784 // unique, which can cause data corruption when it is merged. Callers should instead 4785 // use a full-replacement patch. See http://pr.k8s.io/79391 for an example. 4786 // +optional 4787 // +patchMergeKey=type 4788 // +patchStrategy=merge 4789 Addresses []NodeAddress `json:"addresses,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,5,rep,name=addresses"` 4790 // Endpoints of daemons running on the Node. 4791 // +optional 4792 DaemonEndpoints NodeDaemonEndpoints `json:"daemonEndpoints,omitempty" protobuf:"bytes,6,opt,name=daemonEndpoints"` 4793 // Set of ids/uuids to uniquely identify the node. 4794 // More info: https://kubernetes.io/docs/concepts/nodes/node/#info 4795 // +optional 4796 NodeInfo NodeSystemInfo `json:"nodeInfo,omitempty" protobuf:"bytes,7,opt,name=nodeInfo"` 4797 // List of container images on this node 4798 // +optional 4799 Images []ContainerImage `json:"images,omitempty" protobuf:"bytes,8,rep,name=images"` 4800 // List of attachable volumes in use (mounted) by the node. 4801 // +optional 4802 VolumesInUse []UniqueVolumeName `json:"volumesInUse,omitempty" protobuf:"bytes,9,rep,name=volumesInUse"` 4803 // List of volumes that are attached to the node. 4804 // +optional 4805 VolumesAttached []AttachedVolume `json:"volumesAttached,omitempty" protobuf:"bytes,10,rep,name=volumesAttached"` 4806 // Status of the config assigned to the node via the dynamic Kubelet config feature. 4807 // +optional 4808 Config *NodeConfigStatus `json:"config,omitempty" protobuf:"bytes,11,opt,name=config"` 4809} 4810 4811type UniqueVolumeName string 4812 4813// AttachedVolume describes a volume attached to a node 4814type AttachedVolume struct { 4815 // Name of the attached volume 4816 Name UniqueVolumeName `json:"name" protobuf:"bytes,1,rep,name=name"` 4817 4818 // DevicePath represents the device path where the volume should be available 4819 DevicePath string `json:"devicePath" protobuf:"bytes,2,rep,name=devicePath"` 4820} 4821 4822// AvoidPods describes pods that should avoid this node. This is the value for a 4823// Node annotation with key scheduler.alpha.kubernetes.io/preferAvoidPods and 4824// will eventually become a field of NodeStatus. 4825type AvoidPods struct { 4826 // Bounded-sized list of signatures of pods that should avoid this node, sorted 4827 // in timestamp order from oldest to newest. Size of the slice is unspecified. 4828 // +optional 4829 PreferAvoidPods []PreferAvoidPodsEntry `json:"preferAvoidPods,omitempty" protobuf:"bytes,1,rep,name=preferAvoidPods"` 4830} 4831 4832// Describes a class of pods that should avoid this node. 4833type PreferAvoidPodsEntry struct { 4834 // The class of pods. 4835 PodSignature PodSignature `json:"podSignature" protobuf:"bytes,1,opt,name=podSignature"` 4836 // Time at which this entry was added to the list. 4837 // +optional 4838 EvictionTime metav1.Time `json:"evictionTime,omitempty" protobuf:"bytes,2,opt,name=evictionTime"` 4839 // (brief) reason why this entry was added to the list. 4840 // +optional 4841 Reason string `json:"reason,omitempty" protobuf:"bytes,3,opt,name=reason"` 4842 // Human readable message indicating why this entry was added to the list. 4843 // +optional 4844 Message string `json:"message,omitempty" protobuf:"bytes,4,opt,name=message"` 4845} 4846 4847// Describes the class of pods that should avoid this node. 4848// Exactly one field should be set. 4849type PodSignature struct { 4850 // Reference to controller whose pods should avoid this node. 4851 // +optional 4852 PodController *metav1.OwnerReference `json:"podController,omitempty" protobuf:"bytes,1,opt,name=podController"` 4853} 4854 4855// Describe a container image 4856type ContainerImage struct { 4857 // Names by which this image is known. 4858 // e.g. ["k8s.gcr.io/hyperkube:v1.0.7", "dockerhub.io/google_containers/hyperkube:v1.0.7"] 4859 Names []string `json:"names" protobuf:"bytes,1,rep,name=names"` 4860 // The size of the image in bytes. 4861 // +optional 4862 SizeBytes int64 `json:"sizeBytes,omitempty" protobuf:"varint,2,opt,name=sizeBytes"` 4863} 4864 4865type NodePhase string 4866 4867// These are the valid phases of node. 4868const ( 4869 // NodePending means the node has been created/added by the system, but not configured. 4870 NodePending NodePhase = "Pending" 4871 // NodeRunning means the node has been configured and has Kubernetes components running. 4872 NodeRunning NodePhase = "Running" 4873 // NodeTerminated means the node has been removed from the cluster. 4874 NodeTerminated NodePhase = "Terminated" 4875) 4876 4877type NodeConditionType string 4878 4879// These are valid conditions of node. Currently, we don't have enough information to decide 4880// node condition. In the future, we will add more. The proposed set of conditions are: 4881// NodeReachable, NodeLive, NodeReady, NodeSchedulable, NodeRunnable. 4882const ( 4883 // NodeReady means kubelet is healthy and ready to accept pods. 4884 NodeReady NodeConditionType = "Ready" 4885 // NodeMemoryPressure means the kubelet is under pressure due to insufficient available memory. 4886 NodeMemoryPressure NodeConditionType = "MemoryPressure" 4887 // NodeDiskPressure means the kubelet is under pressure due to insufficient available disk. 4888 NodeDiskPressure NodeConditionType = "DiskPressure" 4889 // NodePIDPressure means the kubelet is under pressure due to insufficient available PID. 4890 NodePIDPressure NodeConditionType = "PIDPressure" 4891 // NodeNetworkUnavailable means that network for the node is not correctly configured. 4892 NodeNetworkUnavailable NodeConditionType = "NetworkUnavailable" 4893) 4894 4895// NodeCondition contains condition information for a node. 4896type NodeCondition struct { 4897 // Type of node condition. 4898 Type NodeConditionType `json:"type" protobuf:"bytes,1,opt,name=type,casttype=NodeConditionType"` 4899 // Status of the condition, one of True, False, Unknown. 4900 Status ConditionStatus `json:"status" protobuf:"bytes,2,opt,name=status,casttype=ConditionStatus"` 4901 // Last time we got an update on a given condition. 4902 // +optional 4903 LastHeartbeatTime metav1.Time `json:"lastHeartbeatTime,omitempty" protobuf:"bytes,3,opt,name=lastHeartbeatTime"` 4904 // Last time the condition transit from one status to another. 4905 // +optional 4906 LastTransitionTime metav1.Time `json:"lastTransitionTime,omitempty" protobuf:"bytes,4,opt,name=lastTransitionTime"` 4907 // (brief) reason for the condition's last transition. 4908 // +optional 4909 Reason string `json:"reason,omitempty" protobuf:"bytes,5,opt,name=reason"` 4910 // Human readable message indicating details about last transition. 4911 // +optional 4912 Message string `json:"message,omitempty" protobuf:"bytes,6,opt,name=message"` 4913} 4914 4915type NodeAddressType string 4916 4917// These are valid address type of node. 4918const ( 4919 NodeHostName NodeAddressType = "Hostname" 4920 NodeExternalIP NodeAddressType = "ExternalIP" 4921 NodeInternalIP NodeAddressType = "InternalIP" 4922 NodeExternalDNS NodeAddressType = "ExternalDNS" 4923 NodeInternalDNS NodeAddressType = "InternalDNS" 4924) 4925 4926// NodeAddress contains information for the node's address. 4927type NodeAddress struct { 4928 // Node address type, one of Hostname, ExternalIP or InternalIP. 4929 Type NodeAddressType `json:"type" protobuf:"bytes,1,opt,name=type,casttype=NodeAddressType"` 4930 // The node address. 4931 Address string `json:"address" protobuf:"bytes,2,opt,name=address"` 4932} 4933 4934// ResourceName is the name identifying various resources in a ResourceList. 4935type ResourceName string 4936 4937// Resource names must be not more than 63 characters, consisting of upper- or lower-case alphanumeric characters, 4938// with the -, _, and . characters allowed anywhere, except the first or last character. 4939// The default convention, matching that for annotations, is to use lower-case names, with dashes, rather than 4940// camel case, separating compound words. 4941// Fully-qualified resource typenames are constructed from a DNS-style subdomain, followed by a slash `/` and a name. 4942const ( 4943 // CPU, in cores. (500m = .5 cores) 4944 ResourceCPU ResourceName = "cpu" 4945 // Memory, in bytes. (500Gi = 500GiB = 500 * 1024 * 1024 * 1024) 4946 ResourceMemory ResourceName = "memory" 4947 // Volume size, in bytes (e,g. 5Gi = 5GiB = 5 * 1024 * 1024 * 1024) 4948 ResourceStorage ResourceName = "storage" 4949 // Local ephemeral storage, in bytes. (500Gi = 500GiB = 500 * 1024 * 1024 * 1024) 4950 // The resource name for ResourceEphemeralStorage is alpha and it can change across releases. 4951 ResourceEphemeralStorage ResourceName = "ephemeral-storage" 4952) 4953 4954const ( 4955 // Default namespace prefix. 4956 ResourceDefaultNamespacePrefix = "kubernetes.io/" 4957 // Name prefix for huge page resources (alpha). 4958 ResourceHugePagesPrefix = "hugepages-" 4959 // Name prefix for storage resource limits 4960 ResourceAttachableVolumesPrefix = "attachable-volumes-" 4961) 4962 4963// ResourceList is a set of (resource name, quantity) pairs. 4964type ResourceList map[ResourceName]resource.Quantity 4965 4966// +genclient 4967// +genclient:nonNamespaced 4968// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 4969 4970// Node is a worker node in Kubernetes. 4971// Each node will have a unique identifier in the cache (i.e. in etcd). 4972type Node struct { 4973 metav1.TypeMeta `json:",inline"` 4974 // Standard object's metadata. 4975 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata 4976 // +optional 4977 metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 4978 4979 // Spec defines the behavior of a node. 4980 // https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status 4981 // +optional 4982 Spec NodeSpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"` 4983 4984 // Most recently observed status of the node. 4985 // Populated by the system. 4986 // Read-only. 4987 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status 4988 // +optional 4989 Status NodeStatus `json:"status,omitempty" protobuf:"bytes,3,opt,name=status"` 4990} 4991 4992// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 4993 4994// NodeList is the whole list of all Nodes which have been registered with master. 4995type NodeList struct { 4996 metav1.TypeMeta `json:",inline"` 4997 // Standard list metadata. 4998 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 4999 // +optional 5000 metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 5001 5002 // List of nodes 5003 Items []Node `json:"items" protobuf:"bytes,2,rep,name=items"` 5004} 5005 5006// FinalizerName is the name identifying a finalizer during namespace lifecycle. 5007type FinalizerName string 5008 5009// These are internal finalizer values to Kubernetes, must be qualified name unless defined here or 5010// in metav1. 5011const ( 5012 FinalizerKubernetes FinalizerName = "kubernetes" 5013) 5014 5015// NamespaceSpec describes the attributes on a Namespace. 5016type NamespaceSpec struct { 5017 // Finalizers is an opaque list of values that must be empty to permanently remove object from storage. 5018 // More info: https://kubernetes.io/docs/tasks/administer-cluster/namespaces/ 5019 // +optional 5020 Finalizers []FinalizerName `json:"finalizers,omitempty" protobuf:"bytes,1,rep,name=finalizers,casttype=FinalizerName"` 5021} 5022 5023// NamespaceStatus is information about the current status of a Namespace. 5024type NamespaceStatus struct { 5025 // Phase is the current lifecycle phase of the namespace. 5026 // More info: https://kubernetes.io/docs/tasks/administer-cluster/namespaces/ 5027 // +optional 5028 Phase NamespacePhase `json:"phase,omitempty" protobuf:"bytes,1,opt,name=phase,casttype=NamespacePhase"` 5029 5030 // Represents the latest available observations of a namespace's current state. 5031 // +optional 5032 // +patchMergeKey=type 5033 // +patchStrategy=merge 5034 Conditions []NamespaceCondition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,2,rep,name=conditions"` 5035} 5036 5037type NamespacePhase string 5038 5039// These are the valid phases of a namespace. 5040const ( 5041 // NamespaceActive means the namespace is available for use in the system 5042 NamespaceActive NamespacePhase = "Active" 5043 // NamespaceTerminating means the namespace is undergoing graceful termination 5044 NamespaceTerminating NamespacePhase = "Terminating" 5045) 5046 5047const ( 5048 // NamespaceTerminatingCause is returned as a defaults.cause item when a change is 5049 // forbidden due to the namespace being terminated. 5050 NamespaceTerminatingCause metav1.CauseType = "NamespaceTerminating" 5051) 5052 5053type NamespaceConditionType string 5054 5055// These are valid conditions of a namespace. 5056const ( 5057 // NamespaceDeletionDiscoveryFailure contains information about namespace deleter errors during resource discovery. 5058 NamespaceDeletionDiscoveryFailure NamespaceConditionType = "NamespaceDeletionDiscoveryFailure" 5059 // NamespaceDeletionContentFailure contains information about namespace deleter errors during deletion of resources. 5060 NamespaceDeletionContentFailure NamespaceConditionType = "NamespaceDeletionContentFailure" 5061 // NamespaceDeletionGVParsingFailure contains information about namespace deleter errors parsing GV for legacy types. 5062 NamespaceDeletionGVParsingFailure NamespaceConditionType = "NamespaceDeletionGroupVersionParsingFailure" 5063 // NamespaceContentRemaining contains information about resources remaining in a namespace. 5064 NamespaceContentRemaining NamespaceConditionType = "NamespaceContentRemaining" 5065 // NamespaceFinalizersRemaining contains information about which finalizers are on resources remaining in a namespace. 5066 NamespaceFinalizersRemaining NamespaceConditionType = "NamespaceFinalizersRemaining" 5067) 5068 5069// NamespaceCondition contains details about state of namespace. 5070type NamespaceCondition struct { 5071 // Type of namespace controller condition. 5072 Type NamespaceConditionType `json:"type" protobuf:"bytes,1,opt,name=type,casttype=NamespaceConditionType"` 5073 // Status of the condition, one of True, False, Unknown. 5074 Status ConditionStatus `json:"status" protobuf:"bytes,2,opt,name=status,casttype=ConditionStatus"` 5075 // +optional 5076 LastTransitionTime metav1.Time `json:"lastTransitionTime,omitempty" protobuf:"bytes,4,opt,name=lastTransitionTime"` 5077 // +optional 5078 Reason string `json:"reason,omitempty" protobuf:"bytes,5,opt,name=reason"` 5079 // +optional 5080 Message string `json:"message,omitempty" protobuf:"bytes,6,opt,name=message"` 5081} 5082 5083// +genclient 5084// +genclient:nonNamespaced 5085// +genclient:skipVerbs=deleteCollection 5086// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 5087 5088// Namespace provides a scope for Names. 5089// Use of multiple namespaces is optional. 5090type Namespace struct { 5091 metav1.TypeMeta `json:",inline"` 5092 // Standard object's metadata. 5093 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata 5094 // +optional 5095 metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 5096 5097 // Spec defines the behavior of the Namespace. 5098 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status 5099 // +optional 5100 Spec NamespaceSpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"` 5101 5102 // Status describes the current status of a Namespace. 5103 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status 5104 // +optional 5105 Status NamespaceStatus `json:"status,omitempty" protobuf:"bytes,3,opt,name=status"` 5106} 5107 5108// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 5109 5110// NamespaceList is a list of Namespaces. 5111type NamespaceList struct { 5112 metav1.TypeMeta `json:",inline"` 5113 // Standard list metadata. 5114 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 5115 // +optional 5116 metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 5117 5118 // Items is the list of Namespace objects in the list. 5119 // More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ 5120 Items []Namespace `json:"items" protobuf:"bytes,2,rep,name=items"` 5121} 5122 5123// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 5124 5125// Binding ties one object to another; for example, a pod is bound to a node by a scheduler. 5126// Deprecated in 1.7, please use the bindings subresource of pods instead. 5127type Binding struct { 5128 metav1.TypeMeta `json:",inline"` 5129 // Standard object's metadata. 5130 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata 5131 // +optional 5132 metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 5133 5134 // The target object that you want to bind to the standard object. 5135 Target ObjectReference `json:"target" protobuf:"bytes,2,opt,name=target"` 5136} 5137 5138// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 5139 5140// A list of ephemeral containers used with the Pod ephemeralcontainers subresource. 5141type EphemeralContainers struct { 5142 metav1.TypeMeta `json:",inline"` 5143 // +optional 5144 metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 5145 5146 // A list of ephemeral containers associated with this pod. New ephemeral containers 5147 // may be appended to this list, but existing ephemeral containers may not be removed 5148 // or modified. 5149 // +patchMergeKey=name 5150 // +patchStrategy=merge 5151 EphemeralContainers []EphemeralContainer `json:"ephemeralContainers" patchStrategy:"merge" patchMergeKey:"name" protobuf:"bytes,2,rep,name=ephemeralContainers"` 5152} 5153 5154// Preconditions must be fulfilled before an operation (update, delete, etc.) is carried out. 5155// +k8s:openapi-gen=false 5156type Preconditions struct { 5157 // Specifies the target UID. 5158 // +optional 5159 UID *types.UID `json:"uid,omitempty" protobuf:"bytes,1,opt,name=uid,casttype=k8s.io/apimachinery/pkg/types.UID"` 5160} 5161 5162// +k8s:conversion-gen:explicit-from=net/url.Values 5163// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 5164 5165// PodLogOptions is the query options for a Pod's logs REST call. 5166type PodLogOptions struct { 5167 metav1.TypeMeta `json:",inline"` 5168 5169 // The container for which to stream logs. Defaults to only container if there is one container in the pod. 5170 // +optional 5171 Container string `json:"container,omitempty" protobuf:"bytes,1,opt,name=container"` 5172 // Follow the log stream of the pod. Defaults to false. 5173 // +optional 5174 Follow bool `json:"follow,omitempty" protobuf:"varint,2,opt,name=follow"` 5175 // Return previous terminated container logs. Defaults to false. 5176 // +optional 5177 Previous bool `json:"previous,omitempty" protobuf:"varint,3,opt,name=previous"` 5178 // A relative time in seconds before the current time from which to show logs. If this value 5179 // precedes the time a pod was started, only logs since the pod start will be returned. 5180 // If this value is in the future, no logs will be returned. 5181 // Only one of sinceSeconds or sinceTime may be specified. 5182 // +optional 5183 SinceSeconds *int64 `json:"sinceSeconds,omitempty" protobuf:"varint,4,opt,name=sinceSeconds"` 5184 // An RFC3339 timestamp from which to show logs. If this value 5185 // precedes the time a pod was started, only logs since the pod start will be returned. 5186 // If this value is in the future, no logs will be returned. 5187 // Only one of sinceSeconds or sinceTime may be specified. 5188 // +optional 5189 SinceTime *metav1.Time `json:"sinceTime,omitempty" protobuf:"bytes,5,opt,name=sinceTime"` 5190 // If true, add an RFC3339 or RFC3339Nano timestamp at the beginning of every line 5191 // of log output. Defaults to false. 5192 // +optional 5193 Timestamps bool `json:"timestamps,omitempty" protobuf:"varint,6,opt,name=timestamps"` 5194 // If set, the number of lines from the end of the logs to show. If not specified, 5195 // logs are shown from the creation of the container or sinceSeconds or sinceTime 5196 // +optional 5197 TailLines *int64 `json:"tailLines,omitempty" protobuf:"varint,7,opt,name=tailLines"` 5198 // If set, the number of bytes to read from the server before terminating the 5199 // log output. This may not display a complete final line of logging, and may return 5200 // slightly more or slightly less than the specified limit. 5201 // +optional 5202 LimitBytes *int64 `json:"limitBytes,omitempty" protobuf:"varint,8,opt,name=limitBytes"` 5203 5204 // insecureSkipTLSVerifyBackend indicates that the apiserver should not confirm the validity of the 5205 // serving certificate of the backend it is connecting to. This will make the HTTPS connection between the apiserver 5206 // and the backend insecure. This means the apiserver cannot verify the log data it is receiving came from the real 5207 // kubelet. If the kubelet is configured to verify the apiserver's TLS credentials, it does not mean the 5208 // connection to the real kubelet is vulnerable to a man in the middle attack (e.g. an attacker could not intercept 5209 // the actual log data coming from the real kubelet). 5210 // +optional 5211 InsecureSkipTLSVerifyBackend bool `json:"insecureSkipTLSVerifyBackend,omitempty" protobuf:"varint,9,opt,name=insecureSkipTLSVerifyBackend"` 5212} 5213 5214// +k8s:conversion-gen:explicit-from=net/url.Values 5215// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 5216 5217// PodAttachOptions is the query options to a Pod's remote attach call. 5218// --- 5219// TODO: merge w/ PodExecOptions below for stdin, stdout, etc 5220// and also when we cut V2, we should export a "StreamOptions" or somesuch that contains Stdin, Stdout, Stder and TTY 5221type PodAttachOptions struct { 5222 metav1.TypeMeta `json:",inline"` 5223 5224 // Stdin if true, redirects the standard input stream of the pod for this call. 5225 // Defaults to false. 5226 // +optional 5227 Stdin bool `json:"stdin,omitempty" protobuf:"varint,1,opt,name=stdin"` 5228 5229 // Stdout if true indicates that stdout is to be redirected for the attach call. 5230 // Defaults to true. 5231 // +optional 5232 Stdout bool `json:"stdout,omitempty" protobuf:"varint,2,opt,name=stdout"` 5233 5234 // Stderr if true indicates that stderr is to be redirected for the attach call. 5235 // Defaults to true. 5236 // +optional 5237 Stderr bool `json:"stderr,omitempty" protobuf:"varint,3,opt,name=stderr"` 5238 5239 // TTY if true indicates that a tty will be allocated for the attach call. 5240 // This is passed through the container runtime so the tty 5241 // is allocated on the worker node by the container runtime. 5242 // Defaults to false. 5243 // +optional 5244 TTY bool `json:"tty,omitempty" protobuf:"varint,4,opt,name=tty"` 5245 5246 // The container in which to execute the command. 5247 // Defaults to only container if there is only one container in the pod. 5248 // +optional 5249 Container string `json:"container,omitempty" protobuf:"bytes,5,opt,name=container"` 5250} 5251 5252// +k8s:conversion-gen:explicit-from=net/url.Values 5253// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 5254 5255// PodExecOptions is the query options to a Pod's remote exec call. 5256// --- 5257// TODO: This is largely identical to PodAttachOptions above, make sure they stay in sync and see about merging 5258// and also when we cut V2, we should export a "StreamOptions" or somesuch that contains Stdin, Stdout, Stder and TTY 5259type PodExecOptions struct { 5260 metav1.TypeMeta `json:",inline"` 5261 5262 // Redirect the standard input stream of the pod for this call. 5263 // Defaults to false. 5264 // +optional 5265 Stdin bool `json:"stdin,omitempty" protobuf:"varint,1,opt,name=stdin"` 5266 5267 // Redirect the standard output stream of the pod for this call. 5268 // Defaults to true. 5269 // +optional 5270 Stdout bool `json:"stdout,omitempty" protobuf:"varint,2,opt,name=stdout"` 5271 5272 // Redirect the standard error stream of the pod for this call. 5273 // Defaults to true. 5274 // +optional 5275 Stderr bool `json:"stderr,omitempty" protobuf:"varint,3,opt,name=stderr"` 5276 5277 // TTY if true indicates that a tty will be allocated for the exec call. 5278 // Defaults to false. 5279 // +optional 5280 TTY bool `json:"tty,omitempty" protobuf:"varint,4,opt,name=tty"` 5281 5282 // Container in which to execute the command. 5283 // Defaults to only container if there is only one container in the pod. 5284 // +optional 5285 Container string `json:"container,omitempty" protobuf:"bytes,5,opt,name=container"` 5286 5287 // Command is the remote command to execute. argv array. Not executed within a shell. 5288 Command []string `json:"command" protobuf:"bytes,6,rep,name=command"` 5289} 5290 5291// +k8s:conversion-gen:explicit-from=net/url.Values 5292// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 5293 5294// PodPortForwardOptions is the query options to a Pod's port forward call 5295// when using WebSockets. 5296// The `port` query parameter must specify the port or 5297// ports (comma separated) to forward over. 5298// Port forwarding over SPDY does not use these options. It requires the port 5299// to be passed in the `port` header as part of request. 5300type PodPortForwardOptions struct { 5301 metav1.TypeMeta `json:",inline"` 5302 5303 // List of ports to forward 5304 // Required when using WebSockets 5305 // +optional 5306 Ports []int32 `json:"ports,omitempty" protobuf:"varint,1,rep,name=ports"` 5307} 5308 5309// +k8s:conversion-gen:explicit-from=net/url.Values 5310// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 5311 5312// PodProxyOptions is the query options to a Pod's proxy call. 5313type PodProxyOptions struct { 5314 metav1.TypeMeta `json:",inline"` 5315 5316 // Path is the URL path to use for the current proxy request to pod. 5317 // +optional 5318 Path string `json:"path,omitempty" protobuf:"bytes,1,opt,name=path"` 5319} 5320 5321// +k8s:conversion-gen:explicit-from=net/url.Values 5322// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 5323 5324// NodeProxyOptions is the query options to a Node's proxy call. 5325type NodeProxyOptions struct { 5326 metav1.TypeMeta `json:",inline"` 5327 5328 // Path is the URL path to use for the current proxy request to node. 5329 // +optional 5330 Path string `json:"path,omitempty" protobuf:"bytes,1,opt,name=path"` 5331} 5332 5333// +k8s:conversion-gen:explicit-from=net/url.Values 5334// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 5335 5336// ServiceProxyOptions is the query options to a Service's proxy call. 5337type ServiceProxyOptions struct { 5338 metav1.TypeMeta `json:",inline"` 5339 5340 // Path is the part of URLs that include service endpoints, suffixes, 5341 // and parameters to use for the current proxy request to service. 5342 // For example, the whole request URL is 5343 // http://localhost/api/v1/namespaces/kube-system/services/elasticsearch-logging/_search?q=user:kimchy. 5344 // Path is _search?q=user:kimchy. 5345 // +optional 5346 Path string `json:"path,omitempty" protobuf:"bytes,1,opt,name=path"` 5347} 5348 5349// ObjectReference contains enough information to let you inspect or modify the referred object. 5350// --- 5351// New uses of this type are discouraged because of difficulty describing its usage when embedded in APIs. 5352// 1. Ignored fields. It includes many fields which are not generally honored. For instance, ResourceVersion and FieldPath are both very rarely valid in actual usage. 5353// 2. Invalid usage help. It is impossible to add specific help for individual usage. In most embedded usages, there are particular 5354// restrictions like, "must refer only to types A and B" or "UID not honored" or "name must be restricted". 5355// Those cannot be well described when embedded. 5356// 3. Inconsistent validation. Because the usages are different, the validation rules are different by usage, which makes it hard for users to predict what will happen. 5357// 4. The fields are both imprecise and overly precise. Kind is not a precise mapping to a URL. This can produce ambiguity 5358// during interpretation and require a REST mapping. In most cases, the dependency is on the group,resource tuple 5359// and the version of the actual struct is irrelevant. 5360// 5. We cannot easily change it. Because this type is embedded in many locations, updates to this type 5361// will affect numerous schemas. Don't make new APIs embed an underspecified API type they do not control. 5362// Instead of using this type, create a locally provided and used type that is well-focused on your reference. 5363// For example, ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 . 5364// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 5365type ObjectReference struct { 5366 // Kind of the referent. 5367 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 5368 // +optional 5369 Kind string `json:"kind,omitempty" protobuf:"bytes,1,opt,name=kind"` 5370 // Namespace of the referent. 5371 // More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ 5372 // +optional 5373 Namespace string `json:"namespace,omitempty" protobuf:"bytes,2,opt,name=namespace"` 5374 // Name of the referent. 5375 // More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5376 // +optional 5377 Name string `json:"name,omitempty" protobuf:"bytes,3,opt,name=name"` 5378 // UID of the referent. 5379 // More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids 5380 // +optional 5381 UID types.UID `json:"uid,omitempty" protobuf:"bytes,4,opt,name=uid,casttype=k8s.io/apimachinery/pkg/types.UID"` 5382 // API version of the referent. 5383 // +optional 5384 APIVersion string `json:"apiVersion,omitempty" protobuf:"bytes,5,opt,name=apiVersion"` 5385 // Specific resourceVersion to which this reference is made, if any. 5386 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency 5387 // +optional 5388 ResourceVersion string `json:"resourceVersion,omitempty" protobuf:"bytes,6,opt,name=resourceVersion"` 5389 5390 // If referring to a piece of an object instead of an entire object, this string 5391 // should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. 5392 // For example, if the object reference is to a container within a pod, this would take on a value like: 5393 // "spec.containers{name}" (where "name" refers to the name of the container that triggered 5394 // the event) or if no container name is specified "spec.containers[2]" (container with 5395 // index 2 in this pod). This syntax is chosen only to have some well-defined way of 5396 // referencing a part of an object. 5397 // TODO: this design is not final and this field is subject to change in the future. 5398 // +optional 5399 FieldPath string `json:"fieldPath,omitempty" protobuf:"bytes,7,opt,name=fieldPath"` 5400} 5401 5402// LocalObjectReference contains enough information to let you locate the 5403// referenced object inside the same namespace. 5404type LocalObjectReference struct { 5405 // Name of the referent. 5406 // More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5407 // TODO: Add other useful fields. apiVersion, kind, uid? 5408 // +optional 5409 Name string `json:"name,omitempty" protobuf:"bytes,1,opt,name=name"` 5410} 5411 5412// TypedLocalObjectReference contains enough information to let you locate the 5413// typed referenced object inside the same namespace. 5414type TypedLocalObjectReference struct { 5415 // APIGroup is the group for the resource being referenced. 5416 // If APIGroup is not specified, the specified Kind must be in the core API group. 5417 // For any other third-party types, APIGroup is required. 5418 // +optional 5419 APIGroup *string `json:"apiGroup" protobuf:"bytes,1,opt,name=apiGroup"` 5420 // Kind is the type of resource being referenced 5421 Kind string `json:"kind" protobuf:"bytes,2,opt,name=kind"` 5422 // Name is the name of resource being referenced 5423 Name string `json:"name" protobuf:"bytes,3,opt,name=name"` 5424} 5425 5426// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 5427 5428// SerializedReference is a reference to serialized object. 5429type SerializedReference struct { 5430 metav1.TypeMeta `json:",inline"` 5431 // The reference to an object in the system. 5432 // +optional 5433 Reference ObjectReference `json:"reference,omitempty" protobuf:"bytes,1,opt,name=reference"` 5434} 5435 5436// EventSource contains information for an event. 5437type EventSource struct { 5438 // Component from which the event is generated. 5439 // +optional 5440 Component string `json:"component,omitempty" protobuf:"bytes,1,opt,name=component"` 5441 // Node name on which the event is generated. 5442 // +optional 5443 Host string `json:"host,omitempty" protobuf:"bytes,2,opt,name=host"` 5444} 5445 5446// Valid values for event types (new types could be added in future) 5447const ( 5448 // Information only and will not cause any problems 5449 EventTypeNormal string = "Normal" 5450 // These events are to warn that something might go wrong 5451 EventTypeWarning string = "Warning" 5452) 5453 5454// +genclient 5455// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 5456 5457// Event is a report of an event somewhere in the cluster. Events 5458// have a limited retention time and triggers and messages may evolve 5459// with time. Event consumers should not rely on the timing of an event 5460// with a given Reason reflecting a consistent underlying trigger, or the 5461// continued existence of events with that Reason. Events should be 5462// treated as informative, best-effort, supplemental data. 5463type Event struct { 5464 metav1.TypeMeta `json:",inline"` 5465 // Standard object's metadata. 5466 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata 5467 metav1.ObjectMeta `json:"metadata" protobuf:"bytes,1,opt,name=metadata"` 5468 5469 // The object that this event is about. 5470 InvolvedObject ObjectReference `json:"involvedObject" protobuf:"bytes,2,opt,name=involvedObject"` 5471 5472 // This should be a short, machine understandable string that gives the reason 5473 // for the transition into the object's current status. 5474 // TODO: provide exact specification for format. 5475 // +optional 5476 Reason string `json:"reason,omitempty" protobuf:"bytes,3,opt,name=reason"` 5477 5478 // A human-readable description of the status of this operation. 5479 // TODO: decide on maximum length. 5480 // +optional 5481 Message string `json:"message,omitempty" protobuf:"bytes,4,opt,name=message"` 5482 5483 // The component reporting this event. Should be a short machine understandable string. 5484 // +optional 5485 Source EventSource `json:"source,omitempty" protobuf:"bytes,5,opt,name=source"` 5486 5487 // The time at which the event was first recorded. (Time of server receipt is in TypeMeta.) 5488 // +optional 5489 FirstTimestamp metav1.Time `json:"firstTimestamp,omitempty" protobuf:"bytes,6,opt,name=firstTimestamp"` 5490 5491 // The time at which the most recent occurrence of this event was recorded. 5492 // +optional 5493 LastTimestamp metav1.Time `json:"lastTimestamp,omitempty" protobuf:"bytes,7,opt,name=lastTimestamp"` 5494 5495 // The number of times this event has occurred. 5496 // +optional 5497 Count int32 `json:"count,omitempty" protobuf:"varint,8,opt,name=count"` 5498 5499 // Type of this event (Normal, Warning), new types could be added in the future 5500 // +optional 5501 Type string `json:"type,omitempty" protobuf:"bytes,9,opt,name=type"` 5502 5503 // Time when this Event was first observed. 5504 // +optional 5505 EventTime metav1.MicroTime `json:"eventTime,omitempty" protobuf:"bytes,10,opt,name=eventTime"` 5506 5507 // Data about the Event series this event represents or nil if it's a singleton Event. 5508 // +optional 5509 Series *EventSeries `json:"series,omitempty" protobuf:"bytes,11,opt,name=series"` 5510 5511 // What action was taken/failed regarding to the Regarding object. 5512 // +optional 5513 Action string `json:"action,omitempty" protobuf:"bytes,12,opt,name=action"` 5514 5515 // Optional secondary object for more complex actions. 5516 // +optional 5517 Related *ObjectReference `json:"related,omitempty" protobuf:"bytes,13,opt,name=related"` 5518 5519 // Name of the controller that emitted this Event, e.g. `kubernetes.io/kubelet`. 5520 // +optional 5521 ReportingController string `json:"reportingComponent" protobuf:"bytes,14,opt,name=reportingComponent"` 5522 5523 // ID of the controller instance, e.g. `kubelet-xyzf`. 5524 // +optional 5525 ReportingInstance string `json:"reportingInstance" protobuf:"bytes,15,opt,name=reportingInstance"` 5526} 5527 5528// EventSeries contain information on series of events, i.e. thing that was/is happening 5529// continuously for some time. 5530type EventSeries struct { 5531 // Number of occurrences in this series up to the last heartbeat time 5532 Count int32 `json:"count,omitempty" protobuf:"varint,1,name=count"` 5533 // Time of the last occurrence observed 5534 LastObservedTime metav1.MicroTime `json:"lastObservedTime,omitempty" protobuf:"bytes,2,name=lastObservedTime"` 5535 5536 // +k8s:deprecated=state,protobuf=3 5537} 5538 5539// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 5540 5541// EventList is a list of events. 5542type EventList struct { 5543 metav1.TypeMeta `json:",inline"` 5544 // Standard list metadata. 5545 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 5546 // +optional 5547 metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 5548 5549 // List of events 5550 Items []Event `json:"items" protobuf:"bytes,2,rep,name=items"` 5551} 5552 5553// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 5554 5555// List holds a list of objects, which may not be known by the server. 5556type List metav1.List 5557 5558// LimitType is a type of object that is limited 5559type LimitType string 5560 5561const ( 5562 // Limit that applies to all pods in a namespace 5563 LimitTypePod LimitType = "Pod" 5564 // Limit that applies to all containers in a namespace 5565 LimitTypeContainer LimitType = "Container" 5566 // Limit that applies to all persistent volume claims in a namespace 5567 LimitTypePersistentVolumeClaim LimitType = "PersistentVolumeClaim" 5568) 5569 5570// LimitRangeItem defines a min/max usage limit for any resource that matches on kind. 5571type LimitRangeItem struct { 5572 // Type of resource that this limit applies to. 5573 Type LimitType `json:"type" protobuf:"bytes,1,opt,name=type,casttype=LimitType"` 5574 // Max usage constraints on this kind by resource name. 5575 // +optional 5576 Max ResourceList `json:"max,omitempty" protobuf:"bytes,2,rep,name=max,casttype=ResourceList,castkey=ResourceName"` 5577 // Min usage constraints on this kind by resource name. 5578 // +optional 5579 Min ResourceList `json:"min,omitempty" protobuf:"bytes,3,rep,name=min,casttype=ResourceList,castkey=ResourceName"` 5580 // Default resource requirement limit value by resource name if resource limit is omitted. 5581 // +optional 5582 Default ResourceList `json:"default,omitempty" protobuf:"bytes,4,rep,name=default,casttype=ResourceList,castkey=ResourceName"` 5583 // DefaultRequest is the default resource requirement request value by resource name if resource request is omitted. 5584 // +optional 5585 DefaultRequest ResourceList `json:"defaultRequest,omitempty" protobuf:"bytes,5,rep,name=defaultRequest,casttype=ResourceList,castkey=ResourceName"` 5586 // MaxLimitRequestRatio if specified, the named resource must have a request and limit that are both non-zero where limit divided by request is less than or equal to the enumerated value; this represents the max burst for the named resource. 5587 // +optional 5588 MaxLimitRequestRatio ResourceList `json:"maxLimitRequestRatio,omitempty" protobuf:"bytes,6,rep,name=maxLimitRequestRatio,casttype=ResourceList,castkey=ResourceName"` 5589} 5590 5591// LimitRangeSpec defines a min/max usage limit for resources that match on kind. 5592type LimitRangeSpec struct { 5593 // Limits is the list of LimitRangeItem objects that are enforced. 5594 Limits []LimitRangeItem `json:"limits" protobuf:"bytes,1,rep,name=limits"` 5595} 5596 5597// +genclient 5598// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 5599 5600// LimitRange sets resource usage limits for each kind of resource in a Namespace. 5601type LimitRange struct { 5602 metav1.TypeMeta `json:",inline"` 5603 // Standard object's metadata. 5604 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata 5605 // +optional 5606 metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 5607 5608 // Spec defines the limits enforced. 5609 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status 5610 // +optional 5611 Spec LimitRangeSpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"` 5612} 5613 5614// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 5615 5616// LimitRangeList is a list of LimitRange items. 5617type LimitRangeList struct { 5618 metav1.TypeMeta `json:",inline"` 5619 // Standard list metadata. 5620 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 5621 // +optional 5622 metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 5623 5624 // Items is a list of LimitRange objects. 5625 // More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ 5626 Items []LimitRange `json:"items" protobuf:"bytes,2,rep,name=items"` 5627} 5628 5629// The following identify resource constants for Kubernetes object types 5630const ( 5631 // Pods, number 5632 ResourcePods ResourceName = "pods" 5633 // Services, number 5634 ResourceServices ResourceName = "services" 5635 // ReplicationControllers, number 5636 ResourceReplicationControllers ResourceName = "replicationcontrollers" 5637 // ResourceQuotas, number 5638 ResourceQuotas ResourceName = "resourcequotas" 5639 // ResourceSecrets, number 5640 ResourceSecrets ResourceName = "secrets" 5641 // ResourceConfigMaps, number 5642 ResourceConfigMaps ResourceName = "configmaps" 5643 // ResourcePersistentVolumeClaims, number 5644 ResourcePersistentVolumeClaims ResourceName = "persistentvolumeclaims" 5645 // ResourceServicesNodePorts, number 5646 ResourceServicesNodePorts ResourceName = "services.nodeports" 5647 // ResourceServicesLoadBalancers, number 5648 ResourceServicesLoadBalancers ResourceName = "services.loadbalancers" 5649 // CPU request, in cores. (500m = .5 cores) 5650 ResourceRequestsCPU ResourceName = "requests.cpu" 5651 // Memory request, in bytes. (500Gi = 500GiB = 500 * 1024 * 1024 * 1024) 5652 ResourceRequestsMemory ResourceName = "requests.memory" 5653 // Storage request, in bytes 5654 ResourceRequestsStorage ResourceName = "requests.storage" 5655 // Local ephemeral storage request, in bytes. (500Gi = 500GiB = 500 * 1024 * 1024 * 1024) 5656 ResourceRequestsEphemeralStorage ResourceName = "requests.ephemeral-storage" 5657 // CPU limit, in cores. (500m = .5 cores) 5658 ResourceLimitsCPU ResourceName = "limits.cpu" 5659 // Memory limit, in bytes. (500Gi = 500GiB = 500 * 1024 * 1024 * 1024) 5660 ResourceLimitsMemory ResourceName = "limits.memory" 5661 // Local ephemeral storage limit, in bytes. (500Gi = 500GiB = 500 * 1024 * 1024 * 1024) 5662 ResourceLimitsEphemeralStorage ResourceName = "limits.ephemeral-storage" 5663) 5664 5665// The following identify resource prefix for Kubernetes object types 5666const ( 5667 // HugePages request, in bytes. (500Gi = 500GiB = 500 * 1024 * 1024 * 1024) 5668 // As burst is not supported for HugePages, we would only quota its request, and ignore the limit. 5669 ResourceRequestsHugePagesPrefix = "requests.hugepages-" 5670 // Default resource requests prefix 5671 DefaultResourceRequestsPrefix = "requests." 5672) 5673 5674// A ResourceQuotaScope defines a filter that must match each object tracked by a quota 5675type ResourceQuotaScope string 5676 5677const ( 5678 // Match all pod objects where spec.activeDeadlineSeconds >=0 5679 ResourceQuotaScopeTerminating ResourceQuotaScope = "Terminating" 5680 // Match all pod objects where spec.activeDeadlineSeconds is nil 5681 ResourceQuotaScopeNotTerminating ResourceQuotaScope = "NotTerminating" 5682 // Match all pod objects that have best effort quality of service 5683 ResourceQuotaScopeBestEffort ResourceQuotaScope = "BestEffort" 5684 // Match all pod objects that do not have best effort quality of service 5685 ResourceQuotaScopeNotBestEffort ResourceQuotaScope = "NotBestEffort" 5686 // Match all pod objects that have priority class mentioned 5687 ResourceQuotaScopePriorityClass ResourceQuotaScope = "PriorityClass" 5688 // Match all pod objects that have cross-namespace pod (anti)affinity mentioned. 5689 // This is an alpha feature enabled by the PodAffinityNamespaceSelector feature flag. 5690 ResourceQuotaScopeCrossNamespacePodAffinity ResourceQuotaScope = "CrossNamespacePodAffinity" 5691) 5692 5693// ResourceQuotaSpec defines the desired hard limits to enforce for Quota. 5694type ResourceQuotaSpec struct { 5695 // hard is the set of desired hard limits for each named resource. 5696 // More info: https://kubernetes.io/docs/concepts/policy/resource-quotas/ 5697 // +optional 5698 Hard ResourceList `json:"hard,omitempty" protobuf:"bytes,1,rep,name=hard,casttype=ResourceList,castkey=ResourceName"` 5699 // A collection of filters that must match each object tracked by a quota. 5700 // If not specified, the quota matches all objects. 5701 // +optional 5702 Scopes []ResourceQuotaScope `json:"scopes,omitempty" protobuf:"bytes,2,rep,name=scopes,casttype=ResourceQuotaScope"` 5703 // scopeSelector is also a collection of filters like scopes that must match each object tracked by a quota 5704 // but expressed using ScopeSelectorOperator in combination with possible values. 5705 // For a resource to match, both scopes AND scopeSelector (if specified in spec), must be matched. 5706 // +optional 5707 ScopeSelector *ScopeSelector `json:"scopeSelector,omitempty" protobuf:"bytes,3,opt,name=scopeSelector"` 5708} 5709 5710// A scope selector represents the AND of the selectors represented 5711// by the scoped-resource selector requirements. 5712type ScopeSelector struct { 5713 // A list of scope selector requirements by scope of the resources. 5714 // +optional 5715 MatchExpressions []ScopedResourceSelectorRequirement `json:"matchExpressions,omitempty" protobuf:"bytes,1,rep,name=matchExpressions"` 5716} 5717 5718// A scoped-resource selector requirement is a selector that contains values, a scope name, and an operator 5719// that relates the scope name and values. 5720type ScopedResourceSelectorRequirement struct { 5721 // The name of the scope that the selector applies to. 5722 ScopeName ResourceQuotaScope `json:"scopeName" protobuf:"bytes,1,opt,name=scopeName"` 5723 // Represents a scope's relationship to a set of values. 5724 // Valid operators are In, NotIn, Exists, DoesNotExist. 5725 Operator ScopeSelectorOperator `json:"operator" protobuf:"bytes,2,opt,name=operator,casttype=ScopedResourceSelectorOperator"` 5726 // An array of string values. If the operator is In or NotIn, 5727 // the values array must be non-empty. If the operator is Exists or DoesNotExist, 5728 // the values array must be empty. 5729 // This array is replaced during a strategic merge patch. 5730 // +optional 5731 Values []string `json:"values,omitempty" protobuf:"bytes,3,rep,name=values"` 5732} 5733 5734// A scope selector operator is the set of operators that can be used in 5735// a scope selector requirement. 5736type ScopeSelectorOperator string 5737 5738const ( 5739 ScopeSelectorOpIn ScopeSelectorOperator = "In" 5740 ScopeSelectorOpNotIn ScopeSelectorOperator = "NotIn" 5741 ScopeSelectorOpExists ScopeSelectorOperator = "Exists" 5742 ScopeSelectorOpDoesNotExist ScopeSelectorOperator = "DoesNotExist" 5743) 5744 5745// ResourceQuotaStatus defines the enforced hard limits and observed use. 5746type ResourceQuotaStatus struct { 5747 // Hard is the set of enforced hard limits for each named resource. 5748 // More info: https://kubernetes.io/docs/concepts/policy/resource-quotas/ 5749 // +optional 5750 Hard ResourceList `json:"hard,omitempty" protobuf:"bytes,1,rep,name=hard,casttype=ResourceList,castkey=ResourceName"` 5751 // Used is the current observed total usage of the resource in the namespace. 5752 // +optional 5753 Used ResourceList `json:"used,omitempty" protobuf:"bytes,2,rep,name=used,casttype=ResourceList,castkey=ResourceName"` 5754} 5755 5756// +genclient 5757// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 5758 5759// ResourceQuota sets aggregate quota restrictions enforced per namespace 5760type ResourceQuota struct { 5761 metav1.TypeMeta `json:",inline"` 5762 // Standard object's metadata. 5763 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata 5764 // +optional 5765 metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 5766 5767 // Spec defines the desired quota. 5768 // https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status 5769 // +optional 5770 Spec ResourceQuotaSpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"` 5771 5772 // Status defines the actual enforced quota and its current usage. 5773 // https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status 5774 // +optional 5775 Status ResourceQuotaStatus `json:"status,omitempty" protobuf:"bytes,3,opt,name=status"` 5776} 5777 5778// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 5779 5780// ResourceQuotaList is a list of ResourceQuota items. 5781type ResourceQuotaList struct { 5782 metav1.TypeMeta `json:",inline"` 5783 // Standard list metadata. 5784 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 5785 // +optional 5786 metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 5787 5788 // Items is a list of ResourceQuota objects. 5789 // More info: https://kubernetes.io/docs/concepts/policy/resource-quotas/ 5790 Items []ResourceQuota `json:"items" protobuf:"bytes,2,rep,name=items"` 5791} 5792 5793// +genclient 5794// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 5795 5796// Secret holds secret data of a certain type. The total bytes of the values in 5797// the Data field must be less than MaxSecretSize bytes. 5798type Secret struct { 5799 metav1.TypeMeta `json:",inline"` 5800 // Standard object's metadata. 5801 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata 5802 // +optional 5803 metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 5804 5805 // Immutable, if set to true, ensures that data stored in the Secret cannot 5806 // be updated (only object metadata can be modified). 5807 // If not set to true, the field can be modified at any time. 5808 // Defaulted to nil. 5809 // +optional 5810 Immutable *bool `json:"immutable,omitempty" protobuf:"varint,5,opt,name=immutable"` 5811 5812 // Data contains the secret data. Each key must consist of alphanumeric 5813 // characters, '-', '_' or '.'. The serialized form of the secret data is a 5814 // base64 encoded string, representing the arbitrary (possibly non-string) 5815 // data value here. Described in https://tools.ietf.org/html/rfc4648#section-4 5816 // +optional 5817 Data map[string][]byte `json:"data,omitempty" protobuf:"bytes,2,rep,name=data"` 5818 5819 // stringData allows specifying non-binary secret data in string form. 5820 // It is provided as a write-only input field for convenience. 5821 // All keys and values are merged into the data field on write, overwriting any existing values. 5822 // The stringData field is never output when reading from the API. 5823 // +k8s:conversion-gen=false 5824 // +optional 5825 StringData map[string]string `json:"stringData,omitempty" protobuf:"bytes,4,rep,name=stringData"` 5826 5827 // Used to facilitate programmatic handling of secret data. 5828 // +optional 5829 Type SecretType `json:"type,omitempty" protobuf:"bytes,3,opt,name=type,casttype=SecretType"` 5830} 5831 5832const MaxSecretSize = 1 * 1024 * 1024 5833 5834type SecretType string 5835 5836const ( 5837 // SecretTypeOpaque is the default. Arbitrary user-defined data 5838 SecretTypeOpaque SecretType = "Opaque" 5839 5840 // SecretTypeServiceAccountToken contains a token that identifies a service account to the API 5841 // 5842 // Required fields: 5843 // - Secret.Annotations["kubernetes.io/service-account.name"] - the name of the ServiceAccount the token identifies 5844 // - Secret.Annotations["kubernetes.io/service-account.uid"] - the UID of the ServiceAccount the token identifies 5845 // - Secret.Data["token"] - a token that identifies the service account to the API 5846 SecretTypeServiceAccountToken SecretType = "kubernetes.io/service-account-token" 5847 5848 // ServiceAccountNameKey is the key of the required annotation for SecretTypeServiceAccountToken secrets 5849 ServiceAccountNameKey = "kubernetes.io/service-account.name" 5850 // ServiceAccountUIDKey is the key of the required annotation for SecretTypeServiceAccountToken secrets 5851 ServiceAccountUIDKey = "kubernetes.io/service-account.uid" 5852 // ServiceAccountTokenKey is the key of the required data for SecretTypeServiceAccountToken secrets 5853 ServiceAccountTokenKey = "token" 5854 // ServiceAccountKubeconfigKey is the key of the optional kubeconfig data for SecretTypeServiceAccountToken secrets 5855 ServiceAccountKubeconfigKey = "kubernetes.kubeconfig" 5856 // ServiceAccountRootCAKey is the key of the optional root certificate authority for SecretTypeServiceAccountToken secrets 5857 ServiceAccountRootCAKey = "ca.crt" 5858 // ServiceAccountNamespaceKey is the key of the optional namespace to use as the default for namespaced API calls 5859 ServiceAccountNamespaceKey = "namespace" 5860 5861 // SecretTypeDockercfg contains a dockercfg file that follows the same format rules as ~/.dockercfg 5862 // 5863 // Required fields: 5864 // - Secret.Data[".dockercfg"] - a serialized ~/.dockercfg file 5865 SecretTypeDockercfg SecretType = "kubernetes.io/dockercfg" 5866 5867 // DockerConfigKey is the key of the required data for SecretTypeDockercfg secrets 5868 DockerConfigKey = ".dockercfg" 5869 5870 // SecretTypeDockerConfigJson contains a dockercfg file that follows the same format rules as ~/.docker/config.json 5871 // 5872 // Required fields: 5873 // - Secret.Data[".dockerconfigjson"] - a serialized ~/.docker/config.json file 5874 SecretTypeDockerConfigJson SecretType = "kubernetes.io/dockerconfigjson" 5875 5876 // DockerConfigJsonKey is the key of the required data for SecretTypeDockerConfigJson secrets 5877 DockerConfigJsonKey = ".dockerconfigjson" 5878 5879 // SecretTypeBasicAuth contains data needed for basic authentication. 5880 // 5881 // Required at least one of fields: 5882 // - Secret.Data["username"] - username used for authentication 5883 // - Secret.Data["password"] - password or token needed for authentication 5884 SecretTypeBasicAuth SecretType = "kubernetes.io/basic-auth" 5885 5886 // BasicAuthUsernameKey is the key of the username for SecretTypeBasicAuth secrets 5887 BasicAuthUsernameKey = "username" 5888 // BasicAuthPasswordKey is the key of the password or token for SecretTypeBasicAuth secrets 5889 BasicAuthPasswordKey = "password" 5890 5891 // SecretTypeSSHAuth contains data needed for SSH authetication. 5892 // 5893 // Required field: 5894 // - Secret.Data["ssh-privatekey"] - private SSH key needed for authentication 5895 SecretTypeSSHAuth SecretType = "kubernetes.io/ssh-auth" 5896 5897 // SSHAuthPrivateKey is the key of the required SSH private key for SecretTypeSSHAuth secrets 5898 SSHAuthPrivateKey = "ssh-privatekey" 5899 // SecretTypeTLS contains information about a TLS client or server secret. It 5900 // is primarily used with TLS termination of the Ingress resource, but may be 5901 // used in other types. 5902 // 5903 // Required fields: 5904 // - Secret.Data["tls.key"] - TLS private key. 5905 // Secret.Data["tls.crt"] - TLS certificate. 5906 // TODO: Consider supporting different formats, specifying CA/destinationCA. 5907 SecretTypeTLS SecretType = "kubernetes.io/tls" 5908 5909 // TLSCertKey is the key for tls certificates in a TLS secert. 5910 TLSCertKey = "tls.crt" 5911 // TLSPrivateKeyKey is the key for the private key field in a TLS secret. 5912 TLSPrivateKeyKey = "tls.key" 5913 // SecretTypeBootstrapToken is used during the automated bootstrap process (first 5914 // implemented by kubeadm). It stores tokens that are used to sign well known 5915 // ConfigMaps. They are used for authn. 5916 SecretTypeBootstrapToken SecretType = "bootstrap.kubernetes.io/token" 5917) 5918 5919// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 5920 5921// SecretList is a list of Secret. 5922type SecretList struct { 5923 metav1.TypeMeta `json:",inline"` 5924 // Standard list metadata. 5925 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 5926 // +optional 5927 metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 5928 5929 // Items is a list of secret objects. 5930 // More info: https://kubernetes.io/docs/concepts/configuration/secret 5931 Items []Secret `json:"items" protobuf:"bytes,2,rep,name=items"` 5932} 5933 5934// +genclient 5935// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 5936 5937// ConfigMap holds configuration data for pods to consume. 5938type ConfigMap struct { 5939 metav1.TypeMeta `json:",inline"` 5940 // Standard object's metadata. 5941 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata 5942 // +optional 5943 metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 5944 5945 // Immutable, if set to true, ensures that data stored in the ConfigMap cannot 5946 // be updated (only object metadata can be modified). 5947 // If not set to true, the field can be modified at any time. 5948 // Defaulted to nil. 5949 // +optional 5950 Immutable *bool `json:"immutable,omitempty" protobuf:"varint,4,opt,name=immutable"` 5951 5952 // Data contains the configuration data. 5953 // Each key must consist of alphanumeric characters, '-', '_' or '.'. 5954 // Values with non-UTF-8 byte sequences must use the BinaryData field. 5955 // The keys stored in Data must not overlap with the keys in 5956 // the BinaryData field, this is enforced during validation process. 5957 // +optional 5958 Data map[string]string `json:"data,omitempty" protobuf:"bytes,2,rep,name=data"` 5959 5960 // BinaryData contains the binary data. 5961 // Each key must consist of alphanumeric characters, '-', '_' or '.'. 5962 // BinaryData can contain byte sequences that are not in the UTF-8 range. 5963 // The keys stored in BinaryData must not overlap with the ones in 5964 // the Data field, this is enforced during validation process. 5965 // Using this field will require 1.10+ apiserver and 5966 // kubelet. 5967 // +optional 5968 BinaryData map[string][]byte `json:"binaryData,omitempty" protobuf:"bytes,3,rep,name=binaryData"` 5969} 5970 5971// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 5972 5973// ConfigMapList is a resource containing a list of ConfigMap objects. 5974type ConfigMapList struct { 5975 metav1.TypeMeta `json:",inline"` 5976 5977 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata 5978 // +optional 5979 metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 5980 5981 // Items is the list of ConfigMaps. 5982 Items []ConfigMap `json:"items" protobuf:"bytes,2,rep,name=items"` 5983} 5984 5985// Type and constants for component health validation. 5986type ComponentConditionType string 5987 5988// These are the valid conditions for the component. 5989const ( 5990 ComponentHealthy ComponentConditionType = "Healthy" 5991) 5992 5993// Information about the condition of a component. 5994type ComponentCondition struct { 5995 // Type of condition for a component. 5996 // Valid value: "Healthy" 5997 Type ComponentConditionType `json:"type" protobuf:"bytes,1,opt,name=type,casttype=ComponentConditionType"` 5998 // Status of the condition for a component. 5999 // Valid values for "Healthy": "True", "False", or "Unknown". 6000 Status ConditionStatus `json:"status" protobuf:"bytes,2,opt,name=status,casttype=ConditionStatus"` 6001 // Message about the condition for a component. 6002 // For example, information about a health check. 6003 // +optional 6004 Message string `json:"message,omitempty" protobuf:"bytes,3,opt,name=message"` 6005 // Condition error code for a component. 6006 // For example, a health check error code. 6007 // +optional 6008 Error string `json:"error,omitempty" protobuf:"bytes,4,opt,name=error"` 6009} 6010 6011// +genclient 6012// +genclient:nonNamespaced 6013// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 6014 6015// ComponentStatus (and ComponentStatusList) holds the cluster validation info. 6016// Deprecated: This API is deprecated in v1.19+ 6017type ComponentStatus struct { 6018 metav1.TypeMeta `json:",inline"` 6019 // Standard object's metadata. 6020 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata 6021 // +optional 6022 metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 6023 6024 // List of component conditions observed 6025 // +optional 6026 // +patchMergeKey=type 6027 // +patchStrategy=merge 6028 Conditions []ComponentCondition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,2,rep,name=conditions"` 6029} 6030 6031// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 6032 6033// Status of all the conditions for the component as a list of ComponentStatus objects. 6034// Deprecated: This API is deprecated in v1.19+ 6035type ComponentStatusList struct { 6036 metav1.TypeMeta `json:",inline"` 6037 // Standard list metadata. 6038 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 6039 // +optional 6040 metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 6041 6042 // List of ComponentStatus objects. 6043 Items []ComponentStatus `json:"items" protobuf:"bytes,2,rep,name=items"` 6044} 6045 6046// DownwardAPIVolumeSource represents a volume containing downward API info. 6047// Downward API volumes support ownership management and SELinux relabeling. 6048type DownwardAPIVolumeSource struct { 6049 // Items is a list of downward API volume file 6050 // +optional 6051 Items []DownwardAPIVolumeFile `json:"items,omitempty" protobuf:"bytes,1,rep,name=items"` 6052 // Optional: mode bits to use on created files by default. Must be a 6053 // Optional: mode bits used to set permissions on created files by default. 6054 // Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. 6055 // YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. 6056 // Defaults to 0644. 6057 // Directories within the path are not affected by this setting. 6058 // This might be in conflict with other options that affect the file 6059 // mode, like fsGroup, and the result can be other mode bits set. 6060 // +optional 6061 DefaultMode *int32 `json:"defaultMode,omitempty" protobuf:"varint,2,opt,name=defaultMode"` 6062} 6063 6064const ( 6065 DownwardAPIVolumeSourceDefaultMode int32 = 0644 6066) 6067 6068// DownwardAPIVolumeFile represents information to create the file containing the pod field 6069type DownwardAPIVolumeFile struct { 6070 // Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..' 6071 Path string `json:"path" protobuf:"bytes,1,opt,name=path"` 6072 // Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. 6073 // +optional 6074 FieldRef *ObjectFieldSelector `json:"fieldRef,omitempty" protobuf:"bytes,2,opt,name=fieldRef"` 6075 // Selects a resource of the container: only resources limits and requests 6076 // (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. 6077 // +optional 6078 ResourceFieldRef *ResourceFieldSelector `json:"resourceFieldRef,omitempty" protobuf:"bytes,3,opt,name=resourceFieldRef"` 6079 // Optional: mode bits used to set permissions on this file, must be an octal value 6080 // between 0000 and 0777 or a decimal value between 0 and 511. 6081 // YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. 6082 // If not specified, the volume defaultMode will be used. 6083 // This might be in conflict with other options that affect the file 6084 // mode, like fsGroup, and the result can be other mode bits set. 6085 // +optional 6086 Mode *int32 `json:"mode,omitempty" protobuf:"varint,4,opt,name=mode"` 6087} 6088 6089// Represents downward API info for projecting into a projected volume. 6090// Note that this is identical to a downwardAPI volume source without the default 6091// mode. 6092type DownwardAPIProjection struct { 6093 // Items is a list of DownwardAPIVolume file 6094 // +optional 6095 Items []DownwardAPIVolumeFile `json:"items,omitempty" protobuf:"bytes,1,rep,name=items"` 6096} 6097 6098// SecurityContext holds security configuration that will be applied to a container. 6099// Some fields are present in both SecurityContext and PodSecurityContext. When both 6100// are set, the values in SecurityContext take precedence. 6101type SecurityContext struct { 6102 // The capabilities to add/drop when running containers. 6103 // Defaults to the default set of capabilities granted by the container runtime. 6104 // +optional 6105 Capabilities *Capabilities `json:"capabilities,omitempty" protobuf:"bytes,1,opt,name=capabilities"` 6106 // Run container in privileged mode. 6107 // Processes in privileged containers are essentially equivalent to root on the host. 6108 // Defaults to false. 6109 // +optional 6110 Privileged *bool `json:"privileged,omitempty" protobuf:"varint,2,opt,name=privileged"` 6111 // The SELinux context to be applied to the container. 6112 // If unspecified, the container runtime will allocate a random SELinux context for each 6113 // container. May also be set in PodSecurityContext. If set in both SecurityContext and 6114 // PodSecurityContext, the value specified in SecurityContext takes precedence. 6115 // +optional 6116 SELinuxOptions *SELinuxOptions `json:"seLinuxOptions,omitempty" protobuf:"bytes,3,opt,name=seLinuxOptions"` 6117 // The Windows specific settings applied to all containers. 6118 // If unspecified, the options from the PodSecurityContext will be used. 6119 // If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. 6120 // +optional 6121 WindowsOptions *WindowsSecurityContextOptions `json:"windowsOptions,omitempty" protobuf:"bytes,10,opt,name=windowsOptions"` 6122 // The UID to run the entrypoint of the container process. 6123 // Defaults to user specified in image metadata if unspecified. 6124 // May also be set in PodSecurityContext. If set in both SecurityContext and 6125 // PodSecurityContext, the value specified in SecurityContext takes precedence. 6126 // +optional 6127 RunAsUser *int64 `json:"runAsUser,omitempty" protobuf:"varint,4,opt,name=runAsUser"` 6128 // The GID to run the entrypoint of the container process. 6129 // Uses runtime default if unset. 6130 // May also be set in PodSecurityContext. If set in both SecurityContext and 6131 // PodSecurityContext, the value specified in SecurityContext takes precedence. 6132 // +optional 6133 RunAsGroup *int64 `json:"runAsGroup,omitempty" protobuf:"varint,8,opt,name=runAsGroup"` 6134 // Indicates that the container must run as a non-root user. 6135 // If true, the Kubelet will validate the image at runtime to ensure that it 6136 // does not run as UID 0 (root) and fail to start the container if it does. 6137 // If unset or false, no such validation will be performed. 6138 // May also be set in PodSecurityContext. If set in both SecurityContext and 6139 // PodSecurityContext, the value specified in SecurityContext takes precedence. 6140 // +optional 6141 RunAsNonRoot *bool `json:"runAsNonRoot,omitempty" protobuf:"varint,5,opt,name=runAsNonRoot"` 6142 // Whether this container has a read-only root filesystem. 6143 // Default is false. 6144 // +optional 6145 ReadOnlyRootFilesystem *bool `json:"readOnlyRootFilesystem,omitempty" protobuf:"varint,6,opt,name=readOnlyRootFilesystem"` 6146 // AllowPrivilegeEscalation controls whether a process can gain more 6147 // privileges than its parent process. This bool directly controls if 6148 // the no_new_privs flag will be set on the container process. 6149 // AllowPrivilegeEscalation is true always when the container is: 6150 // 1) run as Privileged 6151 // 2) has CAP_SYS_ADMIN 6152 // +optional 6153 AllowPrivilegeEscalation *bool `json:"allowPrivilegeEscalation,omitempty" protobuf:"varint,7,opt,name=allowPrivilegeEscalation"` 6154 // procMount denotes the type of proc mount to use for the containers. 6155 // The default is DefaultProcMount which uses the container runtime defaults for 6156 // readonly paths and masked paths. 6157 // This requires the ProcMountType feature flag to be enabled. 6158 // +optional 6159 ProcMount *ProcMountType `json:"procMount,omitempty" protobuf:"bytes,9,opt,name=procMount"` 6160 // The seccomp options to use by this container. If seccomp options are 6161 // provided at both the pod & container level, the container options 6162 // override the pod options. 6163 // +optional 6164 SeccompProfile *SeccompProfile `json:"seccompProfile,omitempty" protobuf:"bytes,11,opt,name=seccompProfile"` 6165} 6166 6167type ProcMountType string 6168 6169const ( 6170 // DefaultProcMount uses the container runtime defaults for readonly and masked 6171 // paths for /proc. Most container runtimes mask certain paths in /proc to avoid 6172 // accidental security exposure of special devices or information. 6173 DefaultProcMount ProcMountType = "Default" 6174 6175 // UnmaskedProcMount bypasses the default masking behavior of the container 6176 // runtime and ensures the newly created /proc the container stays in tact with 6177 // no modifications. 6178 UnmaskedProcMount ProcMountType = "Unmasked" 6179) 6180 6181// SELinuxOptions are the labels to be applied to the container 6182type SELinuxOptions struct { 6183 // User is a SELinux user label that applies to the container. 6184 // +optional 6185 User string `json:"user,omitempty" protobuf:"bytes,1,opt,name=user"` 6186 // Role is a SELinux role label that applies to the container. 6187 // +optional 6188 Role string `json:"role,omitempty" protobuf:"bytes,2,opt,name=role"` 6189 // Type is a SELinux type label that applies to the container. 6190 // +optional 6191 Type string `json:"type,omitempty" protobuf:"bytes,3,opt,name=type"` 6192 // Level is SELinux level label that applies to the container. 6193 // +optional 6194 Level string `json:"level,omitempty" protobuf:"bytes,4,opt,name=level"` 6195} 6196 6197// WindowsSecurityContextOptions contain Windows-specific options and credentials. 6198type WindowsSecurityContextOptions struct { 6199 // GMSACredentialSpecName is the name of the GMSA credential spec to use. 6200 // +optional 6201 GMSACredentialSpecName *string `json:"gmsaCredentialSpecName,omitempty" protobuf:"bytes,1,opt,name=gmsaCredentialSpecName"` 6202 6203 // GMSACredentialSpec is where the GMSA admission webhook 6204 // (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the 6205 // GMSA credential spec named by the GMSACredentialSpecName field. 6206 // +optional 6207 GMSACredentialSpec *string `json:"gmsaCredentialSpec,omitempty" protobuf:"bytes,2,opt,name=gmsaCredentialSpec"` 6208 6209 // The UserName in Windows to run the entrypoint of the container process. 6210 // Defaults to the user specified in image metadata if unspecified. 6211 // May also be set in PodSecurityContext. If set in both SecurityContext and 6212 // PodSecurityContext, the value specified in SecurityContext takes precedence. 6213 // +optional 6214 RunAsUserName *string `json:"runAsUserName,omitempty" protobuf:"bytes,3,opt,name=runAsUserName"` 6215} 6216 6217// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object 6218 6219// RangeAllocation is not a public type. 6220type RangeAllocation struct { 6221 metav1.TypeMeta `json:",inline"` 6222 // Standard object's metadata. 6223 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata 6224 // +optional 6225 metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` 6226 6227 // Range is string that identifies the range represented by 'data'. 6228 Range string `json:"range" protobuf:"bytes,2,opt,name=range"` 6229 // Data is a bit array containing all allocated addresses in the previous segment. 6230 Data []byte `json:"data" protobuf:"bytes,3,opt,name=data"` 6231} 6232 6233const ( 6234 // DefaultSchedulerName defines the name of default scheduler. 6235 DefaultSchedulerName = "default-scheduler" 6236 6237 // RequiredDuringScheduling affinity is not symmetric, but there is an implicit PreferredDuringScheduling affinity rule 6238 // corresponding to every RequiredDuringScheduling affinity rule. 6239 // When the --hard-pod-affinity-weight scheduler flag is not specified, 6240 // DefaultHardPodAffinityWeight defines the weight of the implicit PreferredDuringScheduling affinity rule. 6241 DefaultHardPodAffinitySymmetricWeight int32 = 1 6242) 6243 6244// Sysctl defines a kernel parameter to be set 6245type Sysctl struct { 6246 // Name of a property to set 6247 Name string `json:"name" protobuf:"bytes,1,opt,name=name"` 6248 // Value of a property to set 6249 Value string `json:"value" protobuf:"bytes,2,opt,name=value"` 6250} 6251 6252// NodeResources is an object for conveying resource information about a node. 6253// see https://kubernetes.io/docs/concepts/architecture/nodes/#capacity for more details. 6254type NodeResources struct { 6255 // Capacity represents the available resources of a node 6256 Capacity ResourceList `protobuf:"bytes,1,rep,name=capacity,casttype=ResourceList,castkey=ResourceName"` 6257} 6258 6259const ( 6260 // Enable stdin for remote command execution 6261 ExecStdinParam = "input" 6262 // Enable stdout for remote command execution 6263 ExecStdoutParam = "output" 6264 // Enable stderr for remote command execution 6265 ExecStderrParam = "error" 6266 // Enable TTY for remote command execution 6267 ExecTTYParam = "tty" 6268 // Command to run for remote command execution 6269 ExecCommandParam = "command" 6270 6271 // Name of header that specifies stream type 6272 StreamType = "streamType" 6273 // Value for streamType header for stdin stream 6274 StreamTypeStdin = "stdin" 6275 // Value for streamType header for stdout stream 6276 StreamTypeStdout = "stdout" 6277 // Value for streamType header for stderr stream 6278 StreamTypeStderr = "stderr" 6279 // Value for streamType header for data stream 6280 StreamTypeData = "data" 6281 // Value for streamType header for error stream 6282 StreamTypeError = "error" 6283 // Value for streamType header for terminal resize stream 6284 StreamTypeResize = "resize" 6285 6286 // Name of header that specifies the port being forwarded 6287 PortHeader = "port" 6288 // Name of header that specifies a request ID used to associate the error 6289 // and data streams for a single forwarded connection 6290 PortForwardRequestIDHeader = "requestID" 6291) 6292 6293// PortStatus represents the error condition of a service port 6294 6295type PortStatus struct { 6296 // Port is the port number of the service port of which status is recorded here 6297 Port int32 `json:"port" protobuf:"varint,1,opt,name=port"` 6298 // Protocol is the protocol of the service port of which status is recorded here 6299 // The supported values are: "TCP", "UDP", "SCTP" 6300 Protocol Protocol `json:"protocol" protobuf:"bytes,2,opt,name=protocol,casttype=Protocol"` 6301 // Error is to record the problem with the service port 6302 // The format of the error shall comply with the following rules: 6303 // - built-in error values shall be specified in this file and those shall use 6304 // CamelCase names 6305 // - cloud provider specific error values must have names that comply with the 6306 // format foo.example.com/CamelCase. 6307 // --- 6308 // The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) 6309 // +optional 6310 // +kubebuilder:validation:Required 6311 // +kubebuilder:validation:Pattern=`^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$` 6312 // +kubebuilder:validation:MaxLength=316 6313 Error *string `json:"error,omitempty" protobuf:"bytes,3,opt,name=error"` 6314} 6315